Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/5F5A375CFF0C11F0AEE33AB880EE528E.roa
File: 5F5A375CFF0C11F0AEE33AB880EE528E.roa (raw, json)
Hash identifier: jKaERdadgN/bTNsY3N2ri9io7PkqOZ7TSU8weedDHCQ=
Subject key identifier: 2B:01:4E:42:ED:C9:0B:98:0B:27:8F:F1:8F:B4:7D:15:FE:13:04:38
Certificate issuer: /CN=A9124679/serialNumber=0A480517741076FE763E4E9E32F35BD459893292
Certificate serial: 02BD
Authority key identifier: 0A:48:05:17:74:10:76:FE:76:3E:4E:9E:32:F3:5B:D4:59:89:32:92
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkgFF3QQdv52Pk6eMvNb1FmJMpI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/5F5A375CFF0C11F0AEE33AB880EE528E.roa
Signing time: Mon 30 Mar 2026 08:39:20 +0000
ROA not before: Mon 30 Mar 2026 08:39:20 +0000
ROA not after: Tue 02 Mar 2027 00:00:00 +0000
asID: 134840
IP address blocks: 103.56.212.0/24 maxlen: 24
103.56.213.0/24 maxlen: 24
103.56.214.0/24 maxlen: 24
103.56.215.0/24 maxlen: 24
103.57.204.0/24 maxlen: 24
103.57.205.0/24 maxlen: 24
103.57.206.0/24 maxlen: 24
103.57.207.0/24 maxlen: 24
103.203.132.0/24 maxlen: 24
103.203.133.0/24 maxlen: 24
103.203.134.0/24 maxlen: 24
103.203.135.0/24 maxlen: 24
103.237.112.0/24 maxlen: 24
103.237.113.0/24 maxlen: 24
103.237.114.0/24 maxlen: 24
103.237.115.0/24 maxlen: 24
116.206.120.0/24 maxlen: 24
116.206.121.0/24 maxlen: 24
116.206.122.0/24 maxlen: 24
116.206.123.0/24 maxlen: 24
116.206.192.0/24 maxlen: 24
116.206.193.0/24 maxlen: 24
116.206.194.0/24 maxlen: 24
116.206.195.0/24 maxlen: 24
121.46.71.0/24 maxlen: 24
180.235.116.0/24 maxlen: 24
180.235.117.0/24 maxlen: 24
180.235.118.0/24 maxlen: 24
180.235.119.0/24 maxlen: 24
2403:c280::/32 maxlen: 32
2403:c280::/48 maxlen: 48
2403:c280:1::/48 maxlen: 48
2403:c280:2::/48 maxlen: 48
2403:c280:3::/48 maxlen: 48
2403:c280:4::/48 maxlen: 48
2403:c280:5::/48 maxlen: 48
2403:c280:6::/48 maxlen: 48
2403:c280:7::/48 maxlen: 48
2403:c280:8::/48 maxlen: 48
2403:c280:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/CkgFF3QQdv52Pk6eMvNb1FmJMpI.crl
rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/CkgFF3QQdv52Pk6eMvNb1FmJMpI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkgFF3QQdv52Pk6eMvNb1FmJMpI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 12 Apr 2026 01:25:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 701 (0x2bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9124679, serialNumber=0A480517741076FE763E4E9E32F35BD459893292
Validity
Not Before: Mar 30 08:39:20 2026 GMT
Not After : Mar 2 00:00:00 2027 GMT
Subject: CN=69ca36b8-0812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:6c:e0:21:b1:f2:e0:1c:dd:87:79:e5:80:cb:
7b:2e:e5:6e:01:9a:d1:c1:e7:c0:5f:fb:a0:eb:1f:
c8:61:cd:16:bd:73:53:b7:65:bf:62:51:1c:75:d8:
dd:9b:eb:80:4f:ef:81:de:bd:dd:96:84:92:11:7b:
19:22:aa:a6:d1:95:93:9d:31:1b:8f:fb:82:75:5a:
04:8f:71:dd:f8:66:0e:a3:06:95:f3:23:90:69:06:
e3:2d:5e:69:f4:b6:cb:38:4b:6b:00:58:38:67:f1:
c0:91:2a:87:07:36:34:bb:1a:96:fd:22:64:7f:61:
85:63:81:e1:65:be:2b:b2:da:cb:2f:a7:68:2a:cd:
e4:8f:71:66:85:c6:a4:7f:d2:84:4b:bb:34:00:c7:
c2:de:c0:60:3e:12:be:47:26:7b:21:fd:47:54:e8:
ae:02:b9:81:5f:91:fb:2c:1b:c2:1a:22:38:87:2b:
43:6e:25:98:e7:49:8d:69:b1:0b:81:7d:41:85:a4:
24:39:fc:e0:8e:1c:ca:fb:71:52:23:78:44:5b:e0:
cf:a2:d5:77:ab:7d:de:d6:63:f0:b3:d1:02:7f:6d:
16:8e:c8:36:1d:4f:26:b7:dc:09:f2:54:96:cd:f9:
13:ea:9b:26:28:8a:c9:be:54:15:93:64:20:e9:d8:
86:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:01:4E:42:ED:C9:0B:98:0B:27:8F:F1:8F:B4:7D:15:FE:13:04:38
X509v3 Authority Key Identifier:
keyid:0A:48:05:17:74:10:76:FE:76:3E:4E:9E:32:F3:5B:D4:59:89:32:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/CkgFF3QQdv52Pk6eMvNb1FmJMpI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkgFF3QQdv52Pk6eMvNb1FmJMpI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/5F5A375CFF0C11F0AEE33AB880EE528E.roa
sbgp-ipAddrBlock: critical
IPv4:
103.56.212.0/22
103.57.204.0/22
103.203.132.0/22
103.237.112.0/22
116.206.120.0/22
116.206.192.0/22
121.46.71.0/24
180.235.116.0/22
IPv6:
2403:c280::/32
Signature Algorithm: sha256WithRSAEncryption
74:03:5b:22:75:b1:3c:2b:1d:cc:07:65:7e:88:94:20:83:43:
8d:6e:90:ea:d7:e9:e4:bf:3c:04:af:d8:4c:d5:79:d7:ff:08:
39:51:19:04:fd:b1:d4:0e:35:d8:28:3b:93:85:3b:7b:52:20:
58:bd:a5:c6:3c:92:93:82:be:9e:74:9e:c4:8c:66:7b:d7:d1:
0a:6f:b7:01:f9:2b:6c:15:9c:dd:27:d2:b1:d3:35:a3:ed:20:
03:bf:70:71:07:e5:77:2f:4b:04:19:ec:86:42:57:14:a5:51:
fb:6f:8f:bf:35:15:7c:4c:d3:de:9a:29:30:f7:87:3d:be:90:
e8:fa:00:c7:42:da:2e:95:f9:54:f6:b2:7e:d9:1d:6a:40:d9:
79:c2:fd:c3:79:18:8c:fe:f1:2a:ec:6a:fa:7d:16:60:7d:53:
e5:1f:f3:e9:bb:ff:84:1b:27:63:40:f1:45:c9:c8:05:17:c0:
de:ac:d9:0f:1d:8b:8a:00:ef:5f:ac:58:71:1f:1a:56:fa:aa:
96:9a:f9:05:0d:2f:fa:7a:7a:67:ee:fd:d6:e1:9b:bf:f3:6e:
85:bd:55:30:e4:12:cd:7c:68:8c:75:a0:8f:81:fd:64:04:e3:
bc:8e:59:d8:76:9c:8b:45:10:34:a0:6b:2b:0d:04:f3:e0:4e:
cc:a4:15:2f
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgICAr0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjQ2NzkxMTAvBgNVBAUTKDBBNDgwNTE3NzQxMDc2RkU3NjNFNEU5RTMyRjM1QkQ0
NTk4OTMyOTIwHhcNMjYwMzMwMDgzOTIwWhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWNhMzZiOC0wODEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0GzgIbHy4Bzdh3nlgMt7LuVuAZrRwefAX/ug6x/IYc0WvXNTt2W/YlEcddjd
m+uAT++B3r3dloSSEXsZIqqm0ZWTnTEbj/uCdVoEj3Hd+GYOowaV8yOQaQbjLV5p
9LbLOEtrAFg4Z/HAkSqHBzY0uxqW/SJkf2GFY4HhZb4rstrLL6doKs3kj3Fmhcak
f9KES7s0AMfC3sBgPhK+RyZ7If1HVOiuArmBX5H7LBvCGiI4hytDbiWY50mNabEL
gX1BhaQkOfzgjhzK+3FSI3hEW+DPotV3q33e1mPws9ECf20Wjsg2HU8mt9wJ8lSW
zfkT6psmKIrJvlQVk2Qg6diGxwIDAQABo4ICmTCCApUwHQYDVR0OBBYEFCsBTkLt
yQuYCyeP8Y+0fRX+EwQ4MB8GA1UdIwQYMBaAFApIBRd0EHb+dj5OnjLzW9RZiTKS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDY3OS9GNUI3OEE4ODYx
OTQxMUVEOENEQkEyM0VDNEY5QUUwMi9Da2dGRjNRUWR2NTJQazZlTXZOYjFGbUpN
cEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NrZ0ZGM1FRZHY1MlBrNmVNdk5iMUZtSk1wSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjQ2NzkvRjVCNzhBODg2MTk0MTFFRDhDREJBMjNFQzRGOUFFMDIvNUY1QTM3NUNG
RjBDMTFGMEFFRTMzQUI4ODBFRTUyOEUucm9hMFgGCCsGAQUFBwEHAQH/BEkwRzA2
BAIAATAwAwQCZzjUAwQCZznMAwQCZ8uEAwQCZ+1wAwQCdM54AwQCdM7AAwQAeS5H
AwQCtOt0MA0EAgACMAcDBQAkA8KAMA0GCSqGSIb3DQEBCwUAA4IBAQB0A1sidbE8
Kx3MB2V+iJQgg0ONbpDq1+nkvzwEr9hM1XnX/wg5URkE/bHUDjXYKDuThTt7UiBY
vaXGPJKTgr6edJ7EjGZ719EKb7cB+StsFZzdJ9Kx0zWj7SADv3BxB+V3L0sEGeyG
QlcUpVH7b4+/NRV8TNPemikw94c9vpDo+gDHQtoulflU9rJ+2R1qQNl5wv3DeRiM
/vEq7Gr6fRZgfVPlH/Ppu/+EGydjQPFFycgFF8DerNkPHYuKAO9frFhxHxpW+qqW
mvkFDS/6enpn7v3W4Zu/826FvVUw5BLNfGiMdaCPgf1kBOO8jlnYdpyLRRA0oGsr
DQTz4E7MpBUv
-----END CERTIFICATE-----
Generated at Mon Apr 6 10:08:23 2026 by rpki-client