Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B7BBC928FEA211EDB9013076C4F9AE02.roa
File: B7BBC928FEA211EDB9013076C4F9AE02.roa (raw, json)
Hash identifier: j6RfXO6V8txTwl+e1nfWngitaMdhNY8igbMKNAWQnn4=
Subject key identifier: A5:D0:97:70:2F:F2:17:50:62:7D:20:0D:F4:AD:47:4A:27:99:48:8B
Certificate issuer: /CN=A911D3F3/serialNumber=317C307FFC6ECB6CF656F26B8282FFB9E62F9365
Certificate serial: 06B7
Authority key identifier: 31:7C:30:7F:FC:6E:CB:6C:F6:56:F2:6B:82:82:FF:B9:E6:2F:93:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B7BBC928FEA211EDB9013076C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:40:57 +0000
ROA not before: Thu 27 Nov 2025 03:40:55 +0000
ROA not after: Wed 30 Dec 2026 00:00:00 +0000
asID: 133480
IP address blocks: 43.245.160.0/24 maxlen: 24
43.245.161.0/24 maxlen: 24
43.245.162.0/24 maxlen: 24
43.245.163.0/24 maxlen: 24
45.125.125.0/24 maxlen: 24
103.76.164.0/24 maxlen: 24
103.76.165.0/24 maxlen: 24
103.77.232.0/24 maxlen: 24
103.77.233.0/24 maxlen: 24
103.77.234.0/24 maxlen: 24
103.77.235.0/24 maxlen: 24
103.108.92.0/22 maxlen: 24
103.192.173.0/24 maxlen: 24
103.194.4.0/24 maxlen: 24
103.231.88.0/24 maxlen: 24
103.231.89.0/24 maxlen: 24
103.231.90.0/24 maxlen: 24
103.231.91.0/24 maxlen: 24
116.206.228.0/24 maxlen: 24
116.206.229.0/24 maxlen: 24
116.206.230.0/24 maxlen: 24
116.206.231.0/24 maxlen: 24
203.209.209.0/24 maxlen: 24
203.209.212.0/24 maxlen: 24
203.209.217.0/24 maxlen: 24
203.209.219.0/24 maxlen: 24
2400:fa80:1::/48 maxlen: 48
2400:fa80:3::/48 maxlen: 48
2400:fa80:4::/48 maxlen: 48
2400:fa80:5::/48 maxlen: 48
2400:fa80:6::/48 maxlen: 48
2402:1b80:3002::/48 maxlen: 48
2407:a080::/32 maxlen: 32
2407:a080::/48 maxlen: 48
2407:a080:2000::/48 maxlen: 48
2407:a080:5000::/36 maxlen: 36
2407:a080:7000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.crl
rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 22:44:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1719 (0x6b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D3F3, serialNumber=317C307FFC6ECB6CF656F26B8282FFB9E62F9365
Validity
Not Before: Nov 27 03:40:55 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=69a48839-ea67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a0:8f:fa:41:a4:d4:7f:4e:58:dd:f7:ad:db:
cb:11:a8:99:25:6a:1a:5a:49:5a:02:57:61:11:f4:
69:46:51:3e:a3:9f:a2:d9:5f:0e:13:5f:43:a6:10:
b3:a2:c0:3f:0c:0b:1d:21:9a:4d:ed:50:a7:0e:64:
93:de:bd:89:1f:a9:25:c7:89:22:38:06:ef:6c:b5:
af:6b:30:2d:b7:92:34:38:54:f6:09:90:6d:5c:8d:
67:5f:4b:d4:5d:d1:35:b8:e1:1f:df:c5:94:04:97:
29:31:ff:18:2d:30:cb:35:8d:5c:0a:48:4c:8f:38:
bd:35:0f:f4:66:c4:a5:9d:7e:f9:dc:66:8b:fe:bc:
3e:ac:78:20:a5:07:53:aa:5e:02:98:8a:73:f6:d2:
d8:1b:1e:07:f9:b1:e4:58:b1:ef:81:0d:88:c2:9c:
31:cd:89:01:7d:de:70:46:9a:e5:8f:0d:86:71:6a:
58:1e:7a:c4:c1:a5:45:56:f0:49:57:90:97:0f:e0:
92:92:9f:ee:c7:28:50:80:7e:01:92:f9:02:62:6f:
17:c5:95:51:03:3a:72:cf:f5:9b:ed:08:60:82:e1:
c7:0e:3b:f5:a7:9c:be:d6:69:ea:a5:92:39:45:a4:
df:ab:4d:19:80:81:95:5f:3f:59:aa:2d:78:fd:b8:
1a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:D0:97:70:2F:F2:17:50:62:7D:20:0D:F4:AD:47:4A:27:99:48:8B
X509v3 Authority Key Identifier:
keyid:31:7C:30:7F:FC:6E:CB:6C:F6:56:F2:6B:82:82:FF:B9:E6:2F:93:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B7BBC928FEA211EDB9013076C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.245.160.0/22
45.125.125.0/24
103.76.164.0/23
103.77.232.0/22
103.108.92.0/22
103.192.173.0/24
103.194.4.0/24
103.231.88.0/22
116.206.228.0/22
203.209.209.0/24
203.209.212.0/24
203.209.217.0/24
203.209.219.0/24
IPv6:
2400:fa80:1::/48
2400:fa80:3::-2400:fa80:6:ffff:ffff:ffff:ffff:ffff
2402:1b80:3002::/48
2407:a080::/32
Signature Algorithm: sha256WithRSAEncryption
ba:e1:a9:3f:ee:84:e7:fb:cb:b6:f4:f8:f3:63:31:3a:79:07:
20:4b:ea:09:58:e5:b6:cb:6b:97:4f:e9:02:89:dc:8c:5b:2d:
a7:9e:28:4f:c7:42:a1:a6:fb:83:1e:80:85:f3:bf:de:b5:30:
a1:60:18:2f:e8:f2:68:59:98:23:f1:b7:c3:8b:89:ed:81:48:
e6:9e:ca:26:74:cd:9b:8d:10:f2:74:65:de:96:fd:93:85:a3:
a9:6e:ff:7a:33:33:18:f9:dd:bd:d7:95:32:4c:7a:55:25:1f:
e3:d9:7a:49:7a:6f:86:f4:f6:ad:6d:2d:66:d5:c4:28:cf:20:
1d:ea:48:c7:b6:74:8b:c5:99:51:41:fd:69:a1:51:00:4b:ba:
a0:91:25:a0:b1:2f:d1:f0:ca:54:06:9a:f0:35:38:a9:36:d2:
3b:fd:c8:1a:a2:be:8f:be:44:28:27:f0:62:12:87:fb:e0:b3:
12:89:84:91:33:db:cf:bd:01:59:f2:0e:51:c3:70:69:7a:37:
a6:16:5d:6f:f2:ba:a1:ff:02:d2:a3:69:cc:6d:5c:33:5e:f3:
95:c9:53:67:6e:97:94:62:6b:ec:9e:bc:d0:22:cc:b3:ad:30:
33:5c:6c:13:21:23:6c:99:ea:d1:bb:89:52:69:20:25:6e:6a:
5c:d8:2d:e5
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgICBrcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQzRjMxMTAvBgNVBAUTKDMxN0MzMDdGRkM2RUNCNkNGNjU2RjI2QjgyODJGRkI5
RTYyRjkzNjUwHhcNMjUxMTI3MDM0MDU1WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODgzOS1lYTY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtKCP+kGk1H9OWN33rdvLEaiZJWoaWklaAldhEfRpRlE+o5+i2V8OE19DphCz
osA/DAsdIZpN7VCnDmST3r2JH6klx4kiOAbvbLWvazAtt5I0OFT2CZBtXI1nX0vU
XdE1uOEf38WUBJcpMf8YLTDLNY1cCkhMjzi9NQ/0ZsSlnX753GaL/rw+rHggpQdT
ql4CmIpz9tLYGx4H+bHkWLHvgQ2IwpwxzYkBfd5wRprljw2GcWpYHnrEwaVFVvBJ
V5CXD+CSkp/uxyhQgH4BkvkCYm8XxZVRAzpyz/Wb7QhgguHHDjv1p5y+1mnqpZI5
RaTfq00ZgIGVXz9Zqi14/bgaSQIDAQABo4IC4DCCAtwwHQYDVR0OBBYEFKXQl3Av
8hdQYn0gDfStR0onmUiLMB8GA1UdIwQYMBaAFDF8MH/8bsts9lbya4KC/7nmL5Nl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDNGMy9CMjU0NDgxQUNB
MzQxMUVCOEM5MEQ5NDFDNEY5QUUwMi9NWHd3Zl94dXkyejJWdkpyZ29MX3VlWXZr
MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01Yd3dmX3h1eTJ6MlZ2SnJnb0xfdWVZdmsyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQzRjMvQjI1NDQ4MUFDQTM0MTFFQjhDOTBEOTQxQzRGOUFFMDIvQjdCQkM5MjhG
RUEyMTFFREI5MDEzMDc2QzRGOUFFMDIucm9hMIGeBggrBgEFBQcBBwEB/wSBjjCB
izBUBAIAATBOAwQCK/WgAwQALX19AwQBZ0ykAwQCZ03oAwQCZ2xcAwQAZ8CtAwQA
Z8IEAwQCZ+dYAwQCdM7kAwQAy9HRAwQAy9HUAwQAy9HZAwQAy9HbMDMEAgACMC0D
BwAkAPqAAAEwEgMHACQA+oAAAwMHACQA+oAABgMHACQCG4AwAgMFACQHoIAwDQYJ
KoZIhvcNAQELBQADggEBALrhqT/uhOf7y7b0+PNjMTp5ByBL6glY5bbLa5dP6QKJ
3IxbLaeeKE/HQqGm+4MegIXzv961MKFgGC/o8mhZmCPxt8OLie2BSOaeyiZ0zZuN
EPJ0Zd6W/ZOFo6lu/3ozMxj53b3XlTJMelUlH+PZekl6b4b09q1tLWbVxCjPIB3q
SMe2dIvFmVFB/WmhUQBLuqCRJaCxL9HwylQGmvA1OKk20jv9yBqivo++RCgn8GIS
h/vgsxKJhJEz28+9AVnyDlHDcGl6N6YWXW/yuqH/AtKjacxtXDNe85XJU2dul5Ri
a+yevNAizLOtMDNcbBMhI2yZ6tG7iVJpICVualzYLeU=
-----END CERTIFICATE-----
Generated at Tue Mar 3 12:53:21 2026 by rpki-client