Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/81C0C29CB0F311E5AB30F151C4F9AE02.roa
File: 81C0C29CB0F311E5AB30F151C4F9AE02.roa (raw, json)
Hash identifier: cElICATR0lwG51iK+/dfA9tn8Dsne03XwCHtnpMdsVc=
Subject key identifier: 4E:25:C8:6B:92:4B:08:41:EB:71:88:57:16:42:E1:F2:32:7C:67:C5
Certificate issuer: /CN=A91F916A/serialNumber=CF7AC6E7853E4958287006430076584657E0C950
Certificate serial: 2533
Authority key identifier: CF:7A:C6:E7:85:3E:49:58:28:70:06:43:00:76:58:46:57:E0:C9:50
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3rG54U-SVgocAZDAHZYRlfgyVA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/81C0C29CB0F311E5AB30F151C4F9AE02.roa
Signing time: Sun 01 Mar 2026 12:13:46 +0000
ROA not before: Tue 18 Mar 2025 16:03:13 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 9911
IP address blocks: 202.176.192.0/19 maxlen: 19
202.176.192.0/24 maxlen: 24
202.176.193.0/24 maxlen: 24
202.176.194.0/24 maxlen: 24
202.176.195.0/24 maxlen: 24
202.176.196.0/24 maxlen: 24
202.176.197.0/24 maxlen: 24
202.176.198.0/24 maxlen: 24
202.176.199.0/24 maxlen: 24
202.176.200.0/24 maxlen: 24
202.176.201.0/24 maxlen: 24
202.176.202.0/24 maxlen: 24
202.176.203.0/24 maxlen: 24
202.176.204.0/24 maxlen: 24
202.176.205.0/24 maxlen: 24
202.176.206.0/24 maxlen: 24
202.176.207.0/24 maxlen: 24
202.176.208.0/24 maxlen: 24
202.176.209.0/24 maxlen: 24
202.176.210.0/24 maxlen: 24
202.176.211.0/24 maxlen: 24
202.176.212.0/24 maxlen: 24
202.176.213.0/24 maxlen: 24
202.176.214.0/24 maxlen: 24
202.176.215.0/24 maxlen: 24
202.176.216.0/24 maxlen: 24
202.176.217.0/24 maxlen: 24
202.176.218.0/24 maxlen: 24
202.176.219.0/24 maxlen: 24
202.176.220.0/24 maxlen: 24
202.176.221.0/24 maxlen: 24
202.176.222.0/24 maxlen: 24
202.176.223.0/24 maxlen: 24
203.208.224.0/19 maxlen: 19
203.208.224.0/24 maxlen: 24
203.208.225.0/24 maxlen: 24
203.208.226.0/24 maxlen: 24
203.208.227.0/24 maxlen: 24
203.208.228.0/24 maxlen: 24
203.208.229.0/24 maxlen: 24
203.208.230.0/24 maxlen: 24
203.208.231.0/24 maxlen: 24
203.208.232.0/24 maxlen: 24
203.208.233.0/24 maxlen: 24
203.208.234.0/24 maxlen: 24
203.208.235.0/24 maxlen: 24
203.208.236.0/24 maxlen: 24
203.208.237.0/24 maxlen: 24
203.208.238.0/24 maxlen: 24
203.208.239.0/24 maxlen: 24
203.208.240.0/24 maxlen: 24
203.208.241.0/24 maxlen: 24
203.208.242.0/24 maxlen: 24
203.208.243.0/24 maxlen: 24
203.208.244.0/24 maxlen: 24
203.208.245.0/24 maxlen: 24
203.208.246.0/24 maxlen: 24
203.208.247.0/24 maxlen: 24
203.208.248.0/24 maxlen: 24
203.208.249.0/24 maxlen: 24
203.208.250.0/24 maxlen: 24
203.208.251.0/24 maxlen: 24
203.208.252.0/24 maxlen: 24
203.208.253.0/24 maxlen: 24
203.208.254.0/24 maxlen: 24
203.208.255.0/24 maxlen: 24
2404:5800::/32 maxlen: 32
2404:5800::/40 maxlen: 40
2404:5800:100::/48 maxlen: 48
2404:5800:101::/48 maxlen: 48
2404:5800:102::/48 maxlen: 48
2404:5800:103::/48 maxlen: 48
2404:5800:104::/46 maxlen: 46
2404:5800:104::/48 maxlen: 48
2404:5800:105::/48 maxlen: 48
2404:5800:106::/48 maxlen: 48
2404:5800:107::/48 maxlen: 48
2404:5800:108::/45 maxlen: 45
2404:5800:110::/44 maxlen: 44
2404:5800:120::/43 maxlen: 43
2404:5800:140::/42 maxlen: 42
2404:5800:180::/41 maxlen: 41
2404:5800:200::/39 maxlen: 39
2404:5800:400::/38 maxlen: 38
2404:5800:800::/37 maxlen: 37
2404:5800:1000::/36 maxlen: 36
2404:5800:2000::/35 maxlen: 35
2404:5800:4000::/34 maxlen: 34
2404:5800:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.crl
rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3rG54U-SVgocAZDAHZYRlfgyVA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:43:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9523 (0x2533)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F916A, serialNumber=CF7AC6E7853E4958287006430076584657E0C950
Validity
Not Before: Mar 18 16:03:13 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=69a42d7a-6992
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:88:b5:c9:6f:5a:65:c7:a8:2d:b1:bd:06:4d:
1c:92:c4:ef:63:2b:54:6b:55:1e:23:c3:dd:9c:a6:
fb:e1:9f:2d:bc:0e:b6:b9:34:16:85:d7:de:2d:f5:
b4:1c:6e:45:07:b9:4c:7c:31:cc:67:15:bd:1d:a8:
1f:d3:f4:c5:cd:04:68:03:f8:6c:f0:bd:c2:c5:09:
97:fd:10:7b:25:1e:03:e8:0c:27:3d:c6:f5:97:eb:
17:6f:7d:56:a4:47:d2:f2:e4:02:2e:cf:79:1b:98:
59:95:49:ed:92:19:29:4b:20:7e:0f:a0:96:0b:d6:
27:26:bd:82:10:6b:70:25:7d:9e:71:be:31:31:77:
b6:b1:54:91:92:87:d4:de:4b:88:27:7c:31:18:7d:
0f:e3:f0:7e:a6:39:e7:74:db:9e:f0:01:fd:63:7a:
47:c7:e7:6e:33:18:3b:d2:53:c0:f3:d9:b2:a0:e4:
fc:e3:18:4b:9c:5d:ba:1a:f3:93:35:76:06:9c:86:
9a:4e:5d:5e:fb:a9:76:f9:2c:19:84:8e:e1:3c:e1:
77:be:56:6a:8a:93:c3:e1:ff:cf:13:e6:10:3a:53:
b9:f3:5a:b9:41:b7:78:7c:bc:55:9e:fd:91:90:78:
96:9d:1d:d4:b7:29:e7:2c:17:ba:11:fb:d8:fa:9b:
d3:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:25:C8:6B:92:4B:08:41:EB:71:88:57:16:42:E1:F2:32:7C:67:C5
X509v3 Authority Key Identifier:
keyid:CF:7A:C6:E7:85:3E:49:58:28:70:06:43:00:76:58:46:57:E0:C9:50
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3rG54U-SVgocAZDAHZYRlfgyVA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/81C0C29CB0F311E5AB30F151C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
202.176.192.0/19
203.208.224.0/19
IPv6:
2404:5800::/32
Signature Algorithm: sha256WithRSAEncryption
98:41:d2:f1:94:62:0a:4b:36:72:53:5b:9f:73:c3:9a:38:18:
6a:d5:66:dc:8b:cc:a5:d3:c4:0d:cc:69:f8:82:bd:b4:6e:bd:
57:74:a7:97:a9:27:26:50:30:63:a9:f9:ea:28:39:e4:b7:96:
00:1d:e7:5d:d1:07:1b:a7:66:d0:68:58:7a:20:ce:67:20:16:
5f:71:b3:59:88:1a:7b:cf:eb:0c:98:11:e5:ad:df:bf:03:f8:
be:ba:00:e3:13:32:14:35:f8:62:1c:33:68:cb:31:f5:2d:91:
28:87:21:04:9b:f8:7a:b3:c5:c1:b2:f7:2c:f4:ae:d8:10:44:
b4:d1:6f:32:c6:60:cf:0f:b2:5b:5c:4f:39:0c:70:ad:98:69:
c2:d5:de:60:cd:b0:04:56:73:80:f6:f0:a6:5e:ba:1e:85:45:
1e:ce:40:63:7a:a6:f9:a5:c1:45:a7:0f:ee:30:97:70:ad:46:
3e:04:72:6c:21:62:e4:29:ab:21:95:c3:34:94:e0:2f:85:a4:
3f:03:25:e5:b9:13:84:0f:81:14:04:0e:46:69:47:f6:93:f8:
03:0f:c3:b8:4c:d3:4a:54:39:05:40:e1:3f:cf:1f:55:c7:c4:
43:0c:40:b9:e7:0f:38:cf:c2:5e:11:a6:1a:43:e2:1a:69:28:
f9:58:a8:49
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgICJTMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjkxNkExMTAvBgNVBAUTKENGN0FDNkU3ODUzRTQ5NTgyODcwMDY0MzAwNzY1ODQ2
NTdFMEM5NTAwHhcNMjUwMzE4MTYwMzEzWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0MmQ3YS02OTkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAooi1yW9aZceoLbG9Bk0cksTvYytUa1UeI8PdnKb74Z8tvA62uTQWhdfeLfW0
HG5FB7lMfDHMZxW9Hagf0/TFzQRoA/hs8L3CxQmX/RB7JR4D6AwnPcb1l+sXb31W
pEfS8uQCLs95G5hZlUntkhkpSyB+D6CWC9YnJr2CEGtwJX2ecb4xMXe2sVSRkofU
3kuIJ3wxGH0P4/B+pjnndNue8AH9Y3pHx+duMxg70lPA89myoOT84xhLnF26GvOT
NXYGnIaaTl1e+6l2+SwZhI7hPOF3vlZqipPD4f/PE+YQOlO581q5Qbd4fLxVnv2R
kHiWnR3UtynnLBe6EfvY+pvT8QIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFE4lyGuS
SwhB63GIVxZC4fIyfGfFMB8GA1UdIwQYMBaAFM96xueFPklYKHAGQwB2WEZX4MlQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTE2QS8xRDdBRDBCQTQ1
OEQxMUU1QjM5NTdBNzlDNEY5QUUwMi96M3JHNTRVLVNWZ29jQVpEQUhaWVJsZmd5
VkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ozckc1NFUtU1Znb2NBWkRBSFpZUmxmZ3lWQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjkxNkEvMUQ3QUQwQkE0NThEMTFFNUIzOTU3QTc5QzRGOUFFMDIvODFDMEMyOUNC
MEYzMTFFNUFCMzBGMTUxQzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS
BAIAATAMAwQFyrDAAwQFy9DgMA0EAgACMAcDBQAkBFgAMA0GCSqGSIb3DQEBCwUA
A4IBAQCYQdLxlGIKSzZyU1ufc8OaOBhq1Wbci8yl08QNzGn4gr20br1XdKeXqScm
UDBjqfnqKDnkt5YAHedd0Qcbp2bQaFh6IM5nIBZfcbNZiBp7z+sMmBHlrd+/A/i+
ugDjEzIUNfhiHDNoyzH1LZEohyEEm/h6s8XBsvcs9K7YEES00W8yxmDPD7JbXE85
DHCtmGnC1d5gzbAEVnOA9vCmXroehUUezkBjeqb5pcFFpw/uMJdwrUY+BHJsIWLk
KashlcM0lOAvhaQ/AyXluROED4EUBA5GaUf2k/gDD8O4TNNKVDkFQOE/zx9Vx8RD
DEC55w84z8JeEaYaQ+IaaSj5WKhJ
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:50:48 2026 by rpki-client