Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/52E1349E04D211E9BA47303FC4F9AE02.roa
File: 52E1349E04D211E9BA47303FC4F9AE02.roa (raw, json)
Hash identifier: mNzK0fTC1UQE0ypnpIUUH82x6TCT1akGEArMQagOhZ4=
Subject key identifier: E1:D0:93:43:2E:9A:FB:A2:7E:F6:6D:13:E6:28:DB:C0:C1:B2:E8:D2
Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Certificate serial: 2047
Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/52E1349E04D211E9BA47303FC4F9AE02.roa
Signing time: Sun 01 Mar 2026 19:12:46 +0000
ROA not before: Sat 30 Aug 2025 16:35:42 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 4813
IP address blocks: 121.10.40.0/24 maxlen: 24
125.88.15.0/24 maxlen: 24
125.88.58.0/24 maxlen: 24
125.88.59.0/24 maxlen: 24
125.88.60.0/23 maxlen: 23
125.88.88.0/24 maxlen: 24
125.88.103.0/24 maxlen: 24
125.88.108.0/23 maxlen: 23
125.88.114.0/24 maxlen: 24
125.88.115.0/24 maxlen: 24
125.88.116.0/22 maxlen: 22
125.88.120.0/23 maxlen: 23
125.88.124.0/22 maxlen: 22
125.88.128.0/20 maxlen: 20
202.96.168.0/24 maxlen: 24
202.103.182.0/24 maxlen: 24
202.105.2.0/23 maxlen: 23
202.105.5.0/24 maxlen: 24
202.105.7.0/24 maxlen: 24
202.105.80.0/22 maxlen: 22
202.105.212.0/23 maxlen: 23
202.105.214.0/24 maxlen: 24
202.105.215.0/24 maxlen: 24
202.105.240.0/22 maxlen: 22
218.13.104.0/22 maxlen: 22
218.13.108.0/22 maxlen: 22
218.13.112.0/22 maxlen: 22
218.13.118.0/23 maxlen: 23
218.13.120.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 19 Mar 2026 16:09:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8263 (0x2047)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE4, serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Validity
Not Before: Aug 30 16:35:42 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=69a48fae-9969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cf:20:73:28:f0:b0:7a:a3:c0:30:4d:91:6e:
b2:a0:af:3a:94:39:1b:aa:86:4f:74:8c:53:85:eb:
48:63:53:e5:2a:4d:d1:e3:5e:d1:fc:ca:ad:63:55:
d3:4e:b4:c0:9a:c3:85:49:b9:35:7c:d3:fd:5b:d6:
f3:1a:2d:c5:cc:fd:63:a0:f4:26:4c:79:b6:17:57:
5b:e5:27:a8:c5:fd:9e:fc:0a:8c:e4:a7:f6:60:70:
e0:1c:7a:61:7c:c2:8c:9d:60:f2:1d:b5:b8:15:1e:
b0:b1:97:36:28:ca:a4:9b:32:e7:e6:9e:bb:18:d0:
0b:e8:b7:09:4f:30:3e:54:84:5a:79:16:e1:35:7c:
81:4f:7b:d6:9b:b8:1b:9f:4e:07:85:16:e9:dc:24:
94:0d:4e:1e:50:d4:74:49:35:fd:27:6f:e4:15:08:
5b:ef:1e:bc:56:8f:ea:cb:47:84:c5:ef:b9:cb:bc:
bd:6a:09:e3:e4:dc:c1:80:2a:3e:48:29:9f:07:6e:
d5:4b:76:2a:31:54:06:63:e0:0f:96:54:6d:02:47:
6e:03:f9:23:48:60:b4:93:c3:f8:ae:d2:3c:ca:25:
4c:9b:c8:f1:d2:5e:91:96:07:b9:5f:e0:a1:51:a5:
9d:e1:a5:14:cb:b0:f9:01:0a:5c:24:fe:95:38:ce:
e1:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:D0:93:43:2E:9A:FB:A2:7E:F6:6D:13:E6:28:DB:C0:C1:B2:E8:D2
X509v3 Authority Key Identifier:
keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/52E1349E04D211E9BA47303FC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
121.10.40.0/24
125.88.15.0/24
125.88.58.0-125.88.61.255
125.88.88.0/24
125.88.103.0/24
125.88.108.0/23
125.88.114.0-125.88.121.255
125.88.124.0-125.88.143.255
202.96.168.0/24
202.103.182.0/24
202.105.2.0/23
202.105.5.0/24
202.105.7.0/24
202.105.80.0/22
202.105.212.0/22
202.105.240.0/22
218.13.104.0-218.13.115.255
218.13.118.0-218.13.127.255
Signature Algorithm: sha256WithRSAEncryption
1b:25:5b:50:ac:9f:41:2c:af:00:43:a6:ff:1b:f1:0e:8f:a8:
7a:8d:3a:39:9f:c4:3d:7d:91:4a:5d:27:3c:e8:2a:ac:c5:b9:
9f:6b:40:41:c0:5e:8f:24:95:b0:e7:a4:b1:1a:ab:12:2b:e1:
c6:a8:dc:f3:a9:dd:a8:51:87:63:84:ff:2b:43:20:9a:8a:79:
60:9c:5e:66:67:5b:ae:5c:22:51:ea:37:a6:14:b8:3f:0b:c5:
f1:79:e8:36:84:b6:87:b1:e3:bf:31:1a:e8:91:2a:57:45:b1:
f2:0b:dc:a0:f8:f5:ad:65:5d:c5:69:c1:70:2b:80:1b:81:4d:
d2:51:58:a8:70:2b:c9:1f:93:1b:aa:f5:09:f2:d2:d4:42:d6:
87:84:00:41:63:47:0a:28:8b:f5:b1:73:a9:4a:55:40:60:e9:
2e:aa:cd:e2:02:73:1f:58:bf:f8:55:1f:94:f6:b5:fe:ac:8a:
91:fc:89:6f:db:7b:96:14:70:75:ac:7c:20:0c:54:60:ec:fe:
de:8d:06:c7:e7:01:5b:96:83:57:2c:3a:ba:20:cb:83:dd:4a:
b5:c0:5a:8f:4e:00:50:69:f3:c6:60:dc:5b:1f:f9:ca:4c:5a:
3f:e9:17:50:18:6f:f6:4b:a4:86:45:78:6c:1c:de:cb:a7:52:
84:fd:2c:12
-----BEGIN CERTIFICATE-----
MIIFzzCCBLegAwIBAgICIEcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1
NkU4QUM4QkEwHhcNMjUwODMwMTYzNTQyWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0OGZhZS05OTY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArc8gcyjwsHqjwDBNkW6yoK86lDkbqoZPdIxThetIY1PlKk3R417R/MqtY1XT
TrTAmsOFSbk1fNP9W9bzGi3FzP1joPQmTHm2F1db5Seoxf2e/AqM5Kf2YHDgHHph
fMKMnWDyHbW4FR6wsZc2KMqkmzLn5p67GNAL6LcJTzA+VIRaeRbhNXyBT3vWm7gb
n04HhRbp3CSUDU4eUNR0STX9J2/kFQhb7x68Vo/qy0eExe+5y7y9agnj5NzBgCo+
SCmfB27VS3YqMVQGY+APllRtAkduA/kjSGC0k8P4rtI8yiVMm8jx0l6Rlge5X+Ch
UaWd4aUUy7D5AQpcJP6VOM7hvwIDAQABo4IC8zCCAu8wHQYDVR0OBBYEFOHQk0Mu
mvuifvZtE+Yo28DBsujSMB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1
NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5
TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvNTJFMTM0OUUw
NEQyMTFFOUJBNDczMDNGQzRGOUFFMDIucm9hMIGxBggrBgEFBQcBBwEB/wSBoTCB
njCBmwQCAAEwgZQDBAB5CigDBAB9WA8wDAMEAX1YOgMEAX1YPAMEAH1YWAMEAH1Y
ZwMEAX1YbDAMAwQBfVhyAwQBfVh4MAwDBAJ9WHwDBAR9WIADBADKYKgDBADKZ7YD
BAHKaQIDBADKaQUDBADKaQcDBALKaVADBALKadQDBALKafAwDAMEA9oNaAMEAtoN
cDAMAwQB2g12AwQH2g0AMA0GCSqGSIb3DQEBCwUAA4IBAQAbJVtQrJ9BLK8AQ6b/
G/EOj6h6jTo5n8Q9fZFKXSc86Cqsxbmfa0BBwF6PJJWw56SxGqsSK+HGqNzzqd2o
UYdjhP8rQyCainlgnF5mZ1uuXCJR6jemFLg/C8Xxeeg2hLaHseO/MRrokSpXRbHy
C9yg+PWtZV3FacFwK4AbgU3SUViocCvJH5MbqvUJ8tLUQtaHhABBY0cKKIv1sXOp
SlVAYOkuqs3iAnMfWL/4VR+U9rX+rIqR/Ilv23uWFHB1rHwgDFRg7P7ejQbH5wFb
loNXLDq6IMuD3Uq1wFqPTgBQafPGYNxbH/nKTFo/6RdQGG/2S6SGRXhsHN7Lp1KE
/SwS
-----END CERTIFICATE-----
Generated at Thu Mar 12 22:48:22 2026 by rpki-client