Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F4268/C78EBCEA219311EC900C5653C4F9AE02/B5960F8CB03111EEA45DE91DC4F9AE02.roa
File: B5960F8CB03111EEA45DE91DC4F9AE02.roa (raw, json)
Hash identifier: 9T7eAkjvrOk7zwMcNgqYoD07VX3V7BOca4enSrOlqyo=
Subject key identifier: 3E:74:0F:57:4B:26:03:71:B0:F5:01:99:55:70:E8:A8:06:AD:27:04
Certificate issuer: /CN=A91F4268/serialNumber=93732F3FC31359BBBF8B379624BF91351CCAD857
Certificate serial: 05EB
Authority key identifier: 93:73:2F:3F:C3:13:59:BB:BF:8B:37:96:24:BF:91:35:1C:CA:D8:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k3MvP8MTWbu_izeWJL-RNRzK2Fc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F4268/C78EBCEA219311EC900C5653C4F9AE02/B5960F8CB03111EEA45DE91DC4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:36:39 +0000
ROA not before: Mon 02 Feb 2026 23:19:38 +0000
ROA not after: Wed 31 Mar 2027 00:00:00 +0000
asID: 22822
IP address blocks: 111.119.0.0/22 maxlen: 22
111.119.2.0/23 maxlen: 24
111.119.4.0/22 maxlen: 22
111.119.5.0/24 maxlen: 24
111.119.6.0/24 maxlen: 24
111.119.7.0/24 maxlen: 24
111.119.16.0/23 maxlen: 23
111.119.16.0/24 maxlen: 24
111.119.17.0/24 maxlen: 24
111.119.20.0/23 maxlen: 23
111.119.20.0/24 maxlen: 24
111.119.21.0/24 maxlen: 24
111.119.22.0/23 maxlen: 23
111.119.22.0/24 maxlen: 24
111.119.23.0/24 maxlen: 24
111.119.24.0/21 maxlen: 24
117.121.248.0/21 maxlen: 24
203.9.176.0/21 maxlen: 24
203.77.184.0/22 maxlen: 22
203.77.184.0/24 maxlen: 24
203.77.185.0/24 maxlen: 24
203.77.186.0/24 maxlen: 24
203.77.187.0/24 maxlen: 24
203.77.188.0/22 maxlen: 22
203.77.188.0/23 maxlen: 24
203.77.190.0/24 maxlen: 24
203.77.191.0/24 maxlen: 24
2402:6800::/32 maxlen: 32
2402:6800:712::/48 maxlen: 48
2402:6800:720::/48 maxlen: 48
2402:6800:730::/48 maxlen: 48
2402:6800:780::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F4268/C78EBCEA219311EC900C5653C4F9AE02/k3MvP8MTWbu_izeWJL-RNRzK2Fc.crl
rsync://rpki.apnic.net/member_repository/A91F4268/C78EBCEA219311EC900C5653C4F9AE02/k3MvP8MTWbu_izeWJL-RNRzK2Fc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k3MvP8MTWbu_izeWJL-RNRzK2Fc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 22:37:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1515 (0x5eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F4268, serialNumber=93732F3FC31359BBBF8B379624BF91351CCAD857
Validity
Not Before: Feb 2 23:19:38 2026 GMT
Not After : Mar 31 00:00:00 2027 GMT
Subject: CN=69a47927-a463
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:48:65:7f:69:93:ca:d2:d1:fa:02:25:e2:77:
85:ad:bb:46:e3:0b:75:93:c0:20:15:cd:a9:8a:73:
c9:5a:90:71:85:88:10:9e:54:26:8a:d4:ed:10:e9:
4a:4c:1d:53:1b:60:49:23:00:a5:e4:95:d2:90:e3:
2f:5f:fb:29:45:a8:8a:68:a6:bb:72:07:5f:39:f3:
21:d5:be:19:01:02:75:d1:ef:43:f2:a7:51:9c:6c:
4c:bf:cd:08:4a:4f:0a:5e:aa:29:be:17:99:37:29:
ab:76:69:f2:b3:e6:59:ea:52:ff:fb:00:30:df:04:
c9:33:f4:c8:0c:dc:6c:ce:eb:b5:23:27:18:39:73:
90:5a:d9:00:82:53:d6:31:c6:98:10:1e:01:9c:b8:
b6:62:da:d5:7a:9a:5a:6b:c3:41:96:04:1c:6c:79:
d7:9e:5a:8d:00:b2:cc:7c:29:fd:4d:f5:3a:df:f6:
ca:89:10:62:1d:ab:7a:94:15:11:c5:75:b8:45:89:
dd:3a:d1:77:20:92:d0:02:4a:c6:f7:1b:8e:b7:a1:
90:37:58:01:36:8f:22:df:01:f0:de:99:a4:b9:9e:
bc:59:ec:16:53:4c:6f:e0:91:f3:ba:7f:88:c6:30:
d4:3d:82:7e:fc:6c:19:ca:9e:82:77:ac:8c:86:23:
85:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:74:0F:57:4B:26:03:71:B0:F5:01:99:55:70:E8:A8:06:AD:27:04
X509v3 Authority Key Identifier:
keyid:93:73:2F:3F:C3:13:59:BB:BF:8B:37:96:24:BF:91:35:1C:CA:D8:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F4268/C78EBCEA219311EC900C5653C4F9AE02/k3MvP8MTWbu_izeWJL-RNRzK2Fc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k3MvP8MTWbu_izeWJL-RNRzK2Fc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F4268/C78EBCEA219311EC900C5653C4F9AE02/B5960F8CB03111EEA45DE91DC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
111.119.0.0/21
111.119.16.0/23
111.119.20.0-111.119.31.255
117.121.248.0/21
203.9.176.0/21
203.77.184.0/21
IPv6:
2402:6800::/32
Signature Algorithm: sha256WithRSAEncryption
24:8b:34:36:16:15:24:c0:81:1d:ca:22:aa:8b:d7:65:17:83:
bc:d3:ee:3e:f7:b2:4a:d9:f5:e9:93:48:0c:88:cc:1a:e2:84:
ec:65:09:3a:02:72:0f:ee:04:24:70:e7:ff:48:77:a6:d1:09:
7c:c8:98:c4:22:0b:8e:7b:70:70:47:92:64:59:13:94:46:37:
7c:8f:26:65:7a:5a:75:3a:67:84:89:e8:76:e3:93:92:af:5d:
83:9f:41:ff:8e:a2:24:f2:c2:66:e7:d0:b4:4e:86:3f:7a:8e:
9d:7a:85:cb:56:72:61:39:82:26:e9:44:d4:90:6f:91:37:9f:
4c:2e:2d:73:21:77:42:65:1a:5a:91:81:d0:a9:3b:7a:e7:eb:
29:1a:04:68:c1:f0:8f:25:e3:c3:be:44:ae:b8:8a:7c:fc:5a:
b8:1d:eb:eb:5f:e0:22:d3:0c:ee:b7:be:20:5d:a5:d5:f4:87:
ad:53:ed:48:2b:83:52:db:ed:83:6b:23:d8:ed:58:ed:f7:15:
b2:6b:04:54:72:df:73:62:50:1b:3f:f5:c7:36:eb:0d:f7:1c:
c5:53:e0:c0:28:de:0f:05:21:44:2d:00:3a:ae:95:3f:cf:1f:
61:aa:3c:47:cd:c9:63:99:8e:a1:1d:b2:28:06:bc:1b:2d:66:
92:ab:1f:5b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBeswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjQyNjgxMTAvBgNVBAUTKDkzNzMyRjNGQzMxMzU5QkJCRjhCMzc5NjI0QkY5MTM1
MUNDQUQ4NTcwHhcNMjYwMjAyMjMxOTM4WhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzkyNy1hNDYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp0hlf2mTytLR+gIl4neFrbtG4wt1k8AgFc2pinPJWpBxhYgQnlQmitTtEOlK
TB1TG2BJIwCl5JXSkOMvX/spRaiKaKa7cgdfOfMh1b4ZAQJ10e9D8qdRnGxMv80I
Sk8KXqopvheZNymrdmnys+ZZ6lL/+wAw3wTJM/TIDNxszuu1IycYOXOQWtkAglPW
McaYEB4BnLi2YtrVeppaa8NBlgQcbHnXnlqNALLMfCn9TfU63/bKiRBiHat6lBUR
xXW4RYndOtF3IJLQAkrG9xuOt6GQN1gBNo8i3wHw3pmkuZ68WewWU0xv4JHzun+I
xjDUPYJ+/GwZyp6Cd6yMhiOF1QIDAQABo4IClTCCApEwHQYDVR0OBBYEFD50D1dL
JgNxsPUBmVVw6KgGrScEMB8GA1UdIwQYMBaAFJNzLz/DE1m7v4s3liS/kTUcythX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNDI2OC9DNzhFQkNFQTIx
OTMxMUVDOTAwQzU2NTNDNEY5QUUwMi9rM012UDhNVFdidV9pemVXSkwtUk5Seksy
RmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2szTXZQOE1UV2J1X2l6ZVdKTC1STlJ6SzJGYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjQyNjgvQzc4RUJDRUEyMTkzMTFFQzkwMEM1NjUzQzRGOUFFMDIvQjU5NjBGOENC
MDMxMTFFRUE0NURFOTFEQzRGOUFFMDIucm9hMFQGCCsGAQUFBwEHAQH/BEUwQzAy
BAIAATAsAwQDb3cAAwQBb3cQMAwDBAJvdxQDBAVvdwADBAN1efgDBAPLCbADBAPL
TbgwDQQCAAIwBwMFACQCaAAwDQYJKoZIhvcNAQELBQADggEBACSLNDYWFSTAgR3K
IqqL12UXg7zT7j73skrZ9emTSAyIzBrihOxlCToCcg/uBCRw5/9Id6bRCXzImMQi
C457cHBHkmRZE5RGN3yPJmV6WnU6Z4SJ6Hbjk5KvXYOfQf+OoiTywmbn0LROhj96
jp16hctWcmE5gibpRNSQb5E3n0wuLXMhd0JlGlqRgdCpO3rn6ykaBGjB8I8l48O+
RK64inz8Wrgd6+tf4CLTDO63viBdpdX0h61T7Ugrg1Lb7YNrI9jtWO33FbJrBFRy
33NiUBs/9cc26w33HMVT4MAo3g8FIUQtADqulT/PH2GqPEfNyWOZjqEdsigGvBst
ZpKrH1s=
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:44:03 2026 by rpki-client