Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDE13/151FE47E2A5611F0B84F5220C4F9AE02/5B45D97C2A5611F0B7C8BB20C4F9AE02.roa
File: 5B45D97C2A5611F0B7C8BB20C4F9AE02.roa (raw, json)
Hash identifier: ndGtL9DWzP+Gi20WrvLlerj6NUiEwQx9cGu+2aOuFD8=
Subject key identifier: 5C:1B:53:04:C8:A2:D6:C8:E7:2D:53:46:35:D1:16:49:76:FC:A9:AC
Certificate issuer: /CN=A91FDE13/serialNumber=49FD33D6F51AD6A49884469FA39FEF0432336F81
Certificate serial: A9
Authority key identifier: 49:FD:33:D6:F5:1A:D6:A4:98:84:46:9F:A3:9F:EF:04:32:33:6F:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Sf0z1vUa1qSYhEafo5_vBDIzb4E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FDE13/151FE47E2A5611F0B84F5220C4F9AE02/5B45D97C2A5611F0B7C8BB20C4F9AE02.roa
Signing time: Sun 01 Mar 2026 08:08:22 +0000
ROA not before: Wed 21 May 2025 07:19:46 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 17497
IP address blocks: 45.253.244.0/24 maxlen: 24
45.253.245.0/24 maxlen: 24
103.211.228.0/24 maxlen: 24
103.211.229.0/24 maxlen: 24
163.227.196.0/24 maxlen: 24
163.227.197.0/24 maxlen: 24
2402:620::/48 maxlen: 48
2402:620:1::/48 maxlen: 48
2402:620:2::/48 maxlen: 48
2402:620:3::/48 maxlen: 48
2402:620:4::/48 maxlen: 48
2402:620:5::/48 maxlen: 48
2402:620:6::/48 maxlen: 48
2402:620:7::/48 maxlen: 48
2402:620:8::/48 maxlen: 48
2402:620:9::/48 maxlen: 48
2402:620:a::/48 maxlen: 48
2402:620:b::/48 maxlen: 48
2402:620:c::/48 maxlen: 48
2402:620:d::/48 maxlen: 48
2402:620:e::/48 maxlen: 48
2402:620:f::/48 maxlen: 48
2402:620:10::/48 maxlen: 48
2402:620:11::/48 maxlen: 48
2402:620:12::/48 maxlen: 48
2402:620:13::/48 maxlen: 48
2402:620:14::/48 maxlen: 48
2402:620:15::/48 maxlen: 48
2402:620:16::/48 maxlen: 48
2402:620:17::/48 maxlen: 48
2402:620:18::/48 maxlen: 48
2402:620:19::/48 maxlen: 48
2402:620:1a::/48 maxlen: 48
2402:620:1b::/48 maxlen: 48
2402:620:1c::/48 maxlen: 48
2402:620:1d::/48 maxlen: 48
2402:620:1e::/48 maxlen: 48
2402:620:1f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91FDE13/151FE47E2A5611F0B84F5220C4F9AE02/Sf0z1vUa1qSYhEafo5_vBDIzb4E.crl
rsync://rpki.apnic.net/member_repository/A91FDE13/151FE47E2A5611F0B84F5220C4F9AE02/Sf0z1vUa1qSYhEafo5_vBDIzb4E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Sf0z1vUa1qSYhEafo5_vBDIzb4E.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 08:39:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169 (0xa9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FDE13, serialNumber=49FD33D6F51AD6A49884469FA39FEF0432336F81
Validity
Not Before: May 21 07:19:46 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=69a3f3f6-abea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ba:11:3a:f5:8f:cc:f9:88:37:42:ef:e4:51:
dd:7a:09:5c:c7:21:1f:86:81:8f:d4:54:ea:73:d4:
bb:e1:16:7f:e6:b6:25:e5:fb:d6:2a:d4:b8:e4:4c:
bd:f2:97:69:68:70:d5:da:44:8a:96:ef:8a:04:0b:
31:43:05:cd:16:66:9e:c3:6f:84:f4:93:e8:11:d3:
08:93:6c:dc:f1:5c:53:71:d2:e5:67:ff:a1:26:86:
4c:e3:56:99:a5:48:cf:93:df:c0:65:bb:97:29:5d:
86:2b:8b:dc:29:9f:83:ce:03:66:b3:67:ea:fb:0e:
8c:62:27:0b:81:b5:29:90:0f:1c:c9:b8:a1:18:26:
be:6f:3c:6b:35:72:87:c7:c7:3f:e3:4f:f5:3f:bc:
3e:f3:68:83:10:67:16:6a:34:5f:56:37:ef:19:3b:
2e:95:bf:83:46:be:ed:b8:a1:69:28:e1:22:68:2c:
17:56:00:05:fe:ce:6d:41:47:b8:3d:24:04:6a:3b:
23:8f:08:d7:98:4f:5f:64:37:7b:a7:6c:3f:00:ef:
b7:83:31:3c:6f:fe:fc:04:09:01:23:72:63:33:e8:
da:a6:b5:ad:ec:22:21:0c:e1:1a:de:d7:d4:96:46:
da:c1:7b:0c:10:8a:a9:51:75:9c:bc:6b:91:ca:98:
0a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:1B:53:04:C8:A2:D6:C8:E7:2D:53:46:35:D1:16:49:76:FC:A9:AC
X509v3 Authority Key Identifier:
keyid:49:FD:33:D6:F5:1A:D6:A4:98:84:46:9F:A3:9F:EF:04:32:33:6F:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FDE13/151FE47E2A5611F0B84F5220C4F9AE02/Sf0z1vUa1qSYhEafo5_vBDIzb4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Sf0z1vUa1qSYhEafo5_vBDIzb4E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDE13/151FE47E2A5611F0B84F5220C4F9AE02/5B45D97C2A5611F0B7C8BB20C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.253.244.0/23
103.211.228.0/23
163.227.196.0/23
IPv6:
2402:620::/43
Signature Algorithm: sha256WithRSAEncryption
5e:10:16:3c:cd:37:bc:15:89:df:86:2e:e0:be:6e:0e:4e:47:
3d:b3:51:4c:72:f5:48:fc:e1:06:76:4d:a3:ff:4d:14:80:62:
db:6a:c1:e6:cb:35:2d:c9:95:8d:4f:9b:c2:47:55:d0:4a:4e:
9d:ba:6e:94:5a:34:60:16:21:03:27:84:03:d3:aa:49:be:a6:
4a:26:67:f5:a7:3e:c3:be:cf:28:62:a2:cf:f9:ad:39:55:68:
f7:5a:78:a1:84:56:e6:98:a4:ba:86:e8:81:dd:0b:30:2a:aa:
0c:f7:93:0b:e0:9c:66:6d:6e:d3:48:cb:af:8f:86:bb:d9:e9:
82:6e:00:da:5c:24:e0:5f:5a:db:ca:dd:cd:ff:c5:56:69:df:
75:c4:12:f1:d5:0a:41:99:af:db:c0:16:74:7d:db:d2:99:66:
dc:77:ab:4d:0f:d1:5f:e0:5e:b1:21:1f:ed:45:a8:ac:62:06:
dd:00:2c:41:0c:91:b0:a7:b8:5a:dd:ad:45:24:1b:f0:5c:00:
60:59:69:56:7b:18:23:fb:4a:5f:cb:cc:11:77:23:50:c2:95:
fd:4b:e3:73:5c:e0:d2:03:68:c1:dc:61:ac:b7:47:3a:74:f7:
c2:a6:b0:4a:b8:99:4f:1d:60:d8:18:71:62:84:ff:c6:70:a0:
ff:1c:5a:73
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgICAKkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkRFMTMxMTAvBgNVBAUTKDQ5RkQzM0Q2RjUxQUQ2QTQ5ODg0NDY5RkEzOUZFRjA0
MzIzMzZGODEwHhcNMjUwNTIxMDcxOTQ2WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWEzZjNmNi1hYmVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtLoROvWPzPmIN0Lv5FHdeglcxyEfhoGP1FTqc9S74RZ/5rYl5fvWKtS45Ey9
8pdpaHDV2kSKlu+KBAsxQwXNFmaew2+E9JPoEdMIk2zc8VxTcdLlZ/+hJoZM41aZ
pUjPk9/AZbuXKV2GK4vcKZ+DzgNms2fq+w6MYicLgbUpkA8cybihGCa+bzxrNXKH
x8c/40/1P7w+82iDEGcWajRfVjfvGTsulb+DRr7tuKFpKOEiaCwXVgAF/s5tQUe4
PSQEajsjjwjXmE9fZDd7p2w/AO+3gzE8b/78BAkBI3JjM+japrWt7CIhDOEa3tfU
lkbawXsMEIqpUXWcvGuRypgKLQIDAQABo4ICfTCCAnkwHQYDVR0OBBYEFFwbUwTI
otbI5y1TRjXRFkl2/KmsMB8GA1UdIwQYMBaAFEn9M9b1GtakmIRGn6Of7wQyM2+B
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREUxMy8xNTFGRTQ3RTJB
NTYxMUYwQjg0RjUyMjBDNEY5QUUwMi9TZjB6MXZVYTFxU1loRWFmbzVfdkJESXpi
NEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NmMHoxdlVhMXFTWWhFYWZvNV92QkRJemI0RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkRFMTMvMTUxRkU0N0UyQTU2MTFGMEI4NEY1MjIwQzRGOUFFMDIvNUI0NUQ5N0My
QTU2MTFGMEI3QzhCQjIwQzRGOUFFMDIucm9hMDwGCCsGAQUFBwEHAQH/BC0wKzAY
BAIAATASAwQBLf30AwQBZ9PkAwQBo+PEMA8EAgACMAkDBwUkAgYgAAAwDQYJKoZI
hvcNAQELBQADggEBAF4QFjzNN7wVid+GLuC+bg5ORz2zUUxy9Uj84QZ2TaP/TRSA
YttqwebLNS3JlY1Pm8JHVdBKTp26bpRaNGAWIQMnhAPTqkm+pkomZ/WnPsO+zyhi
os/5rTlVaPdaeKGEVuaYpLqG6IHdCzAqqgz3kwvgnGZtbtNIy6+PhrvZ6YJuANpc
JOBfWtvK3c3/xVZp33XEEvHVCkGZr9vAFnR929KZZtx3q00P0V/gXrEhH+1FqKxi
Bt0ALEEMkbCnuFrdrUUkG/BcAGBZaVZ7GCP7Sl/LzBF3I1DClf1L43Nc4NIDaMHc
Yay3Rzp098KmsEq4mU8dYNgYcWKE/8ZwoP8cWnM=
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:44:30 2026 by rpki-client