Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/2A309FACEC2511F093ADEAD03D6F56BC.roa
File: 2A309FACEC2511F093ADEAD03D6F56BC.roa (raw, json)
Hash identifier: J0nwYlEYUE4zSCS6vykAZTwAKoV8/9btL95KquTry64=
Subject key identifier: 73:60:E6:32:AF:E6:45:19:91:FF:AF:84:27:4C:C6:99:20:F4:8F:2A
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 19D9
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/2A309FACEC2511F093ADEAD03D6F56BC.roa
Signing time: Sun 01 Mar 2026 18:50:52 +0000
ROA not before: Fri 20 Feb 2026 17:14:59 +0000
ROA not after: Sat 01 May 2027 00:00:00 +0000
asID: 4826
IP address blocks: 14.137.106.0/24 maxlen: 24
27.106.200.0/22 maxlen: 22
43.241.188.0/22 maxlen: 22
43.252.252.0/22 maxlen: 22
49.255.0.0/16 maxlen: 16
49.255.233.0/24 maxlen: 24
49.255.255.0/24 maxlen: 24
103.37.120.0/24 maxlen: 24
103.233.148.0/22 maxlen: 22
103.255.16.0/22 maxlen: 22
110.5.116.0/22 maxlen: 22
114.31.192.0/20 maxlen: 20
116.212.192.0/18 maxlen: 18
116.212.204.0/24 maxlen: 24
116.212.230.0/23 maxlen: 24
116.212.253.0/24 maxlen: 24
119.161.64.0/20 maxlen: 20
119.161.80.0/20 maxlen: 20
121.54.128.0/19 maxlen: 19
121.54.128.0/20 maxlen: 20
121.54.136.0/24 maxlen: 24
121.54.145.0/24 maxlen: 24
121.79.0.0/17 maxlen: 17
123.103.192.0/19 maxlen: 19
124.254.64.0/18 maxlen: 18
124.254.64.0/24 maxlen: 24
124.254.95.0/24 maxlen: 24
124.254.96.0/24 maxlen: 24
175.45.64.0/18 maxlen: 18
175.45.73.0/24 maxlen: 24
175.45.78.0/24 maxlen: 24
175.45.82.0/24 maxlen: 24
175.45.83.0/24 maxlen: 24
175.45.85.0/24 maxlen: 24
175.45.92.0/24 maxlen: 24
175.45.94.0/23 maxlen: 23
175.45.99.0/24 maxlen: 24
175.45.100.0/24 maxlen: 24
175.45.101.0/24 maxlen: 24
175.45.105.0/24 maxlen: 24
175.45.111.0/24 maxlen: 24
180.148.64.0/19 maxlen: 19
180.148.76.0/24 maxlen: 24
180.148.77.0/24 maxlen: 24
180.148.83.0/24 maxlen: 24
180.148.84.0/24 maxlen: 24
180.148.95.0/24 maxlen: 24
202.62.138.0/24 maxlen: 24
202.62.139.0/24 maxlen: 24
202.62.141.0/24 maxlen: 24
202.62.142.0/24 maxlen: 24
202.62.147.0/24 maxlen: 24
202.62.152.0/24 maxlen: 24
202.62.153.0/24 maxlen: 24
202.62.154.0/24 maxlen: 24
202.62.155.0/24 maxlen: 24
202.80.176.0/20 maxlen: 20
202.89.160.0/19 maxlen: 19
202.136.32.0/20 maxlen: 20
202.137.96.0/20 maxlen: 20
202.137.192.0/21 maxlen: 21
202.174.224.0/19 maxlen: 19
202.189.64.0/20 maxlen: 20
202.189.72.0/24 maxlen: 24
202.189.73.0/24 maxlen: 24
203.12.251.0/24 maxlen: 24
203.16.170.0/24 maxlen: 24
203.18.212.0/23 maxlen: 23
203.23.116.0/24 maxlen: 24
203.28.186.0/24 maxlen: 24
203.29.177.0/24 maxlen: 24
203.55.11.0/24 maxlen: 24
203.55.250.0/24 maxlen: 24
203.89.64.0/19 maxlen: 19
203.89.80.0/24 maxlen: 24
203.89.92.0/24 maxlen: 24
203.92.28.0/22 maxlen: 22
203.129.128.0/19 maxlen: 19
203.153.224.0/19 maxlen: 19
203.153.226.0/24 maxlen: 24
203.161.64.0/18 maxlen: 18
203.188.128.0/19 maxlen: 19
210.50.198.0/24 maxlen: 24
211.26.193.0/24 maxlen: 24
218.100.80.0/22 maxlen: 22
223.27.96.0/21 maxlen: 21
2402:7800::/32 maxlen: 32
2402:7800:ff00::/40 maxlen: 40
2402:7800:ff00::/48 maxlen: 48
2402:7800:ff01::/48 maxlen: 48
2402:7800:ff20::/48 maxlen: 48
2402:7800:ff40::/44 maxlen: 44
2402:7800:ffe0::/48 maxlen: 48
2403:d600::/32 maxlen: 32
2403:fc00:300::/40 maxlen: 40
2404:b000::/32 maxlen: 32
2404:bc00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 23:45:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6617 (0x19d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D, serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Validity
Not Before: Feb 20 17:14:59 2026 GMT
Not After : May 1 00:00:00 2027 GMT
Subject: CN=69a48a8c-a0f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a8:ab:1d:94:b7:45:44:2e:2a:d6:11:3d:60:
e8:d4:b3:ab:7c:60:7a:b6:8f:af:75:04:83:b2:02:
16:b0:be:34:70:27:fb:0a:42:2d:9f:42:55:e5:4e:
cb:de:68:f7:80:3d:76:d0:79:ce:f3:08:28:a4:1a:
78:10:8f:73:31:b3:c2:ae:5e:2d:8e:d6:ea:f9:3a:
46:f5:b6:84:ed:88:25:a2:c7:1c:3f:f7:74:01:47:
4d:2f:58:f5:c1:46:2e:fc:ea:db:0e:70:ee:72:a2:
07:87:cf:27:50:eb:ab:56:41:91:23:bf:6c:cb:61:
b7:cf:d4:50:b6:05:dd:f7:b6:62:7a:de:51:58:75:
4b:7d:2b:99:45:80:78:d8:aa:c9:a7:7e:a9:57:20:
13:f4:93:ca:8f:0d:18:2f:f0:cb:41:6b:f9:d9:56:
5d:ca:cf:b5:e4:58:78:f0:6e:fa:e4:68:cd:d3:40:
eb:66:0b:90:e0:ad:93:ea:5c:dc:4a:6d:71:2a:91:
98:55:85:85:16:f7:5f:b9:e0:51:f9:e6:cf:54:87:
45:56:3a:c1:3e:21:e7:c7:07:22:e1:64:f8:b4:a4:
7d:00:81:57:4b:15:96:30:81:a6:73:a0:53:b4:9a:
4c:ee:9d:72:d6:11:48:92:8d:cf:08:39:f1:a6:8b:
92:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:60:E6:32:AF:E6:45:19:91:FF:AF:84:27:4C:C6:99:20:F4:8F:2A
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/2A309FACEC2511F093ADEAD03D6F56BC.roa
sbgp-ipAddrBlock: critical
IPv4:
14.137.106.0/24
27.106.200.0/22
43.241.188.0/22
43.252.252.0/22
49.255.0.0/16
103.37.120.0/24
103.233.148.0/22
103.255.16.0/22
110.5.116.0/22
114.31.192.0/20
116.212.192.0/18
119.161.64.0/19
121.54.128.0/19
121.79.0.0/17
123.103.192.0/19
124.254.64.0/18
175.45.64.0/18
180.148.64.0/19
202.62.138.0/23
202.62.141.0-202.62.142.255
202.62.147.0/24
202.62.152.0/22
202.80.176.0/20
202.89.160.0/19
202.136.32.0/20
202.137.96.0/20
202.137.192.0/21
202.174.224.0/19
202.189.64.0/20
203.12.251.0/24
203.16.170.0/24
203.18.212.0/23
203.23.116.0/24
203.28.186.0/24
203.29.177.0/24
203.55.11.0/24
203.55.250.0/24
203.89.64.0/19
203.92.28.0/22
203.129.128.0/19
203.153.224.0/19
203.161.64.0/18
203.188.128.0/19
210.50.198.0/24
211.26.193.0/24
218.100.80.0/22
223.27.96.0/21
IPv6:
2402:7800::/32
2403:d600::/32
2403:fc00:300::/40
2404:b000::/32
2404:bc00::/32
Signature Algorithm: sha256WithRSAEncryption
af:73:b8:01:f7:01:92:e1:e6:d9:a7:8d:ab:15:d1:a7:3b:53:
3e:4c:9f:f8:a4:56:ac:a0:9c:6c:c0:8b:50:cc:f0:d4:d4:82:
5f:e4:9c:e2:e8:ab:52:44:44:44:df:46:23:8c:d0:57:96:1f:
91:fa:af:57:fe:2b:86:91:aa:7d:0f:3f:24:6d:71:21:9e:ec:
3c:b9:61:1e:88:06:86:33:f8:47:e6:15:94:62:c4:23:ad:e5:
7f:2d:3a:c1:1e:ce:d2:a5:db:e7:14:fb:f4:2d:fc:b1:36:da:
dc:47:a0:b3:22:f0:15:56:45:0e:7f:26:25:02:ba:c7:ca:dc:
1c:d9:0b:bc:c5:4a:d9:aa:8a:40:40:48:70:ab:05:d9:c0:f8:
36:ee:1e:37:6e:8f:ca:e9:a6:8e:ac:cb:81:85:03:5d:09:08:
76:de:a8:0b:d6:5e:10:f6:e6:bb:b5:01:0c:81:f8:7b:f2:32:
81:f3:7e:66:e6:c3:64:bc:02:e1:ab:a6:f8:88:fd:83:8f:86:
84:59:16:70:9b:81:e5:4f:05:8b:37:f3:7a:56:f7:2e:06:5d:
e8:f9:45:45:92:a0:61:ed:ef:4c:ee:67:5f:20:8d:63:77:07:
10:d9:e1:62:5f:05:14:26:22:92:6a:5b:02:13:ed:54:d2:3c:
8f:0a:c4:58
-----BEGIN CERTIFICATE-----
MIIGjTCCBXWgAwIBAgICGdkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjYwMjIwMTcxNDU5WhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0OGE4Yy1hMGY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3KirHZS3RUQuKtYRPWDo1LOrfGB6to+vdQSDsgIWsL40cCf7CkItn0JV5U7L
3mj3gD120HnO8wgopBp4EI9zMbPCrl4tjtbq+TpG9baE7YglosccP/d0AUdNL1j1
wUYu/OrbDnDucqIHh88nUOurVkGRI79sy2G3z9RQtgXd97Ziet5RWHVLfSuZRYB4
2KrJp36pVyAT9JPKjw0YL/DLQWv52VZdys+15Fh48G765GjN00DrZguQ4K2T6lzc
Sm1xKpGYVYWFFvdfueBR+ebPVIdFVjrBPiHnxwci4WT4tKR9AIFXSxWWMIGmc6BT
tJpM7p1y1hFIko3PCDnxpouSvQIDAQABo4IDsTCCA60wHQYDVR0OBBYEFHNg5jKv
5kUZkf+vhCdMxpkg9I8qMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvMkEzMDlGQUNF
QzI1MTFGMDkzQURFQUQwM0Q2RjU2QkMucm9hMIIBbgYIKwYBBQUHAQcBAf8EggFd
MIIBWTCCASkEAgABMIIBIQMEAA6JagMEAhtqyAMEAivxvAMEAiv8/AMDADH/AwQA
ZyV4AwQCZ+mUAwQCZ/8QAwQCbgV0AwQEch/AAwQGdNTAAwQFd6FAAwQFeTaAAwQH
eU8AAwQFe2fAAwQGfP5AAwQGry1AAwQFtJRAAwQByj6KMAwDBADKPo0DBADKPo4D
BADKPpMDBALKPpgDBATKULADBAXKWaADBATKiCADBATKiWADBAPKicADBAXKruAD
BATKvUADBADLDPsDBADLEKoDBAHLEtQDBADLF3QDBADLHLoDBADLHbEDBADLNwsD
BADLN/oDBAXLWUADBALLXBwDBAXLgYADBAXLmeADBAbLoUADBAXLvIADBADSMsYD
BADTGsEDBALaZFADBAPfG2AwKgQCAAIwJAMFACQCeAADBQAkA9YAAwYAJAP8AAMD
BQAkBLAAAwUAJAS8ADANBgkqhkiG9w0BAQsFAAOCAQEAr3O4AfcBkuHm2aeNqxXR
pztTPkyf+KRWrKCcbMCLUMzw1NSCX+Sc4uirUkRERN9GI4zQV5YfkfqvV/4rhpGq
fQ8/JG1xIZ7sPLlhHogGhjP4R+YVlGLEI63lfy06wR7O0qXb5xT79C38sTba3Eeg
syLwFVZFDn8mJQK6x8rcHNkLvMVK2aqKQEBIcKsF2cD4Nu4eN26PyummjqzLgYUD
XQkIdt6oC9ZeEPbmu7UBDIH4e/IygfN+ZubDZLwC4aum+Ij9g4+GhFkWcJuB5U8F
izfzelb3LgZd6PlFRZKgYe3vTO5nXyCNY3cHENnhYl8FFCYikmpbAhPtVNI8jwrE
WA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:18:07 2026 by rpki-client