Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9116BB8/39DCF75442F011EB8A09C75AC4F9AE02/490CDADA42F211EBB34A1A60C4F9AE02.roa
File: 490CDADA42F211EBB34A1A60C4F9AE02.roa (raw, json)
Hash identifier: v7Fb7boRTCMwchTjW0del7sXnV2DChLpJUD5WBCHZN0=
Subject key identifier: 56:81:5B:C5:F0:8A:E6:78:61:46:4E:D9:28:1F:B3:00:4F:9C:50:59
Certificate issuer: /CN=A9116BB8/serialNumber=8AE9CDE10BE0B77F091B0D38EBC1967C8BC0919E
Certificate serial: 07F5
Authority key identifier: 8A:E9:CD:E1:0B:E0:B7:7F:09:1B:0D:38:EB:C1:96:7C:8B:C0:91:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iunN4Qvgt38JGw0468GWfIvAkZ4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9116BB8/39DCF75442F011EB8A09C75AC4F9AE02/490CDADA42F211EBB34A1A60C4F9AE02.roa
Signing time: Mon 18 May 2026 16:47:59 +0000
ROA not before: Mon 18 May 2026 16:47:59 +0000
ROA not after: Wed 30 Dec 2026 00:00:00 +0000
asID: 138995
IP address blocks: 45.125.216.0/24 maxlen: 24
45.125.217.0/24 maxlen: 24
45.125.218.0/24 maxlen: 24
45.125.219.0/24 maxlen: 24
103.86.64.0/24 maxlen: 24
103.86.65.0/24 maxlen: 24
103.86.66.0/24 maxlen: 24
103.86.67.0/24 maxlen: 24
103.93.46.0/24 maxlen: 24
103.98.112.0/24 maxlen: 24
103.98.114.0/24 maxlen: 24
103.98.115.0/24 maxlen: 24
103.108.184.0/24 maxlen: 24
103.108.185.0/24 maxlen: 24
103.116.132.0/24 maxlen: 24
103.116.133.0/24 maxlen: 24
103.142.244.0/24 maxlen: 24
103.142.245.0/24 maxlen: 24
103.194.104.0/24 maxlen: 24
103.194.105.0/24 maxlen: 24
103.194.106.0/24 maxlen: 24
103.194.107.0/24 maxlen: 24
116.204.176.0/24 maxlen: 24
116.204.177.0/24 maxlen: 24
116.204.178.0/24 maxlen: 24
116.204.179.0/24 maxlen: 24
2001:df1:5f80::/48 maxlen: 48
2001:dff::/32 maxlen: 32
2001:dff:aa00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9116BB8/39DCF75442F011EB8A09C75AC4F9AE02/iunN4Qvgt38JGw0468GWfIvAkZ4.crl
rsync://rpki.apnic.net/member_repository/A9116BB8/39DCF75442F011EB8A09C75AC4F9AE02/iunN4Qvgt38JGw0468GWfIvAkZ4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iunN4Qvgt38JGw0468GWfIvAkZ4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 May 2026 21:09:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2037 (0x7f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9116BB8, serialNumber=8AE9CDE10BE0B77F091B0D38EBC1967C8BC0919E
Validity
Not Before: May 18 16:47:59 2026 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=6a0b42bf-b25d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:64:02:db:2e:da:a9:a6:6e:40:92:1b:bd:60:
2d:51:dc:f1:70:43:f1:54:30:c9:8b:83:52:79:c9:
8c:b0:4b:eb:f1:14:e7:73:36:13:04:d5:57:39:91:
87:53:bc:86:c4:75:7f:cd:87:17:29:1a:c8:93:63:
6e:fb:11:f4:40:bd:ba:09:e6:c1:82:f4:1e:cb:20:
ae:1e:15:53:e1:75:4c:ca:f1:25:f6:a2:ff:38:39:
f8:db:40:7d:e7:7e:1f:c9:13:4d:c5:6e:8b:79:59:
57:66:9a:a0:c1:d4:16:e7:7e:3f:be:8b:89:10:a6:
a3:11:d8:7b:51:57:19:62:9f:ad:3d:a4:b3:f7:c5:
8e:fb:69:7c:a1:35:70:9d:3d:37:70:4f:5b:c6:3a:
2f:fa:ab:16:b5:4e:52:38:78:30:d8:bf:0b:f5:20:
e3:94:25:0b:6e:1d:7c:04:52:a1:30:50:f9:55:f8:
53:2d:5f:a4:fd:ca:1e:74:ca:7f:95:81:67:50:00:
0d:2d:ec:3c:a0:bc:c7:bf:bb:42:be:e3:6e:43:56:
05:55:7a:82:58:74:5f:c3:75:da:8f:0e:65:e6:cf:
96:33:99:c6:bf:e1:85:c6:19:9a:fe:43:ec:35:94:
66:c6:14:81:38:d1:bb:a1:8e:d1:66:f4:ec:b1:b9:
7e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:81:5B:C5:F0:8A:E6:78:61:46:4E:D9:28:1F:B3:00:4F:9C:50:59
X509v3 Authority Key Identifier:
keyid:8A:E9:CD:E1:0B:E0:B7:7F:09:1B:0D:38:EB:C1:96:7C:8B:C0:91:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9116BB8/39DCF75442F011EB8A09C75AC4F9AE02/iunN4Qvgt38JGw0468GWfIvAkZ4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iunN4Qvgt38JGw0468GWfIvAkZ4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9116BB8/39DCF75442F011EB8A09C75AC4F9AE02/490CDADA42F211EBB34A1A60C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.125.216.0/22
103.86.64.0/22
103.93.46.0/24
103.98.112.0/24
103.98.114.0/23
103.108.184.0/23
103.116.132.0/23
103.142.244.0/23
103.194.104.0/22
116.204.176.0/22
IPv6:
2001:df1:5f80::/48
2001:dff::/32
Signature Algorithm: sha256WithRSAEncryption
5d:93:36:37:f6:d6:37:9c:70:9d:26:4c:fe:ed:c4:ad:e2:08:
6f:09:7d:41:4b:86:76:96:f1:85:b7:f3:7c:1c:ca:b2:56:4c:
ae:ee:77:29:68:a9:29:78:79:bd:6c:34:bc:33:bd:29:ed:f7:
ca:d7:c9:6f:c7:db:fc:a6:02:cc:07:fd:97:b7:b5:e0:58:e5:
9d:ce:bc:33:18:3b:0a:01:50:86:ac:36:8e:86:d4:f0:91:66:
fa:79:f5:04:23:6c:3b:00:2d:5f:11:e6:ed:91:65:1c:66:de:
e8:74:4f:03:b0:10:5b:a2:cd:be:09:6d:f1:07:93:d2:f2:c5:
5f:8d:00:b3:47:2f:bb:04:b0:ce:42:ec:5c:79:01:27:b5:68:
b5:51:da:79:46:5b:59:46:7c:30:ea:25:2f:7e:fb:7e:1b:fb:
78:d9:ec:4e:13:ac:4c:40:0e:1a:19:6e:c5:90:dc:0d:69:58:
40:74:21:81:57:11:41:87:61:a5:e8:b1:7d:bf:04:34:06:11:
e2:1a:31:43:66:6c:0b:41:4e:79:10:ce:ef:47:83:19:69:86:
9a:73:e8:79:2d:5d:9d:6d:0d:45:d6:60:4a:56:13:8f:c8:28:
29:26:c6:ea:9b:44:ce:4b:b2:20:a2:69:6a:f2:d2:14:16:1d:
b5:2f:ee:f1
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgICB/UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTZCQjgxMTAvBgNVBAUTKDhBRTlDREUxMEJFMEI3N0YwOTFCMEQzOEVCQzE5NjdD
OEJDMDkxOUUwHhcNMjYwNTE4MTY0NzU5WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTBiNDJiZi1iMjVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy2QC2y7aqaZuQJIbvWAtUdzxcEPxVDDJi4NSecmMsEvr8RTnczYTBNVXOZGH
U7yGxHV/zYcXKRrIk2Nu+xH0QL26CebBgvQeyyCuHhVT4XVMyvEl9qL/ODn420B9
534fyRNNxW6LeVlXZpqgwdQW534/vouJEKajEdh7UVcZYp+tPaSz98WO+2l8oTVw
nT03cE9bxjov+qsWtU5SOHgw2L8L9SDjlCULbh18BFKhMFD5VfhTLV+k/coedMp/
lYFnUAANLew8oLzHv7tCvuNuQ1YFVXqCWHRfw3Xajw5l5s+WM5nGv+GFxhma/kPs
NZRmxhSBONG7oY7RZvTssbl+nQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFFaBW8Xw
iuZ4YUZO2SgfswBPnFBZMB8GA1UdIwQYMBaAFIrpzeEL4Ld/CRsNOOvBlnyLwJGe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNkJCOC8zOURDRjc1NDQy
RjAxMUVCOEEwOUM3NUFDNEY5QUUwMi9pdW5ONFF2Z3QzOEpHdzA0NjhHV2ZJdkFr
WjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2l1bk40UXZndDM4Skd3MDQ2OEdXZkl2QWtaNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTZCQjgvMzlEQ0Y3NTQ0MkYwMTFFQjhBMDlDNzVBQzRGOUFFMDIvNDkwQ0RBREE0
MkYyMTFFQkIzNEExQTYwQzRGOUFFMDIucm9hMG0GCCsGAQUFBwEHAQH/BF4wXDBC
BAIAATA8AwQCLX3YAwQCZ1ZAAwQAZ10uAwQAZ2JwAwQBZ2JyAwQBZ2y4AwQBZ3SE
AwQBZ470AwQCZ8JoAwQCdMywMBYEAgACMBADBwAgAQ3xX4ADBQAgAQ3/MA0GCSqG
SIb3DQEBCwUAA4IBAQBdkzY39tY3nHCdJkz+7cSt4ghvCX1BS4Z2lvGFt/N8HMqy
Vkyu7ncpaKkpeHm9bDS8M70p7ffK18lvx9v8pgLMB/2Xt7XgWOWdzrwzGDsKAVCG
rDaOhtTwkWb6efUEI2w7AC1fEebtkWUcZt7odE8DsBBbos2+CW3xB5PS8sVfjQCz
Ry+7BLDOQuxceQEntWi1Udp5RltZRnww6iUvfvt+G/t42exOE6xMQA4aGW7FkNwN
aVhAdCGBVxFBh2Gl6LF9vwQ0BhHiGjFDZmwLQU55EM7vR4MZaYaac+h5LV2dbQ1F
1mBKVhOPyCgpJsbqm0TOS7Igomlq8tIUFh21L+7x
-----END CERTIFICATE-----
Generated at Sat May 23 00:51:44 2026 by rpki-client