Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B5D7/25872BBE03B411E7B811AA14C4F9AE02/E007C458C1F111F0BF3C4B61C4F9AE02.roa
File: E007C458C1F111F0BF3C4B61C4F9AE02.roa (raw, json)
Hash identifier: 5s6wPVYQGH5s3qyYU5XWxXqoobJzGy5t477auxbm+wA=
Subject key identifier: 84:26:06:86:9E:C9:17:30:CC:A7:5D:FF:1E:34:6C:68:2D:23:0F:0E
Certificate issuer: /CN=A911B5D7/serialNumber=41FE1D4135AB2D67623E76083398468AD4FAA1DC
Certificate serial: 1CC8
Authority key identifier: 41:FE:1D:41:35:AB:2D:67:62:3E:76:08:33:98:46:8A:D4:FA:A1:DC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qf4dQTWrLWdiPnYIM5hGitT6odw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B5D7/25872BBE03B411E7B811AA14C4F9AE02/E007C458C1F111F0BF3C4B61C4F9AE02.roa
Signing time: Thu 14 May 2026 16:19:06 +0000
ROA not before: Thu 14 May 2026 16:19:06 +0000
ROA not after: Fri 30 Jul 2027 00:00:00 +0000
asID: 38713
IP address blocks: 103.25.136.0/22 maxlen: 22
103.25.136.0/24 maxlen: 24
103.25.137.0/24 maxlen: 24
103.25.138.0/24 maxlen: 24
103.25.139.0/24 maxlen: 24
103.121.40.0/22 maxlen: 22
103.121.40.0/24 maxlen: 24
103.121.41.0/24 maxlen: 24
103.121.42.0/24 maxlen: 24
103.121.43.0/24 maxlen: 24
103.205.176.0/22 maxlen: 22
103.205.176.0/24 maxlen: 24
103.205.177.0/24 maxlen: 24
103.205.178.0/24 maxlen: 24
103.205.179.0/24 maxlen: 24
116.206.140.0/24 maxlen: 24
116.206.141.0/24 maxlen: 24
116.206.142.0/24 maxlen: 24
116.206.143.0/24 maxlen: 24
160.19.20.0/22 maxlen: 22
160.19.20.0/24 maxlen: 24
160.19.21.0/24 maxlen: 24
160.19.22.0/24 maxlen: 24
160.19.23.0/24 maxlen: 24
202.143.112.0/24 maxlen: 24
202.143.113.0/24 maxlen: 24
202.143.114.0/24 maxlen: 24
202.143.115.0/24 maxlen: 24
202.143.116.0/24 maxlen: 24
202.143.117.0/24 maxlen: 24
202.143.118.0/24 maxlen: 24
202.143.119.0/24 maxlen: 24
202.143.120.0/24 maxlen: 24
202.143.121.0/24 maxlen: 24
202.143.122.0/24 maxlen: 24
202.143.123.0/24 maxlen: 24
202.143.124.0/24 maxlen: 24
202.143.125.0/24 maxlen: 24
202.143.126.0/24 maxlen: 24
202.143.127.0/24 maxlen: 24
2406:1300::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911B5D7/25872BBE03B411E7B811AA14C4F9AE02/Qf4dQTWrLWdiPnYIM5hGitT6odw.crl
rsync://rpki.apnic.net/member_repository/A911B5D7/25872BBE03B411E7B811AA14C4F9AE02/Qf4dQTWrLWdiPnYIM5hGitT6odw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qf4dQTWrLWdiPnYIM5hGitT6odw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 17 Jun 2026 16:11:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7368 (0x1cc8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B5D7, serialNumber=41FE1D4135AB2D67623E76083398468AD4FAA1DC
Validity
Not Before: May 14 16:19:06 2026 GMT
Not After : Jul 30 00:00:00 2027 GMT
Subject: CN=6a05f5fa-7a6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d8:28:93:a1:cd:37:55:08:21:e5:b4:e2:81:
a7:11:87:95:20:01:67:c6:dd:99:21:fc:44:02:bb:
7e:ff:2a:f1:76:0d:b1:e0:dd:a4:37:f5:16:d5:ec:
df:f2:a6:b0:d0:9b:e6:9b:13:8c:15:2c:ac:29:ee:
02:55:cc:a3:63:7c:7c:27:c0:1a:c7:0d:09:00:69:
f6:60:9e:b2:97:97:2f:9d:b8:ef:05:16:64:69:66:
1c:d0:fa:81:f2:b3:9e:41:2c:22:46:47:e2:9c:b9:
51:25:80:a8:10:e0:6d:3d:f0:c5:08:5a:10:ce:23:
f7:1a:81:29:08:d5:92:79:f5:b5:2f:87:bf:ea:3b:
f5:ec:4c:d5:f1:b1:31:53:e3:25:4e:3b:e5:cf:78:
1f:1b:8b:98:45:e1:68:f9:25:95:6b:3f:88:6e:d8:
18:36:36:81:22:b4:b9:eb:3a:4e:6d:e9:ba:e6:61:
36:58:68:30:1b:2e:c9:9e:d8:01:3e:cc:89:a3:72:
91:04:74:d2:91:95:bc:19:21:ad:86:4b:d0:c4:25:
40:82:d0:1d:0b:35:35:96:12:3a:68:ce:bd:c9:c7:
52:21:f0:a4:5b:5f:19:80:9c:66:2f:4a:4d:a2:b8:
27:4a:e6:91:9c:ea:c5:b4:c4:8a:76:a8:d3:2f:70:
77:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:26:06:86:9E:C9:17:30:CC:A7:5D:FF:1E:34:6C:68:2D:23:0F:0E
X509v3 Authority Key Identifier:
keyid:41:FE:1D:41:35:AB:2D:67:62:3E:76:08:33:98:46:8A:D4:FA:A1:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B5D7/25872BBE03B411E7B811AA14C4F9AE02/Qf4dQTWrLWdiPnYIM5hGitT6odw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qf4dQTWrLWdiPnYIM5hGitT6odw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B5D7/25872BBE03B411E7B811AA14C4F9AE02/E007C458C1F111F0BF3C4B61C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.25.136.0/22
103.121.40.0/22
103.205.176.0/22
116.206.140.0/22
160.19.20.0/22
202.143.112.0/20
IPv6:
2406:1300::/32
Signature Algorithm: sha256WithRSAEncryption
e5:81:55:3c:9a:68:43:05:fa:a2:72:d6:55:06:af:13:60:bc:
9c:90:58:20:33:3f:5c:8f:0c:bf:41:f3:90:58:21:76:fd:4f:
e6:e4:e0:fd:db:79:ae:56:79:68:c6:fc:be:34:d9:4d:75:79:
f2:23:ae:42:d0:03:68:1c:60:1e:38:db:3b:da:9d:dc:93:50:
68:46:40:76:03:04:a1:bd:eb:6f:79:de:e2:4b:a6:c4:85:de:
0e:ff:0a:2c:00:cb:eb:80:b3:08:09:05:cd:73:f3:6e:d2:14:
ee:06:1b:dd:66:d5:3c:ac:1c:c1:b5:b6:16:b9:2a:28:7e:ed:
1b:5f:d6:0d:66:1f:d4:f4:d5:7a:dc:2f:45:4a:a2:02:c8:fa:
23:cd:70:e3:26:8a:32:82:62:49:11:36:4a:70:1b:c0:96:17:
94:89:8e:03:b7:91:c0:fb:b6:61:1c:79:e7:4f:4a:70:e4:a5:
38:a1:47:e9:16:48:02:65:b3:c2:9b:e4:33:35:15:a0:c4:aa:
64:2d:dc:5e:74:20:82:b6:c6:f1:d7:4c:7d:5b:56:85:79:44:
26:51:f9:da:05:8b:bf:36:ab:bf:94:cb:51:76:88:89:c9:11:
c2:f3:6d:f6:40:26:e2:98:11:df:67:13:9f:b7:54:fe:d3:fe:
2c:a2:10:1e
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgICHMgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI1RDcxMTAvBgNVBAUTKDQxRkUxRDQxMzVBQjJENjc2MjNFNzYwODMzOTg0NjhB
RDRGQUExREMwHhcNMjYwNTE0MTYxOTA2WhcNMjcwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTA1ZjVmYS03YTZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArtgok6HNN1UIIeW04oGnEYeVIAFnxt2ZIfxEArt+/yrxdg2x4N2kN/UW1ezf
8qaw0JvmmxOMFSysKe4CVcyjY3x8J8Aaxw0JAGn2YJ6yl5cvnbjvBRZkaWYc0PqB
8rOeQSwiRkfinLlRJYCoEOBtPfDFCFoQziP3GoEpCNWSefW1L4e/6jv17EzV8bEx
U+MlTjvlz3gfG4uYReFo+SWVaz+IbtgYNjaBIrS56zpObem65mE2WGgwGy7JntgB
PsyJo3KRBHTSkZW8GSGthkvQxCVAgtAdCzU1lhI6aM69ycdSIfCkW18ZgJxmL0pN
orgnSuaRnOrFtMSKdqjTL3B3kQIDAQABo4ICjTCCAokwHQYDVR0OBBYEFIQmBoae
yRcwzKdd/x40bGgtIw8OMB8GA1UdIwQYMBaAFEH+HUE1qy1nYj52CDOYRorU+qHc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjVENy8yNTg3MkJCRTAz
QjQxMUU3QjgxMUFBMTRDNEY5QUUwMi9RZjRkUVRXckxXZGlQbllJTTVoR2l0VDZv
ZHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FmNGRRVFdyTFdkaVBuWUlNNWhHaXRUNm9kdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI1RDcvMjU4NzJCQkUwM0I0MTFFN0I4MTFBQTE0QzRGOUFFMDIvRTAwN0M0NThD
MUYxMTFGMEJGM0M0QjYxQzRGOUFFMDIucm9hMEwGCCsGAQUFBwEHAQH/BD0wOzAq
BAIAATAkAwQCZxmIAwQCZ3koAwQCZ82wAwQCdM6MAwQCoBMUAwQEyo9wMA0EAgAC
MAcDBQAkBhMAMA0GCSqGSIb3DQEBCwUAA4IBAQDlgVU8mmhDBfqictZVBq8TYLyc
kFggMz9cjwy/QfOQWCF2/U/m5OD923muVnloxvy+NNlNdXnyI65C0ANoHGAeONs7
2p3ck1BoRkB2AwShvetved7iS6bEhd4O/wosAMvrgLMICQXNc/Nu0hTuBhvdZtU8
rBzBtbYWuSoofu0bX9YNZh/U9NV63C9FSqICyPojzXDjJooygmJJETZKcBvAlheU
iY4Dt5HA+7ZhHHnnT0pw5KU4oUfpFkgCZbPCm+QzNRWgxKpkLdxedCCCtsbx10x9
W1aFeUQmUfnaBYu/Nqu/lMtRdoiJyRHC8232QCbimBHfZxOft1T+0/4sohAe
-----END CERTIFICATE-----
Generated at Fri Jun 12 14:43:00 2026 by rpki-client