Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/844CFD1C5BAA11EFBAF22B7FC4F9AE02.roa
File: 844CFD1C5BAA11EFBAF22B7FC4F9AE02.roa (raw, json)
Hash identifier: sVfjMKk5gEscjf/+ggoyWUQbHrSEKZRSttzymuAtyFQ=
Subject key identifier: E1:99:24:C5:E9:DB:6C:06:FA:B3:1F:85:0A:2E:A2:6E:81:6B:64:C5
Certificate issuer: /CN=A91DF863/serialNumber=39CE15DB36739A22CAEE64E0CF8BA31F5A6B9348
Certificate serial: 33C7
Authority key identifier: 39:CE:15:DB:36:73:9A:22:CA:EE:64:E0:CF:8B:A3:1F:5A:6B:93:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oc4V2zZzmiLK7mTgz4ujH1prk0g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/844CFD1C5BAA11EFBAF22B7FC4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:07:58 +0000
ROA not before: Wed 24 Dec 2025 16:12:48 +0000
ROA not after: Tue 02 Mar 2027 00:00:00 +0000
asID: 24482
IP address blocks: 49.213.16.0/20 maxlen: 21
49.213.20.0/24 maxlen: 24
49.213.28.0/22 maxlen: 22
103.14.244.0/22 maxlen: 24
116.251.208.0/20 maxlen: 22
116.251.208.0/24 maxlen: 24
116.251.209.0/24 maxlen: 24
116.251.210.0/24 maxlen: 24
116.251.211.0/24 maxlen: 24
116.251.212.0/24 maxlen: 24
116.251.213.0/24 maxlen: 24
116.251.214.0/24 maxlen: 24
116.251.215.0/24 maxlen: 24
116.251.216.0/24 maxlen: 24
116.251.217.0/24 maxlen: 24
116.251.218.0/24 maxlen: 24
116.251.219.0/24 maxlen: 24
116.251.220.0/24 maxlen: 24
116.251.221.0/24 maxlen: 24
116.251.222.0/24 maxlen: 24
116.251.223.0/24 maxlen: 24
124.6.32.0/20 maxlen: 20
124.6.32.0/20 maxlen: 24
124.6.32.0/22 maxlen: 22
124.6.32.0/24 maxlen: 24
124.6.33.0/24 maxlen: 24
124.6.34.0/24 maxlen: 24
124.6.35.0/24 maxlen: 24
124.6.36.0/22 maxlen: 22
124.6.36.0/24 maxlen: 24
124.6.37.0/24 maxlen: 24
124.6.38.0/24 maxlen: 24
124.6.39.0/24 maxlen: 24
124.6.40.0/22 maxlen: 22
124.6.40.0/24 maxlen: 24
124.6.41.0/24 maxlen: 24
124.6.42.0/24 maxlen: 24
124.6.43.0/24 maxlen: 24
124.6.44.0/22 maxlen: 22
124.6.44.0/24 maxlen: 24
124.6.45.0/24 maxlen: 24
124.6.46.0/24 maxlen: 24
124.6.47.0/24 maxlen: 24
124.6.48.0/21 maxlen: 24
163.47.176.0/22 maxlen: 24
203.175.160.0/20 maxlen: 24
2405:4200::/32 maxlen: 32
2405:4200::/32 maxlen: 48
2405:4200:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/Oc4V2zZzmiLK7mTgz4ujH1prk0g.crl
rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/Oc4V2zZzmiLK7mTgz4ujH1prk0g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oc4V2zZzmiLK7mTgz4ujH1prk0g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 03:07:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13255 (0x33c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DF863, serialNumber=39CE15DB36739A22CAEE64E0CF8BA31F5A6B9348
Validity
Not Before: Dec 24 16:12:48 2025 GMT
Not After : Mar 2 00:00:00 2027 GMT
Subject: CN=69a4726e-2270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5d:dd:38:b9:4e:85:e4:f5:6e:2e:b5:98:c5:
fb:b0:14:e5:c7:eb:da:8d:44:e3:de:cc:3d:24:ea:
ea:41:fd:4b:c1:f4:05:1f:7c:55:25:f5:16:fb:89:
34:11:fc:f0:43:0f:c8:5c:8b:c5:6d:cd:3e:c3:e4:
bf:e4:61:60:91:6a:92:96:ec:cf:57:d3:ef:fa:79:
7b:26:20:68:3a:85:37:d2:c8:d4:ff:ab:95:6b:b7:
37:46:43:d0:20:4a:69:fb:56:4a:06:c4:11:e1:05:
bf:f9:fe:54:19:e5:b3:c4:3a:1f:35:ee:df:35:7b:
e5:19:0a:77:d3:99:03:c0:c7:5a:c2:c7:01:e6:e3:
c7:e6:e4:23:4f:9a:31:15:9c:ca:16:b1:98:92:84:
92:9b:82:e0:8b:98:43:4d:39:a3:5e:68:49:49:37:
6c:e3:6d:32:df:53:23:93:f0:e1:e4:30:6c:f7:cd:
45:7b:91:cb:56:04:00:43:e9:20:86:c8:7c:45:e9:
09:e0:2d:4c:c2:7b:46:74:df:35:0a:6c:7c:ab:58:
d9:c1:06:b1:fe:50:42:15:39:7d:79:10:5e:3b:e1:
e7:4f:a6:ec:7b:79:15:10:03:82:06:82:07:81:a9:
30:05:8c:56:bc:45:50:65:9a:c8:30:6e:84:53:61:
98:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:99:24:C5:E9:DB:6C:06:FA:B3:1F:85:0A:2E:A2:6E:81:6B:64:C5
X509v3 Authority Key Identifier:
keyid:39:CE:15:DB:36:73:9A:22:CA:EE:64:E0:CF:8B:A3:1F:5A:6B:93:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/Oc4V2zZzmiLK7mTgz4ujH1prk0g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oc4V2zZzmiLK7mTgz4ujH1prk0g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/844CFD1C5BAA11EFBAF22B7FC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
49.213.16.0/20
103.14.244.0/22
116.251.208.0/20
124.6.32.0-124.6.55.255
163.47.176.0/22
203.175.160.0/20
IPv6:
2405:4200::/32
Signature Algorithm: sha256WithRSAEncryption
05:3f:25:86:4f:2b:7c:aa:37:8b:a7:2a:f8:5b:e7:31:c8:80:
48:71:40:d5:4c:ff:a6:44:f5:09:12:61:cf:c2:e1:7d:ed:2a:
62:dd:6c:be:c5:cb:3c:55:44:a9:d2:71:47:07:9f:42:0b:2f:
77:4c:2d:47:0f:1f:8c:bb:f4:92:e9:29:f1:18:a7:63:18:d8:
6b:f9:87:68:2d:4a:35:04:90:c5:dc:cd:97:9f:a1:34:29:51:
dc:f2:2e:30:f5:ca:b9:7a:3e:d9:68:c9:aa:24:75:f6:db:36:
08:26:5c:6c:56:a2:78:80:62:38:d7:0c:c8:04:4a:2a:37:8b:
80:7e:13:58:63:0e:5e:a2:0a:cd:31:dc:b0:4d:e7:98:fa:de:
b9:17:b2:5e:18:39:a7:ce:50:98:88:28:85:e0:56:68:e8:74:
9b:30:5d:c7:25:e7:61:ae:3c:0b:24:d7:2e:a4:17:03:93:4a:
a7:c6:ef:c7:49:1d:c3:b2:79:5a:5a:49:cf:8e:91:8e:36:0a:
6a:c3:0a:45:28:c3:72:76:84:45:30:c6:65:7a:70:e8:04:91:
cd:27:0e:b7:76:77:9f:11:46:92:6d:14:48:39:c7:28:40:90:
c2:4b:a1:09:58:17:86:2d:78:17:8c:af:b8:a7:12:11:75:8f:
60:be:9f:d0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICM8cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REY4NjMxMTAvBgNVBAUTKDM5Q0UxNURCMzY3MzlBMjJDQUVFNjRFMENGOEJBMzFG
NUE2QjkzNDgwHhcNMjUxMjI0MTYxMjQ4WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzI2ZS0yMjcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArl3dOLlOheT1bi61mMX7sBTlx+vajUTj3sw9JOrqQf1LwfQFH3xVJfUW+4k0
EfzwQw/IXIvFbc0+w+S/5GFgkWqSluzPV9Pv+nl7JiBoOoU30sjU/6uVa7c3RkPQ
IEpp+1ZKBsQR4QW/+f5UGeWzxDofNe7fNXvlGQp305kDwMdawscB5uPH5uQjT5ox
FZzKFrGYkoSSm4Lgi5hDTTmjXmhJSTds420y31Mjk/Dh5DBs981Fe5HLVgQAQ+kg
hsh8RekJ4C1MwntGdN81Cmx8q1jZwQax/lBCFTl9eRBeO+HnT6bse3kVEAOCBoIH
gakwBYxWvEVQZZrIMG6EU2GYQwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOGZJMXp
22wG+rMfhQouom6Ba2TFMB8GA1UdIwQYMBaAFDnOFds2c5oiyu5k4M+Lox9aa5NI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjg2My9CRkU1NEE2ODgx
NUIxMUUyOUI1OEE3M0IzMjkyQjVFOC9PYzRWMnpaem1pTEs3bVRnejR1akgxcHJr
MGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09jNFYyelp6bWlMSzdtVGd6NHVqSDFwcmswZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REY4NjMvQkZFNTRBNjg4MTVCMTFFMjlCNThBNzNCMzI5MkI1RTgvODQ0Q0ZEMUM1
QkFBMTFFRkJBRjIyQjdGQzRGOUFFMDIucm9hMFQGCCsGAQUFBwEHAQH/BEUwQzAy
BAIAATAsAwQEMdUQAwQCZw70AwQEdPvQMAwDBAV8BiADBAN8BjADBAKjL7ADBATL
r6AwDQQCAAIwBwMFACQFQgAwDQYJKoZIhvcNAQELBQADggEBAAU/JYZPK3yqN4un
Kvhb5zHIgEhxQNVM/6ZE9QkSYc/C4X3tKmLdbL7FyzxVRKnScUcHn0ILL3dMLUcP
H4y79JLpKfEYp2MY2Gv5h2gtSjUEkMXczZefoTQpUdzyLjD1yrl6Ptloyaokdfbb
NggmXGxWoniAYjjXDMgESio3i4B+E1hjDl6iCs0x3LBN55j63rkXsl4YOafOUJiI
KIXgVmjodJswXccl52GuPAsk1y6kFwOTSqfG78dJHcOyeVpaSc+OkY42CmrDCkUo
w3J2hEUwxmV6cOgEkc0nDrd2d58RRpJtFEg5xyhAkMJLoQlYF4YteBeMr7inEhF1
j2C+n9A=
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:20:22 2026 by rpki-client