Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/7E0AB01C782C11EBB0B71971C4F9AE02.roa
File: 7E0AB01C782C11EBB0B71971C4F9AE02.roa (raw, json)
Hash identifier: NnGURNoUAZdQU/G3kAMwVkQfb/MVBNx9fBriFhbULUk=
Subject key identifier: 16:B5:0D:9C:93:25:BC:8B:B9:23:D3:D7:7D:27:99:76:91:0C:15:7C
Certificate issuer: /CN=A91FF74B/serialNumber=059E6F03AE7676A9D0F09D5F6CBDB90861855A57
Certificate serial: 075F
Authority key identifier: 05:9E:6F:03:AE:76:76:A9:D0:F0:9D:5F:6C:BD:B9:08:61:85:5A:57
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BZ5vA652dqnQ8J1fbL25CGGFWlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/7E0AB01C782C11EBB0B71971C4F9AE02.roa
Signing time: Sun 01 Mar 2026 15:44:50 +0000
ROA not before: Mon 27 Oct 2025 03:14:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56201
IP address blocks: 169.148.132.0/24 maxlen: 24
169.148.133.0/24 maxlen: 24
169.148.134.0/23 maxlen: 23
169.148.134.0/24 maxlen: 24
169.148.135.0/24 maxlen: 24
169.148.136.0/23 maxlen: 23
169.148.136.0/24 maxlen: 24
169.148.137.0/24 maxlen: 24
169.148.138.0/23 maxlen: 24
169.148.140.0/23 maxlen: 24
169.148.142.0/23 maxlen: 23
169.148.142.0/24 maxlen: 24
169.148.143.0/24 maxlen: 24
169.148.144.0/23 maxlen: 23
169.148.144.0/24 maxlen: 24
169.148.145.0/24 maxlen: 24
169.148.146.0/23 maxlen: 23
169.148.146.0/24 maxlen: 24
169.148.147.0/24 maxlen: 24
169.148.148.0/23 maxlen: 23
169.148.148.0/24 maxlen: 24
169.148.149.0/24 maxlen: 24
169.148.150.0/24 maxlen: 24
169.148.172.0/23 maxlen: 24
169.148.174.0/23 maxlen: 24
169.148.176.0/23 maxlen: 24
169.148.180.0/24 maxlen: 24
199.67.76.0/23 maxlen: 23
199.67.76.0/24 maxlen: 24
199.67.77.0/24 maxlen: 24
199.67.78.0/23 maxlen: 23
199.67.78.0/24 maxlen: 24
199.67.79.0/24 maxlen: 24
199.67.94.0/23 maxlen: 23
199.67.94.0/24 maxlen: 24
199.67.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/BZ5vA652dqnQ8J1fbL25CGGFWlc.crl
rsync://rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/BZ5vA652dqnQ8J1fbL25CGGFWlc.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BZ5vA652dqnQ8J1fbL25CGGFWlc.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 14:59:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1887 (0x75f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FF74B, serialNumber=059E6F03AE7676A9D0F09D5F6CBDB90861855A57
Validity
Not Before: Oct 27 03:14:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a45ef2-7d0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:6e:66:9c:4d:19:5c:f5:26:8b:65:9f:70:13:
1a:9c:dd:33:af:ce:10:57:0f:98:f1:f3:d3:43:a5:
a1:b6:98:79:71:57:c1:b2:ae:90:8c:51:7d:2d:ea:
ee:28:0c:57:24:58:90:e3:af:99:95:12:3b:f2:ab:
0e:06:76:bb:f6:65:be:2f:81:22:e2:9f:89:d2:15:
80:dc:bb:57:6c:7b:67:90:8e:8b:62:05:b7:b8:04:
aa:2b:e4:4b:be:ef:73:26:d4:c2:54:6f:ec:32:33:
79:0a:7b:7a:ef:83:8b:79:7b:9a:5d:d9:ea:f8:93:
45:8b:02:59:fe:1a:2d:0e:fe:df:91:2c:dc:6e:fa:
b1:01:27:d8:fe:2f:08:a7:e1:8e:6a:ed:a7:5d:e8:
cc:12:52:e8:f2:39:1a:4e:5e:8c:7e:14:74:91:37:
42:84:ce:02:b8:37:48:53:d0:28:14:2d:03:ad:1b:
3c:f7:33:f4:5f:11:d8:bd:c8:65:a4:d4:1a:cc:50:
1f:9c:43:41:5a:02:fd:e4:d5:b3:33:bc:eb:a1:e3:
ea:45:cf:54:dd:da:86:be:39:3c:cf:48:d2:0d:3d:
81:f4:12:b0:7a:87:51:a3:dc:77:6e:d3:fb:8b:d7:
73:01:81:7f:c4:4e:7a:cb:4e:09:86:e4:34:70:ba:
4f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:B5:0D:9C:93:25:BC:8B:B9:23:D3:D7:7D:27:99:76:91:0C:15:7C
X509v3 Authority Key Identifier:
keyid:05:9E:6F:03:AE:76:76:A9:D0:F0:9D:5F:6C:BD:B9:08:61:85:5A:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/BZ5vA652dqnQ8J1fbL25CGGFWlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BZ5vA652dqnQ8J1fbL25CGGFWlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/7E0AB01C782C11EBB0B71971C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
169.148.132.0-169.148.150.255
169.148.172.0-169.148.177.255
169.148.180.0/24
199.67.76.0/22
199.67.94.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:fb:a9:cf:87:8e:8e:bc:38:49:c1:b0:af:e7:45:1d:22:f1:
ac:d2:9c:03:2d:fb:ca:10:94:f5:6e:37:4d:f8:f3:03:09:a8:
95:07:73:95:83:c6:71:99:03:ca:8c:08:51:6e:21:69:7c:c5:
b7:b3:e1:96:27:65:fe:99:88:40:c2:dd:1c:fd:12:8f:6b:f0:
a6:db:c1:da:cb:c4:c9:95:98:ad:db:10:4d:a4:d3:e8:c2:c0:
0b:a4:99:0c:70:4c:d3:b4:6b:ed:24:0a:4b:ba:f5:b8:e3:5d:
b7:31:8f:c3:50:d7:c7:e9:31:04:07:7b:22:73:b1:78:67:d2:
ee:48:87:da:b3:f9:76:22:9d:90:81:3a:ab:33:80:47:37:78:
1a:a5:e5:3e:29:40:cb:82:27:7c:8b:0a:2b:03:d8:c5:95:a6:
b2:62:bc:43:98:eb:40:be:6d:75:be:b7:30:8a:12:ff:a3:2f:
f5:d0:11:d9:22:d9:a7:5c:5a:4e:8e:39:f8:df:44:05:27:3f:
dc:85:cf:6c:27:cd:03:db:2b:94:f8:36:b4:d6:56:84:73:7d:
01:78:27:d2:dc:ed:87:69:7a:97:40:be:ac:56:40:81:51:bf:
cb:66:68:09:15:82:0d:ff:a6:2e:52:bc:93:14:66:00:c4:8d:
f7:d9:25:57
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgICB18wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkY3NEIxMTAvBgNVBAUTKDA1OUU2RjAzQUU3Njc2QTlEMEYwOUQ1RjZDQkRCOTA4
NjE4NTVBNTcwHhcNMjUxMDI3MDMxNDM1WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NWVmMi03ZDBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAkG5mnE0ZXPUmi2WfcBManN0zr84QVw+Y8fPTQ6Whtph5cVfBsq6QjFF9Leru
KAxXJFiQ46+ZlRI78qsOBna79mW+L4Ei4p+J0hWA3LtXbHtnkI6LYgW3uASqK+RL
vu9zJtTCVG/sMjN5Cnt674OLeXuaXdnq+JNFiwJZ/hotDv7fkSzcbvqxASfY/i8I
p+GOau2nXejMElLo8jkaTl6MfhR0kTdChM4CuDdIU9AoFC0DrRs89zP0XxHYvchl
pNQazFAfnENBWgL95NWzM7zroePqRc9U3dqGvjk8z0jSDT2B9BKweodRo9x3btP7
i9dzAYF/xE56y04JhuQ0cLpPWwIDAQABo4ICiDCCAoQwHQYDVR0OBBYEFBa1DZyT
JbyLuSPT130nmXaRDBV8MB8GA1UdIwQYMBaAFAWebwOudnap0PCdX2y9uQhhhVpX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRjc0Qi82MUEzMzg0QTc4
MkMxMUVCQUMwNEY2NzJDNEY5QUUwMi9CWjV2QTY1MmRxblE4SjFmYkwyNUNHR0ZX
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0JaNXZBNjUyZHFuUThKMWZiTDI1Q0dHRldsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkY3NEIvNjFBMzM4NEE3ODJDMTFFQkFDMDRGNjcyQzRGOUFFMDIvN0UwQUIwMUM3
ODJDMTFFQkIwQjcxOTcxQzRGOUFFMDIucm9hMEcGCCsGAQUFBwEHAQH/BDgwNjA0
BAIAATAuMAwDBAKplIQDBACplJYwDAMEAqmUrAMEAamUsAMEAKmUtAMEAsdDTAME
AcdDXjANBgkqhkiG9w0BAQsFAAOCAQEAovupz4eOjrw4ScGwr+dFHSLxrNKcAy37
yhCU9W43TfjzAwmolQdzlYPGcZkDyowIUW4haXzFt7Phlidl/pmIQMLdHP0Sj2vw
ptvB2svEyZWYrdsQTaTT6MLAC6SZDHBM07Rr7SQKS7r1uONdtzGPw1DXx+kxBAd7
InOxeGfS7kiH2rP5diKdkIE6qzOARzd4GqXlPilAy4InfIsKKwPYxZWmsmK8Q5jr
QL5tdb63MIoS/6Mv9dAR2SLZp1xaTo45+N9EBSc/3IXPbCfNA9srlPg2tNZWhHN9
AXgn0tzth2l6l0C+rFZAgVG/y2ZoCRWCDf+mLlK8kxRmAMSN99klVw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:00:02 2026 by rpki-client