Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EECAF/EEFDFEA45EA711EAA5E83184C4F9AE02/DE5B4B680B8411EFBE929A1DC4F9AE02.roa
File: DE5B4B680B8411EFBE929A1DC4F9AE02.roa (raw, json)
Hash identifier: 7v6uelL8OrL55pjxxbIx0xi/kAw0shUB/buk6IIa7mg=
Subject key identifier: F9:13:3C:B8:19:E5:57:18:41:7A:4D:B1:42:35:AE:CB:20:B0:E2:2B
Certificate issuer: /CN=A91EECAF/serialNumber=6EBD3A269785123ADC3F496639AEDFB10F30D618
Certificate serial: 0BBC
Authority key identifier: 6E:BD:3A:26:97:85:12:3A:DC:3F:49:66:39:AE:DF:B1:0F:30:D6:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/br06JpeFEjrcP0lmOa7fsQ8w1hg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EECAF/EEFDFEA45EA711EAA5E83184C4F9AE02/DE5B4B680B8411EFBE929A1DC4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:17:46 +0000
ROA not before: Wed 22 Oct 2025 04:09:26 +0000
ROA not after: Wed 30 Dec 2026 00:00:00 +0000
asID: 58453
IP address blocks: 103.11.108.0/22 maxlen: 22
103.11.108.0/24 maxlen: 24
103.11.109.0/24 maxlen: 24
223.118.0.0/15 maxlen: 15
223.118.0.0/16 maxlen: 24
223.118.0.0/27 maxlen: 27
223.119.0.0/16 maxlen: 20
223.119.0.0/21 maxlen: 24
223.119.8.0/22 maxlen: 24
223.119.12.0/22 maxlen: 24
223.119.16.0/20 maxlen: 24
223.119.32.0/19 maxlen: 23
223.119.33.0/24 maxlen: 24
223.119.38.0/23 maxlen: 24
223.119.40.0/21 maxlen: 24
223.119.48.0/22 maxlen: 24
223.119.53.0/24 maxlen: 24
223.119.54.0/23 maxlen: 24
223.119.56.0/21 maxlen: 24
223.119.64.0/18 maxlen: 23
223.119.64.0/19 maxlen: 24
223.119.96.0/22 maxlen: 24
223.119.101.0/24 maxlen: 24
223.119.102.0/23 maxlen: 24
223.119.104.0/21 maxlen: 24
223.119.112.0/20 maxlen: 24
223.119.128.0/17 maxlen: 23
223.119.128.0/18 maxlen: 24
223.119.192.0/19 maxlen: 24
223.119.224.0/20 maxlen: 24
223.119.240.0/21 maxlen: 24
223.119.248.0/22 maxlen: 24
223.119.252.0/23 maxlen: 24
223.120.0.0/17 maxlen: 24
223.121.0.0/17 maxlen: 24
2402:4f00::/32 maxlen: 32
2402:4f00:1000::/36 maxlen: 36
2402:4f00:2000::/36 maxlen: 36
2402:4f00:4000:4::/64 maxlen: 64
2402:4f00:4001:100::/56 maxlen: 56
2402:4f00:4002:100::/56 maxlen: 56
2402:4f00:4003::/48 maxlen: 48
2402:4f00:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EECAF/EEFDFEA45EA711EAA5E83184C4F9AE02/br06JpeFEjrcP0lmOa7fsQ8w1hg.crl
rsync://rpki.apnic.net/member_repository/A91EECAF/EEFDFEA45EA711EAA5E83184C4F9AE02/br06JpeFEjrcP0lmOa7fsQ8w1hg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/br06JpeFEjrcP0lmOa7fsQ8w1hg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 02:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3004 (0xbbc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EECAF, serialNumber=6EBD3A269785123ADC3F496639AEDFB10F30D618
Validity
Not Before: Oct 22 04:09:26 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=69a482ca-b776
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:32:f6:7c:49:a6:b0:52:8d:9e:dd:e2:e3:7a:
06:64:31:a2:91:55:fd:89:be:43:2b:72:fe:f7:49:
9f:f8:03:30:0c:b5:c6:80:5b:a6:36:97:18:cc:26:
d0:12:ab:fc:9e:01:2d:4e:20:8e:a5:93:62:b0:fa:
a3:d1:7a:a2:35:8e:6d:b4:c4:9e:52:6e:0a:b6:df:
48:17:0f:8d:8b:ae:5c:51:12:9e:64:f4:29:94:9c:
c0:88:59:e7:38:2d:c1:b3:1b:69:66:4a:86:5b:e5:
a8:df:ad:9a:da:87:59:bd:38:ab:55:75:b5:4f:06:
7e:9b:d1:75:44:4e:18:27:95:a5:4c:d2:47:66:7f:
d5:2d:bd:a8:14:50:4c:dc:d2:30:52:9c:b4:c2:63:
98:bc:b9:9d:ed:56:33:c6:23:ad:e7:cf:ce:1a:69:
26:d9:a1:a5:42:a7:06:be:01:d8:6c:1f:be:24:3b:
f7:b2:37:b4:b8:d6:51:ad:90:f2:69:d2:c5:37:1e:
bb:91:45:7d:4e:b4:af:50:29:30:d0:dc:c1:a9:41:
18:a3:7c:0b:f1:39:9b:15:14:ca:31:70:fe:31:4e:
96:95:f0:f8:11:d7:60:72:71:18:6d:9d:f2:8b:46:
5b:8f:d2:51:5c:2c:22:56:37:dd:25:50:91:be:f6:
8b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:13:3C:B8:19:E5:57:18:41:7A:4D:B1:42:35:AE:CB:20:B0:E2:2B
X509v3 Authority Key Identifier:
keyid:6E:BD:3A:26:97:85:12:3A:DC:3F:49:66:39:AE:DF:B1:0F:30:D6:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EECAF/EEFDFEA45EA711EAA5E83184C4F9AE02/br06JpeFEjrcP0lmOa7fsQ8w1hg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/br06JpeFEjrcP0lmOa7fsQ8w1hg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EECAF/EEFDFEA45EA711EAA5E83184C4F9AE02/DE5B4B680B8411EFBE929A1DC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.11.108.0/22
223.118.0.0-223.120.127.255
223.121.0.0/17
IPv6:
2402:4f00::/32
Signature Algorithm: sha256WithRSAEncryption
52:67:7a:54:7d:67:53:04:c8:00:6e:c4:8f:4d:d6:46:8e:73:
ba:11:e0:b7:9d:9d:e1:d5:fa:ce:f2:d2:70:7e:ab:0f:ae:5e:
4c:c8:40:95:d6:c9:88:16:07:29:00:92:47:2a:ef:e4:dd:cf:
a6:32:c0:d3:7f:73:f5:e2:53:0a:9f:84:16:2d:e7:14:2b:96:
19:a2:d6:b0:af:f7:45:05:d3:f8:19:4f:00:06:98:25:3a:a6:
13:0a:fd:8c:cb:5a:33:53:2a:53:d4:31:be:ad:25:c3:c2:9c:
ab:11:e5:03:99:49:84:87:82:eb:ff:bf:70:b6:b4:09:37:40:
0b:7f:12:18:df:ae:00:3b:32:52:8e:63:55:66:d0:1f:ea:51:
78:f5:95:1e:c2:c3:c2:32:db:aa:ab:ac:50:f6:00:c3:fd:cb:
d5:b4:37:05:fe:f5:2b:38:84:a0:9c:0b:fc:79:b0:71:88:aa:
d5:3b:85:23:d7:85:2c:5c:12:f4:24:90:c4:e3:54:9e:b0:c0:
31:fb:b8:dc:78:9c:c3:c0:03:4b:70:82:53:9e:98:de:5a:20:
52:75:7e:3c:4a:01:7c:7e:fb:db:93:8e:bd:8b:ff:91:81:06:
3a:fe:a3:31:ba:0a:64:6e:34:4e:99:e0:03:97:e5:8c:d0:91:
ae:23:df:d6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgICC7wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUVDQUYxMTAvBgNVBAUTKDZFQkQzQTI2OTc4NTEyM0FEQzNGNDk2NjM5QUVERkIx
MEYzMEQ2MTgwHhcNMjUxMDIyMDQwOTI2WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODJjYS1iNzc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwDL2fEmmsFKNnt3i43oGZDGikVX9ib5DK3L+90mf+AMwDLXGgFumNpcYzCbQ
Eqv8ngEtTiCOpZNisPqj0XqiNY5ttMSeUm4Ktt9IFw+Ni65cURKeZPQplJzAiFnn
OC3BsxtpZkqGW+Wo362a2odZvTirVXW1TwZ+m9F1RE4YJ5WlTNJHZn/VLb2oFFBM
3NIwUpy0wmOYvLmd7VYzxiOt58/OGmkm2aGlQqcGvgHYbB++JDv3sje0uNZRrZDy
adLFNx67kUV9TrSvUCkw0NzBqUEYo3wL8TmbFRTKMXD+MU6WlfD4EddgcnEYbZ3y
i0Zbj9JRXCwiVjfdJVCRvvaLEQIDAQABo4ICgjCCAn4wHQYDVR0OBBYEFPkTPLgZ
5VcYQXpNsUI1rssgsOIrMB8GA1UdIwQYMBaAFG69OiaXhRI63D9JZjmu37EPMNYY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRUNBRi9FRUZERkVBNDVF
QTcxMUVBQTVFODMxODRDNEY5QUUwMi9icjA2SnBlRkVqcmNQMGxtT2E3ZnNROHcx
aGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JyMDZKcGVGRWpyY1AwbG1PYTdmc1E4dzFoZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUVDQUYvRUVGREZFQTQ1RUE3MTFFQUE1RTgzMTg0QzRGOUFFMDIvREU1QjRCNjgw
Qjg0MTFFRkJFOTI5QTFEQzRGOUFFMDIucm9hMEEGCCsGAQUFBwEHAQH/BDIwMDAf
BAIAATAZAwQCZwtsMAsDAwHfdgMEB994AAMEB995ADANBAIAAjAHAwUAJAJPADAN
BgkqhkiG9w0BAQsFAAOCAQEAUmd6VH1nUwTIAG7Ej03WRo5zuhHgt52d4dX6zvLS
cH6rD65eTMhAldbJiBYHKQCSRyrv5N3PpjLA039z9eJTCp+EFi3nFCuWGaLWsK/3
RQXT+BlPAAaYJTqmEwr9jMtaM1MqU9Qxvq0lw8KcqxHlA5lJhIeC6/+/cLa0CTdA
C38SGN+uADsyUo5jVWbQH+pRePWVHsLDwjLbqqusUPYAw/3L1bQ3Bf71KziEoJwL
/HmwcYiq1TuFI9eFLFwS9CSQxONUnrDAMfu43Hicw8ADS3CCU56Y3logUnV+PEoB
fH7725OOvYv/kYEGOv6jMboKZG40TpngA5fljNCRriPf1g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:08:00 2026 by rpki-client