
Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/4DEF33661FBE11EF97E7974FC4F9AE02.roa
File: 4DEF33661FBE11EF97E7974FC4F9AE02.roa (raw, json)
Hash identifier: HaC5OiRXXaF0uBBareXExXAOf/pyzBZ1t4GNWw2vGp8=
Subject key identifier: B3:9A:F1:B6:C5:3E:01:12:43:23:FF:4A:7E:EB:67:E6:B2:DA:D8:B2
Certificate issuer: /CN=A9148D01/serialNumber=7E36AB1C044321B74CF678263E0524FD34179BBD
Certificate serial: 07AE
Authority key identifier: 7E:36:AB:1C:04:43:21:B7:4C:F6:78:26:3E:05:24:FD:34:17:9B:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjarHARDIbdM9ngmPgUk_TQXm70.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/4DEF33661FBE11EF97E7974FC4F9AE02.roa
Signing time: Wed 08 Jul 2026 23:24:56 +0000
ROA not before: Wed 08 Jul 2026 23:24:56 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 17762
IP address blocks: 49.248.0.0/17 maxlen: 21
49.248.0.0/18 maxlen: 24
49.248.64.0/19 maxlen: 24
49.248.96.0/22 maxlen: 22
49.248.96.0/23 maxlen: 24
49.248.104.0/21 maxlen: 24
49.248.112.0/20 maxlen: 23
49.248.112.0/21 maxlen: 24
49.248.120.0/22 maxlen: 24
49.248.124.0/23 maxlen: 24
49.248.126.0/24 maxlen: 24
49.248.128.0/18 maxlen: 18
49.248.128.0/21 maxlen: 23
49.248.129.0/24 maxlen: 24
49.248.135.0/24 maxlen: 24
49.248.136.0/21 maxlen: 23
49.248.136.0/24 maxlen: 24
49.248.138.0/23 maxlen: 24
49.248.140.0/22 maxlen: 24
49.248.144.0/22 maxlen: 24
49.248.148.0/23 maxlen: 24
49.248.151.0/24 maxlen: 24
49.248.152.0/21 maxlen: 24
49.248.160.0/19 maxlen: 24
49.248.192.0/19 maxlen: 24
49.248.246.0/23 maxlen: 24
49.248.248.0/21 maxlen: 24
103.3.40.0/24 maxlen: 24
103.3.41.0/24 maxlen: 24
103.3.43.0/24 maxlen: 24
103.8.148.0/22 maxlen: 24
114.143.0.0/16 maxlen: 24
123.252.128.0/18 maxlen: 21
123.252.128.0/22 maxlen: 22
123.252.128.0/23 maxlen: 24
123.252.131.0/24 maxlen: 24
123.252.133.0/24 maxlen: 24
123.252.134.0/23 maxlen: 24
123.252.136.0/21 maxlen: 22
123.252.136.0/23 maxlen: 24
123.252.138.0/24 maxlen: 24
123.252.140.0/22 maxlen: 24
123.252.144.0/20 maxlen: 24
123.252.160.0/19 maxlen: 24
123.252.192.0/18 maxlen: 24
202.149.192.0/19 maxlen: 19
202.149.192.0/22 maxlen: 22
202.149.192.0/24 maxlen: 24
202.149.193.0/24 maxlen: 24
202.149.196.0/24 maxlen: 24
202.149.198.0/24 maxlen: 24
202.149.199.0/24 maxlen: 24
202.149.201.0/24 maxlen: 24
202.149.202.0/24 maxlen: 24
202.149.203.0/24 maxlen: 24
202.149.204.0/22 maxlen: 22
202.149.204.0/23 maxlen: 23
202.149.207.0/24 maxlen: 24
202.149.210.0/24 maxlen: 24
202.149.212.0/22 maxlen: 22
202.149.214.0/24 maxlen: 24
202.149.217.0/24 maxlen: 24
202.149.218.0/24 maxlen: 24
202.149.219.0/24 maxlen: 24
202.149.220.0/22 maxlen: 22
202.149.222.0/23 maxlen: 23
202.149.222.0/24 maxlen: 24
202.149.223.0/24 maxlen: 24
202.189.224.0/19 maxlen: 24
2402:d400::/32 maxlen: 32
2402:d400::/44 maxlen: 48
2402:d400:40::/48 maxlen: 48
2402:d400:41::/48 maxlen: 48
2402:d400:3e2::/48 maxlen: 48
2402:d400:3e3::/48 maxlen: 48
2402:d400:3e4::/48 maxlen: 48
2402:d400:3e5::/48 maxlen: 48
2402:d400:3e6::/48 maxlen: 48
2402:d400:fa00::/44 maxlen: 48
2402:d400:fa10::/44 maxlen: 48
2402:d400:fa20::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/fjarHARDIbdM9ngmPgUk_TQXm70.crl
rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/fjarHARDIbdM9ngmPgUk_TQXm70.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjarHARDIbdM9ngmPgUk_TQXm70.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Jul 2026 22:34:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1966 (0x7ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148D01, serialNumber=7E36AB1C044321B74CF678263E0524FD34179BBD
Validity
Not Before: Jul 8 23:24:56 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6a4edc48-9d8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:08:fc:e0:94:09:a7:d1:fa:00:09:25:fa:50:
35:f0:ae:cf:42:82:09:ca:69:e0:fc:82:4b:97:5b:
92:5e:18:e9:d6:96:68:d2:93:07:ad:d5:76:f4:5a:
6d:01:f2:f8:a5:66:c8:ba:8d:9d:f6:79:69:c1:e0:
a9:8d:2d:e8:78:bf:df:69:13:18:69:38:e1:54:94:
3e:47:3c:65:25:a7:70:ea:c0:33:18:17:59:a4:ac:
04:2f:bf:07:db:dc:e2:9c:98:81:7c:bf:f3:66:79:
44:33:de:a7:bf:71:77:3f:c1:19:47:82:fc:99:70:
bb:76:64:f1:b9:2f:6e:b6:3d:28:96:36:4a:a7:c3:
53:e8:d5:ec:9c:92:91:04:1a:89:85:2f:d6:00:18:
91:eb:1a:66:ba:37:1c:d6:c2:b8:2f:e3:89:17:8c:
0a:70:2e:ee:42:3b:bb:19:62:72:dc:7e:ab:8e:ce:
d2:96:32:4b:65:9b:8b:24:9c:a8:e0:40:35:42:63:
10:ea:27:71:47:fc:dc:5f:e1:b1:1a:8a:27:3b:d1:
cd:d6:64:81:8a:77:a4:a7:79:d9:06:c0:39:04:f7:
7b:60:05:1b:a2:23:3b:f7:5a:10:9c:08:3f:82:2e:
63:33:8e:40:6e:59:b5:21:cc:9e:39:bc:b9:5c:9a:
9f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:9A:F1:B6:C5:3E:01:12:43:23:FF:4A:7E:EB:67:E6:B2:DA:D8:B2
X509v3 Authority Key Identifier:
keyid:7E:36:AB:1C:04:43:21:B7:4C:F6:78:26:3E:05:24:FD:34:17:9B:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/fjarHARDIbdM9ngmPgUk_TQXm70.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjarHARDIbdM9ngmPgUk_TQXm70.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/4DEF33661FBE11EF97E7974FC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
49.248.0.0-49.248.223.255
49.248.246.0-49.248.255.255
103.3.40.0/23
103.3.43.0/24
103.8.148.0/22
114.143.0.0/16
123.252.128.0/17
202.149.192.0/19
202.189.224.0/19
IPv6:
2402:d400::/32
Signature Algorithm: sha256WithRSAEncryption
ad:fe:53:e0:d5:0d:ec:46:d4:68:86:a2:79:ee:1a:ec:ff:3e:
11:9b:44:e5:3a:19:35:23:35:b5:aa:ef:06:3f:14:c9:20:81:
18:02:e2:43:8a:04:33:32:55:2d:d2:e2:fc:00:98:aa:50:8b:
22:a3:cd:50:ad:ad:0e:2a:af:83:23:a1:7a:22:6e:89:fa:67:
c8:27:b0:27:29:3f:6e:99:50:b4:61:cf:40:99:c7:48:ed:59:
ec:96:22:93:97:87:69:93:fb:44:50:c0:67:44:01:e9:ff:ab:
5f:e4:ea:cb:c1:74:09:03:43:31:15:e1:f6:47:14:79:36:df:
91:47:17:4c:29:fc:d4:ef:cc:21:04:26:ec:fb:3e:31:df:d5:
4f:9b:e3:95:3b:76:5a:6a:d7:87:c3:e2:35:9a:ca:39:99:88:
56:f1:2e:ce:39:2d:4f:7e:bd:2b:4d:37:c2:70:03:3f:17:85:
19:54:32:f6:5b:f6:ff:4b:81:4d:d7:aa:23:f2:46:68:5e:0b:
92:a1:44:b6:a7:b8:53:1e:36:fe:72:cd:9c:ad:f2:9d:01:6c:
f9:31:a2:b4:f5:e3:7d:b8:b8:b5:37:86:08:f5:a9:a5:9b:96:
a5:55:58:ec:3c:81:bf:40:13:3a:3a:d2:af:ef:f7:e2:8f:4b:
06:71:5b:e9
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICB64wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhEMDExMTAvBgNVBAUTKDdFMzZBQjFDMDQ0MzIxQjc0Q0Y2NzgyNjNFMDUyNEZE
MzQxNzlCQkQwHhcNMjYwNzA4MjMyNDU2WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTRlZGM0OC05ZDhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAjQj84JQJp9H6AAkl+lA18K7PQoIJymng/IJLl1uSXhjp1pZo0pMHrdV29Fpt
AfL4pWbIuo2d9nlpweCpjS3oeL/faRMYaTjhVJQ+RzxlJadw6sAzGBdZpKwEL78H
29zinJiBfL/zZnlEM96nv3F3P8EZR4L8mXC7dmTxuS9utj0oljZKp8NT6NXsnJKR
BBqJhS/WABiR6xpmujcc1sK4L+OJF4wKcC7uQju7GWJy3H6rjs7SljJLZZuLJJyo
4EA1QmMQ6idxR/zcX+GxGoonO9HN1mSBinekp3nZBsA5BPd7YAUboiM791oQnAg/
gi5jM45Ablm1IcyeOby5XJqfAQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFLOa8bbF
PgESQyP/Sn7rZ+ay2tiyMB8GA1UdIwQYMBaAFH42qxwEQyG3TPZ4Jj4FJP00F5u9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEQwMS9FOTI1MTlGQTk5
MEIxMUVCQTM1NUNCNTNDNEY5QUUwMi9mamFySEFSREliZE05bmdtUGdVa19UUVht
NzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZqYXJIQVJESWJkTTluZ21QZ1VrX1RRWG03MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDhEMDEvRTkyNTE5RkE5OTBCMTFFQkEzNTVDQjUzQzRGOUFFMDIvNERFRjMzNjYx
RkJFMTFFRjk3RTc5NzRGQzRGOUFFMDIucm9hMGsGCCsGAQUFBwEHAQH/BFwwWjBJ
BAIAATBDMAsDAwMx+AMEBTH4wDALAwQBMfj2AwMAMfgDBAFnAygDBABnAysDBAJn
CJQDAwByjwMEB3v8gAMEBcqVwAMEBcq94DANBAIAAjAHAwUAJALUADANBgkqhkiG
9w0BAQsFAAOCAQEArf5T4NUN7EbUaIaiee4a7P8+EZtE5ToZNSM1tarvBj8UySCB
GALiQ4oEMzJVLdLi/ACYqlCLIqPNUK2tDiqvgyOheiJuifpnyCewJyk/bplQtGHP
QJnHSO1Z7JYik5eHaZP7RFDAZ0QB6f+rX+Tqy8F0CQNDMRXh9kcUeTbfkUcXTCn8
1O/MIQQm7Ps+Md/VT5vjlTt2WmrXh8PiNZrKOZmIVvEuzjktT369K003wnADPxeF
GVQy9lv2/0uBTdeqI/JGaF4LkqFEtqe4Ux42/nLNnK3ynQFs+TGitPXjfbi4tTeG
CPWppZuWpVVY7DyBv0ATOjrSr+/34o9LBnFb6Q==
-----END CERTIFICATE-----
Generated at Sat Jul 18 04:57:05 2026 by rpki-client