Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA2D5/5F861EE6B89A11E3B4AC7E785911EA32/DE61D0DC2A7311F08DDC6D17C4F9AE02.roa
File: DE61D0DC2A7311F08DDC6D17C4F9AE02.roa (raw, json)
Hash identifier: 1kkHmkctt/6eWi9MzTTycF3KYT1Q0JGI0rMo5fqYhBE=
Subject key identifier: 8E:BC:2B:39:E5:F4:B0:37:71:FC:8F:87:94:58:09:30:01:BE:25:77
Certificate issuer: /CN=A91DA2D5/serialNumber=3C1C877347EE82729636AF0F3A375D391090F921
Certificate serial: 2D78
Authority key identifier: 3C:1C:87:73:47:EE:82:72:96:36:AF:0F:3A:37:5D:39:10:90:F9:21
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PByHc0fugnKWNq8POjddORCQ-SE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA2D5/5F861EE6B89A11E3B4AC7E785911EA32/DE61D0DC2A7311F08DDC6D17C4F9AE02.roa
Signing time: Wed 25 Feb 2026 08:56:17 +0000
ROA not before: Wed 25 Feb 2026 08:56:17 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 58717
IP address blocks: 43.245.140.0/22 maxlen: 22
43.245.140.0/22 maxlen: 24
43.245.140.0/23 maxlen: 23
43.245.140.0/24 maxlen: 24
43.245.141.0/24 maxlen: 24
43.245.142.0/23 maxlen: 23
43.245.142.0/24 maxlen: 24
43.245.143.0/24 maxlen: 24
59.153.202.0/23 maxlen: 24
103.15.244.0/22 maxlen: 24
103.15.246.64/26 maxlen: 26
103.75.238.0/23 maxlen: 24
103.96.68.0/23 maxlen: 24
103.96.70.0/23 maxlen: 24
103.108.144.0/22 maxlen: 24
103.199.84.0/22 maxlen: 24
103.242.216.0/24 maxlen: 24
103.242.217.0/24 maxlen: 24
103.242.218.0/23 maxlen: 24
144.48.148.0/23 maxlen: 23
144.48.148.0/24 maxlen: 24
144.48.149.0/24 maxlen: 24
175.41.44.0/22 maxlen: 24
2405:1500::/30 maxlen: 31
2405:1500::/32 maxlen: 32
2405:1500::/32 maxlen: 48
2405:1500::/48 maxlen: 48
2405:1500:11::/48 maxlen: 48
2405:1500:12::/48 maxlen: 48
2405:1500:13::/48 maxlen: 48
2405:1500:30::/48 maxlen: 48
2405:1500:37::/48 maxlen: 48
2405:1500:40::/48 maxlen: 48
2405:1500:41::/48 maxlen: 48
2405:1500:42::/48 maxlen: 48
2405:1500:45::/48 maxlen: 48
2405:1500:50::/48 maxlen: 48
2405:1500:52::/48 maxlen: 48
2405:1500:55::/48 maxlen: 48
2405:1500:56::/48 maxlen: 48
2405:1500:60::/48 maxlen: 48
2405:1500:70::/48 maxlen: 48
2405:1500:80::/48 maxlen: 48
2405:1500:82::/48 maxlen: 48
2405:1500:90::/48 maxlen: 48
2405:1500:92::/48 maxlen: 48
2405:1500:94::/48 maxlen: 48
2405:1500:97::/48 maxlen: 48
2405:1500:a1::/48 maxlen: 48
2405:1500:b0::/48 maxlen: 48
2405:1500:b1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91DA2D5/5F861EE6B89A11E3B4AC7E785911EA32/PByHc0fugnKWNq8POjddORCQ-SE.crl
rsync://rpki.apnic.net/member_repository/A91DA2D5/5F861EE6B89A11E3B4AC7E785911EA32/PByHc0fugnKWNq8POjddORCQ-SE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PByHc0fugnKWNq8POjddORCQ-SE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 07 Mar 2026 15:32:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11640 (0x2d78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA2D5, serialNumber=3C1C877347EE82729636AF0F3A375D391090F921
Validity
Not Before: Feb 25 08:56:17 2026 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=699eb931-c632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:bb:25:df:cf:29:81:80:68:38:7f:bd:af:9d:
f2:3e:70:5f:00:5c:e8:da:8f:84:af:12:08:39:27:
a5:48:6e:a1:80:f2:61:eb:41:2b:c0:be:73:69:b1:
5f:1d:1c:0f:a2:78:e7:10:d2:a6:b2:5b:c3:80:e3:
63:d2:14:a1:f1:f2:b5:99:58:ee:21:ae:db:1c:52:
c4:14:b9:ed:89:6d:a8:cc:c7:78:e9:43:a9:0b:4f:
8d:83:aa:b2:c7:6e:87:1e:a1:e4:65:16:98:6c:1c:
ca:df:c5:8f:cd:a5:d6:25:4f:6f:84:dd:da:e3:95:
c9:ea:ac:14:39:a5:02:4e:3b:bc:d4:1c:49:97:d3:
6a:6b:8d:fd:0e:fd:c8:da:7f:fb:76:6d:72:a3:ec:
45:ab:f1:8a:28:c9:f8:6c:3a:7a:d0:bf:18:c9:fd:
1c:c2:7d:21:8e:74:cf:20:f2:e2:74:92:c6:49:3c:
4c:48:3f:a6:3c:27:12:66:2b:e3:89:44:c3:23:05:
dc:f3:70:d6:bb:3f:19:ba:ff:36:7d:76:36:76:f5:
38:d5:ef:71:80:55:a4:4c:af:03:b9:f4:91:6e:03:
ba:76:fe:7c:9e:ce:8b:fb:2c:7b:e1:7a:27:ac:62:
d6:86:1b:3e:90:cf:28:9e:7d:ef:15:75:6b:64:c5:
bd:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:BC:2B:39:E5:F4:B0:37:71:FC:8F:87:94:58:09:30:01:BE:25:77
X509v3 Authority Key Identifier:
keyid:3C:1C:87:73:47:EE:82:72:96:36:AF:0F:3A:37:5D:39:10:90:F9:21
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA2D5/5F861EE6B89A11E3B4AC7E785911EA32/PByHc0fugnKWNq8POjddORCQ-SE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PByHc0fugnKWNq8POjddORCQ-SE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA2D5/5F861EE6B89A11E3B4AC7E785911EA32/DE61D0DC2A7311F08DDC6D17C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.140.0/22
59.153.202.0/23
103.15.244.0/22
103.75.238.0/23
103.96.68.0/22
103.108.144.0/22
103.199.84.0/22
103.242.216.0/22
144.48.148.0/23
175.41.44.0/22
IPv6:
2405:1500::/30
Signature Algorithm: sha256WithRSAEncryption
45:e6:ec:43:37:e0:54:f8:b3:09:a2:77:b4:2b:e3:d2:b2:d0:
e4:6c:69:e6:85:65:00:4a:e1:d6:2b:67:b3:c9:4f:df:18:ef:
5f:f2:50:b9:ed:f0:17:87:cd:ae:ce:b6:40:72:50:18:46:89:
dd:18:97:f8:b5:eb:5e:07:44:80:7b:c1:4b:65:25:12:80:42:
ea:62:dd:e3:11:60:0d:5b:41:c7:3e:4a:78:b3:66:a8:1f:53:
c5:6d:66:a0:04:24:5d:d5:70:2e:48:87:f6:21:d0:58:84:cb:
dd:b9:59:31:a4:ad:aa:64:c3:bb:a1:6c:b3:4a:ce:4b:5b:f2:
df:1d:57:72:36:60:d5:90:a8:fd:1d:eb:cc:cd:7b:b8:e9:2d:
31:e3:be:06:16:6b:bf:ef:f1:8d:38:da:e8:d0:66:66:a1:7c:
f8:63:b7:b2:d2:41:8b:94:f8:d2:64:0f:22:69:2a:e9:6e:7e:
7e:84:d4:16:b9:b2:28:58:4a:54:22:ae:db:66:92:fe:d0:a7:
07:d9:d6:3c:08:b5:c1:2d:4c:4c:32:ff:ef:d5:2a:ba:ca:4b:
94:50:60:1b:24:17:51:de:cd:2d:a9:fd:94:40:ce:78:c7:bc:
58:79:75:15:a5:ff:98:40:ae:68:4e:13:c5:81:db:2a:bb:66:
e0:4e:dd:d4
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgICLXgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REEyRDUxMTAvBgNVBAUTKDNDMUM4NzczNDdFRTgyNzI5NjM2QUYwRjNBMzc1RDM5
MTA5MEY5MjEwHhcNMjYwMjI1MDg1NjE3WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDDA02OTllYjkzMS1jNjMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6Lsl388pgYBoOH+9r53yPnBfAFzo2o+ErxIIOSelSG6hgPJh60ErwL5zabFf
HRwPonjnENKmslvDgONj0hSh8fK1mVjuIa7bHFLEFLntiW2ozMd46UOpC0+Ng6qy
x26HHqHkZRaYbBzK38WPzaXWJU9vhN3a45XJ6qwUOaUCTju81BxJl9Nqa439Dv3I
2n/7dm1yo+xFq/GKKMn4bDp60L8Yyf0cwn0hjnTPIPLidJLGSTxMSD+mPCcSZivj
iUTDIwXc83DWuz8Zuv82fXY2dvU41e9xgFWkTK8DufSRbgO6dv58ns6L+yx74Xon
rGLWhhs+kM8onn3vFXVrZMW9ewIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFI68Kznl
9LA3cfyPh5RYCTABviV3MB8GA1UdIwQYMBaAFDwch3NH7oJyljavDzo3XTkQkPkh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTJENS81Rjg2MUVFNkI4
OUExMUUzQjRBQzdFNzg1OTExRUEzMi9QQnlIYzBmdWduS1dOcThQT2pkZE9SQ1Et
U0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BCeUhjMGZ1Z25LV05xOFBPamRkT1JDUS1TRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REEyRDUvNUY4NjFFRTZCODlBMTFFM0I0QUM3RTc4NTkxMUVBMzIvREU2MUQwREMy
QTczMTFGMDhEREM2RDE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZAYIKwYBBQUHAQcBAf8E
VTBTMEIEAgABMDwDBAIr9YwDBAE7mcoDBAJnD/QDBAFnS+4DBAJnYEQDBAJnbJAD
BAJnx1QDBAJn8tgDBAGQMJQDBAKvKSwwDQQCAAIwBwMFAiQFFQAwDQYJKoZIhvcN
AQELBQADggEBAEXm7EM34FT4swmid7Qr49Ky0ORsaeaFZQBK4dYrZ7PJT98Y71/y
ULnt8BeHza7OtkByUBhGid0Yl/i1614HRIB7wUtlJRKAQupi3eMRYA1bQcc+Sniz
ZqgfU8VtZqAEJF3VcC5Ih/Yh0FiEy925WTGkrapkw7uhbLNKzktb8t8dV3I2YNWQ
qP0d68zNe7jpLTHjvgYWa7/v8Y042ujQZmahfPhjt7LSQYuU+NJkDyJpKulufn6E
1Ba5sihYSlQirttmkv7QpwfZ1jwItcEtTEwy/+/VKrrKS5RQYBskF1HezS2p/ZRA
znjHvFh5dRWl/5hArmhOE8WB2yq7ZuBO3dQ=
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:31:31 2026 by rpki-client