Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FBD28/E6CED722E1B011E48C2DDE16C4F9AE02/94688318A57B11EA964E0C3DC4F9AE02.roa
File: 94688318A57B11EA964E0C3DC4F9AE02.roa (raw, json)
Hash identifier: PNtKCmkc0ae9t2OX47XtGc6SBA7Wvx4xMNhiw/SXXkY=
Subject key identifier: A6:BD:60:F5:45:E0:AA:43:FE:48:6B:F6:85:21:87:5A:18:75:04:63
Certificate issuer: /CN=A91FBD28/serialNumber=B95D954AAEB959D3427C1076A9F57DF21C38BFCC
Certificate serial: 274A
Authority key identifier: B9:5D:95:4A:AE:B9:59:D3:42:7C:10:76:A9:F5:7D:F2:1C:38:BF:CC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uV2VSq65WdNCfBB2qfV98hw4v8w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FBD28/E6CED722E1B011E48C2DDE16C4F9AE02/94688318A57B11EA964E0C3DC4F9AE02.roa
Signing time: Sun 01 Mar 2026 13:38:51 +0000
ROA not before: Wed 22 Oct 2025 16:02:50 +0000
ROA not after: Sun 31 Jan 2027 00:00:00 +0000
asID: 24499
IP address blocks: 43.224.236.0/22 maxlen: 22
43.224.236.0/24 maxlen: 24
43.224.237.0/24 maxlen: 24
43.224.238.0/24 maxlen: 24
43.224.239.0/24 maxlen: 24
103.7.76.0/22 maxlen: 22
103.7.76.0/24 maxlen: 24
103.7.77.0/24 maxlen: 24
103.7.78.0/24 maxlen: 24
103.7.79.0/24 maxlen: 24
202.69.8.0/21 maxlen: 22
202.69.8.0/24 maxlen: 24
202.69.9.0/24 maxlen: 24
202.69.10.0/24 maxlen: 24
202.69.11.0/24 maxlen: 24
202.69.12.0/22 maxlen: 24
202.69.12.0/24 maxlen: 24
202.69.13.0/24 maxlen: 24
202.69.15.0/24 maxlen: 24
2402:e000::/32 maxlen: 32
2402:e000:1::/48 maxlen: 48
2402:e000:2::/48 maxlen: 48
2402:e000:3::/48 maxlen: 48
2402:e000:a::/48 maxlen: 48
2402:e000:b::/48 maxlen: 48
2402:e000:c::/48 maxlen: 48
2402:e000:100::/41 maxlen: 41
2402:e000:180::/41 maxlen: 41
2402:e000:200::/41 maxlen: 41
2402:e000:400::/40 maxlen: 48
2402:e000:500::/40 maxlen: 48
2402:e000:600::/40 maxlen: 48
2402:e000:4000::/48 maxlen: 48
2402:e000:5300::/41 maxlen: 41
2402:e000:5380::/41 maxlen: 41
2402:e000:5400::/41 maxlen: 41
2402:e000:8000::/48 maxlen: 48
2402:e000:a100::/41 maxlen: 41
2402:e000:a180::/41 maxlen: 41
2402:e000:a200::/41 maxlen: 41
2402:e000:c000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91FBD28/E6CED722E1B011E48C2DDE16C4F9AE02/uV2VSq65WdNCfBB2qfV98hw4v8w.crl
rsync://rpki.apnic.net/member_repository/A91FBD28/E6CED722E1B011E48C2DDE16C4F9AE02/uV2VSq65WdNCfBB2qfV98hw4v8w.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uV2VSq65WdNCfBB2qfV98hw4v8w.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:06:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10058 (0x274a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FBD28, serialNumber=B95D954AAEB959D3427C1076A9F57DF21C38BFCC
Validity
Not Before: Oct 22 16:02:50 2025 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=69a4416b-a369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:37:76:df:e8:cf:b2:68:ea:a5:41:8a:fb:4b:
ed:40:94:1f:f1:17:04:73:65:04:96:49:79:f2:e6:
dc:79:45:46:03:d5:08:05:93:e6:ca:e9:cb:3d:ad:
3e:bb:c1:11:12:4d:5a:3f:d3:8d:3a:b7:4a:ad:60:
69:7d:f4:92:19:cf:98:0e:39:d5:02:fd:1e:7f:c0:
4e:e1:7f:49:95:4a:fa:93:1b:c9:95:3d:1d:19:18:
64:84:81:28:02:14:79:a9:88:f4:d0:5b:88:2f:ae:
4a:35:e0:ec:5c:05:75:16:f1:15:53:0a:e7:f3:1e:
3d:0c:65:e7:48:c4:5d:9e:70:3d:87:ef:74:4b:70:
cb:59:be:ee:09:0e:5b:6e:65:79:4b:25:05:e7:0e:
9f:01:c4:c2:d9:e8:a0:fb:82:7d:7d:45:e4:f6:75:
61:ea:75:90:dc:c3:fe:55:4f:a0:f4:5b:15:fe:2b:
43:78:95:3c:a5:9c:94:ca:a1:a0:1b:4f:51:36:f0:
ba:39:88:3d:37:e6:aa:48:45:6d:35:86:d4:f6:8f:
e2:54:36:3d:fa:e2:3a:a5:c8:47:ba:82:29:80:fe:
b1:02:44:6e:84:42:04:cd:d2:d6:ab:9f:8e:b8:96:
c4:5d:f1:3e:13:1a:25:83:08:35:3c:05:07:1f:23:
7a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:BD:60:F5:45:E0:AA:43:FE:48:6B:F6:85:21:87:5A:18:75:04:63
X509v3 Authority Key Identifier:
keyid:B9:5D:95:4A:AE:B9:59:D3:42:7C:10:76:A9:F5:7D:F2:1C:38:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FBD28/E6CED722E1B011E48C2DDE16C4F9AE02/uV2VSq65WdNCfBB2qfV98hw4v8w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uV2VSq65WdNCfBB2qfV98hw4v8w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FBD28/E6CED722E1B011E48C2DDE16C4F9AE02/94688318A57B11EA964E0C3DC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.224.236.0/22
103.7.76.0/22
202.69.8.0/21
IPv6:
2402:e000::/32
Signature Algorithm: sha256WithRSAEncryption
01:49:9f:e2:37:15:2b:cf:16:cf:25:2b:d6:7b:1d:3c:2b:66:
7d:0c:90:03:12:23:05:14:aa:c9:6a:56:67:06:54:89:f5:18:
44:52:29:1c:7e:d8:d4:06:66:34:ba:95:8b:8a:2f:63:a1:b6:
eb:95:48:c4:9a:a2:03:7c:a6:a6:f7:68:9d:ff:26:bb:d5:8c:
31:41:8a:a8:22:48:59:64:b2:51:56:7f:b5:02:41:ef:10:5c:
24:41:9e:fc:07:d7:75:35:ea:34:61:82:04:40:9d:07:79:aa:
df:13:59:fa:f4:4b:a7:2b:6e:08:89:59:fb:4a:2f:89:fa:a0:
5e:68:8c:ba:8d:b3:7c:f4:57:da:5b:c8:02:ff:81:d1:0f:65:
b1:8a:de:b1:05:17:f3:fb:7e:30:5f:09:8b:95:c8:a4:e7:30:
7a:51:3e:12:89:a4:84:2d:5b:0c:67:ab:26:fe:2f:55:67:9d:
98:b1:33:e2:5a:ab:80:7d:7e:3d:e0:ee:90:c6:18:0d:13:ad:
13:68:f5:bc:83:36:57:71:96:e2:76:77:b2:24:97:01:9b:f3:
5a:11:a4:0a:27:62:38:44:66:9c:ca:9f:ed:59:6d:34:70:1e:
d8:00:6a:1b:a0:eb:00:32:f4:60:42:39:56:f9:fc:ce:3f:32:
7d:89:b1:11
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgICJ0owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkJEMjgxMTAvBgNVBAUTKEI5NUQ5NTRBQUVCOTU5RDM0MjdDMTA3NkE5RjU3REYy
MUMzOEJGQ0MwHhcNMjUxMDIyMTYwMjUwWhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NDE2Yi1hMzY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtDd23+jPsmjqpUGK+0vtQJQf8RcEc2UElkl58ubceUVGA9UIBZPmyunLPa0+
u8EREk1aP9ONOrdKrWBpffSSGc+YDjnVAv0ef8BO4X9JlUr6kxvJlT0dGRhkhIEo
AhR5qYj00FuIL65KNeDsXAV1FvEVUwrn8x49DGXnSMRdnnA9h+90S3DLWb7uCQ5b
bmV5SyUF5w6fAcTC2eig+4J9fUXk9nVh6nWQ3MP+VU+g9FsV/itDeJU8pZyUyqGg
G09RNvC6OYg9N+aqSEVtNYbU9o/iVDY9+uI6pchHuoIpgP6xAkRuhEIEzdLWq5+O
uJbEXfE+Exolgwg1PAUHHyN6wQIDAQABo4ICezCCAncwHQYDVR0OBBYEFKa9YPVF
4KpD/khr9oUhh1oYdQRjMB8GA1UdIwQYMBaAFLldlUquuVnTQnwQdqn1ffIcOL/M
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQkQyOC9FNkNFRDcyMkUx
QjAxMUU0OEMyRERFMTZDNEY5QUUwMi91VjJWU3E2NVdkTkNmQkIycWZWOThodzR2
OHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3VWMlZTcTY1V2ROQ2ZCQjJxZlY5OGh3NHY4dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkJEMjgvRTZDRUQ3MjJFMUIwMTFFNDhDMkRERTE2QzRGOUFFMDIvOTQ2ODgzMThB
NTdCMTFFQTk2NEUwQzNEQzRGOUFFMDIucm9hMDoGCCsGAQUFBwEHAQH/BCswKTAY
BAIAATASAwQCK+DsAwQCZwdMAwQDykUIMA0EAgACMAcDBQAkAuAAMA0GCSqGSIb3
DQEBCwUAA4IBAQABSZ/iNxUrzxbPJSvWex08K2Z9DJADEiMFFKrJalZnBlSJ9RhE
UikcftjUBmY0upWLii9jobbrlUjEmqIDfKam92id/ya71YwxQYqoIkhZZLJRVn+1
AkHvEFwkQZ78B9d1Neo0YYIEQJ0HearfE1n69EunK24IiVn7Si+J+qBeaIy6jbN8
9FfaW8gC/4HRD2Wxit6xBRfz+34wXwmLlcik5zB6UT4SiaSELVsMZ6sm/i9VZ52Y
sTPiWquAfX494O6QxhgNE60TaPW8gzZXcZbidneyJJcBm/NaEaQKJ2I4RGacyp/t
WW00cB7YAGoboOsAMvRgQjlW+fzOPzJ9ibER
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:48:28 2026 by rpki-client