Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/5F5A375CFF0C11F0AEE33AB880EE528E.roa
File: 5F5A375CFF0C11F0AEE33AB880EE528E.roa (raw, json)
Hash identifier: 3HprGBGXL4EayyIcLo0mV4xO7Cbk7r9fm60rm3YtYJE=
Subject key identifier: 7E:18:D7:C6:10:3E:04:CC:B0:D5:84:8D:E4:4F:61:A1:FB:C1:00:E1
Certificate issuer: /CN=A9124679/serialNumber=0A480517741076FE763E4E9E32F35BD459893292
Certificate serial: 0284
Authority key identifier: 0A:48:05:17:74:10:76:FE:76:3E:4E:9E:32:F3:5B:D4:59:89:32:92
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkgFF3QQdv52Pk6eMvNb1FmJMpI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/5F5A375CFF0C11F0AEE33AB880EE528E.roa
Signing time: Tue 03 Feb 2026 01:21:43 +0000
ROA not before: Tue 03 Feb 2026 01:21:43 +0000
ROA not after: Tue 02 Jun 2026 00:00:00 +0000
asID: 134840
IP address blocks: 103.57.204.0/24 maxlen: 24
103.57.205.0/24 maxlen: 24
103.57.206.0/24 maxlen: 24
103.57.207.0/24 maxlen: 24
103.203.132.0/24 maxlen: 24
103.203.133.0/24 maxlen: 24
103.203.134.0/24 maxlen: 24
103.203.135.0/24 maxlen: 24
103.237.112.0/24 maxlen: 24
103.237.113.0/24 maxlen: 24
103.237.114.0/24 maxlen: 24
103.237.115.0/24 maxlen: 24
116.206.192.0/24 maxlen: 24
116.206.193.0/24 maxlen: 24
116.206.194.0/24 maxlen: 24
116.206.195.0/24 maxlen: 24
121.46.71.0/24 maxlen: 24
180.235.116.0/24 maxlen: 24
180.235.117.0/24 maxlen: 24
180.235.118.0/24 maxlen: 24
180.235.119.0/24 maxlen: 24
2403:c280::/32 maxlen: 32
2403:c280::/48 maxlen: 48
2403:c280:1::/48 maxlen: 48
2403:c280:2::/48 maxlen: 48
2403:c280:3::/48 maxlen: 48
2403:c280:4::/48 maxlen: 48
2403:c280:5::/48 maxlen: 48
2403:c280:6::/48 maxlen: 48
2403:c280:7::/48 maxlen: 48
2403:c280:8::/48 maxlen: 48
2403:c280:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/CkgFF3QQdv52Pk6eMvNb1FmJMpI.crl
rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/CkgFF3QQdv52Pk6eMvNb1FmJMpI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkgFF3QQdv52Pk6eMvNb1FmJMpI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 26 Feb 2026 00:54:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 644 (0x284)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9124679, serialNumber=0A480517741076FE763E4E9E32F35BD459893292
Validity
Not Before: Feb 3 01:21:43 2026 GMT
Not After : Jun 2 00:00:00 2026 GMT
Subject: CN=69814da7-e493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:45:e6:d7:ca:a4:86:5c:63:ba:4c:52:ac:5f:
ea:ff:fb:f7:ba:00:d5:04:fb:60:ed:3a:9c:78:b3:
4b:e4:26:9d:62:0a:2d:51:c6:6e:95:c5:f4:5e:01:
59:be:d0:56:d3:c0:ec:0d:48:c3:be:95:e3:c8:c7:
46:87:e8:f7:35:d8:10:5b:a6:03:b6:30:1f:ad:d4:
f8:dd:1c:b9:78:e0:6a:54:72:85:73:86:a9:f0:e0:
0f:48:02:cb:38:d5:b3:59:c0:37:34:33:e3:42:9d:
8a:ab:e2:21:62:d0:43:a1:8b:6c:e7:c4:71:87:dc:
3e:9e:f2:39:aa:31:94:f5:5a:aa:fa:32:70:6d:9a:
de:3a:a4:b9:33:70:4b:66:94:7c:52:05:08:5a:a2:
bb:2a:dc:28:36:51:cf:8d:70:81:1c:ff:6b:a6:c8:
30:bc:d0:1f:f7:a7:ba:16:1d:18:53:ad:ff:e2:cc:
14:ca:b6:93:33:cf:9b:c6:0c:0d:89:c3:c4:43:4c:
18:24:80:e8:05:b3:94:0f:08:d4:c0:b6:d1:70:f2:
da:59:25:72:84:6f:1b:cc:a3:23:20:3e:52:9f:90:
2e:0c:fc:fa:16:3d:99:80:d9:80:4d:4d:c6:62:78:
ff:8a:8a:70:22:13:76:fe:11:cb:94:06:77:fe:ad:
21:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:18:D7:C6:10:3E:04:CC:B0:D5:84:8D:E4:4F:61:A1:FB:C1:00:E1
X509v3 Authority Key Identifier:
keyid:0A:48:05:17:74:10:76:FE:76:3E:4E:9E:32:F3:5B:D4:59:89:32:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/CkgFF3QQdv52Pk6eMvNb1FmJMpI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkgFF3QQdv52Pk6eMvNb1FmJMpI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/5F5A375CFF0C11F0AEE33AB880EE528E.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.57.204.0/22
103.203.132.0/22
103.237.112.0/22
116.206.192.0/22
121.46.71.0/24
180.235.116.0/22
IPv6:
2403:c280::/32
Signature Algorithm: sha256WithRSAEncryption
0b:53:14:b0:38:76:50:3d:b8:1c:36:c4:14:e1:35:0b:76:2f:
7e:35:1b:70:d6:dc:06:d6:a9:67:bc:c9:fb:e2:5d:1a:90:f7:
50:c6:b9:4d:42:b4:49:cd:68:34:51:6b:b1:ef:e6:e2:8f:68:
78:80:f8:e2:6f:b9:76:3e:22:5f:92:7d:a3:5f:78:17:88:f8:
9b:7f:df:a0:ef:48:8c:81:5e:a2:7e:2c:10:b8:3e:be:d1:1b:
81:6d:4f:94:e9:a8:53:6a:db:3d:ee:79:ef:b9:08:40:fb:70:
c4:68:a7:e4:39:88:9a:1e:85:34:98:04:f9:c2:a0:5b:9d:6a:
0f:bb:64:85:c9:0e:87:41:45:67:cf:03:d1:a1:6c:e1:02:16:
a5:43:8b:b4:4a:4b:39:34:62:15:8e:ca:0e:d2:f2:11:3e:5b:
5a:be:03:dc:7c:94:fa:d0:34:e0:bd:6a:c6:98:23:35:dd:6b:
9d:4f:88:c1:6e:8d:14:85:f1:08:d0:0a:20:b7:a8:97:52:bd:
a6:ee:d8:ab:5c:b5:11:79:0a:3c:03:97:a2:2c:76:26:85:af:
87:a3:c8:24:f6:3f:16:cf:b8:a0:75:dc:65:ea:98:25:ee:98:
b8:3d:69:21:63:76:d5:ea:2c:73:d9:ab:b2:b1:b3:8b:1e:d3:
3b:68:f1:6b
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICAoQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkx
MjQ2NzkxMTAvBgNVBAUTKDBBNDgwNTE3NzQxMDc2RkU3NjNFNEU5RTMyRjM1QkQ0
NTk4OTMyOTIwHhcNMjYwMjAzMDEyMTQzWhcNMjYwNjAyMDAwMDAwWjAYMRYwFAYD
VQQDDA02OTgxNGRhNy1lNDkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAjkXm18qkhlxjukxSrF/q//v3ugDVBPtg7TqceLNL5CadYgotUcZulcX0XgFZ
vtBW08DsDUjDvpXjyMdGh+j3NdgQW6YDtjAfrdT43Ry5eOBqVHKFc4ap8OAPSALL
ONWzWcA3NDPjQp2Kq+IhYtBDoYts58Rxh9w+nvI5qjGU9Vqq+jJwbZreOqS5M3BL
ZpR8UgUIWqK7KtwoNlHPjXCBHP9rpsgwvNAf96e6Fh0YU63/4swUyraTM8+bxgwN
icPEQ0wYJIDoBbOUDwjUwLbRcPLaWSVyhG8bzKMjID5Sn5AuDPz6Fj2ZgNmATU3G
Ynj/iopwIhN2/hHLlAZ3/q0hqwIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFH4Y18YQ
PgTMsNWEjeRPYaH7wQDhMB8GA1UdIwQYMBaAFApIBRd0EHb+dj5OnjLzW9RZiTKS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDY3OS9GNUI3OEE4ODYx
OTQxMUVEOENEQkEyM0VDNEY5QUUwMi9Da2dGRjNRUWR2NTJQazZlTXZOYjFGbUpN
cEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NrZ0ZGM1FRZHY1MlBrNmVNdk5iMUZtSk1wSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjQ2NzkvRjVCNzhBODg2MTk0MTFFRDhDREJBMjNFQzRGOUFFMDIvNUY1QTM3NUNG
RjBDMTFGMEFFRTMzQUI4ODBFRTUyOEUucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MCoEAgABMCQDBAJnOcwDBAJny4QDBAJn7XADBAJ0zsADBAB5LkcDBAK063Qw
DQQCAAIwBwMFACQDwoAwDQYJKoZIhvcNAQELBQADggEBAAtTFLA4dlA9uBw2xBTh
NQt2L341G3DW3AbWqWe8yfviXRqQ91DGuU1CtEnNaDRRa7Hv5uKPaHiA+OJvuXY+
Il+SfaNfeBeI+Jt/36DvSIyBXqJ+LBC4Pr7RG4FtT5TpqFNq2z3uee+5CED7cMRo
p+Q5iJoehTSYBPnCoFudag+7ZIXJDodBRWfPA9GhbOECFqVDi7RKSzk0YhWOyg7S
8hE+W1q+A9x8lPrQNOC9asaYIzXda51PiMFujRSF8QjQCiC3qJdSvabu2KtctRF5
CjwDl6IsdiaFr4ejyCT2PxbPuKB13GXqmCXumLg9aSFjdtXqLHPZq7Kxs4se0zto
8Ws=
-----END CERTIFICATE-----
Generated at Fri Feb 20 04:45:11 2026 by rpki-client