Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5642/1040F32C8AFA11EA9B28A929C4F9AE02/49484A22DDBE11F0A59AB1524A6F56BC.roa
File: 49484A22DDBE11F0A59AB1524A6F56BC.roa (raw, json)
Hash identifier: EUoTZeexjkbb7zufCQtahAm8AEeFMiE7APDK7et0hJY=
Subject key identifier: 19:06:AE:BB:69:72:53:4C:AA:C8:90:A6:DD:D9:53:15:1E:19:46:C5
Certificate issuer: /CN=A91E5642/serialNumber=803079BAB2F1F6B3B9AAC411DF4A82C3F06A6571
Certificate serial: 0A45
Authority key identifier: 80:30:79:BA:B2:F1:F6:B3:B9:AA:C4:11:DF:4A:82:C3:F0:6A:65:71
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gDB5urLx9rO5qsQR30qCw_BqZXE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E5642/1040F32C8AFA11EA9B28A929C4F9AE02/49484A22DDBE11F0A59AB1524A6F56BC.roa
Signing time: Sun 01 Mar 2026 17:47:38 +0000
ROA not before: Sat 31 Jan 2026 20:16:44 +0000
ROA not after: Wed 31 Mar 2027 00:00:00 +0000
asID: 139879
IP address blocks: 103.146.136.0/23 maxlen: 23
103.146.136.0/24 maxlen: 24
103.146.137.0/24 maxlen: 24
2407:11c0::/32 maxlen: 32
2407:11c0::/48 maxlen: 48
2407:11c0:1::/48 maxlen: 48
2407:11c0:2::/48 maxlen: 48
2407:11c0:3::/48 maxlen: 48
2407:11c0:4::/48 maxlen: 48
2407:11c0:5::/48 maxlen: 48
2407:11c0:6::/48 maxlen: 48
2407:11c0:7::/48 maxlen: 48
2407:11c0:8::/48 maxlen: 48
2407:11c0:9::/48 maxlen: 48
2407:11c0:a::/48 maxlen: 48
2407:11c0:b::/48 maxlen: 48
2407:11c0:c::/48 maxlen: 48
2407:11c0:d::/48 maxlen: 48
2407:11c0:e::/48 maxlen: 48
2407:11c0:f::/48 maxlen: 48
2407:11c0:10::/48 maxlen: 48
2407:11c0:11::/48 maxlen: 48
2407:11c0:12::/48 maxlen: 48
2407:11c0:13::/48 maxlen: 48
2407:11c0:14::/48 maxlen: 48
2407:11c0:15::/48 maxlen: 48
2407:11c0:16::/48 maxlen: 48
2407:11c0:17::/48 maxlen: 48
2407:11c0:18::/48 maxlen: 48
2407:11c0:19::/48 maxlen: 48
2407:11c0:1a::/48 maxlen: 48
2407:11c0:1b::/48 maxlen: 48
2407:11c0:1c::/48 maxlen: 48
2407:11c0:1d::/48 maxlen: 48
2407:11c0:1e::/48 maxlen: 48
2407:11c0:1f::/48 maxlen: 48
2407:11c0:20::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E5642/1040F32C8AFA11EA9B28A929C4F9AE02/gDB5urLx9rO5qsQR30qCw_BqZXE.crl
rsync://rpki.apnic.net/member_repository/A91E5642/1040F32C8AFA11EA9B28A929C4F9AE02/gDB5urLx9rO5qsQR30qCw_BqZXE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gDB5urLx9rO5qsQR30qCw_BqZXE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:44:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2629 (0xa45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E5642, serialNumber=803079BAB2F1F6B3B9AAC411DF4A82C3F06A6571
Validity
Not Before: Jan 31 20:16:44 2026 GMT
Not After : Mar 31 00:00:00 2027 GMT
Subject: CN=69a47bba-6064
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:70:31:6e:86:65:c9:33:91:63:ba:3b:eb:90:
64:12:1b:4a:67:ed:6d:2a:36:e0:0a:c0:a2:6f:34:
60:b8:dc:6c:e3:65:81:e6:24:50:94:09:3c:2c:86:
44:f0:4b:c8:86:e5:99:ab:16:31:23:9b:ec:9e:21:
2e:f9:cc:38:ca:b1:b7:81:07:83:9f:82:09:99:0a:
80:70:4d:36:fa:26:55:ab:14:93:13:a4:bb:a1:ca:
09:53:47:12:88:3d:8a:29:12:f5:df:e6:a7:62:d9:
89:4c:23:6b:99:c1:df:34:00:e9:eb:d8:12:b8:8a:
9d:83:44:5a:b7:25:45:16:70:53:f1:80:6e:5b:68:
4c:85:08:33:19:d7:82:bd:29:70:e4:f9:7f:2c:05:
14:d7:48:e7:1c:28:8f:68:97:d6:c3:9d:7b:07:12:
2f:17:89:3a:5a:89:1c:1e:df:5c:ae:32:44:36:19:
0d:bd:6b:4b:c5:56:73:a6:21:de:c5:87:bf:cf:60:
07:bb:91:ea:af:01:4f:18:cf:23:68:8d:a0:8d:f9:
84:de:e3:90:cc:f2:4a:a1:3e:ac:a4:64:f6:2f:56:
e8:21:0d:cb:94:d6:9b:37:3f:64:50:f3:41:cf:d8:
09:34:f5:26:fa:3a:88:9d:23:f8:32:08:b3:6c:40:
fe:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:06:AE:BB:69:72:53:4C:AA:C8:90:A6:DD:D9:53:15:1E:19:46:C5
X509v3 Authority Key Identifier:
keyid:80:30:79:BA:B2:F1:F6:B3:B9:AA:C4:11:DF:4A:82:C3:F0:6A:65:71
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E5642/1040F32C8AFA11EA9B28A929C4F9AE02/gDB5urLx9rO5qsQR30qCw_BqZXE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gDB5urLx9rO5qsQR30qCw_BqZXE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5642/1040F32C8AFA11EA9B28A929C4F9AE02/49484A22DDBE11F0A59AB1524A6F56BC.roa
sbgp-ipAddrBlock: critical
IPv4:
103.146.136.0/23
IPv6:
2407:11c0::/32
Signature Algorithm: sha256WithRSAEncryption
13:f9:f5:8b:86:d5:4a:e0:c4:bb:8c:86:94:a5:17:01:12:72:
78:0b:59:5f:5d:b3:e1:1e:f1:88:bc:a5:43:3e:4e:3e:60:b5:
5e:8a:95:3b:9a:51:fc:94:97:3f:3c:35:47:9c:ff:4d:c7:45:
e8:ce:50:13:4f:7e:01:8e:56:f5:34:36:60:bc:7e:f1:d3:47:
86:7d:60:2b:92:d6:e9:c3:0f:dc:70:03:8e:90:1a:4f:0d:97:
9f:e4:84:2e:ad:48:a4:27:8f:d7:36:78:5d:69:ea:b3:c8:ae:
d6:ee:91:ad:6e:3a:de:3a:0d:bc:6f:a6:e8:1e:ed:af:15:aa:
54:f1:a9:57:5c:0e:86:ac:0e:24:f6:dd:4a:15:1d:33:e6:fe:
dc:76:30:81:a1:6a:9f:bd:32:4a:4e:cf:a3:c8:c2:8d:97:48:
d4:ec:11:9d:fa:ae:62:d6:0a:2b:7c:f8:85:c0:b2:f5:4b:4b:
5e:3a:bc:f7:e8:87:d2:1d:a3:90:05:81:89:18:02:c8:7a:c4:
2b:12:42:a1:7b:45:d3:dc:ec:26:3d:f9:3d:5f:7b:a0:ff:93:
05:cc:85:77:88:c7:52:52:96:db:b4:77:08:99:ed:6e:fb:39:
a8:e0:57:9a:8c:cf:4b:55:f3:e4:67:9b:a5:ba:fc:87:95:35:
5a:1a:b3:5a
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgICCkUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTU2NDIxMTAvBgNVBAUTKDgwMzA3OUJBQjJGMUY2QjNCOUFBQzQxMURGNEE4MkMz
RjA2QTY1NzEwHhcNMjYwMTMxMjAxNjQ0WhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0N2JiYS02MDY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmXAxboZlyTORY7o765BkEhtKZ+1tKjbgCsCibzRguNxs42WB5iRQlAk8LIZE
8EvIhuWZqxYxI5vsniEu+cw4yrG3gQeDn4IJmQqAcE02+iZVqxSTE6S7ocoJU0cS
iD2KKRL13+anYtmJTCNrmcHfNADp69gSuIqdg0RatyVFFnBT8YBuW2hMhQgzGdeC
vSlw5Pl/LAUU10jnHCiPaJfWw517BxIvF4k6WokcHt9crjJENhkNvWtLxVZzpiHe
xYe/z2AHu5HqrwFPGM8jaI2gjfmE3uOQzPJKoT6spGT2L1boIQ3LlNabNz9kUPNB
z9gJNPUm+jqInSP4MgizbED+YwIDAQABo4ICbzCCAmswHQYDVR0OBBYEFBkGrrtp
clNMqsiQpt3ZUxUeGUbFMB8GA1UdIwQYMBaAFIAwebqy8fazuarEEd9KgsPwamVx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTY0Mi8xMDQwRjMyQzhB
RkExMUVBOUIyOEE5MjlDNEY5QUUwMi9nREI1dXJMeDlyTzVxc1FSMzBxQ3dfQnFa
WEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dEQjV1ckx4OXJPNXFzUVIzMHFDd19CcVpYRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTU2NDIvMTA0MEYzMkM4QUZBMTFFQTlCMjhBOTI5QzRGOUFFMDIvNDk0ODRBMjJE
REJFMTFGMEE1OUFCMTUyNEE2RjU2QkMucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQBZ5KIMA0EAgACMAcDBQAkBxHAMA0GCSqGSIb3DQEBCwUAA4IBAQAT
+fWLhtVK4MS7jIaUpRcBEnJ4C1lfXbPhHvGIvKVDPk4+YLVeipU7mlH8lJc/PDVH
nP9Nx0XozlATT34Bjlb1NDZgvH7x00eGfWArktbpww/ccAOOkBpPDZef5IQurUik
J4/XNnhdaeqzyK7W7pGtbjreOg28b6boHu2vFapU8alXXA6GrA4k9t1KFR0z5v7c
djCBoWqfvTJKTs+jyMKNl0jU7BGd+q5i1gorfPiFwLL1S0teOrz36IfSHaOQBYGJ
GALIesQrEkKhe0XT3OwmPfk9X3ug/5MFzIV3iMdSUpbbtHcIme1u+zmo4FeajM9L
VfPkZ5uluvyHlTVaGrNa
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:36:22 2026 by rpki-client