Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/D4EB3054E66811ECA007390EC4F9AE02.roa
File: D4EB3054E66811ECA007390EC4F9AE02.roa (raw, json)
Hash identifier: d70t34kfzJ1P/tOrmndhA9sif675IHxnm4UIqWmVa9U=
Subject key identifier: 71:C1:45:58:90:BC:EE:BD:43:D0:BA:F7:0D:B3:B9:CC:76:A4:CC:3F
Certificate issuer: /CN=A91EA958/serialNumber=1110310E0F80467703D8477FB3EE25F1D8888E9E
Certificate serial: 2547
Authority key identifier: 11:10:31:0E:0F:80:46:77:03:D8:47:7F:B3:EE:25:F1:D8:88:8E:9E
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ERAxDg-ARncD2Ed_s-4l8diIjp4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/D4EB3054E66811ECA007390EC4F9AE02.roa
Signing time: Sun 01 Mar 2026 16:58:36 +0000
ROA not before: Wed 10 Dec 2025 02:09:09 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 131207
IP address blocks: 96.9.64.0/23 maxlen: 23
96.9.64.0/24 maxlen: 24
96.9.65.0/24 maxlen: 24
96.9.66.0/23 maxlen: 23
96.9.66.0/24 maxlen: 24
96.9.67.0/24 maxlen: 24
96.9.68.0/23 maxlen: 23
96.9.68.0/24 maxlen: 24
96.9.69.0/24 maxlen: 24
96.9.70.0/23 maxlen: 23
96.9.70.0/24 maxlen: 24
96.9.71.0/24 maxlen: 24
96.9.72.0/23 maxlen: 23
96.9.72.0/24 maxlen: 24
96.9.73.0/24 maxlen: 24
96.9.74.0/23 maxlen: 23
96.9.74.0/24 maxlen: 24
96.9.75.0/24 maxlen: 24
96.9.76.0/23 maxlen: 23
96.9.76.0/24 maxlen: 24
96.9.77.0/24 maxlen: 24
96.9.78.0/23 maxlen: 23
96.9.78.0/24 maxlen: 24
96.9.79.0/24 maxlen: 24
96.9.80.0/23 maxlen: 23
96.9.80.0/24 maxlen: 24
96.9.81.0/24 maxlen: 24
96.9.82.0/23 maxlen: 23
96.9.82.0/24 maxlen: 24
96.9.83.0/24 maxlen: 24
96.9.84.0/23 maxlen: 23
96.9.84.0/24 maxlen: 24
96.9.85.0/24 maxlen: 24
96.9.86.0/23 maxlen: 23
96.9.86.0/24 maxlen: 24
96.9.87.0/24 maxlen: 24
96.9.88.0/23 maxlen: 23
96.9.88.0/24 maxlen: 24
96.9.89.0/24 maxlen: 24
96.9.90.0/23 maxlen: 23
96.9.90.0/24 maxlen: 24
96.9.91.0/24 maxlen: 24
96.9.92.0/23 maxlen: 23
96.9.92.0/24 maxlen: 24
96.9.93.0/24 maxlen: 24
96.9.94.0/23 maxlen: 23
96.9.94.0/24 maxlen: 24
96.9.95.0/24 maxlen: 24
136.228.128.0/23 maxlen: 23
136.228.128.0/24 maxlen: 24
136.228.129.0/24 maxlen: 24
136.228.130.0/23 maxlen: 23
136.228.130.0/24 maxlen: 24
136.228.131.0/24 maxlen: 24
136.228.132.0/23 maxlen: 24
136.228.134.0/23 maxlen: 24
136.228.136.0/22 maxlen: 22
136.228.136.0/24 maxlen: 24
136.228.137.0/24 maxlen: 24
136.228.138.0/24 maxlen: 24
136.228.139.0/24 maxlen: 24
136.228.140.0/23 maxlen: 23
136.228.140.0/24 maxlen: 24
136.228.141.0/24 maxlen: 24
136.228.142.0/23 maxlen: 23
136.228.142.0/24 maxlen: 24
136.228.143.0/24 maxlen: 24
136.228.144.0/23 maxlen: 23
136.228.145.0/24 maxlen: 24
136.228.146.0/23 maxlen: 23
136.228.146.0/24 maxlen: 24
136.228.147.0/24 maxlen: 24
136.228.148.0/23 maxlen: 23
136.228.148.0/24 maxlen: 24
136.228.149.0/24 maxlen: 24
136.228.150.0/23 maxlen: 23
136.228.150.0/24 maxlen: 24
136.228.151.0/24 maxlen: 24
136.228.152.0/23 maxlen: 23
136.228.154.0/23 maxlen: 23
136.228.156.0/23 maxlen: 23
136.228.156.0/24 maxlen: 24
136.228.157.0/24 maxlen: 24
136.228.158.0/23 maxlen: 23
136.228.158.0/24 maxlen: 24
136.228.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/ERAxDg-ARncD2Ed_s-4l8diIjp4.crl
rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/ERAxDg-ARncD2Ed_s-4l8diIjp4.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ERAxDg-ARncD2Ed_s-4l8diIjp4.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 15:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9543 (0x2547)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA958, serialNumber=1110310E0F80467703D8477FB3EE25F1D8888E9E
Validity
Not Before: Dec 10 02:09:09 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=69a4703c-f46b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ec:69:69:55:44:da:d2:b4:48:c9:20:39:fd:
52:1c:01:08:8d:c3:40:8d:d3:ab:28:c3:65:8c:d1:
0f:7b:6f:17:c3:53:6a:89:29:b3:ce:0d:5f:4a:bc:
22:f9:83:ed:df:2c:88:a0:f8:54:58:b0:bd:f5:9b:
53:8b:5a:40:42:d9:b3:87:b0:64:2a:07:54:2b:0d:
83:99:de:7b:16:b3:24:76:fe:e0:08:54:eb:18:f2:
c6:24:7c:a5:e4:42:e4:98:c0:4a:2f:71:ab:13:af:
0a:06:71:2c:12:02:08:95:ec:87:ea:9b:85:d9:a6:
2e:64:44:a7:65:ed:dc:b1:fc:87:32:8f:e3:81:30:
68:b2:93:58:96:b9:29:e2:a8:90:ce:6a:fd:83:68:
db:78:1c:0d:92:f7:5b:7a:ae:be:1d:f1:dd:4d:70:
1e:78:cc:48:fc:96:c4:89:d6:2d:bd:33:37:4d:49:
13:77:fd:6b:3d:12:2d:7c:fe:21:32:fa:f7:a1:92:
5e:0f:66:ec:03:a3:d4:8c:34:15:f6:36:6a:58:b6:
72:ca:98:19:4c:72:21:c5:23:01:ca:81:b5:e2:67:
11:99:b0:8a:e3:7b:0a:c6:10:63:5c:59:e0:5a:c6:
4e:d9:d6:5e:8d:de:0e:e8:61:fb:f4:4a:db:77:bf:
7d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:C1:45:58:90:BC:EE:BD:43:D0:BA:F7:0D:B3:B9:CC:76:A4:CC:3F
X509v3 Authority Key Identifier:
keyid:11:10:31:0E:0F:80:46:77:03:D8:47:7F:B3:EE:25:F1:D8:88:8E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/ERAxDg-ARncD2Ed_s-4l8diIjp4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ERAxDg-ARncD2Ed_s-4l8diIjp4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/D4EB3054E66811ECA007390EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
96.9.64.0/19
136.228.128.0/19
Signature Algorithm: sha256WithRSAEncryption
05:ad:45:63:a6:c5:1e:9c:27:d6:5c:99:2b:9c:2a:12:62:c3:
80:b3:ab:11:0c:db:b0:1f:c3:c3:40:59:5f:b6:52:f9:b0:70:
39:81:2a:60:9e:bb:b8:0f:ad:ad:9a:ec:93:87:3a:bc:a7:76:
11:1a:8e:c3:14:7e:43:dd:28:5d:e9:2a:05:b5:c1:a3:ba:d9:
70:2a:bd:a7:32:ac:dd:7e:64:6f:da:f2:7f:50:58:98:57:a0:
cd:0b:21:e9:4a:a2:c2:ec:0b:cd:e5:e0:4c:58:e0:05:77:b2:
37:6c:0c:4a:fc:e0:2d:a8:b9:a1:39:cb:5e:2b:4c:8d:ae:e4:
eb:71:cc:30:2b:4f:5d:72:cf:41:e1:d5:5c:cb:8f:68:d8:d0:
78:71:66:f2:7a:42:fd:59:ff:8c:37:f8:be:ca:ea:70:79:cc:
13:e2:f2:11:2c:c2:c6:b8:54:f0:20:e6:8f:e4:d8:9d:a5:e1:
c3:56:74:87:c1:35:72:90:14:87:4a:be:9f:66:14:d9:21:35:
7d:a4:b0:60:a7:f8:f1:2e:95:2b:58:80:92:20:41:16:41:f3:
7e:76:02:c5:e6:cf:71:83:c2:64:6b:3b:a1:38:92:0c:bc:9c:
52:cb:64:d4:66:1b:9f:86:dd:be:56:c7:9b:a9:4d:9e:c0:52:
d2:a8:e8:d5
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgICJUcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE5NTgxMTAvBgNVBAUTKDExMTAzMTBFMEY4MDQ2NzcwM0Q4NDc3RkIzRUUyNUYx
RDg4ODhFOUUwHhcNMjUxMjEwMDIwOTA5WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzAzYy1mNDZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyOxpaVVE2tK0SMkgOf1SHAEIjcNAjdOrKMNljNEPe28Xw1NqiSmzzg1fSrwi
+YPt3yyIoPhUWLC99ZtTi1pAQtmzh7BkKgdUKw2Dmd57FrMkdv7gCFTrGPLGJHyl
5ELkmMBKL3GrE68KBnEsEgIIleyH6puF2aYuZESnZe3csfyHMo/jgTBospNYlrkp
4qiQzmr9g2jbeBwNkvdbeq6+HfHdTXAeeMxI/JbEidYtvTM3TUkTd/1rPRItfP4h
Mvr3oZJeD2bsA6PUjDQV9jZqWLZyypgZTHIhxSMByoG14mcRmbCK43sKxhBjXFng
WsZO2dZejd4O6GH79Erbd799gQIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFHHBRViQ
vO69Q9C69w2zucx2pMw/MB8GA1UdIwQYMBaAFBEQMQ4PgEZ3A9hHf7PuJfHYiI6e
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTk1OC9GREVGRDczNjRC
RDYxMUU1QTdDQTMwMzNDNEY5QUUwMi9FUkF4RGctQVJuY0QyRWRfcy00bDhkaUlq
cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0VSQXhEZy1BUm5jRDJFZF9zLTRsOGRpSWpwNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUE5NTgvRkRFRkQ3MzY0QkQ2MTFFNUE3Q0EzMDMzQzRGOUFFMDIvRDRFQjMwNTRF
NjY4MTFFQ0EwMDczOTBFQzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS
BAIAATAMAwQFYAlAAwQFiOSAMA0GCSqGSIb3DQEBCwUAA4IBAQAFrUVjpsUenCfW
XJkrnCoSYsOAs6sRDNuwH8PDQFlftlL5sHA5gSpgnru4D62tmuyThzq8p3YRGo7D
FH5D3Shd6SoFtcGjutlwKr2nMqzdfmRv2vJ/UFiYV6DNCyHpSqLC7AvN5eBMWOAF
d7I3bAxK/OAtqLmhOcteK0yNruTrccwwK09dcs9B4dVcy49o2NB4cWbyekL9Wf+M
N/i+yupwecwT4vIRLMLGuFTwIOaP5NidpeHDVnSHwTVykBSHSr6fZhTZITV9pLBg
p/jxLpUrWICSIEEWQfN+dgLF5s9xg8JkazuhOJIMvJxSy2TUZhufht2+VsebqU2e
wFLSqOjV
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:48:50 2026 by rpki-client