Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/F6F34FA2EC2611F097438BD43E6F56BC.roa
File: F6F34FA2EC2611F097438BD43E6F56BC.roa (raw, json)
Hash identifier: d4qLINHxzHC2igs+d7HFx4FkCdNcECuX29TNhu6zNb0=
Subject key identifier: ED:FA:90:AF:B1:E4:E8:1E:2B:E1:15:56:8E:47:6D:F2:28:26:AE:21
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 19DD
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/F6F34FA2EC2611F097438BD43E6F56BC.roa
Signing time: Sun 01 Mar 2026 18:50:55 +0000
ROA not before: Fri 20 Feb 2026 17:15:04 +0000
ROA not after: Sat 01 May 2027 00:00:00 +0000
asID: 9443
IP address blocks: 14.137.64.0/18 maxlen: 18
14.137.192.0/19 maxlen: 19
58.178.0.0/16 maxlen: 16
58.179.0.0/16 maxlen: 16
111.220.0.0/16 maxlen: 16
112.141.0.0/16 maxlen: 16
112.213.128.0/17 maxlen: 17
116.240.0.0/16 maxlen: 16
121.79.126.0/23 maxlen: 23
122.148.0.0/16 maxlen: 16
122.150.0.0/16 maxlen: 16
122.151.0.0/16 maxlen: 16
125.168.0.0/16 maxlen: 16
202.4.64.0/19 maxlen: 19
202.14.191.0/24 maxlen: 24
202.61.12.0/24 maxlen: 24
202.61.13.0/24 maxlen: 24
202.62.128.0/19 maxlen: 19
202.67.64.0/18 maxlen: 18
202.86.113.0/24 maxlen: 24
202.86.114.0/23 maxlen: 23
202.86.116.0/23 maxlen: 23
202.86.118.0/24 maxlen: 24
202.130.195.0/24 maxlen: 24
202.130.205.0/24 maxlen: 24
202.136.32.0/20 maxlen: 20
202.138.0.0/18 maxlen: 18
202.147.128.0/20 maxlen: 20
202.154.64.0/18 maxlen: 18
203.16.9.0/24 maxlen: 24
203.16.170.0/24 maxlen: 24
203.23.116.0/24 maxlen: 24
203.24.100.0/23 maxlen: 23
203.55.252.0/24 maxlen: 24
203.56.5.0/24 maxlen: 24
203.62.135.0/24 maxlen: 24
203.91.224.0/19 maxlen: 19
203.91.224.0/20 maxlen: 20
203.91.240.0/21 maxlen: 21
203.132.224.0/19 maxlen: 19
203.134.0.0/17 maxlen: 17
203.134.128.0/18 maxlen: 18
203.142.128.0/19 maxlen: 19
203.161.160.0/20 maxlen: 20
203.190.192.0/20 maxlen: 20
203.191.160.0/19 maxlen: 19
203.212.128.0/19 maxlen: 19
210.50.0.0/16 maxlen: 16
210.86.240.0/20 maxlen: 20
211.26.0.0/16 maxlen: 16
211.27.0.0/16 maxlen: 16
218.214.0.0/16 maxlen: 16
218.215.0.0/16 maxlen: 16
2403:4800::/32 maxlen: 32
2403:9e00::/32 maxlen: 32
2403:fc00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 16:03:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6621 (0x19dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D, serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Validity
Not Before: Feb 20 17:15:04 2026 GMT
Not After : May 1 00:00:00 2027 GMT
Subject: CN=69a48a8f-1896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ab:5c:db:ae:91:5f:0c:27:a2:af:a8:44:67:
21:c5:5e:d3:80:66:96:fd:ff:8d:a1:32:e6:fa:97:
49:ed:5c:2d:d1:60:8d:9f:06:7c:42:6d:df:99:c0:
66:70:f1:ef:e1:fe:15:46:28:6e:d4:69:b5:3e:2b:
ba:96:19:60:09:61:49:42:15:4d:79:9c:fa:62:a0:
2f:3d:45:9f:f2:eb:5a:f5:b7:24:be:fd:ec:3c:09:
bf:46:81:b2:d3:de:19:4e:8f:64:95:21:94:d1:6d:
4f:9d:e6:d8:25:96:98:d2:ff:e2:c3:61:7d:97:b3:
ad:ba:91:95:12:10:ae:9f:5e:aa:be:c6:d6:07:80:
13:9b:f3:39:08:05:2a:41:28:ac:c7:10:6c:38:00:
6c:02:0e:93:21:94:ac:3e:e9:54:3e:ec:8c:ad:93:
66:63:16:a9:2f:8d:cb:e7:64:4d:87:44:a6:2e:ba:
07:e9:9a:23:f8:35:1d:75:ac:92:b4:24:f6:0e:00:
88:5b:ad:ed:98:2c:54:17:98:97:e6:ca:4c:98:50:
ea:db:9c:dc:97:1c:8f:fc:19:4e:14:13:d0:be:36:
cb:53:9a:aa:b7:4e:72:df:78:92:b4:be:96:8b:c5:
3f:a1:f3:6f:ac:70:43:6e:f8:3e:fa:96:d2:00:28:
11:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:FA:90:AF:B1:E4:E8:1E:2B:E1:15:56:8E:47:6D:F2:28:26:AE:21
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/F6F34FA2EC2611F097438BD43E6F56BC.roa
sbgp-ipAddrBlock: critical
IPv4:
14.137.64.0/18
14.137.192.0/19
58.178.0.0/15
111.220.0.0/16
112.141.0.0/16
112.213.128.0/17
116.240.0.0/16
121.79.126.0/23
122.148.0.0/16
122.150.0.0/15
125.168.0.0/16
202.4.64.0/19
202.14.191.0/24
202.61.12.0/23
202.62.128.0/19
202.67.64.0/18
202.86.113.0-202.86.118.255
202.130.195.0/24
202.130.205.0/24
202.136.32.0/20
202.138.0.0/18
202.147.128.0/20
202.154.64.0/18
203.16.9.0/24
203.16.170.0/24
203.23.116.0/24
203.24.100.0/23
203.55.252.0/24
203.56.5.0/24
203.62.135.0/24
203.91.224.0/19
203.132.224.0/19
203.134.0.0-203.134.191.255
203.142.128.0/19
203.161.160.0/20
203.190.192.0/20
203.191.160.0/19
203.212.128.0/19
210.50.0.0/16
210.86.240.0/20
211.26.0.0/15
218.214.0.0/15
IPv6:
2403:4800::/32
2403:9e00::/32
2403:fc00::/32
Signature Algorithm: sha256WithRSAEncryption
6f:bc:a5:a2:e1:ff:0e:95:6a:05:cd:f4:5c:66:7a:a6:c1:b4:
82:9b:6a:87:6c:a4:c8:83:4e:13:37:ee:fd:e7:00:22:f4:63:
68:eb:39:9d:a1:cf:33:a9:3a:37:5a:47:d5:e2:30:88:ee:8c:
f8:d7:fa:b6:40:63:e1:65:11:33:72:eb:1d:1d:08:81:67:4b:
65:60:b3:28:c6:00:fc:0f:a3:fc:25:f6:fe:c6:2e:09:c0:58:
30:33:57:96:f1:34:a3:49:d6:1e:45:b2:65:ca:0b:c7:e0:2b:
e2:b9:fe:ff:30:f1:d2:18:e7:78:84:b2:e1:33:da:56:87:78:
13:ca:09:8b:2d:a5:c7:7c:54:71:5a:96:79:d1:2d:bf:ad:48:
6b:a1:bd:5b:fc:1a:4b:3d:3d:8d:1d:ec:06:e5:1e:40:c1:e6:
13:eb:a5:bd:92:39:b1:f1:12:42:8e:52:52:26:d6:cc:f2:d8:
50:01:69:af:ef:c2:28:65:a2:c8:45:14:33:eb:15:dc:87:5b:
ed:00:92:ce:02:ab:08:7d:f0:9c:52:51:42:04:63:b1:26:27:
4a:77:75:9c:b6:30:d9:bb:1b:5c:14:ad:ee:0e:93:15:b3:61:
76:b7:30:06:db:11:1a:e9:50:94:69:ed:f8:b3:e8:3f:49:30:
a0:e3:1b:54
-----BEGIN CERTIFICATE-----
MIIGXjCCBUagAwIBAgICGd0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjYwMjIwMTcxNTA0WhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0OGE4Zi0xODk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsqtc266RXwwnoq+oRGchxV7TgGaW/f+NoTLm+pdJ7Vwt0WCNnwZ8Qm3fmcBm
cPHv4f4VRihu1Gm1Piu6lhlgCWFJQhVNeZz6YqAvPUWf8uta9bckvv3sPAm/RoGy
094ZTo9klSGU0W1PnebYJZaY0v/iw2F9l7OtupGVEhCun16qvsbWB4ATm/M5CAUq
QSisxxBsOABsAg6TIZSsPulUPuyMrZNmYxapL43L52RNh0SmLroH6Zoj+DUddayS
tCT2DgCIW63tmCxUF5iX5spMmFDq25zclxyP/BlOFBPQvjbLU5qqt05y33iStL6W
i8U/ofNvrHBDbvg++pbSACgR3wIDAQABo4IDgjCCA34wHQYDVR0OBBYEFO36kK+x
5OgeK+EVVo5HbfIoJq4hMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvRjZGMzRGQTJF
QzI2MTFGMDk3NDM4QkQ0M0U2RjU2QkMucm9hMIIBPwYIKwYBBQUHAQcBAf8EggEu
MIIBKjCCAQkEAgABMIIBAQMEBg6JQAMEBQ6JwAMDATqyAwMAb9wDAwBwjQMEB3DV
gAMDAHTwAwQBeU9+AwMAepQDAwF6lgMDAH2oAwQFygRAAwQAyg6/AwQByj0MAwQF
yj6AAwQGykNAMAwDBADKVnEDBADKVnYDBADKgsMDBADKgs0DBATKiCADBAbKigAD
BATKk4ADBAbKmkADBADLEAkDBADLEKoDBADLF3QDBAHLGGQDBADLN/wDBADLOAUD
BADLPocDBAXLW+ADBAXLhOAwCwMDAcuGAwQGy4aAAwQFy46AAwQEy6GgAwQEy77A
AwQFy7+gAwQFy9SAAwMA0jIDBATSVvADAwHTGgMDAdrWMBsEAgACMBUDBQAkA0gA
AwUAJAOeAAMFACQD/AAwDQYJKoZIhvcNAQELBQADggEBAG+8paLh/w6VagXN9Fxm
eqbBtIKbaodspMiDThM37v3nACL0Y2jrOZ2hzzOpOjdaR9XiMIjujPjX+rZAY+Fl
ETNy6x0dCIFnS2VgsyjGAPwPo/wl9v7GLgnAWDAzV5bxNKNJ1h5FsmXKC8fgK+K5
/v8w8dIY53iEsuEz2laHeBPKCYstpcd8VHFalnnRLb+tSGuhvVv8Gks9PY0d7Abl
HkDB5hPrpb2SObHxEkKOUlIm1szy2FABaa/vwihloshFFDPrFdyHW+0Aks4Cqwh9
8JxSUUIEY7EmJ0p3dZy2MNm7G1wUre4OkxWzYXa3MAbbERrpUJRp7fiz6D9JMKDj
G1Q=
-----END CERTIFICATE-----
Generated at Mon Mar 2 20:53:26 2026 by rpki-client