Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/F0C8DB1CA54E11EF8592FD66C4F9AE02.roa
File: F0C8DB1CA54E11EF8592FD66C4F9AE02.roa (raw, json)
Hash identifier: kccqwCYzh8REyi/rrws0T2ob10DxCbKT7zFXPVaYiA8=
Subject key identifier: DA:B1:41:3D:CD:0D:61:10:B4:20:1B:AF:64:4E:38:7A:CF:B5:37:B0
Certificate issuer: /CN=A911D848/serialNumber=1DD1B8687886924C4613116050EE90E9D494269E
Certificate serial: 0100
Authority key identifier: 1D:D1:B8:68:78:86:92:4C:46:13:11:60:50:EE:90:E9:D4:94:26:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/F0C8DB1CA54E11EF8592FD66C4F9AE02.roa
Signing time: Tue 03 Feb 2026 05:25:14 +0000
ROA not before: Tue 03 Feb 2026 05:25:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9266
IP address blocks: 103.36.152.0/22 maxlen: 22
103.65.216.0/22 maxlen: 22
103.225.108.0/22 maxlen: 22
202.1.116.0/22 maxlen: 22
202.1.116.0/24 maxlen: 24
202.1.117.0/24 maxlen: 24
202.1.118.0/24 maxlen: 24
202.1.119.0/24 maxlen: 24
203.5.244.0/24 maxlen: 24
203.10.124.0/24 maxlen: 24
203.12.116.0/24 maxlen: 24
203.14.106.0/24 maxlen: 24
203.14.193.0/24 maxlen: 24
203.18.151.0/24 maxlen: 24
203.19.52.0/24 maxlen: 24
203.19.220.0/24 maxlen: 24
203.20.110.0/24 maxlen: 24
203.20.111.0/24 maxlen: 24
203.21.22.0/24 maxlen: 24
203.22.169.0/24 maxlen: 24
203.23.50.0/24 maxlen: 24
203.23.71.0/24 maxlen: 24
203.24.174.0/23 maxlen: 24
203.25.68.0/22 maxlen: 22
203.25.69.0/24 maxlen: 24
203.25.70.0/24 maxlen: 24
203.25.71.0/24 maxlen: 24
203.25.123.0/24 maxlen: 24
203.25.158.0/24 maxlen: 24
203.26.171.0/24 maxlen: 24
203.26.226.0/23 maxlen: 23
203.29.21.0/24 maxlen: 24
203.29.127.0/24 maxlen: 24
203.30.78.0/24 maxlen: 24
203.31.214.0/24 maxlen: 24
203.32.44.0/23 maxlen: 24
203.32.47.0/24 maxlen: 24
203.33.28.0/24 maxlen: 24
203.33.58.0/23 maxlen: 24
203.33.108.0/23 maxlen: 24
203.34.167.0/24 maxlen: 24
203.55.194.0/23 maxlen: 24
203.62.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.crl
rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 26 Feb 2026 04:41:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 256 (0x100)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D848, serialNumber=1DD1B8687886924C4613116050EE90E9D494269E
Validity
Not Before: Feb 3 05:25:14 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=698186ba-d0c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3b:df:74:7d:d2:23:86:c6:42:9d:a6:21:77:
f2:d7:01:25:92:55:5f:2f:0d:00:8a:ac:34:c5:76:
a4:02:db:d2:c5:48:ee:35:90:5a:f0:70:f7:72:36:
29:ac:06:77:6c:ab:f0:1c:1d:6c:c4:13:e6:9b:c9:
dc:9e:a0:40:20:10:d9:09:a4:b8:24:bc:f6:d6:41:
20:37:12:78:65:a3:a9:93:49:1e:3c:7d:0e:6c:d7:
12:46:24:12:1d:8f:a7:ba:d7:87:3c:6c:58:bd:90:
f5:eb:9f:9c:f4:c5:7b:16:3d:c4:23:62:ce:94:b1:
fe:23:11:7e:a5:e3:92:95:d5:cc:2b:f4:ca:df:f3:
c7:a7:6d:82:82:d3:28:d8:2e:e6:ca:96:dd:a1:5c:
37:10:b2:de:1b:03:23:36:25:0a:2c:bb:02:48:71:
92:21:bf:9f:cd:6f:2d:c3:96:a2:eb:8f:7b:01:e6:
30:6a:15:6d:8e:d6:dc:3b:75:4b:65:38:e8:18:14:
02:ac:be:d4:87:85:3f:bc:d9:cf:94:bb:cd:29:6f:
b3:0d:6c:9a:5f:52:7a:02:27:5e:85:d0:6c:28:65:
7a:40:41:53:97:39:02:f0:0c:ca:6e:a1:d3:8c:6d:
17:19:d8:a6:3c:17:fb:ad:55:14:a3:87:27:43:b0:
6c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:B1:41:3D:CD:0D:61:10:B4:20:1B:AF:64:4E:38:7A:CF:B5:37:B0
X509v3 Authority Key Identifier:
keyid:1D:D1:B8:68:78:86:92:4C:46:13:11:60:50:EE:90:E9:D4:94:26:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/F0C8DB1CA54E11EF8592FD66C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.36.152.0/22
103.65.216.0/22
103.225.108.0/22
202.1.116.0/22
203.5.244.0/24
203.10.124.0/24
203.12.116.0/24
203.14.106.0/24
203.14.193.0/24
203.18.151.0/24
203.19.52.0/24
203.19.220.0/24
203.20.110.0/23
203.21.22.0/24
203.22.169.0/24
203.23.50.0/24
203.23.71.0/24
203.24.174.0/23
203.25.68.0/22
203.25.123.0/24
203.25.158.0/24
203.26.171.0/24
203.26.226.0/23
203.29.21.0/24
203.29.127.0/24
203.30.78.0/24
203.31.214.0/24
203.32.44.0/23
203.32.47.0/24
203.33.28.0/24
203.33.58.0/23
203.33.108.0/23
203.34.167.0/24
203.55.194.0/23
203.62.147.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:d7:3e:7b:f9:94:25:b9:37:5f:72:7b:b3:d3:5a:7d:8f:26:
93:c0:4e:d0:3e:38:45:51:2f:e8:9a:51:1f:dc:c5:00:88:44:
85:db:14:11:a3:c4:2f:b3:0d:8c:ad:37:74:fa:80:dd:d6:13:
62:76:5a:3b:9e:73:28:af:8d:10:91:76:35:8e:5a:34:77:56:
4f:5a:8e:df:65:54:5f:f1:b7:9c:7f:18:22:ec:3a:4b:f9:3d:
f8:22:7b:b2:e2:41:7b:eb:ac:4a:0e:c2:98:44:d9:b6:0e:30:
76:0c:42:56:a7:a4:24:cb:18:e3:6d:03:81:7e:7e:fd:6e:16:
09:f7:e0:66:93:bf:5c:56:2f:48:59:bf:6f:bd:8a:8e:9c:8c:
18:3c:24:f1:aa:d2:b6:48:a9:9d:8f:6e:42:53:79:f4:68:d5:
74:4b:74:3f:f5:25:c5:83:bf:d5:78:38:05:f1:29:b7:2f:90:
8c:e2:92:bb:c7:ba:25:82:ac:ab:24:ed:5e:ab:b4:c5:65:bd:
84:31:d3:19:0c:91:21:a3:e3:e3:4d:58:a2:b9:84:d4:2c:cf:
ec:24:8e:72:d7:ea:b3:35:45:f4:f5:21:11:92:db:84:37:3e:
bd:c8:cd:51:48:0f:bc:73:10:19:0a:ae:d2:60:17:1e:bf:84:
e6:6b:81:6c
-----BEGIN CERTIFICATE-----
MIIGQjCCBSqgAwIBAgICAQAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkx
MUQ4NDgxMTAvBgNVBAUTKDFERDFCODY4Nzg4NjkyNEM0NjEzMTE2MDUwRUU5MEU5
RDQ5NDI2OUUwHhcNMjYwMjAzMDUyNTE0WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDDA02OTgxODZiYS1kMGM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyjvfdH3SI4bGQp2mIXfy1wElklVfLw0Aiqw0xXakAtvSxUjuNZBa8HD3cjYp
rAZ3bKvwHB1sxBPmm8ncnqBAIBDZCaS4JLz21kEgNxJ4ZaOpk0kePH0ObNcSRiQS
HY+nuteHPGxYvZD165+c9MV7Fj3EI2LOlLH+IxF+peOSldXMK/TK3/PHp22CgtMo
2C7mypbdoVw3ELLeGwMjNiUKLLsCSHGSIb+fzW8tw5ai6497AeYwahVtjtbcO3VL
ZTjoGBQCrL7Uh4U/vNnPlLvNKW+zDWyaX1J6AidehdBsKGV6QEFTlzkC8AzKbqHT
jG0XGdimPBf7rVUUo4cnQ7BsfwIDAQABo4IDZjCCA2IwHQYDVR0OBBYEFNqxQT3N
DWEQtCAbr2ROOHrPtTewMB8GA1UdIwQYMBaAFB3RuGh4hpJMRhMRYFDukOnUlCae
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDg0OC9DMjUxQjVCMjlC
MTAxMUVGQTcyQkEwMjBDNEY5QUUwMi9IZEc0YUhpR2treEdFeEZnVU82UTZkU1VK
cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hkRzRhSGlHa2t4R0V4RmdVTzZRNmRTVUpwNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQ4NDgvQzI1MUI1QjI5QjEwMTFFRkE3MkJBMDIwQzRGOUFFMDIvRjBDOERCMUNB
NTRFMTFFRjg1OTJGRDY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwge8GCCsGAQUFBwEHAQH/
BIHfMIHcMIHZBAIAATCB0gMEAmckmAMEAmdB2AMEAmfhbAMEAsoBdAMEAMsF9AME
AMsKfAMEAMsMdAMEAMsOagMEAMsOwQMEAMsSlwMEAMsTNAMEAMsT3AMEAcsUbgME
AMsVFgMEAMsWqQMEAMsXMgMEAMsXRwMEAcsYrgMEAssZRAMEAMsZewMEAMsZngME
AMsaqwMEAcsa4gMEAMsdFQMEAMsdfwMEAMseTgMEAMsf1gMEAcsgLAMEAMsgLwME
AMshHAMEAcshOgMEAcshbAMEAMsipwMEAcs3wgMEAMs+kzANBgkqhkiG9w0BAQsF
AAOCAQEAbdc+e/mUJbk3X3J7s9NafY8mk8BO0D44RVEv6JpRH9zFAIhEhdsUEaPE
L7MNjK03dPqA3dYTYnZaO55zKK+NEJF2NY5aNHdWT1qO32VUX/G3nH8YIuw6S/k9
+CJ7suJBe+usSg7CmETZtg4wdgxCVqekJMsY420DgX5+/W4WCffgZpO/XFYvSFm/
b72KjpyMGDwk8arStkipnY9uQlN59GjVdEt0P/UlxYO/1Xg4BfEpty+QjOKSu8e6
JYKsqyTtXqu0xWW9hDHTGQyRIaPj401YormE1CzP7CSOctfqszVF9PUhEZLbhDc+
vcjNUUgPvHMQGQqu0mAXHr+E5muBbA==
-----END CERTIFICATE-----
Generated at Thu Feb 19 21:52:54 2026 by rpki-client