Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/F008FF08C22111ECB9FFB964C4F9AE02.roa
File: F008FF08C22111ECB9FFB964C4F9AE02.roa (raw, json)
Hash identifier: BO2ap/iba5V9JZKlVjzyyKKKOW+r+ideqFQgzlaGjkc=
Subject key identifier: 9F:AC:48:8E:14:D8:09:63:25:91:8B:D1:3D:B6:69:F4:3A:69:DC:9B
Certificate issuer: /CN=A91E7561/serialNumber=25BC7D4DE77BD01B3D191587696E5AFDD8CECD04
Certificate serial: 07F9
Authority key identifier: 25:BC:7D:4D:E7:7B:D0:1B:3D:19:15:87:69:6E:5A:FD:D8:CE:CD:04
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/F008FF08C22111ECB9FFB964C4F9AE02.roa
Signing time: Sun 01 Mar 2026 21:25:27 +0000
ROA not before: Tue 16 Dec 2025 07:22:43 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 45758
IP address blocks: 14.207.0.0/16 maxlen: 17
27.130.0.0/16 maxlen: 17
27.130.0.0/24 maxlen: 24
43.245.144.0/22 maxlen: 23
49.48.0.0/15 maxlen: 17
103.16.204.0/22 maxlen: 23
110.164.0.0/16 maxlen: 17
110.164.11.0/24 maxlen: 24
110.164.14.0/24 maxlen: 24
110.164.17.0/24 maxlen: 24
110.164.21.0/24 maxlen: 24
110.164.28.0/24 maxlen: 24
171.4.0.0/14 maxlen: 17
180.183.0.0/16 maxlen: 17
183.88.0.0/15 maxlen: 17
223.204.0.0/14 maxlen: 17
2403:6200::/32 maxlen: 33
2403:6200:8810::/44 maxlen: 44
2403:6200:8820::/44 maxlen: 44
2403:6200:8830::/44 maxlen: 44
2403:6200:8840::/44 maxlen: 44
2403:6200:8850::/44 maxlen: 44
2403:6200:8860::/44 maxlen: 44
2403:6200:8870::/44 maxlen: 44
2403:6200:8880::/44 maxlen: 44
2403:6200:8890::/44 maxlen: 44
2403:6200:88a0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.crl
rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 18:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2041 (0x7f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E7561, serialNumber=25BC7D4DE77BD01B3D191587696E5AFDD8CECD04
Validity
Not Before: Dec 16 07:22:43 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a4aec7-811f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:14:c4:d4:15:94:d2:c8:55:c9:97:87:4d:83:
ed:f8:0a:e4:f2:28:9e:26:fb:32:06:b1:29:a5:cd:
87:1b:13:6c:fd:5c:2c:a8:b1:41:b7:7f:2d:ee:d5:
23:7e:d7:cb:d8:01:16:70:97:cf:63:5c:1f:45:71:
d4:0a:eb:3a:67:f6:a9:2f:b9:94:60:08:dd:68:37:
8e:df:2a:eb:24:5c:74:1d:8b:9f:3e:6f:30:7d:30:
8e:a8:bc:71:1b:99:87:8d:c0:86:73:af:92:57:fd:
c9:03:9a:cf:ff:8b:4e:d3:24:86:da:92:1f:6d:96:
19:ea:b6:92:34:c8:1a:09:b5:d8:0d:4d:2b:c7:b1:
00:6d:f0:b0:78:c9:5e:ca:7b:21:b0:9d:b0:fb:4c:
75:1b:5b:71:25:90:fe:00:2d:76:31:ec:f3:e4:61:
16:3f:0c:f6:c6:0f:16:cf:af:81:5d:87:b5:a2:5e:
e3:61:2b:0e:e8:fb:bc:c7:63:de:6b:53:d5:74:47:
ef:82:f1:11:cf:77:0a:7b:93:ff:97:03:49:4a:fe:
d9:c8:d3:bc:3f:64:8f:57:f8:75:91:27:82:33:e6:
2c:49:e6:88:a7:fe:33:33:22:ca:ac:50:d4:4c:6e:
d8:19:a3:f6:09:a1:8e:45:dd:80:1d:8e:a6:6d:47:
4b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:AC:48:8E:14:D8:09:63:25:91:8B:D1:3D:B6:69:F4:3A:69:DC:9B
X509v3 Authority Key Identifier:
keyid:25:BC:7D:4D:E7:7B:D0:1B:3D:19:15:87:69:6E:5A:FD:D8:CE:CD:04
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/F008FF08C22111ECB9FFB964C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
14.207.0.0/16
27.130.0.0/16
43.245.144.0/22
49.48.0.0/15
103.16.204.0/22
110.164.0.0/16
171.4.0.0/14
180.183.0.0/16
183.88.0.0/15
223.204.0.0/14
IPv6:
2403:6200::/32
Signature Algorithm: sha256WithRSAEncryption
0e:26:5d:ef:a9:93:44:ac:23:2a:54:7c:73:7e:73:4c:83:07:
b9:49:f7:21:df:2f:64:3e:f9:a6:c7:17:7c:06:2d:f8:94:ec:
5c:77:5d:c1:5c:44:5b:a4:fd:e0:6b:b1:66:2c:f9:b5:b9:a4:
3a:df:72:90:bb:60:b2:38:9d:1e:4d:90:81:2b:cb:1b:d0:1a:
23:d6:9f:d9:4b:18:5e:bc:f6:e8:59:c0:0e:dd:2b:35:6b:7e:
25:32:97:cb:53:77:3b:ed:d5:76:53:70:ff:28:55:93:a8:ef:
4c:31:67:89:e3:f0:fa:6b:90:d4:c6:4a:e6:29:be:2d:0d:33:
82:1e:f8:ad:db:60:48:cd:1d:f7:b7:46:31:43:5b:81:3a:b6:
05:c6:01:9c:22:31:28:56:39:c4:22:61:4e:6b:7c:6a:1e:2f:
37:b3:63:2f:3b:f3:ca:ff:30:36:5f:c9:a4:60:b3:52:60:02:
ea:29:ab:ca:7c:fc:b1:78:9e:9d:fc:29:2b:ca:b3:f8:6e:0d:
7a:b0:ad:0f:a0:fe:4e:af:c3:e6:bf:9d:43:d8:67:9b:28:31:
37:81:ae:81:43:91:77:91:b1:a0:72:83:9f:69:97:7f:d8:b7:
03:40:42:d8:52:c6:1a:1c:42:d6:29:b6:fd:95:ee:de:e9:5d:
ce:90:b2:3a
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICB/kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTc1NjExMTAvBgNVBAUTKDI1QkM3RDRERTc3QkQwMUIzRDE5MTU4NzY5NkU1QUZE
RDhDRUNEMDQwHhcNMjUxMjE2MDcyMjQzWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0YWVjNy04MTFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2RTE1BWU0shVyZeHTYPt+Ark8iieJvsyBrEppc2HGxNs/VwsqLFBt38t7tUj
ftfL2AEWcJfPY1wfRXHUCus6Z/apL7mUYAjdaDeO3yrrJFx0HYufPm8wfTCOqLxx
G5mHjcCGc6+SV/3JA5rP/4tO0ySG2pIfbZYZ6raSNMgaCbXYDU0rx7EAbfCweMle
ynshsJ2w+0x1G1txJZD+AC12Mezz5GEWPwz2xg8Wz6+BXYe1ol7jYSsO6Pu8x2Pe
a1PVdEfvgvERz3cKe5P/lwNJSv7ZyNO8P2SPV/h1kSeCM+YsSeaIp/4zMyLKrFDU
TG7YGaP2CaGORd2AHY6mbUdLzQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFJ+sSI4U
2AljJZGL0T22afQ6adybMB8GA1UdIwQYMBaAFCW8fU3ne9AbPRkVh2luWv3Yzs0E
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzU2MS9BMjZFMDZFMDA1
NEMxMUVDQkRCNEZFNDZDNEY5QUUwMi9KYng5VGVkNzBCczlHUldIYVc1YV9kak96
UVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pieDlUZWQ3MEJzOUdSV0hhVzVhX2RqT3pRUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTc1NjEvQTI2RTA2RTAwNTRDMTFFQ0JEQjRGRTQ2QzRGOUFFMDIvRjAwOEZGMDhD
MjIxMTFFQ0I5RkZCOTY0QzRGOUFFMDIucm9hMFwGCCsGAQUFBwEHAQH/BE0wSzA6
BAIAATA0AwMADs8DAwAbggMEAiv1kAMDATEwAwQCZxDMAwMAbqQDAwKrBAMDALS3
AwMBt1gDAwLfzDANBAIAAjAHAwUAJANiADANBgkqhkiG9w0BAQsFAAOCAQEADiZd
76mTRKwjKlR8c35zTIMHuUn3Id8vZD75pscXfAYt+JTsXHddwVxEW6T94GuxZiz5
tbmkOt9ykLtgsjidHk2QgSvLG9AaI9af2UsYXrz26FnADt0rNWt+JTKXy1N3O+3V
dlNw/yhVk6jvTDFniePw+muQ1MZK5im+LQ0zgh74rdtgSM0d97dGMUNbgTq2BcYB
nCIxKFY5xCJhTmt8ah4vN7NjLzvzyv8wNl/JpGCzUmAC6imrynz8sXienfwpK8qz
+G4NerCtD6D+Tq/D5r+dQ9hnmygxN4GugUORd5GxoHKDn2mXf9i3A0BC2FLGGhxC
1im2/ZXu3uldzpCyOg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:58:22 2026 by rpki-client