Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
File: B32F80267BD111EBBB223C84C4F9AE02.roa (raw, json)
Hash identifier: 3gzqvoyJahMiUTAGxhxWgq/nkiebEBW1ewsgydg+Lfs=
Subject key identifier: 1C:57:21:FE:BB:3E:1C:9C:40:CD:4A:E1:37:AF:76:EF:DE:C4:ED:E2
Certificate issuer: /CN=A91EDB37/serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Certificate serial: 0856
Authority key identifier: 95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
Signing time: Wed 08 Apr 2026 07:05:41 +0000
ROA not before: Wed 08 Apr 2026 07:05:41 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 21859
IP address blocks: 129.227.17.0/24 maxlen: 24
129.227.18.0/24 maxlen: 24
129.227.19.0/24 maxlen: 24
129.227.29.0/24 maxlen: 24
129.227.30.0/24 maxlen: 24
129.227.31.0/24 maxlen: 24
129.227.63.0/24 maxlen: 24
129.227.176.0/23 maxlen: 24
129.227.192.0/24 maxlen: 24
129.227.193.0/24 maxlen: 24
129.227.194.0/23 maxlen: 24
156.59.16.0/22 maxlen: 24
156.59.37.0/24 maxlen: 24
156.59.48.0/23 maxlen: 24
156.59.50.0/23 maxlen: 24
156.59.52.0/22 maxlen: 24
156.59.73.0/24 maxlen: 24
156.59.80.0/21 maxlen: 24
156.59.94.0/23 maxlen: 24
156.59.108.0/24 maxlen: 24
156.59.123.0/24 maxlen: 24
156.59.128.0/21 maxlen: 24
156.59.136.0/21 maxlen: 24
156.59.146.0/24 maxlen: 24
156.59.216.0/24 maxlen: 24
156.59.224.0/24 maxlen: 24
156.59.225.0/24 maxlen: 24
156.59.241.0/24 maxlen: 24
156.59.255.0/24 maxlen: 24
162.128.43.0/24 maxlen: 24
162.128.44.0/24 maxlen: 24
162.128.53.0/24 maxlen: 24
162.128.54.0/24 maxlen: 24
162.128.55.0/24 maxlen: 24
162.128.56.0/24 maxlen: 24
162.128.57.0/24 maxlen: 24
162.128.58.0/24 maxlen: 24
162.128.59.0/24 maxlen: 24
162.128.60.0/24 maxlen: 24
162.128.61.0/24 maxlen: 24
162.128.62.0/24 maxlen: 24
162.128.63.0/24 maxlen: 24
162.128.96.0/24 maxlen: 24
162.128.140.0/24 maxlen: 24
162.128.149.0/24 maxlen: 24
162.128.150.0/24 maxlen: 24
162.128.151.0/24 maxlen: 24
162.128.156.0/24 maxlen: 24
162.128.183.0/24 maxlen: 24
162.128.186.0/24 maxlen: 24
162.128.196.0/24 maxlen: 24
162.128.197.0/24 maxlen: 24
162.128.198.0/24 maxlen: 24
162.128.199.0/24 maxlen: 24
162.128.200.0/24 maxlen: 24
162.128.201.0/24 maxlen: 24
162.128.202.0/24 maxlen: 24
162.128.203.0/24 maxlen: 24
162.128.204.0/24 maxlen: 24
162.128.205.0/24 maxlen: 24
162.128.206.0/24 maxlen: 24
162.128.207.0/24 maxlen: 24
162.128.208.0/24 maxlen: 24
162.128.209.0/24 maxlen: 24
162.128.210.0/24 maxlen: 24
162.128.211.0/24 maxlen: 24
162.128.213.0/24 maxlen: 24
162.128.214.0/24 maxlen: 24
162.128.215.0/24 maxlen: 24
162.128.216.0/24 maxlen: 24
162.128.217.0/24 maxlen: 24
162.128.218.0/24 maxlen: 24
162.128.219.0/24 maxlen: 24
162.128.220.0/24 maxlen: 24
162.128.221.0/24 maxlen: 24
162.128.222.0/24 maxlen: 24
162.128.223.0/24 maxlen: 24
162.128.224.0/24 maxlen: 24
162.128.225.0/24 maxlen: 24
162.128.226.0/24 maxlen: 24
162.128.227.0/24 maxlen: 24
162.128.228.0/24 maxlen: 24
162.128.229.0/24 maxlen: 24
162.128.230.0/24 maxlen: 24
162.128.231.0/24 maxlen: 24
162.128.232.0/24 maxlen: 24
162.128.233.0/24 maxlen: 24
162.128.234.0/24 maxlen: 24
162.128.235.0/24 maxlen: 24
162.128.236.0/24 maxlen: 24
162.128.237.0/24 maxlen: 24
162.128.238.0/24 maxlen: 24
162.128.239.0/24 maxlen: 24
162.128.240.0/24 maxlen: 24
162.128.241.0/24 maxlen: 24
162.128.242.0/24 maxlen: 24
162.128.243.0/24 maxlen: 24
162.128.244.0/24 maxlen: 24
162.128.245.0/24 maxlen: 24
162.128.246.0/24 maxlen: 24
162.128.247.0/24 maxlen: 24
162.128.248.0/24 maxlen: 24
162.128.249.0/24 maxlen: 24
162.128.250.0/24 maxlen: 24
162.128.251.0/24 maxlen: 24
162.128.252.0/24 maxlen: 24
162.128.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Apr 2026 21:44:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2134 (0x856)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EDB37, serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Validity
Not Before: Apr 8 07:05:41 2026 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=69d5fe45-078c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:6f:62:76:c0:48:37:ad:0a:d4:ca:6c:ba:dc:
20:51:90:ad:f3:b6:ad:bb:4f:b8:03:18:c0:e7:e4:
a0:18:1e:82:5a:dd:89:44:10:51:27:49:98:e5:b9:
df:fb:55:54:5b:f7:e4:02:42:09:58:79:4a:3a:d0:
8a:75:94:c5:7a:4d:ea:fd:82:a1:36:8e:6b:6f:7f:
02:16:14:67:86:72:71:cd:9d:fc:7f:21:9c:e4:4b:
94:a1:49:74:d5:0d:3e:61:32:0e:a6:5e:00:81:91:
cb:56:dc:7a:12:a3:2c:d7:a1:c9:79:29:f5:dd:92:
a0:09:38:e0:47:7e:7c:b4:81:ed:96:a1:46:54:4e:
2e:a9:11:6b:b1:1f:77:59:cd:e8:a4:1f:8d:ae:76:
a9:d0:25:7f:60:ee:87:8a:b9:46:55:f8:41:43:7f:
72:f3:b5:5d:e8:78:95:a6:6a:89:f3:89:2b:1e:5d:
3e:6e:45:30:43:03:b1:45:13:aa:9d:ef:bf:37:80:
7b:6b:21:09:ac:53:f5:c5:8d:c3:a1:24:c6:9c:a1:
d9:27:05:89:05:25:53:32:f3:57:a7:e2:a8:98:8a:
2e:55:5e:67:18:5d:a1:05:36:81:90:5b:f3:00:b6:
e3:0f:0c:f9:78:ae:8d:31:cf:90:78:df:3f:77:2c:
1d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:57:21:FE:BB:3E:1C:9C:40:CD:4A:E1:37:AF:76:EF:DE:C4:ED:E2
X509v3 Authority Key Identifier:
keyid:95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
129.227.17.0-129.227.19.255
129.227.29.0-129.227.31.255
129.227.63.0/24
129.227.176.0/23
129.227.192.0/22
156.59.16.0/22
156.59.37.0/24
156.59.48.0/21
156.59.73.0/24
156.59.80.0/21
156.59.94.0/23
156.59.108.0/24
156.59.123.0/24
156.59.128.0/20
156.59.146.0/24
156.59.216.0/24
156.59.224.0/23
156.59.241.0/24
156.59.255.0/24
162.128.43.0-162.128.44.255
162.128.53.0-162.128.63.255
162.128.96.0/24
162.128.140.0/24
162.128.149.0-162.128.151.255
162.128.156.0/24
162.128.183.0/24
162.128.186.0/24
162.128.196.0-162.128.211.255
162.128.213.0-162.128.252.255
162.128.254.0/24
Signature Algorithm: sha256WithRSAEncryption
80:48:5e:ee:e8:26:ff:78:1b:6f:8a:76:d5:08:df:63:53:58:
ba:1e:8d:f2:04:e6:48:4d:49:e6:ec:3c:99:45:88:d2:6e:80:
a7:03:78:1f:ca:fa:93:c9:29:97:8e:01:40:d1:2e:1b:a7:83:
7b:03:04:84:ef:dd:1d:2f:a6:64:79:98:02:17:da:27:ea:2a:
40:36:b4:45:ea:69:9d:51:45:52:ff:61:03:94:57:d7:8a:07:
08:3d:85:bd:d6:1c:f9:49:ce:81:85:d1:c1:4a:12:df:44:45:
a9:63:61:33:26:22:bd:b9:8e:40:16:d1:86:b0:bb:e4:ea:e2:
6a:48:ac:a4:af:9d:96:9a:e1:6a:19:be:ce:95:81:39:32:ae:
23:2d:45:92:b4:62:9c:2f:f0:8a:b7:15:cd:9e:2a:02:6b:b9:
23:7a:56:e3:13:bf:e8:ef:a1:ee:b5:99:18:03:12:fd:5d:0f:
3e:b8:0c:90:97:20:a1:0d:58:e0:c9:02:a1:b3:5f:20:98:0a:
28:2c:d4:5b:e1:1f:e6:01:80:f8:f8:bf:a7:91:ac:99:ff:e0:
cd:33:00:db:13:0c:81:d3:34:ac:13:01:d2:64:83:dc:71:22:
d3:83:76:71:8c:9e:3d:d1:e2:10:5f:41:db:f3:55:83:73:3f:
14:63:d0:29
-----BEGIN CERTIFICATE-----
MIIGKDCCBRCgAwIBAgICCFYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RURCMzcxMTAvBgNVBAUTKDk1RkVCRTkzQTMzQTMzOTRCRDFGNjBEQ0JCRERCOUZE
RTA3MkI3RjMwHhcNMjYwNDA4MDcwNTQxWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWQ1ZmU0NS0wNzhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA829idsBIN60K1MpsutwgUZCt87atu0+4AxjA5+SgGB6CWt2JRBBRJ0mY5bnf
+1VUW/fkAkIJWHlKOtCKdZTFek3q/YKhNo5rb38CFhRnhnJxzZ38fyGc5EuUoUl0
1Q0+YTIOpl4AgZHLVtx6EqMs16HJeSn13ZKgCTjgR358tIHtlqFGVE4uqRFrsR93
Wc3opB+Nrnap0CV/YO6HirlGVfhBQ39y87Vd6HiVpmqJ84krHl0+bkUwQwOxRROq
ne+/N4B7ayEJrFP1xY3DoSTGnKHZJwWJBSVTMvNXp+KomIouVV5nGF2hBTaBkFvz
ALbjDwz5eK6NMc+QeN8/dywdMQIDAQABo4IDTDCCA0gwHQYDVR0OBBYEFBxXIf67
PhycQM1K4Tevdu/exO3iMB8GA1UdIwQYMBaAFJX+vpOjOjOUvR9g3Lvduf3gcrfz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREIzNy80REU2MzVFMDc4
QTAxMUVCOTUwRDMxNzVDNEY5QUUwMi9sZjYtazZNNk01UzlIMkRjdTkyNV9lQnl0
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2xmNi1rNk02TTVTOUgyRGN1OTI1X2VCeXRfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RURCMzcvNERFNjM1RTA3OEEwMTFFQjk1MEQzMTc1QzRGOUFFMDIvQjMyRjgwMjY3
QkQxMTFFQkJCMjIzQzg0QzRGOUFFMDIucm9hMIIBCQYIKwYBBQUHAQcBAf8Egfkw
gfYwgfMEAgABMIHsMAwDBACB4xEDBAKB4xAwDAMEAIHjHQMEBYHjAAMEAIHjPwME
AYHjsAMEAoHjwAMEApw7EAMEAJw7JQMEA5w7MAMEAJw7SQMEA5w7UAMEAZw7XgME
AJw7bAMEAJw7ewMEBJw7gAMEAJw7kgMEAJw72AMEAZw74AMEAJw78QMEAJw7/zAM
AwQAooArAwQAooAsMAwDBACigDUDBAaigAADBACigGADBACigIwwDAMEAKKAlQME
A6KAkAMEAKKAnAMEAKKAtwMEAKKAujAMAwQCooDEAwQCooDQMAwDBACigNUDBACi
gPwDBACigP4wDQYJKoZIhvcNAQELBQADggEBAIBIXu7oJv94G2+KdtUI32NTWLoe
jfIE5khNSebsPJlFiNJugKcDeB/K+pPJKZeOAUDRLhung3sDBITv3R0vpmR5mAIX
2ifqKkA2tEXqaZ1RRVL/YQOUV9eKBwg9hb3WHPlJzoGF0cFKEt9ERaljYTMmIr25
jkAW0Yawu+Tq4mpIrKSvnZaa4WoZvs6VgTkyriMtRZK0Ypwv8Iq3Fc2eKgJruSN6
VuMTv+jvoe61mRgDEv1dDz64DJCXIKENWODJAqGzXyCYCigs1FvhH+YBgPj4v6eR
rJn/4M0zANsTDIHTNKwTAdJkg9xxItODdnGMnj3R4hBfQdvzVYNzPxRj0Ck=
-----END CERTIFICATE-----
Generated at Fri Apr 17 21:25:16 2026 by rpki-client