Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/BBF567AEB0F011E5A08A224DC4F9AE02.roa
File: BBF567AEB0F011E5A08A224DC4F9AE02.roa (raw, json)
Hash identifier: CwxMtEC9C2VpkRtrAxOmkLDgNIDnCe2kUJg3AFTCZ+Q=
Subject key identifier: D8:13:A5:E5:F2:48:43:FE:44:55:99:00:6C:B4:B9:37:94:B1:D1:82
Certificate issuer: /CN=A91EAE60/serialNumber=20083D4DFA844C5727558C4C756DB20DF807CD81
Certificate serial: 2825
Authority key identifier: 20:08:3D:4D:FA:84:4C:57:27:55:8C:4C:75:6D:B2:0D:F8:07:CD:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAg9TfqETFcnVYxMdW2yDfgHzYE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/BBF567AEB0F011E5A08A224DC4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:45:37 +0000
ROA not before: Tue 10 Feb 2026 04:44:47 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 17887
IP address blocks: 43.247.56.0/22 maxlen: 22
43.247.56.0/24 maxlen: 24
43.247.57.0/24 maxlen: 24
103.11.12.0/22 maxlen: 22
103.106.8.0/22 maxlen: 22
103.106.8.0/24 maxlen: 24
103.213.204.0/22 maxlen: 22
103.213.204.0/24 maxlen: 24
103.213.205.0/24 maxlen: 24
202.60.192.0/20 maxlen: 20
202.60.192.0/21 maxlen: 21
202.60.192.0/22 maxlen: 22
202.60.195.0/24 maxlen: 24
202.60.196.0/22 maxlen: 22
202.60.198.0/24 maxlen: 24
202.60.199.0/24 maxlen: 24
202.60.200.0/21 maxlen: 21
202.60.200.0/22 maxlen: 22
202.60.200.0/24 maxlen: 24
202.60.203.0/24 maxlen: 24
202.60.204.0/22 maxlen: 22
202.60.204.0/24 maxlen: 24
202.60.205.0/24 maxlen: 24
202.60.207.0/24 maxlen: 24
203.159.72.0/22 maxlen: 22
203.159.72.0/24 maxlen: 24
203.159.73.0/24 maxlen: 24
203.159.74.0/24 maxlen: 24
203.159.75.0/24 maxlen: 24
203.159.96.0/19 maxlen: 19
203.159.96.0/24 maxlen: 24
203.159.100.0/24 maxlen: 24
203.159.101.0/24 maxlen: 24
203.159.103.0/24 maxlen: 24
203.159.104.0/24 maxlen: 24
203.159.107.0/24 maxlen: 24
203.159.108.0/24 maxlen: 24
203.159.111.0/24 maxlen: 24
203.159.112.0/24 maxlen: 24
203.159.120.0/24 maxlen: 24
203.159.124.0/24 maxlen: 24
203.159.125.0/24 maxlen: 24
203.159.126.0/24 maxlen: 24
203.159.127.0/24 maxlen: 24
2405:6d00::/32 maxlen: 32
2405:6d00:100::/48 maxlen: 48
2405:6d00:101::/48 maxlen: 48
2405:6d00:104::/48 maxlen: 48
2405:6d00:105::/48 maxlen: 48
2405:6d00:106::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/IAg9TfqETFcnVYxMdW2yDfgHzYE.crl
rsync://rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/IAg9TfqETFcnVYxMdW2yDfgHzYE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAg9TfqETFcnVYxMdW2yDfgHzYE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 23:33:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10277 (0x2825)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE60, serialNumber=20083D4DFA844C5727558C4C756DB20DF807CD81
Validity
Not Before: Feb 10 04:44:47 2026 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=69a47b41-6cc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d1:75:cc:35:41:2e:70:76:a4:89:d3:87:93:
07:51:39:ef:6b:f7:0f:44:ed:1a:55:09:82:8c:ca:
09:9e:b6:e5:54:72:90:7e:26:95:7d:c7:95:f5:09:
a8:4a:34:56:ff:45:72:1d:4e:4f:0d:26:f4:45:73:
57:c7:60:66:b4:b7:33:54:4a:6c:e1:da:e1:ce:9a:
d9:4e:b4:03:41:63:7e:0e:77:d5:d2:b5:d7:1a:8c:
ce:07:1d:90:d4:39:52:d1:a5:34:c1:3b:ea:09:2a:
ac:c4:31:3e:93:4f:15:c6:40:3f:dd:5e:38:dc:df:
6e:d5:53:ff:75:e8:f5:a5:d8:35:7e:06:18:7f:7e:
b9:21:e4:3c:13:99:c4:e4:7d:07:a4:3d:f8:59:b4:
3a:b8:24:06:35:8d:a4:e1:43:d2:11:5d:ec:5d:0e:
1f:83:08:1f:db:11:25:6b:d2:61:ca:4b:c7:7c:9b:
a8:72:03:40:c6:70:f2:c0:7c:77:11:7e:9d:5a:14:
c7:de:92:1d:d5:a9:95:0a:04:d4:20:e0:35:31:0d:
98:a4:0b:3d:68:f1:6a:85:22:04:5d:a2:1e:4f:e9:
07:6c:88:75:e3:d2:8e:bf:24:7d:e4:53:bd:0a:5a:
44:a6:21:39:8b:6b:7f:aa:c4:a5:34:3f:45:23:1a:
ad:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:13:A5:E5:F2:48:43:FE:44:55:99:00:6C:B4:B9:37:94:B1:D1:82
X509v3 Authority Key Identifier:
keyid:20:08:3D:4D:FA:84:4C:57:27:55:8C:4C:75:6D:B2:0D:F8:07:CD:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/IAg9TfqETFcnVYxMdW2yDfgHzYE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAg9TfqETFcnVYxMdW2yDfgHzYE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/BBF567AEB0F011E5A08A224DC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.247.56.0/22
103.11.12.0/22
103.106.8.0/22
103.213.204.0/22
202.60.192.0/20
203.159.72.0/22
203.159.96.0/19
IPv6:
2405:6d00::/32
Signature Algorithm: sha256WithRSAEncryption
5f:1a:19:7f:0e:df:01:ec:57:8f:31:14:2b:5e:1a:f3:3e:54:
04:0f:77:d4:1f:d1:46:f4:31:b3:88:62:e3:83:cf:e1:ca:b5:
ba:46:8a:eb:5a:50:a3:70:c7:ec:06:4c:b2:9c:17:05:56:1f:
aa:c2:79:29:aa:52:d5:43:9e:6a:4d:98:b5:20:ac:e8:bc:bd:
76:e8:19:b5:03:1e:2a:80:31:9b:01:55:ae:3a:cf:c8:93:d4:
42:e6:b2:63:c8:0c:e5:65:2e:23:ce:6a:bc:8c:d3:75:80:98:
0b:f7:5d:70:30:0e:59:3d:43:7c:95:81:bb:db:4b:6a:17:29:
81:bf:78:26:c2:d3:c3:b3:cb:5d:70:73:03:c5:f9:e4:10:30:
7c:65:d4:a3:22:cc:e0:81:e9:ad:ae:9d:24:0a:c1:f7:c7:bb:
51:e8:fa:5e:cd:37:e5:d3:73:d9:20:35:16:0d:39:b1:ef:b4:
f7:c4:56:09:57:2f:76:8a:6c:99:bf:78:64:7c:7a:d0:2e:e6:
2c:8b:be:11:b3:99:8b:1a:c0:c6:66:85:7e:06:b5:e2:88:f2:
9b:73:69:6a:66:38:bc:af:68:78:53:74:75:96:0b:2f:64:22:
53:78:b7:97:59:b4:04:01:f6:d8:c8:d7:39:c9:b0:34:1a:4c:
d4:3a:90:b0
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgICKCUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFNjAxMTAvBgNVBAUTKDIwMDgzRDRERkE4NDRDNTcyNzU1OEM0Qzc1NkRCMjBE
RjgwN0NEODEwHhcNMjYwMjEwMDQ0NDQ3WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0N2I0MS02Y2MzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1NF1zDVBLnB2pInTh5MHUTnva/cPRO0aVQmCjMoJnrblVHKQfiaVfceV9Qmo
SjRW/0VyHU5PDSb0RXNXx2BmtLczVEps4drhzprZTrQDQWN+DnfV0rXXGozOBx2Q
1DlS0aU0wTvqCSqsxDE+k08VxkA/3V443N9u1VP/dej1pdg1fgYYf365IeQ8E5nE
5H0HpD34WbQ6uCQGNY2k4UPSEV3sXQ4fgwgf2xEla9JhykvHfJuocgNAxnDywHx3
EX6dWhTH3pId1amVCgTUIOA1MQ2YpAs9aPFqhSIEXaIeT+kHbIh149KOvyR95FO9
ClpEpiE5i2t/qsSlND9FIxqtaQIDAQABo4ICkzCCAo8wHQYDVR0OBBYEFNgTpeXy
SEP+RFWZAGy0uTeUsdGCMB8GA1UdIwQYMBaAFCAIPU36hExXJ1WMTHVtsg34B82B
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUU2MC9GMTk5NjcxMkM3
Q0YxMUU0QjEzQkUxMjFDNEY5QUUwMi9JQWc5VGZxRVRGY25WWXhNZFcyeURmZ0h6
WUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lBZzlUZnFFVEZjblZZeE1kVzJ5RGZnSHpZRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFNjAvRjE5OTY3MTJDN0NGMTFFNEIxM0JFMTIxQzRGOUFFMDIvQkJGNTY3QUVC
MEYwMTFFNUEwOEEyMjREQzRGOUFFMDIucm9hMFIGCCsGAQUFBwEHAQH/BEMwQTAw
BAIAATAqAwQCK/c4AwQCZwsMAwQCZ2oIAwQCZ9XMAwQEyjzAAwQCy59IAwQFy59g
MA0EAgACMAcDBQAkBW0AMA0GCSqGSIb3DQEBCwUAA4IBAQBfGhl/Dt8B7FePMRQr
XhrzPlQED3fUH9FG9DGziGLjg8/hyrW6RorrWlCjcMfsBkyynBcFVh+qwnkpqlLV
Q55qTZi1IKzovL126Bm1Ax4qgDGbAVWuOs/Ik9RC5rJjyAzlZS4jzmq8jNN1gJgL
911wMA5ZPUN8lYG720tqFymBv3gmwtPDs8tdcHMDxfnkEDB8ZdSjIszggemtrp0k
CsH3x7tR6PpezTfl03PZIDUWDTmx77T3xFYJVy92imyZv3hkfHrQLuYsi74Rs5mL
GsDGZoV+BrXiiPKbc2lqZji8r2h4U3R1lgsvZCJTeLeXWbQEAfbYyNc5ybA0GkzU
OpCw
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:37:55 2026 by rpki-client