Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/D9750E78F01111EFB1720645C4F9AE02.roa
File: D9750E78F01111EFB1720645C4F9AE02.roa (raw, json)
Hash identifier: +LCGNb0OB4VM+Whp1njiiWEGwYQwA6NaUQIys14iy+4=
Subject key identifier: 3C:EE:EE:1D:A0:08:FB:09:A3:EE:B6:64:70:3F:BE:F4:0D:C2:F9:BB
Certificate issuer: /CN=A91F33A5/serialNumber=4FF52847215C4A22E9F1149E6CBFEDF74D61CE8B
Certificate serial: 03E9
Authority key identifier: 4F:F5:28:47:21:5C:4A:22:E9:F1:14:9E:6C:BF:ED:F7:4D:61:CE:8B
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/T_UoRyFcSiLp8RSebL_t901hzos.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/D9750E78F01111EFB1720645C4F9AE02.roa
Signing time: Sun 01 Mar 2026 12:02:38 +0000
ROA not before: Fri 05 Sep 2025 01:37:55 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 6262
IP address blocks: 130.116.0.0/16 maxlen: 24
130.155.0.0/16 maxlen: 24
138.194.0.0/16 maxlen: 24
140.79.0.0/16 maxlen: 24
140.253.0.0/16 maxlen: 24
144.110.0.0/16 maxlen: 24
146.118.0.0/16 maxlen: 24
152.83.0.0/16 maxlen: 24
192.16.180.0/24 maxlen: 24
192.41.146.0/24 maxlen: 24
192.42.60.0/23 maxlen: 24
192.42.62.0/24 maxlen: 24
192.54.105.0/24 maxlen: 24
192.54.106.0/24 maxlen: 24
192.55.219.0/24 maxlen: 24
192.55.232.0/24 maxlen: 24
192.65.130.0/24 maxlen: 24
192.67.12.0/24 maxlen: 24
192.67.171.0/24 maxlen: 24
192.68.132.0/24 maxlen: 24
192.82.140.0/24 maxlen: 24
192.83.238.0/24 maxlen: 24
192.84.237.0/24 maxlen: 24
192.84.238.0/24 maxlen: 24
192.94.62.0/23 maxlen: 24
192.94.64.0/24 maxlen: 24
192.94.209.0/24 maxlen: 24
192.102.250.0/23 maxlen: 24
192.107.9.0/24 maxlen: 24
192.111.32.0/24 maxlen: 24
192.122.176.0/24 maxlen: 24
192.124.117.0/24 maxlen: 24
192.124.152.0/24 maxlen: 24
192.138.100.0/24 maxlen: 24
192.149.36.0/24 maxlen: 24
192.150.202.0/24 maxlen: 24
192.160.16.0/24 maxlen: 24
192.188.115.0/24 maxlen: 24
192.188.186.0/24 maxlen: 24
192.207.156.0/23 maxlen: 24
192.207.158.0/24 maxlen: 24
192.207.197.0/24 maxlen: 24
192.207.198.0/24 maxlen: 24
192.245.210.0/23 maxlen: 24
192.245.212.0/22 maxlen: 24
192.245.216.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/T_UoRyFcSiLp8RSebL_t901hzos.crl
rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/T_UoRyFcSiLp8RSebL_t901hzos.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/T_UoRyFcSiLp8RSebL_t901hzos.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:04:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1001 (0x3e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F33A5, serialNumber=4FF52847215C4A22E9F1149E6CBFEDF74D61CE8B
Validity
Not Before: Sep 5 01:37:55 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=69a42ade-39b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:51:18:87:60:8a:ff:58:10:18:7c:a6:07:1e:
85:6f:6e:cb:21:ed:9a:a7:19:f0:45:58:32:07:f1:
d8:13:be:f6:1f:18:0f:ba:53:09:58:63:91:88:d9:
7e:a3:dd:19:fe:9c:e1:09:4f:1a:15:a4:4e:2c:15:
88:6f:dc:fd:bc:b1:d3:00:7d:e7:40:02:5f:8c:82:
fc:f0:94:ca:ec:d3:32:a2:e2:f9:bd:64:30:e4:19:
54:45:cb:a4:cf:b9:33:37:62:38:61:1f:6e:eb:ef:
70:89:35:d3:cd:ed:9b:95:7f:33:cd:ca:2c:c3:3b:
46:5f:7c:ea:3e:6e:cd:9c:14:f0:9f:7a:82:a3:c3:
09:26:48:a7:81:04:4f:64:85:2d:de:20:b1:b8:fc:
70:d3:6b:a7:e7:e0:b1:e2:73:6d:97:86:81:31:98:
a1:e8:bc:12:50:24:e8:7e:3d:ed:b2:74:cc:de:8a:
0b:39:c6:31:f1:bc:3d:17:2d:a1:6c:2a:d5:1d:b3:
d2:86:92:e2:df:c2:ee:bc:36:63:ab:8f:b2:c4:16:
7f:94:1c:29:aa:ed:8c:41:54:98:16:6c:30:36:70:
82:36:34:01:ed:05:c5:9d:53:8a:bd:07:72:4e:07:
5f:2f:9d:4a:e6:f1:c6:b1:68:78:eb:ed:fa:45:a1:
c6:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:EE:EE:1D:A0:08:FB:09:A3:EE:B6:64:70:3F:BE:F4:0D:C2:F9:BB
X509v3 Authority Key Identifier:
keyid:4F:F5:28:47:21:5C:4A:22:E9:F1:14:9E:6C:BF:ED:F7:4D:61:CE:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/T_UoRyFcSiLp8RSebL_t901hzos.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/T_UoRyFcSiLp8RSebL_t901hzos.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/D9750E78F01111EFB1720645C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
130.116.0.0/16
130.155.0.0/16
138.194.0.0/16
140.79.0.0/16
140.253.0.0/16
144.110.0.0/16
146.118.0.0/16
152.83.0.0/16
192.16.180.0/24
192.41.146.0/24
192.42.60.0-192.42.62.255
192.54.105.0-192.54.106.255
192.55.219.0/24
192.55.232.0/24
192.65.130.0/24
192.67.12.0/24
192.67.171.0/24
192.68.132.0/24
192.82.140.0/24
192.83.238.0/24
192.84.237.0-192.84.238.255
192.94.62.0-192.94.64.255
192.94.209.0/24
192.102.250.0/23
192.107.9.0/24
192.111.32.0/24
192.122.176.0/24
192.124.117.0/24
192.124.152.0/24
192.138.100.0/24
192.149.36.0/24
192.150.202.0/24
192.160.16.0/24
192.188.115.0/24
192.188.186.0/24
192.207.156.0-192.207.158.255
192.207.197.0-192.207.198.255
192.245.210.0-192.245.217.255
Signature Algorithm: sha256WithRSAEncryption
7a:17:b0:1b:82:e6:75:13:4a:cf:94:a9:2d:2f:5c:c2:13:99:
9d:8c:34:43:9c:53:ee:ab:a9:e7:08:c1:ac:4f:e5:0e:e6:83:
35:83:8b:20:1e:7b:6e:86:36:56:91:2e:68:e7:53:8b:a0:b5:
f0:6d:3f:ff:06:ce:be:11:94:68:d6:ab:4a:5c:a5:ee:c7:7f:
50:cc:11:e6:0c:22:75:a3:4c:3c:0e:c6:20:92:6a:a3:84:09:
43:87:2a:05:2b:36:1f:a6:fc:aa:21:69:86:77:fb:cc:59:3d:
87:d1:b1:67:ff:e7:44:8f:f8:ce:ce:a3:16:8b:ec:b8:2b:f6:
e8:85:50:25:1d:6c:06:a3:f5:47:49:fe:02:bf:97:3d:0b:0f:
40:19:3a:5c:24:c3:c0:14:62:7b:f3:72:e7:69:73:cf:72:a7:
3b:aa:65:94:d1:69:77:72:de:71:67:b2:92:b8:b1:98:85:f0:
fb:16:2c:61:ad:77:42:5f:6a:ec:06:32:33:24:da:2e:a4:83:
80:70:3f:a0:1f:3b:bf:90:c9:fd:18:14:7c:6a:2a:d9:db:03:
f5:89:9d:84:6c:ea:58:e1:17:a2:f2:5e:8e:54:cf:0d:49:ab:
9c:b9:ab:6f:14:bd:a3:dc:18:e5:f7:f0:dd:8e:a8:9a:42:4c:
a6:ed:4b:37
-----BEGIN CERTIFICATE-----
MIIGVDCCBTygAwIBAgICA+kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjMzQTUxMTAvBgNVBAUTKDRGRjUyODQ3MjE1QzRBMjJFOUYxMTQ5RTZDQkZFREY3
NEQ2MUNFOEIwHhcNMjUwOTA1MDEzNzU1WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0MmFkZS0zOWI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzVEYh2CK/1gQGHymBx6Fb27LIe2apxnwRVgyB/HYE772HxgPulMJWGORiNl+
o90Z/pzhCU8aFaROLBWIb9z9vLHTAH3nQAJfjIL88JTK7NMyouL5vWQw5BlURcuk
z7kzN2I4YR9u6+9wiTXTze2blX8zzcoswztGX3zqPm7NnBTwn3qCo8MJJkingQRP
ZIUt3iCxuPxw02un5+Cx4nNtl4aBMZih6LwSUCTofj3tsnTM3ooLOcYx8bw9Fy2h
bCrVHbPShpLi38LuvDZjq4+yxBZ/lBwpqu2MQVSYFmwwNnCCNjQB7QXFnVOKvQdy
TgdfL51K5vHGsWh46+36RaHGDwIDAQABo4IDeDCCA3QwHQYDVR0OBBYEFDzu7h2g
CPsJo+62ZHA/vvQNwvm7MB8GA1UdIwQYMBaAFE/1KEchXEoi6fEUnmy/7fdNYc6L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMzNBNS8xMTg3MDk3MkQ0
RDgxMUVDQTQyNDVGMTBDNEY5QUUwMi9UX1VvUnlGY1NpTHA4UlNlYkxfdDkwMWh6
b3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1RfVW9SeUZjU2lMcDhSU2ViTF90OTAxaHpvcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjMzQTUvMTE4NzA5NzJENEQ4MTFFQ0E0MjQ1RjEwQzRGOUFFMDIvRDk3NTBFNzhG
MDExMTFFRkIxNzIwNjQ1QzRGOUFFMDIucm9hMIIBNQYIKwYBBQUHAQcBAf8EggEk
MIIBIDCCARwEAgABMIIBFAMDAIJ0AwMAgpsDAwCKwgMDAIxPAwMAjP0DAwCQbgMD
AJJ2AwMAmFMDBADAELQDBADAKZIwDAMEAsAqPAMEAMAqPjAMAwQAwDZpAwQAwDZq
AwQAwDfbAwQAwDfoAwQAwEGCAwQAwEMMAwQAwEOrAwQAwESEAwQAwFKMAwQAwFPu
MAwDBADAVO0DBADAVO4wDAMEAcBePgMEAMBeQAMEAMBe0QMEAcBm+gMEAMBrCQME
AMBvIAMEAMB6sAMEAMB8dQMEAMB8mAMEAMCKZAMEAMCVJAMEAMCWygMEAMCgEAME
AMC8cwMEAMC8ujAMAwQCwM+cAwQAwM+eMAwDBADAz8UDBADAz8YwDAMEAcD10gME
AcD12DANBgkqhkiG9w0BAQsFAAOCAQEAehewG4LmdRNKz5SpLS9cwhOZnYw0Q5xT
7qup5wjBrE/lDuaDNYOLIB57boY2VpEuaOdTi6C18G0//wbOvhGUaNarSlyl7sd/
UMwR5gwidaNMPA7GIJJqo4QJQ4cqBSs2H6b8qiFphnf7zFk9h9GxZ//nRI/4zs6j
FovsuCv26IVQJR1sBqP1R0n+Ar+XPQsPQBk6XCTDwBRie/Ny52lzz3KnO6pllNFp
d3LecWeykrixmIXw+xYsYa13Ql9q7AYyMyTaLqSDgHA/oB87v5DJ/RgUfGoq2dsD
9YmdhGzqWOEXovJejlTPDUmrnLmrbxS9o9wY5ffw3Y6omkJMpu1LNw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:27:29 2026 by rpki-client