Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA2D5/5F861EE6B89A11E3B4AC7E785911EA32/DE61D0DC2A7311F08DDC6D17C4F9AE02.roa
File: DE61D0DC2A7311F08DDC6D17C4F9AE02.roa (raw, json)
Hash identifier: RXO1XpKpDHd4WaDK6duD7CX+yNyzIe2Ehp9KECdzKRc=
Subject key identifier: 6F:90:EA:80:09:1B:0F:F8:8C:79:07:65:E6:2D:C6:5C:2A:D2:0C:DE
Certificate issuer: /CN=A91DA2D5/serialNumber=3C1C877347EE82729636AF0F3A375D391090F921
Certificate serial: 2DC4
Authority key identifier: 3C:1C:87:73:47:EE:82:72:96:36:AF:0F:3A:37:5D:39:10:90:F9:21
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PByHc0fugnKWNq8POjddORCQ-SE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA2D5/5F861EE6B89A11E3B4AC7E785911EA32/DE61D0DC2A7311F08DDC6D17C4F9AE02.roa
Signing time: Wed 03 Jun 2026 07:07:10 +0000
ROA not before: Wed 03 Jun 2026 07:07:10 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 58717
IP address blocks: 43.245.140.0/22 maxlen: 22
43.245.140.0/22 maxlen: 24
43.245.140.0/23 maxlen: 23
43.245.140.0/24 maxlen: 24
43.245.141.0/24 maxlen: 24
43.245.142.0/23 maxlen: 23
43.245.142.0/24 maxlen: 24
43.245.143.0/24 maxlen: 24
59.153.202.0/23 maxlen: 24
103.15.244.0/22 maxlen: 24
103.15.246.64/26 maxlen: 26
103.75.238.0/23 maxlen: 24
103.96.68.0/23 maxlen: 24
103.96.70.0/23 maxlen: 24
103.108.144.0/22 maxlen: 24
103.161.66.0/23 maxlen: 24
103.199.84.0/22 maxlen: 24
103.242.216.0/24 maxlen: 24
103.242.217.0/24 maxlen: 24
103.242.218.0/23 maxlen: 24
144.48.148.0/23 maxlen: 23
144.48.148.0/24 maxlen: 24
144.48.149.0/24 maxlen: 24
175.41.44.0/22 maxlen: 24
2405:1500::/30 maxlen: 31
2405:1500::/32 maxlen: 32
2405:1500::/32 maxlen: 48
2405:1500::/48 maxlen: 48
2405:1500:11::/48 maxlen: 48
2405:1500:12::/48 maxlen: 48
2405:1500:13::/48 maxlen: 48
2405:1500:30::/48 maxlen: 48
2405:1500:37::/48 maxlen: 48
2405:1500:40::/48 maxlen: 48
2405:1500:41::/48 maxlen: 48
2405:1500:42::/48 maxlen: 48
2405:1500:45::/48 maxlen: 48
2405:1500:50::/48 maxlen: 48
2405:1500:52::/48 maxlen: 48
2405:1500:55::/48 maxlen: 48
2405:1500:56::/48 maxlen: 48
2405:1500:60::/48 maxlen: 48
2405:1500:70::/48 maxlen: 48
2405:1500:80::/48 maxlen: 48
2405:1500:82::/48 maxlen: 48
2405:1500:90::/48 maxlen: 48
2405:1500:92::/48 maxlen: 48
2405:1500:94::/48 maxlen: 48
2405:1500:97::/48 maxlen: 48
2405:1500:a1::/48 maxlen: 48
2405:1500:b0::/48 maxlen: 48
2405:1500:b1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91DA2D5/5F861EE6B89A11E3B4AC7E785911EA32/PByHc0fugnKWNq8POjddORCQ-SE.crl
rsync://rpki.apnic.net/member_repository/A91DA2D5/5F861EE6B89A11E3B4AC7E785911EA32/PByHc0fugnKWNq8POjddORCQ-SE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PByHc0fugnKWNq8POjddORCQ-SE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 19 Jun 2026 15:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11716 (0x2dc4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA2D5, serialNumber=3C1C877347EE82729636AF0F3A375D391090F921
Validity
Not Before: Jun 3 07:07:10 2026 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=6a1fd29d-24dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:2a:e8:f5:19:1d:98:20:5b:86:b1:44:e1:5e:
0a:94:4c:79:13:27:00:31:8b:57:89:f5:3a:11:52:
c3:57:8e:cb:d0:81:66:ba:ff:77:9a:35:71:bd:91:
33:db:f1:ad:3c:b7:28:f1:8f:28:66:57:05:21:22:
0a:80:a5:8e:8d:5d:fd:84:90:db:86:ef:af:e0:bd:
a3:aa:e6:fb:d4:df:99:99:92:d0:d1:dd:50:e8:e4:
13:c9:17:e3:2b:9b:04:a3:bd:18:e9:b1:fc:be:3c:
1c:f9:07:cb:1f:ff:59:71:3d:61:4a:11:3f:8d:32:
dd:51:4c:5a:02:b1:37:f0:b1:14:fd:22:6d:ef:ad:
11:aa:2b:05:1d:30:7c:df:57:01:08:36:16:82:40:
e3:d6:a4:52:54:16:e5:75:30:2e:25:1b:7b:7d:98:
33:98:1c:3d:04:b4:09:59:2a:f2:34:e9:30:85:d6:
95:d3:56:a3:94:f6:1e:17:97:2a:64:ff:00:36:42:
a2:d6:6c:bd:69:e1:4b:b9:c5:07:3a:7c:1d:78:3d:
7d:cf:47:7d:48:e9:25:bf:17:06:b9:4f:8f:b0:e6:
f6:27:6f:cb:d2:12:12:4a:3f:08:f1:2b:0a:0c:e2:
35:c8:a1:a4:fc:2a:45:8d:5c:72:44:e4:42:e7:a7:
f1:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:90:EA:80:09:1B:0F:F8:8C:79:07:65:E6:2D:C6:5C:2A:D2:0C:DE
X509v3 Authority Key Identifier:
keyid:3C:1C:87:73:47:EE:82:72:96:36:AF:0F:3A:37:5D:39:10:90:F9:21
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA2D5/5F861EE6B89A11E3B4AC7E785911EA32/PByHc0fugnKWNq8POjddORCQ-SE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PByHc0fugnKWNq8POjddORCQ-SE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA2D5/5F861EE6B89A11E3B4AC7E785911EA32/DE61D0DC2A7311F08DDC6D17C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.245.140.0/22
59.153.202.0/23
103.15.244.0/22
103.75.238.0/23
103.96.68.0/22
103.108.144.0/22
103.161.66.0/23
103.199.84.0/22
103.242.216.0/22
144.48.148.0/23
175.41.44.0/22
IPv6:
2405:1500::/30
Signature Algorithm: sha256WithRSAEncryption
41:4d:cd:d1:fc:74:05:99:af:24:ae:1d:58:46:e4:12:45:96:
84:56:63:74:0c:25:78:b6:f7:f6:57:a5:1f:59:7b:37:99:10:
78:eb:1e:1b:a0:bf:c9:52:e6:63:3c:c2:f5:05:08:eb:80:26:
65:df:a3:a6:f9:a1:53:57:c4:71:7e:74:5f:a1:1f:0b:11:22:
6b:3d:b9:cd:67:6b:17:ce:ae:04:4e:29:40:62:98:66:ad:dc:
aa:b3:3b:01:33:a2:3e:a0:64:70:03:61:f7:e0:39:fd:ae:bf:
47:e2:90:8e:49:a2:49:36:be:6a:94:c2:39:6d:bf:c4:e2:bc:
a9:21:8f:24:68:1e:fb:29:14:71:70:75:6e:76:0f:87:d0:ec:
05:2d:54:6d:77:c8:22:8f:a5:d3:e5:cc:6f:24:c7:a6:5c:4e:
f3:0c:23:c8:8d:08:1e:46:71:7f:ab:5e:b9:77:9c:ce:ee:6f:
d4:7b:1c:83:58:a2:32:3d:8b:7f:d3:bc:5b:8b:6d:17:bc:73:
4a:31:46:b3:d4:19:d7:f9:90:ef:ba:98:8a:8d:7f:30:dd:30:
b8:33:49:d8:d0:3f:b9:5f:76:5d:b0:94:f5:50:9a:9b:cb:68:
a2:2a:8f:cc:88:ba:05:47:29:ba:97:76:87:ca:2f:53:2c:5f:
6e:b5:8f:ec
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICLcQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REEyRDUxMTAvBgNVBAUTKDNDMUM4NzczNDdFRTgyNzI5NjM2QUYwRjNBMzc1RDM5
MTA5MEY5MjEwHhcNMjYwNjAzMDcwNzEwWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTFmZDI5ZC0yNGRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnCro9RkdmCBbhrFE4V4KlEx5EycAMYtXifU6EVLDV47L0IFmuv93mjVxvZEz
2/GtPLco8Y8oZlcFISIKgKWOjV39hJDbhu+v4L2jqub71N+ZmZLQ0d1Q6OQTyRfj
K5sEo70Y6bH8vjwc+QfLH/9ZcT1hShE/jTLdUUxaArE38LEU/SJt760RqisFHTB8
31cBCDYWgkDj1qRSVBbldTAuJRt7fZgzmBw9BLQJWSryNOkwhdaV01ajlPYeF5cq
ZP8ANkKi1my9aeFLucUHOnwdeD19z0d9SOklvxcGuU+PsOb2J2/L0hISSj8I8SsK
DOI1yKGk/CpFjVxyRORC56fxAwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFG+Q6oAJ
Gw/4jHkHZeYtxlwq0gzeMB8GA1UdIwQYMBaAFDwch3NH7oJyljavDzo3XTkQkPkh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTJENS81Rjg2MUVFNkI4
OUExMUUzQjRBQzdFNzg1OTExRUEzMi9QQnlIYzBmdWduS1dOcThQT2pkZE9SQ1Et
U0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BCeUhjMGZ1Z25LV05xOFBPamRkT1JDUS1TRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REEyRDUvNUY4NjFFRTZCODlBMTFFM0I0QUM3RTc4NTkxMUVBMzIvREU2MUQwREMy
QTczMTFGMDhEREM2RDE3QzRGOUFFMDIucm9hMGoGCCsGAQUFBwEHAQH/BFswWTBI
BAIAATBCAwQCK/WMAwQBO5nKAwQCZw/0AwQBZ0vuAwQCZ2BEAwQCZ2yQAwQBZ6FC
AwQCZ8dUAwQCZ/LYAwQBkDCUAwQCryksMA0EAgACMAcDBQIkBRUAMA0GCSqGSIb3
DQEBCwUAA4IBAQBBTc3R/HQFma8krh1YRuQSRZaEVmN0DCV4tvf2V6UfWXs3mRB4
6x4boL/JUuZjPML1BQjrgCZl36Om+aFTV8RxfnRfoR8LESJrPbnNZ2sXzq4ETilA
YphmrdyqszsBM6I+oGRwA2H34Dn9rr9H4pCOSaJJNr5qlMI5bb/E4rypIY8kaB77
KRRxcHVudg+H0OwFLVRtd8gij6XT5cxvJMemXE7zDCPIjQgeRnF/q165d5zO7m/U
exyDWKIyPYt/07xbi20XvHNKMUaz1BnX+ZDvupiKjX8w3TC4M0nY0D+5X3ZdsJT1
UJqby2iiKo/MiLoFRym6l3aHyi9TLF9utY/s
-----END CERTIFICATE-----
Generated at Sat Jun 13 20:00:12 2026 by rpki-client