Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
File: 844EFBDA766C11EF8CE33A86C4F9AE02.roa (raw, json)
Hash identifier: YA0Nvbc6f+aoiQvcE4B0UJkUP4ma5xt6AmZut2mc8mM=
Subject key identifier: 0D:B3:F2:02:90:BA:47:0E:DB:77:E4:27:64:8E:98:79:C0:CA:1E:FD
Certificate issuer: /CN=A9162EE1/serialNumber=6076BD0BA4DB797A72A68FEFF9BFB558C44398B2
Certificate serial: 04B1
Authority key identifier: 60:76:BD:0B:A4:DB:79:7A:72:A6:8F:EF:F9:BF:B5:58:C4:43:98:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:58:09 +0000
ROA not before: Tue 02 Dec 2025 11:59:40 +0000
ROA not after: Wed 30 Dec 2026 00:00:00 +0000
asID: 147049
IP address blocks: 103.173.150.0/23 maxlen: 23
103.173.150.0/24 maxlen: 24
103.173.151.0/24 maxlen: 24
116.204.193.0/24 maxlen: 24
116.204.194.0/24 maxlen: 24
116.204.195.0/24 maxlen: 24
2407:e8c0::/48 maxlen: 48
2407:e8c0:1::/48 maxlen: 48
2407:e8c0:2::/48 maxlen: 48
2407:e8c0:3::/48 maxlen: 48
2407:e8c0:4::/48 maxlen: 48
2407:e8c0:5::/48 maxlen: 48
2407:e8c0:6::/48 maxlen: 48
2407:e8c0:7::/48 maxlen: 48
2407:e8c0:8::/48 maxlen: 48
2407:e8c0:9::/48 maxlen: 48
2407:e8c0:a::/48 maxlen: 48
2407:e8c0:b::/48 maxlen: 48
2407:e8c0:c::/48 maxlen: 48
2407:e8c0:d::/48 maxlen: 48
2407:e8c0:e::/48 maxlen: 48
2407:e8c0:f::/48 maxlen: 48
2407:e8c0:11::/48 maxlen: 48
2407:e8c0:12::/48 maxlen: 48
2407:e8c0:13::/48 maxlen: 48
2407:e8c0:1f::/48 maxlen: 48
2407:e8c0:20::/48 maxlen: 48
2407:e8c0:21::/48 maxlen: 48
2407:e8c0:22::/48 maxlen: 48
2407:e8c0:4a00::/40 maxlen: 40
2407:e8c0:4b00::/40 maxlen: 40
2407:e8c0:4c00::/40 maxlen: 40
2407:e8c0:4d00::/40 maxlen: 40
2407:e8c0:4e00::/40 maxlen: 40
2407:e8c0:4f00::/40 maxlen: 40
2407:e8c0:5000::/40 maxlen: 40
2407:e8c0:5100::/40 maxlen: 40
2407:e8c0:5200::/40 maxlen: 40
2407:e8c0:5300::/40 maxlen: 40
2407:e8c0:5400::/40 maxlen: 40
2407:e8c0:5500::/40 maxlen: 40
2407:e8c0:5600::/40 maxlen: 40
2407:e8c0:5700::/40 maxlen: 40
2407:e8c0:5800::/40 maxlen: 40
2407:e8c0:5a00::/40 maxlen: 40
2407:e8c0:5b00::/40 maxlen: 40
2407:e8c0:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.crl
rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 11 Mar 2026 23:46:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1201 (0x4b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162EE1, serialNumber=6076BD0BA4DB797A72A68FEFF9BFB558C44398B2
Validity
Not Before: Dec 2 11:59:40 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=69a47e31-4108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:de:d4:9e:d0:7e:87:7d:25:74:da:ea:dd:69:
cc:ea:4f:63:e0:d7:d3:5f:10:f4:03:47:7c:cf:e4:
98:e2:c9:b1:c4:98:c4:f6:60:13:ec:a1:82:06:14:
cb:ba:db:f0:5a:b0:e1:1b:8d:f3:f3:9f:33:2e:79:
a1:a1:89:80:cd:4f:97:c2:e2:7f:1e:5a:29:00:ee:
f7:1e:34:3f:7d:1b:11:ec:5a:53:cc:62:2a:e0:07:
a7:71:ad:2d:b7:97:a7:b6:f8:37:af:72:5c:bf:30:
d8:64:d0:18:da:7c:53:73:ba:51:4a:f5:f3:92:dd:
4e:6a:01:ed:7f:8d:87:0b:2b:3c:31:4f:ef:3a:d7:
ea:66:f4:aa:d3:55:a5:53:b5:34:f4:36:8f:2a:44:
88:ce:d5:d7:c2:cc:28:97:d7:5f:f5:43:63:7a:e3:
3c:1e:c7:70:78:0f:f1:35:54:bc:6c:40:dd:be:a0:
05:a3:bc:c3:d3:bd:d2:6c:dc:c0:63:5e:f6:af:75:
14:e5:0c:e6:13:49:1e:2f:f7:6c:0c:68:7b:0f:66:
b8:d6:20:06:f1:de:23:36:88:25:84:cc:5d:af:89:
e1:04:61:9d:fc:7a:88:21:0c:45:d5:8f:e6:b7:e8:
31:8a:07:7f:9a:6e:4a:bf:97:14:cc:f7:36:f6:d6:
87:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:B3:F2:02:90:BA:47:0E:DB:77:E4:27:64:8E:98:79:C0:CA:1E:FD
X509v3 Authority Key Identifier:
keyid:60:76:BD:0B:A4:DB:79:7A:72:A6:8F:EF:F9:BF:B5:58:C4:43:98:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.173.150.0/23
116.204.193.0-116.204.195.255
IPv6:
2407:e8c0::/44
2407:e8c0:11::-2407:e8c0:13:ffff:ffff:ffff:ffff:ffff
2407:e8c0:1f::-2407:e8c0:22:ffff:ffff:ffff:ffff:ffff
2407:e8c0:4a00::-2407:e8c0:58ff:ffff:ffff:ffff:ffff:ffff
2407:e8c0:5a00::/39
2407:e8c0:6000::/40
Signature Algorithm: sha256WithRSAEncryption
70:d9:ac:e3:95:bc:0e:d7:b7:29:aa:f3:1d:05:eb:96:c5:74:
cb:fa:ee:61:a3:0d:d6:a1:83:3b:50:d3:56:4d:2a:e4:a6:38:
68:35:d0:5b:a1:18:2b:00:eb:d9:5f:bb:47:50:05:0e:0a:ac:
7f:f6:62:b2:16:94:ca:17:a5:01:47:65:49:a8:5c:62:da:90:
85:fc:c3:18:2e:b9:b4:f6:9d:69:8c:4c:88:51:20:cb:11:3c:
a3:0f:61:e2:cd:8c:75:42:f1:6f:f5:61:90:d5:af:2d:53:11:
80:16:e8:f5:e8:3a:af:11:fd:50:55:e3:f5:fb:46:d2:48:3f:
1f:4a:24:aa:83:e5:c1:9c:83:1b:5a:06:8c:d8:e5:cc:08:af:
59:5b:70:fd:15:2e:44:3b:a1:b5:8f:90:b6:20:b5:bf:b6:dd:
d8:d6:bf:72:fb:5b:06:04:1e:e5:db:02:51:56:18:24:cb:a2:
ad:4a:25:53:3c:76:ef:98:15:e6:6b:22:50:8c:1d:9d:ed:66:
d4:3b:29:2c:71:24:66:57:75:93:25:f8:2c:b2:17:6c:a1:78:
6a:d9:b8:20:43:c0:31:6f:27:f7:2b:79:24:65:c8:c0:88:07:
0c:bc:6e:8e:3a:a7:a8:74:d7:32:9b:2c:4c:e0:54:a7:11:5e:
6d:57:26:69
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgICBLEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjJFRTExMTAvBgNVBAUTKDYwNzZCRDBCQTREQjc5N0E3MkE2OEZFRkY5QkZCNTU4
QzQ0Mzk4QjIwHhcNMjUxMjAyMTE1OTQwWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0N2UzMS00MTA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx97UntB+h30ldNrq3WnM6k9j4NfTXxD0A0d8z+SY4smxxJjE9mAT7KGCBhTL
utvwWrDhG43z858zLnmhoYmAzU+XwuJ/HlopAO73HjQ/fRsR7FpTzGIq4Aenca0t
t5entvg3r3JcvzDYZNAY2nxTc7pRSvXzkt1OagHtf42HCys8MU/vOtfqZvSq01Wl
U7U09DaPKkSIztXXwswol9df9UNjeuM8HsdweA/xNVS8bEDdvqAFo7zD073SbNzA
Y172r3UU5QzmE0keL/dsDGh7D2a41iAG8d4jNoglhMxdr4nhBGGd/HqIIQxF1Y/m
t+gxigd/mm5Kv5cUzPc29taHgQIDAQABo4ICyjCCAsYwHQYDVR0OBBYEFA2z8gKQ
ukcO23fkJ2SOmHnAyh79MB8GA1UdIwQYMBaAFGB2vQuk23l6cqaP7/m/tVjEQ5iy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MkVFMS83NTJENDJFODhG
RDIxMUVDOTQ4QTkzN0VDNEY5QUUwMi9ZSGE5QzZUYmVYcHlwb192LWItMVdNUkRt
TEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lIYTlDNlRiZVhweXBvX3YtYi0xV01SRG1MSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjJFRTEvNzUyRDQyRTg4RkQyMTFFQzk0OEE5MzdFQzRGOUFFMDIvODQ0RUZCREE3
NjZDMTFFRjhDRTMzQTg2QzRGOUFFMDIucm9hMIGIBggrBgEFBQcBBwEB/wR5MHcw
GgQCAAEwFAMEAWetljAMAwQAdMzBAwQCdMzAMFkEAgACMFMDBwQkB+jAAAAwEgMH
ACQH6MAAEQMHAiQH6MAAEDASAwcAJAfowAAfAwcAJAfowAAiMBADBgEkB+jASgMG
ACQH6MBYAwYBJAfowFoDBgAkB+jAYDANBgkqhkiG9w0BAQsFAAOCAQEAcNms45W8
Dte3KarzHQXrlsV0y/ruYaMN1qGDO1DTVk0q5KY4aDXQW6EYKwDr2V+7R1AFDgqs
f/ZishaUyhelAUdlSahcYtqQhfzDGC65tPadaYxMiFEgyxE8ow9h4s2MdULxb/Vh
kNWvLVMRgBbo9eg6rxH9UFXj9ftG0kg/H0okqoPlwZyDG1oGjNjlzAivWVtw/RUu
RDuhtY+QtiC1v7bd2Na/cvtbBgQe5dsCUVYYJMuirUolUzx275gV5msiUIwdne1m
1DspLHEkZld1kyX4LLIXbKF4atm4IEPAMW8n9yt5JGXIwIgHDLxujjqnqHTXMpss
TOBUpxFebVcmaQ==
-----END CERTIFICATE-----
Generated at Thu Mar 5 20:29:57 2026 by rpki-client