Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/28BBBAA2634211EABE282367C4F9AE02.roa
File: 28BBBAA2634211EABE282367C4F9AE02.roa (raw, json)
Hash identifier: 87ruUamCetqhSgYD0RcbOPf8uxPRNusOY0RxdgFfa4k=
Subject key identifier: F8:CB:41:11:DA:EB:4E:BD:5B:29:E2:83:92:90:CE:EB:99:5B:FE:9B
Certificate issuer: /CN=A916B795/serialNumber=493339547B33003A58599836FB4C99E79449CDF2
Certificate serial: 0B55
Authority key identifier: 49:33:39:54:7B:33:00:3A:58:59:98:36:FB:4C:99:E7:94:49:CD:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/STM5VHszADpYWZg2-0yZ55RJzfI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/28BBBAA2634211EABE282367C4F9AE02.roa
Signing time: Mon 30 Mar 2026 19:25:05 +0000
ROA not before: Mon 30 Mar 2026 19:25:05 +0000
ROA not after: Fri 28 May 2027 00:00:00 +0000
asID: 9268
IP address blocks: 45.252.252.0/22 maxlen: 22
103.1.216.0/22 maxlen: 22
103.2.168.0/22 maxlen: 22
103.12.128.0/22 maxlen: 22
103.200.8.0/22 maxlen: 22
103.211.208.0/22 maxlen: 22
103.235.116.0/22 maxlen: 22
103.245.84.0/22 maxlen: 22
103.249.148.0/22 maxlen: 22
103.249.149.0/24 maxlen: 24
103.249.150.0/24 maxlen: 24
110.44.24.0/21 maxlen: 21
119.17.160.0/19 maxlen: 19
122.99.112.0/21 maxlen: 21
139.5.124.0/22 maxlen: 22
150.242.136.0/22 maxlen: 22
175.176.200.0/21 maxlen: 21
180.189.152.0/21 maxlen: 21
180.214.64.0/19 maxlen: 19
182.23.192.0/21 maxlen: 21
202.43.66.0/24 maxlen: 24
202.61.92.0/22 maxlen: 22
203.18.94.0/24 maxlen: 24
203.24.22.0/24 maxlen: 24
203.33.60.0/23 maxlen: 23
203.55.174.0/23 maxlen: 23
203.62.184.0/22 maxlen: 22
203.62.187.0/24 maxlen: 24
203.114.76.0/22 maxlen: 22
2001:df1:2000::/48 maxlen: 48
2401:ac00::/32 maxlen: 32
2402:c00::/32 maxlen: 32
2404:7d80::/32 maxlen: 32
2407:a00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.crl
rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/STM5VHszADpYWZg2-0yZ55RJzfI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 11 Apr 2026 19:09:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2901 (0xb55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916B795, serialNumber=493339547B33003A58599836FB4C99E79449CDF2
Validity
Not Before: Mar 30 19:25:05 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=69cace11-b27e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:18:3d:fe:9a:3d:09:ed:23:7e:1c:66:83:5b:
b0:04:aa:f4:8b:53:8c:a3:c0:1b:46:51:6d:f4:cf:
f8:52:6d:2d:0c:41:7c:e4:a2:ec:38:2d:94:b0:a7:
85:36:15:2a:43:27:0a:74:6c:d7:d5:94:fc:46:08:
67:98:78:ab:87:7a:ad:38:7f:0b:92:c8:c5:5b:a7:
b4:b5:38:24:48:76:7b:fb:33:d7:2d:7b:42:21:e5:
8b:31:18:03:c8:48:56:1e:df:a3:36:98:de:ef:0d:
b8:be:71:b6:58:5b:6e:02:72:f0:e7:bb:f4:fd:fe:
38:e7:d1:09:e9:af:56:7e:26:bf:9b:47:da:3f:f1:
bd:83:be:7d:67:d0:d3:fc:e2:2e:0e:6c:62:41:af:
ae:20:d4:14:df:6c:02:68:fb:6b:b7:39:d2:a2:35:
95:e1:3f:f4:30:6f:8b:50:ff:97:bb:a3:c4:6e:20:
5a:4a:e0:07:ed:d3:eb:ad:5a:e7:8b:f6:3e:c4:7a:
12:13:18:68:75:55:2b:4e:39:4f:71:60:6b:bc:7b:
86:ca:5d:f5:a5:d7:7f:db:3b:ea:a2:6e:9e:60:95:
1d:4f:89:21:32:5e:b1:f0:bf:3f:16:f6:3d:77:c9:
eb:8a:73:f4:8d:b8:4d:2c:71:f9:87:4d:50:32:1b:
bb:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:CB:41:11:DA:EB:4E:BD:5B:29:E2:83:92:90:CE:EB:99:5B:FE:9B
X509v3 Authority Key Identifier:
keyid:49:33:39:54:7B:33:00:3A:58:59:98:36:FB:4C:99:E7:94:49:CD:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/STM5VHszADpYWZg2-0yZ55RJzfI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/28BBBAA2634211EABE282367C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.252.252.0/22
103.1.216.0/22
103.2.168.0/22
103.12.128.0/22
103.200.8.0/22
103.211.208.0/22
103.235.116.0/22
103.245.84.0/22
103.249.148.0/22
110.44.24.0/21
119.17.160.0/19
122.99.112.0/21
139.5.124.0/22
150.242.136.0/22
175.176.200.0/21
180.189.152.0/21
180.214.64.0/19
182.23.192.0/21
202.43.66.0/24
202.61.92.0/22
203.18.94.0/24
203.24.22.0/24
203.33.60.0/23
203.55.174.0/23
203.62.184.0/22
203.114.76.0/22
IPv6:
2001:df1:2000::/48
2401:ac00::/32
2402:c00::/32
2404:7d80::/32
2407:a00::/32
Signature Algorithm: sha256WithRSAEncryption
57:74:17:ef:aa:db:43:97:6c:80:3c:d1:bc:ad:77:7f:df:b6:
ba:fa:f8:b1:a6:e9:cb:02:eb:c8:d7:f3:0c:66:e6:46:72:eb:
e7:53:ef:c5:0c:7f:db:46:cc:82:e2:5c:fe:69:10:e9:5b:98:
c6:bd:e2:24:c5:6e:2a:fe:39:41:01:47:68:5c:d2:17:ac:a2:
78:a8:84:0c:b5:17:f8:b7:24:5f:ef:d5:47:4e:93:24:16:96:
58:a4:7a:47:66:06:ff:38:9a:70:4d:ef:c9:6c:1d:c8:49:6c:
bb:bb:c2:81:82:0a:c4:81:c1:1f:ff:f2:29:90:20:a4:ff:18:
58:a6:e6:5e:d6:f6:06:45:b3:99:5d:6b:4a:95:c1:ca:d0:2b:
1c:9e:ae:c5:34:01:78:48:22:e8:0e:c9:c6:21:f0:36:d1:6e:
de:7d:7b:c2:49:2a:67:21:62:e1:08:f7:04:91:61:0c:6e:b0:
cb:ef:03:8d:d0:7f:e4:43:be:07:13:38:40:35:56:73:88:4b:
35:8e:44:a3:f3:28:4b:2f:60:d7:32:56:69:e1:cf:80:4c:cd:
0b:e4:5f:47:ac:c4:11:1c:a6:50:9a:bf:8c:2b:02:a9:7a:dc:
d6:84:1a:ca:d1:c6:65:17:21:32:bf:08:14:7c:a3:45:a3:1e:
d2:4f:36:63
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgICC1UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkI3OTUxMTAvBgNVBAUTKDQ5MzMzOTU0N0IzMzAwM0E1ODU5OTgzNkZCNEM5OUU3
OTQ0OUNERjIwHhcNMjYwMzMwMTkyNTA1WhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWNhY2UxMS1iMjdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvBg9/po9Ce0jfhxmg1uwBKr0i1OMo8AbRlFt9M/4Um0tDEF85KLsOC2UsKeF
NhUqQycKdGzX1ZT8RghnmHirh3qtOH8LksjFW6e0tTgkSHZ7+zPXLXtCIeWLMRgD
yEhWHt+jNpje7w24vnG2WFtuAnLw57v0/f4459EJ6a9Wfia/m0faP/G9g759Z9DT
/OIuDmxiQa+uINQU32wCaPtrtznSojWV4T/0MG+LUP+Xu6PEbiBaSuAH7dPrrVrn
i/Y+xHoSExhodVUrTjlPcWBrvHuGyl31pdd/2zvqom6eYJUdT4khMl6x8L8/FvY9
d8nrinP0jbhNLHH5h01QMhu71QIDAQABo4IDKDCCAyQwHQYDVR0OBBYEFPjLQRHa
6069Wynig5KQzuuZW/6bMB8GA1UdIwQYMBaAFEkzOVR7MwA6WFmYNvtMmeeUSc3y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2Qjc5NS9CRDAzMkUwNDYz
NDAxMUVBQUNDRjAyNjJDNEY5QUUwMi9TVE01VkhzekFEcFlXWmcyLTB5WjU1Ukp6
ZkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NUTTVWSHN6QURwWVdaZzItMHlaNTVSSnpmSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkI3OTUvQkQwMzJFMDQ2MzQwMTFFQUFDQ0YwMjYyQzRGOUFFMDIvMjhCQkJBQTI2
MzQyMTFFQUJFMjgyMzY3QzRGOUFFMDIucm9hMIHmBggrBgEFBQcBBwEB/wSB1jCB
0zCBowQCAAEwgZwDBAIt/PwDBAJnAdgDBAJnAqgDBAJnDIADBAJnyAgDBAJn09AD
BAJn63QDBAJn9VQDBAJn+ZQDBANuLBgDBAV3EaADBAN6Y3ADBAKLBXwDBAKW8ogD
BAOvsMgDBAO0vZgDBAW01kADBAO2F8ADBADKK0IDBALKPVwDBADLEl4DBADLGBYD
BAHLITwDBAHLN64DBALLPrgDBALLckwwKwQCAAIwJQMHACABDfEgAAMFACQBrAAD
BQAkAgwAAwUAJAR9gAMFACQHCgAwDQYJKoZIhvcNAQELBQADggEBAFd0F++q20OX
bIA80bytd3/ftrr6+LGm6csC68jX8wxm5kZy6+dT78UMf9tGzILiXP5pEOlbmMa9
4iTFbir+OUEBR2hc0hesoniohAy1F/i3JF/v1UdOkyQWllikekdmBv84mnBN78ls
HchJbLu7woGCCsSBwR//8imQIKT/GFim5l7W9gZFs5lda0qVwcrQKxyersU0AXhI
IugOycYh8DbRbt59e8JJKmchYuEI9wSRYQxusMvvA43Qf+RDvgcTOEA1VnOISzWO
RKPzKEsvYNcyVmnhz4BMzQvkX0esxBEcplCav4wrAql63NaEGsrRxmUXITK/CBR8
o0WjHtJPNmM=
-----END CERTIFICATE-----
Generated at Sun Apr 5 21:04:00 2026 by rpki-client