Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/1A0D44FA3B5411EABAC6EE18C4F9AE02.roa
File: 1A0D44FA3B5411EABAC6EE18C4F9AE02.roa (raw, json)
Hash identifier: B88B8lhDuyvlqii7Vxfu2GVrdnxyOhGHMfrl63G06so=
Subject key identifier: 57:CE:D0:23:B9:E0:59:98:3C:0F:AD:3C:6C:09:81:1F:0B:34:40:ED
Certificate issuer: /CN=A91EA198/serialNumber=5FEEDE9D382543F051527FA533D47A917077E632
Certificate serial: 1EC3
Authority key identifier: 5F:EE:DE:9D:38:25:43:F0:51:52:7F:A5:33:D4:7A:91:70:77:E6:32
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/1A0D44FA3B5411EABAC6EE18C4F9AE02.roa
Signing time: Sun 01 Mar 2026 16:59:07 +0000
ROA not before: Fri 12 Dec 2025 16:13:52 +0000
ROA not after: Tue 02 Mar 2027 00:00:00 +0000
asID: 37963
IP address blocks: 8.128.0.0/10 maxlen: 15
8.128.0.0/16 maxlen: 24
8.129.0.0/16 maxlen: 24
8.130.0.0/16 maxlen: 24
8.131.0.0/16 maxlen: 24
8.132.0.0/16 maxlen: 24
8.133.0.0/16 maxlen: 24
8.134.0.0/16 maxlen: 24
8.135.0.0/16 maxlen: 24
8.136.0.0/16 maxlen: 24
8.137.0.0/16 maxlen: 24
8.138.0.0/16 maxlen: 24
8.139.0.0/16 maxlen: 24
8.140.0.0/16 maxlen: 24
8.141.0.0/16 maxlen: 24
8.142.0.0/16 maxlen: 24
8.143.0.0/16 maxlen: 24
8.144.0.0/16 maxlen: 24
8.145.0.0/16 maxlen: 24
8.146.0.0/16 maxlen: 24
8.147.0.0/16 maxlen: 24
8.148.0.0/16 maxlen: 24
8.149.0.0/16 maxlen: 24
8.150.0.0/16 maxlen: 24
8.151.0.0/16 maxlen: 24
8.152.0.0/16 maxlen: 24
8.153.0.0/16 maxlen: 24
8.154.0.0/16 maxlen: 24
8.155.0.0/16 maxlen: 24
8.156.0.0/16 maxlen: 24
8.157.0.0/16 maxlen: 24
8.158.0.0/16 maxlen: 24
8.159.0.0/16 maxlen: 24
8.160.0.0/16 maxlen: 24
8.161.0.0/16 maxlen: 24
8.162.0.0/16 maxlen: 24
8.163.0.0/16 maxlen: 24
8.164.0.0/16 maxlen: 24
8.165.0.0/16 maxlen: 24
8.166.0.0/16 maxlen: 24
8.167.0.0/16 maxlen: 24
8.168.0.0/16 maxlen: 24
8.169.0.0/16 maxlen: 24
8.170.0.0/16 maxlen: 24
8.171.0.0/16 maxlen: 24
8.172.0.0/16 maxlen: 24
8.173.0.0/16 maxlen: 24
8.174.0.0/16 maxlen: 24
8.175.0.0/16 maxlen: 24
8.176.0.0/16 maxlen: 24
8.178.0.0/16 maxlen: 24
8.179.0.0/16 maxlen: 24
8.180.0.0/16 maxlen: 24
8.181.0.0/16 maxlen: 24
8.182.0.0/16 maxlen: 24
8.183.0.0/16 maxlen: 24
8.184.0.0/16 maxlen: 24
8.185.0.0/16 maxlen: 24
8.186.0.0/16 maxlen: 24
8.187.0.0/16 maxlen: 24
8.188.0.0/16 maxlen: 24
8.189.0.0/16 maxlen: 24
8.190.0.0/16 maxlen: 24
8.191.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/X-7enTglQ_BRUn-lM9R6kXB35jI.crl
rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/X-7enTglQ_BRUn-lM9R6kXB35jI.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 22:50:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7875 (0x1ec3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA198, serialNumber=5FEEDE9D382543F051527FA533D47A917077E632
Validity
Not Before: Dec 12 16:13:52 2025 GMT
Not After : Mar 2 00:00:00 2027 GMT
Subject: CN=69a4705b-e7cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:bc:c1:a0:4a:72:e4:29:52:8f:5a:dc:3d:98:
31:f6:35:4b:40:bc:a0:19:de:7d:d8:9b:c3:b5:54:
ed:1d:90:0b:2d:bd:4b:bf:53:f2:14:f3:ba:57:cd:
4b:68:ec:02:f6:00:e4:eb:5c:a5:24:af:21:21:08:
97:dc:cc:00:19:77:62:c6:4d:8b:de:e6:da:c6:e0:
9f:e3:9d:7e:ac:ba:26:51:00:c7:72:cb:e8:69:7d:
82:59:f5:fd:72:c9:7e:e4:b4:b1:a6:f9:08:65:63:
bd:f4:6c:24:02:0f:31:53:b3:26:cc:62:93:bb:f9:
e4:c2:3e:c9:2f:87:3b:c1:8e:43:ef:c7:b9:52:cb:
4f:e7:0d:42:b0:3a:da:65:b9:16:fa:6f:80:da:19:
91:26:e8:31:e1:aa:20:83:30:07:7b:3c:76:e2:b9:
b0:ff:f0:65:de:62:be:55:8a:0b:ab:c6:a0:b9:6f:
45:f9:5a:f5:5e:38:9d:4f:46:1e:d8:f1:ed:08:57:
b2:9e:ad:27:55:56:0e:4d:30:1c:f8:c6:63:f7:31:
c4:be:d0:75:8b:8d:cb:70:1e:b9:fd:17:13:a6:81:
5b:2e:3d:a1:09:0f:5d:16:73:a1:44:36:6a:66:6c:
43:9b:83:9c:05:2a:f7:f0:c6:cc:4f:36:90:a0:f8:
cf:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:CE:D0:23:B9:E0:59:98:3C:0F:AD:3C:6C:09:81:1F:0B:34:40:ED
X509v3 Authority Key Identifier:
keyid:5F:EE:DE:9D:38:25:43:F0:51:52:7F:A5:33:D4:7A:91:70:77:E6:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/X-7enTglQ_BRUn-lM9R6kXB35jI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/1A0D44FA3B5411EABAC6EE18C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
8.128.0.0/10
Signature Algorithm: sha256WithRSAEncryption
ca:96:c6:46:5b:3e:de:66:0b:eb:a8:eb:7d:e7:40:52:dc:bb:
2e:67:56:6f:30:e6:8e:e0:ad:b9:08:4a:45:1a:eb:e2:53:27:
3a:9c:34:47:71:da:32:ad:58:9c:42:26:86:60:ad:40:9a:12:
a1:96:a4:8f:86:61:b8:a5:f7:af:16:d8:89:c0:36:97:08:66:
13:5a:2a:00:0e:71:2e:76:d5:cb:4c:96:5d:cd:38:54:db:ff:
6c:58:3e:cc:f1:5a:d2:51:b4:10:00:c7:e5:af:23:c2:25:0c:
15:f7:f5:bc:89:22:1b:a0:66:31:8b:d1:82:24:46:6b:2f:7b:
1e:25:4e:e0:83:f4:d1:11:bd:f5:60:dd:29:00:af:dc:33:fc:
e2:72:d4:f4:74:cd:a7:82:cb:e3:b3:47:4e:72:d0:d6:4a:25:
31:f2:75:0f:03:51:44:53:96:f6:1e:75:de:4c:96:89:13:47:
5e:13:f5:3c:b4:d7:2d:bf:2e:39:ab:e6:d6:25:42:bf:f5:a7:
02:ea:cf:e4:d4:39:1a:5a:61:21:80:aa:f2:7c:20:6d:26:de:
1a:45:c0:1f:4b:b6:04:69:c7:8c:15:9f:7d:47:1a:cd:d4:df:
66:69:19:d6:eb:d8:e2:8c:bb:3b:90:9d:1a:72:97:22:c4:df:
a5:dc:76:a9
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgICHsMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUExOTgxMTAvBgNVBAUTKDVGRUVERTlEMzgyNTQzRjA1MTUyN0ZBNTMzRDQ3QTkx
NzA3N0U2MzIwHhcNMjUxMjEyMTYxMzUyWhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzA1Yi1lN2NjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAorzBoEpy5ClSj1rcPZgx9jVLQLygGd592JvDtVTtHZALLb1Lv1PyFPO6V81L
aOwC9gDk61ylJK8hIQiX3MwAGXdixk2L3ubaxuCf451+rLomUQDHcsvoaX2CWfX9
csl+5LSxpvkIZWO99GwkAg8xU7MmzGKTu/nkwj7JL4c7wY5D78e5UstP5w1CsDra
ZbkW+m+A2hmRJugx4aoggzAHezx24rmw//Bl3mK+VYoLq8aguW9F+Vr1XjidT0Ye
2PHtCFeynq0nVVYOTTAc+MZj9zHEvtB1i43LcB65/RcTpoFbLj2hCQ9dFnOhRDZq
ZmxDm4OcBSr38MbMTzaQoPjPBQIDAQABo4ICXzCCAlswHQYDVR0OBBYEFFfO0CO5
4FmYPA+tPGwJgR8LNEDtMB8GA1UdIwQYMBaAFF/u3p04JUPwUVJ/pTPUepFwd+Yy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC9BRDYyOTIyMkI1
MjUxMUU2QUY2Qzg5NUVDNEY5QUUwMi9YLTdlblRnbFFfQlJVbi1sTTlSNmtYQjM1
akkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1gtN2VuVGdsUV9CUlVuLWxNOVI2a1hCMzVqSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUExOTgvQUQ2MjkyMjJCNTI1MTFFNkFGNkM4OTVFQzRGOUFFMDIvMUEwRDQ0RkEz
QjU0MTFFQUJBQzZFRTE4QzRGOUFFMDIucm9hMB4GCCsGAQUFBwEHAQH/BA8wDTAL
BAIAATAFAwMGCIAwDQYJKoZIhvcNAQELBQADggEBAMqWxkZbPt5mC+uo633nQFLc
uy5nVm8w5o7grbkISkUa6+JTJzqcNEdx2jKtWJxCJoZgrUCaEqGWpI+GYbil968W
2InANpcIZhNaKgAOcS521ctMll3NOFTb/2xYPszxWtJRtBAAx+WvI8IlDBX39byJ
IhugZjGL0YIkRmsvex4lTuCD9NERvfVg3SkAr9wz/OJy1PR0zaeCy+OzR05y0NZK
JTHydQ8DUURTlvYedd5MlokTR14T9Ty01y2/Ljmr5tYlQr/1pwLqz+TUORpaYSGA
qvJ8IG0m3hpFwB9LtgRpx4wVn31HGs3U32ZpGdbr2OKMuzuQnRpylyLE36Xcdqk=
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:41:41 2026 by rpki-client