Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/4DEF33661FBE11EF97E7974FC4F9AE02.roa
File: 4DEF33661FBE11EF97E7974FC4F9AE02.roa (raw, json)
Hash identifier: qWmu2ytewKmvmtQmdU/LYAy7uLvhM4unyPaxbPUHDWk=
Subject key identifier: 17:2F:B3:1B:36:0F:CE:C5:F1:5D:3E:69:08:31:70:AB:6F:D3:CD:10
Certificate issuer: /CN=A9148D01/serialNumber=7E36AB1C044321B74CF678263E0524FD34179BBD
Certificate serial: 0795
Authority key identifier: 7E:36:AB:1C:04:43:21:B7:4C:F6:78:26:3E:05:24:FD:34:17:9B:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjarHARDIbdM9ngmPgUk_TQXm70.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/4DEF33661FBE11EF97E7974FC4F9AE02.roa
Signing time: Sun 31 May 2026 23:27:31 +0000
ROA not before: Sun 31 May 2026 23:27:31 +0000
ROA not after: Thu 01 Oct 2026 00:00:00 +0000
asID: 17762
IP address blocks: 49.248.0.0/17 maxlen: 21
49.248.0.0/18 maxlen: 24
49.248.64.0/19 maxlen: 24
49.248.96.0/22 maxlen: 22
49.248.96.0/23 maxlen: 24
49.248.104.0/21 maxlen: 24
49.248.112.0/20 maxlen: 23
49.248.112.0/21 maxlen: 24
49.248.120.0/22 maxlen: 24
49.248.124.0/23 maxlen: 24
49.248.126.0/24 maxlen: 24
49.248.128.0/18 maxlen: 18
49.248.128.0/21 maxlen: 23
49.248.129.0/24 maxlen: 24
49.248.135.0/24 maxlen: 24
49.248.136.0/21 maxlen: 23
49.248.136.0/24 maxlen: 24
49.248.138.0/23 maxlen: 24
49.248.140.0/22 maxlen: 24
49.248.144.0/22 maxlen: 24
49.248.148.0/23 maxlen: 24
49.248.151.0/24 maxlen: 24
49.248.152.0/21 maxlen: 24
49.248.160.0/19 maxlen: 24
49.248.192.0/19 maxlen: 24
49.248.246.0/23 maxlen: 24
49.248.248.0/21 maxlen: 24
103.3.40.0/24 maxlen: 24
103.3.41.0/24 maxlen: 24
103.3.43.0/24 maxlen: 24
103.8.148.0/22 maxlen: 24
114.143.0.0/16 maxlen: 24
123.252.128.0/18 maxlen: 21
123.252.128.0/22 maxlen: 22
123.252.128.0/23 maxlen: 24
123.252.131.0/24 maxlen: 24
123.252.133.0/24 maxlen: 24
123.252.134.0/23 maxlen: 24
123.252.136.0/21 maxlen: 22
123.252.136.0/23 maxlen: 24
123.252.138.0/24 maxlen: 24
123.252.140.0/22 maxlen: 24
123.252.144.0/20 maxlen: 24
123.252.160.0/19 maxlen: 24
123.252.192.0/18 maxlen: 24
202.149.192.0/19 maxlen: 19
202.149.192.0/22 maxlen: 22
202.149.192.0/24 maxlen: 24
202.149.193.0/24 maxlen: 24
202.149.196.0/24 maxlen: 24
202.149.198.0/24 maxlen: 24
202.149.199.0/24 maxlen: 24
202.149.201.0/24 maxlen: 24
202.149.202.0/24 maxlen: 24
202.149.203.0/24 maxlen: 24
202.149.204.0/22 maxlen: 22
202.149.204.0/23 maxlen: 23
202.149.207.0/24 maxlen: 24
202.149.210.0/24 maxlen: 24
202.149.212.0/22 maxlen: 22
202.149.214.0/24 maxlen: 24
202.149.217.0/24 maxlen: 24
202.149.218.0/24 maxlen: 24
202.149.219.0/24 maxlen: 24
202.149.220.0/22 maxlen: 22
202.149.222.0/23 maxlen: 23
202.149.222.0/24 maxlen: 24
202.149.223.0/24 maxlen: 24
202.189.224.0/19 maxlen: 24
2402:d400::/32 maxlen: 32
2402:d400::/44 maxlen: 48
2402:d400:40::/48 maxlen: 48
2402:d400:41::/48 maxlen: 48
2402:d400:3e2::/48 maxlen: 48
2402:d400:3e3::/48 maxlen: 48
2402:d400:3e4::/48 maxlen: 48
2402:d400:3e5::/48 maxlen: 48
2402:d400:3e6::/48 maxlen: 48
2402:d400:fa00::/44 maxlen: 48
2402:d400:fa10::/44 maxlen: 48
2402:d400:fa20::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/fjarHARDIbdM9ngmPgUk_TQXm70.crl
rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/fjarHARDIbdM9ngmPgUk_TQXm70.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjarHARDIbdM9ngmPgUk_TQXm70.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 07 Jun 2026 23:27:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1941 (0x795)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148D01, serialNumber=7E36AB1C044321B74CF678263E0524FD34179BBD
Validity
Not Before: May 31 23:27:31 2026 GMT
Not After : Oct 1 00:00:00 2026 GMT
Subject: CN=6a1cc3e3-7dbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:50:a2:3f:59:8c:a1:ed:13:79:f7:84:f4:d7:
b4:81:34:21:cf:87:75:f7:fe:9e:f4:34:fb:fb:2a:
6d:46:eb:9a:8b:dd:7b:9e:e3:84:59:1b:8a:10:37:
9d:f9:ee:92:f4:12:cf:de:e6:7d:06:68:c2:f5:b8:
08:11:52:d8:d2:ea:4d:27:69:eb:b6:b1:5c:8c:71:
de:21:96:ef:c0:c5:45:26:0d:d6:c2:c6:b9:dc:2a:
29:4a:6d:4a:71:56:bb:23:3e:d1:d6:d1:9f:6d:24:
be:30:8a:c3:4d:74:b5:1e:da:04:23:bf:05:93:38:
4e:3a:46:3d:62:04:04:ea:11:ee:ea:c9:92:75:8b:
64:20:44:50:f7:4e:20:d4:2f:63:e8:fc:70:6b:32:
e6:1e:07:b4:c6:5f:b6:70:69:9d:89:3f:9f:78:ed:
b3:b1:00:cd:39:42:19:10:26:cc:62:e4:8a:24:a6:
b6:86:c4:95:ec:93:8b:0c:ed:9c:a9:dd:b6:58:1d:
30:fa:5f:33:ce:e4:95:c7:2e:12:21:c7:f1:6f:56:
55:58:e8:26:7f:ed:3e:4d:4b:a6:a5:cb:fa:cf:95:
d0:88:8b:fa:7d:e7:f1:be:c7:14:02:22:aa:cc:cf:
65:03:26:05:49:c6:8e:1d:12:40:34:cc:db:cb:0b:
87:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:2F:B3:1B:36:0F:CE:C5:F1:5D:3E:69:08:31:70:AB:6F:D3:CD:10
X509v3 Authority Key Identifier:
keyid:7E:36:AB:1C:04:43:21:B7:4C:F6:78:26:3E:05:24:FD:34:17:9B:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/fjarHARDIbdM9ngmPgUk_TQXm70.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjarHARDIbdM9ngmPgUk_TQXm70.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/4DEF33661FBE11EF97E7974FC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
49.248.0.0-49.248.223.255
49.248.246.0-49.248.255.255
103.3.40.0/23
103.3.43.0/24
103.8.148.0/22
114.143.0.0/16
123.252.128.0/17
202.149.192.0/19
202.189.224.0/19
IPv6:
2402:d400::/32
Signature Algorithm: sha256WithRSAEncryption
ac:f0:70:ed:ca:75:57:bc:79:37:9e:b1:f6:30:15:7c:89:15:
b3:78:e3:73:3a:6c:bf:c2:9e:8b:79:ed:af:b3:52:9c:9f:e4:
9a:2f:83:21:f4:11:ea:cd:66:09:5c:5e:1c:f5:38:88:9c:3c:
27:4f:94:e0:d3:10:0a:e2:60:41:95:20:aa:56:0c:11:0f:74:
ea:1f:5f:8b:78:db:37:57:2a:00:43:dc:91:7e:2b:bf:22:d0:
04:73:63:27:73:8a:f2:48:48:65:46:e9:f1:9d:f4:4b:d1:32:
bc:c3:02:ba:4c:e6:9b:fb:21:3e:f8:a8:49:62:75:cd:7d:d6:
e7:d2:e1:48:81:8e:b6:4c:86:4a:d4:13:c5:21:03:25:c2:60:
8b:77:8f:46:93:8f:21:1e:58:34:57:ad:80:21:1b:65:d3:f6:
4c:30:3d:e9:58:18:9f:26:05:7b:21:ac:d7:e5:6b:e8:e5:92:
04:15:08:dc:ae:67:61:1d:11:ce:76:ac:20:10:64:4e:45:ac:
01:6d:8f:23:00:28:3b:55:64:ef:88:19:7e:03:08:c2:b4:15:
3f:e9:1a:47:5f:1c:44:37:61:cc:14:bd:b0:a2:70:62:6c:3a:
f4:d1:a7:d4:33:2d:9a:11:af:df:bc:1f:01:50:56:b0:cf:7d:
23:63:6f:9d
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICB5UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhEMDExMTAvBgNVBAUTKDdFMzZBQjFDMDQ0MzIxQjc0Q0Y2NzgyNjNFMDUyNEZE
MzQxNzlCQkQwHhcNMjYwNTMxMjMyNzMxWhcNMjYxMDAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTFjYzNlMy03ZGJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAgVCiP1mMoe0TefeE9Ne0gTQhz4d19/6e9DT7+yptRuuai917nuOEWRuKEDed
+e6S9BLP3uZ9BmjC9bgIEVLY0upNJ2nrtrFcjHHeIZbvwMVFJg3Wwsa53CopSm1K
cVa7Iz7R1tGfbSS+MIrDTXS1HtoEI78FkzhOOkY9YgQE6hHu6smSdYtkIERQ904g
1C9j6PxwazLmHge0xl+2cGmdiT+feO2zsQDNOUIZECbMYuSKJKa2hsSV7JOLDO2c
qd22WB0w+l8zzuSVxy4SIcfxb1ZVWOgmf+0+TUumpcv6z5XQiIv6fefxvscUAiKq
zM9lAyYFScaOHRJANMzbywuHowIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFBcvsxs2
D87F8V0+aQgxcKtv080QMB8GA1UdIwQYMBaAFH42qxwEQyG3TPZ4Jj4FJP00F5u9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEQwMS9FOTI1MTlGQTk5
MEIxMUVCQTM1NUNCNTNDNEY5QUUwMi9mamFySEFSREliZE05bmdtUGdVa19UUVht
NzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZqYXJIQVJESWJkTTluZ21QZ1VrX1RRWG03MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDhEMDEvRTkyNTE5RkE5OTBCMTFFQkEzNTVDQjUzQzRGOUFFMDIvNERFRjMzNjYx
RkJFMTFFRjk3RTc5NzRGQzRGOUFFMDIucm9hMGsGCCsGAQUFBwEHAQH/BFwwWjBJ
BAIAATBDMAsDAwMx+AMEBTH4wDALAwQBMfj2AwMAMfgDBAFnAygDBABnAysDBAJn
CJQDAwByjwMEB3v8gAMEBcqVwAMEBcq94DANBAIAAjAHAwUAJALUADANBgkqhkiG
9w0BAQsFAAOCAQEArPBw7cp1V7x5N56x9jAVfIkVs3jjczpsv8Kei3ntr7NSnJ/k
mi+DIfQR6s1mCVxeHPU4iJw8J0+U4NMQCuJgQZUgqlYMEQ906h9fi3jbN1cqAEPc
kX4rvyLQBHNjJ3OK8khIZUbp8Z30S9EyvMMCukzmm/shPvioSWJ1zX3W59LhSIGO
tkyGStQTxSEDJcJgi3ePRpOPIR5YNFetgCEbZdP2TDA96VgYnyYFeyGs1+Vr6OWS
BBUI3K5nYR0RznasIBBkTkWsAW2PIwAoO1Vk74gZfgMIwrQVP+kaR18cRDdhzBS9
sKJwYmw69NGn1DMtmhGv37wfAVBWsM99I2NvnQ==
-----END CERTIFICATE-----
Generated at Tue Jun 2 22:27:36 2026 by rpki-client