Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2BD9/0481F786EC1911EA85B1E76FC4F9AE02/85A0A1086C9711EEA4941846C4F9AE02.roa
File: 85A0A1086C9711EEA4941846C4F9AE02.roa (raw, json)
Hash identifier: WHxCZXb+qvGJ+dHJukHlHeAD13tXGu1jBv03TPuiuDM=
Subject key identifier: D5:E6:AE:C8:1A:6A:18:1C:76:C9:93:E6:A6:E3:28:CD:87:02:02:79
Certificate issuer: /CN=A91F2BD9/serialNumber=AFCD12F3409878CD4AB445C445544AE8DA851A84
Certificate serial: 0893
Authority key identifier: AF:CD:12:F3:40:98:78:CD:4A:B4:45:C4:45:54:4A:E8:DA:85:1A:84
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r80S80CYeM1KtEXERVRK6NqFGoQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F2BD9/0481F786EC1911EA85B1E76FC4F9AE02/85A0A1086C9711EEA4941846C4F9AE02.roa
Signing time: Sun 01 Mar 2026 16:34:05 +0000
ROA not before: Wed 04 Feb 2026 20:17:22 +0000
ROA not after: Tue 02 Mar 2027 00:00:00 +0000
asID: 7594
IP address blocks: 120.88.64.0/19 maxlen: 19
120.88.64.0/24 maxlen: 24
120.88.65.0/24 maxlen: 24
120.88.66.0/24 maxlen: 24
120.88.67.0/24 maxlen: 24
120.88.68.0/24 maxlen: 24
120.88.69.0/24 maxlen: 24
120.88.70.0/24 maxlen: 24
120.88.71.0/24 maxlen: 24
120.88.72.0/24 maxlen: 24
120.88.73.0/24 maxlen: 24
120.88.74.0/24 maxlen: 24
120.88.75.0/24 maxlen: 24
120.88.76.0/24 maxlen: 24
120.88.77.0/24 maxlen: 24
120.88.78.0/24 maxlen: 24
120.88.79.0/24 maxlen: 24
120.88.80.0/24 maxlen: 24
120.88.81.0/24 maxlen: 24
120.88.82.0/24 maxlen: 24
120.88.83.0/24 maxlen: 24
120.88.84.0/24 maxlen: 24
120.88.85.0/24 maxlen: 24
120.88.86.0/24 maxlen: 24
120.88.87.0/24 maxlen: 24
120.88.88.0/24 maxlen: 24
120.88.89.0/24 maxlen: 24
120.88.90.0/24 maxlen: 24
120.88.91.0/24 maxlen: 24
120.88.92.0/24 maxlen: 24
120.88.93.0/24 maxlen: 24
120.88.94.0/24 maxlen: 24
120.88.95.0/24 maxlen: 24
121.0.0.0/21 maxlen: 21
121.0.0.0/24 maxlen: 24
121.0.1.0/24 maxlen: 24
121.0.2.0/24 maxlen: 24
121.0.3.0/24 maxlen: 24
121.0.4.0/24 maxlen: 24
121.0.5.0/24 maxlen: 24
121.0.6.0/24 maxlen: 24
121.0.7.0/24 maxlen: 24
203.56.180.0/24 maxlen: 24
2403:9000::/32 maxlen: 34
2403:9000:500::/40 maxlen: 40
2403:9000:501::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F2BD9/0481F786EC1911EA85B1E76FC4F9AE02/r80S80CYeM1KtEXERVRK6NqFGoQ.crl
rsync://rpki.apnic.net/member_repository/A91F2BD9/0481F786EC1911EA85B1E76FC4F9AE02/r80S80CYeM1KtEXERVRK6NqFGoQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r80S80CYeM1KtEXERVRK6NqFGoQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 18:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2195 (0x893)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F2BD9, serialNumber=AFCD12F3409878CD4AB445C445544AE8DA851A84
Validity
Not Before: Feb 4 20:17:22 2026 GMT
Not After : Mar 2 00:00:00 2027 GMT
Subject: CN=69a46a7c-984d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:34:0f:07:d6:62:ba:0a:10:34:32:57:2a:61:
d6:0f:64:c5:f9:27:01:1e:fe:44:b6:a6:dd:1e:8c:
30:c4:d1:06:fb:55:ac:4b:4a:7e:49:a8:4c:75:bd:
ec:d8:0a:a3:b5:30:c5:f1:3f:de:57:ae:74:2f:e8:
63:8d:ce:ca:2e:46:ff:7e:9d:bd:06:e4:29:ce:28:
51:5e:19:5b:13:bd:66:69:28:1f:45:c2:8b:66:95:
41:ec:cc:c0:32:f2:d0:6a:86:76:69:fb:88:b7:dc:
00:30:b4:80:00:8a:95:20:1e:dc:ed:29:5f:d8:12:
ad:ce:24:31:1f:9a:a7:63:c0:95:6f:13:7c:a6:56:
b7:7c:25:d4:32:7b:f8:f9:1b:1c:ed:b3:4d:ca:0d:
74:9d:a9:eb:12:bd:a3:0e:f5:16:e8:1a:df:02:3f:
d0:8a:ff:35:0c:8c:6c:60:6e:3c:8e:2c:b9:d9:30:
61:61:58:3e:3b:91:02:79:ca:9e:14:3b:5d:11:fc:
01:24:52:95:a8:8a:20:22:8c:5a:39:63:c2:f1:1f:
eb:22:95:4f:e2:1c:9e:e6:97:cc:2f:b3:58:fb:67:
96:62:1d:32:35:9e:00:f6:64:10:67:12:bf:ac:ac:
52:cb:c4:81:93:fc:b4:7f:9d:50:36:63:26:52:be:
5f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E6:AE:C8:1A:6A:18:1C:76:C9:93:E6:A6:E3:28:CD:87:02:02:79
X509v3 Authority Key Identifier:
keyid:AF:CD:12:F3:40:98:78:CD:4A:B4:45:C4:45:54:4A:E8:DA:85:1A:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F2BD9/0481F786EC1911EA85B1E76FC4F9AE02/r80S80CYeM1KtEXERVRK6NqFGoQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r80S80CYeM1KtEXERVRK6NqFGoQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2BD9/0481F786EC1911EA85B1E76FC4F9AE02/85A0A1086C9711EEA4941846C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
120.88.64.0/19
121.0.0.0/21
203.56.180.0/24
IPv6:
2403:9000::/32
Signature Algorithm: sha256WithRSAEncryption
48:c6:6c:ae:da:9f:7f:f7:d9:74:77:d7:31:e1:a9:2e:47:5a:
eb:59:8d:8d:f5:5c:49:e3:20:0e:91:d7:ad:95:7d:41:62:4a:
1d:bc:c9:2d:bd:c5:b5:7e:33:a9:83:33:eb:1f:c6:e0:a1:0b:
1b:21:78:19:6f:84:89:bf:b7:78:ca:77:63:4f:ed:d9:e2:10:
ce:43:cd:ca:39:e6:73:84:1f:1e:d7:10:c6:c8:a3:d6:4c:5b:
cd:3e:a2:c8:61:16:31:7b:69:50:44:ea:b4:08:9c:b8:2c:2b:
9a:00:af:cc:61:a8:76:1c:eb:a5:8f:79:2e:15:d1:97:6d:e0:
06:b8:d6:de:85:15:58:d6:2c:ec:44:b6:75:16:44:8c:b1:a6:
f9:2d:63:2a:f2:da:f8:ab:90:c3:67:a5:d8:71:33:50:3f:22:
c6:3b:7a:b5:fd:c4:18:60:83:2a:e8:6e:54:c3:4f:7b:b5:88:
f1:5c:3e:cb:d5:2b:7c:6f:8f:cf:4a:21:28:55:ce:be:73:67:
10:20:42:47:9e:d9:0e:d5:93:b9:82:c1:4d:72:a1:9b:c5:f7:
3a:84:fb:58:45:fd:a5:50:f2:19:b7:ce:8e:7e:14:e0:35:01:
47:dd:39:df:f9:9d:aa:b3:de:7e:e8:3b:9a:7d:f1:5a:06:02:
85:26:2a:d4
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgICCJMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjJCRDkxMTAvBgNVBAUTKEFGQ0QxMkYzNDA5ODc4Q0Q0QUI0NDVDNDQ1NTQ0QUU4
REE4NTFBODQwHhcNMjYwMjA0MjAxNzIyWhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NmE3Yy05ODRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApjQPB9ZiugoQNDJXKmHWD2TF+ScBHv5EtqbdHowwxNEG+1WsS0p+SahMdb3s
2AqjtTDF8T/eV650L+hjjc7KLkb/fp29BuQpzihRXhlbE71maSgfRcKLZpVB7MzA
MvLQaoZ2afuIt9wAMLSAAIqVIB7c7Slf2BKtziQxH5qnY8CVbxN8pla3fCXUMnv4
+Rsc7bNNyg10nanrEr2jDvUW6BrfAj/Qiv81DIxsYG48jiy52TBhYVg+O5ECecqe
FDtdEfwBJFKVqIogIoxaOWPC8R/rIpVP4hye5pfML7NY+2eWYh0yNZ4A9mQQZxK/
rKxSy8SBk/y0f51QNmMmUr5f+QIDAQABo4ICezCCAncwHQYDVR0OBBYEFNXmrsga
ahgcdsmT5qbjKM2HAgJ5MB8GA1UdIwQYMBaAFK/NEvNAmHjNSrRFxEVUSujahRqE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMkJEOS8wNDgxRjc4NkVD
MTkxMUVBODVCMUU3NkZDNEY5QUUwMi9yODBTODBDWWVNMUt0RVhFUlZSSzZOcUZH
b1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3I4MFM4MENZZU0xS3RFWEVSVlJLNk5xRkdvUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjJCRDkvMDQ4MUY3ODZFQzE5MTFFQTg1QjFFNzZGQzRGOUFFMDIvODVBMEExMDg2
Qzk3MTFFRUE0OTQxODQ2QzRGOUFFMDIucm9hMDoGCCsGAQUFBwEHAQH/BCswKTAY
BAIAATASAwQFeFhAAwQDeQAAAwQAyzi0MA0EAgACMAcDBQAkA5AAMA0GCSqGSIb3
DQEBCwUAA4IBAQBIxmyu2p9/99l0d9cx4akuR1rrWY2N9VxJ4yAOkdetlX1BYkod
vMktvcW1fjOpgzPrH8bgoQsbIXgZb4SJv7d4yndjT+3Z4hDOQ83KOeZzhB8e1xDG
yKPWTFvNPqLIYRYxe2lQROq0CJy4LCuaAK/MYah2HOulj3kuFdGXbeAGuNbehRVY
1izsRLZ1FkSMsab5LWMq8tr4q5DDZ6XYcTNQPyLGO3q1/cQYYIMq6G5Uw097tYjx
XD7L1St8b4/PSiEoVc6+c2cQIEJHntkO1ZO5gsFNcqGbxfc6hPtYRf2lUPIZt86O
fhTgNQFH3Tnf+Z2qs95+6DuaffFaBgKFJirU
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:34:19 2026 by rpki-client