Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9174A6B/75244B62A16311E4B966DD0FC4F9AE02/5B7F22440AF811ECB423A671C4F9AE02.roa
File: 5B7F22440AF811ECB423A671C4F9AE02.roa (raw, json)
Hash identifier: m+a3zPB4fyXWyx5RrQ2sBq+pgT+Ag7kJUHtkCAnw3FU=
Subject key identifier: F5:31:27:92:1B:5E:CE:55:3A:6D:C6:C8:B2:CB:84:A8:68:EC:F5:8E
Certificate issuer: /CN=A9174A6B/serialNumber=BE12D2EEF42A1C9DC2A5720446C70316C7C20650
Certificate serial: 287F
Authority key identifier: BE:12:D2:EE:F4:2A:1C:9D:C2:A5:72:04:46:C7:03:16:C7:C2:06:50
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vhLS7vQqHJ3CpXIERscDFsfCBlA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9174A6B/75244B62A16311E4B966DD0FC4F9AE02/5B7F22440AF811ECB423A671C4F9AE02.roa
Signing time: Thu 12 Feb 2026 07:38:05 +0000
ROA not before: Thu 12 Feb 2026 07:38:05 +0000
ROA not after: Wed 30 Dec 2026 00:00:00 +0000
asID: 17470
IP address blocks: 43.252.12.0/22 maxlen: 22
43.252.12.0/24 maxlen: 24
43.252.13.0/24 maxlen: 24
43.252.14.0/24 maxlen: 24
43.252.15.0/24 maxlen: 24
103.247.48.0/22 maxlen: 22
103.247.48.0/24 maxlen: 24
103.247.49.0/24 maxlen: 24
103.247.50.0/24 maxlen: 24
103.247.51.0/24 maxlen: 24
203.189.184.0/21 maxlen: 21
203.189.184.0/24 maxlen: 24
203.189.185.0/24 maxlen: 24
203.189.186.0/24 maxlen: 24
203.189.187.0/24 maxlen: 24
203.189.188.0/24 maxlen: 24
203.189.189.0/24 maxlen: 24
203.189.190.0/24 maxlen: 24
203.189.191.0/24 maxlen: 24
2404:8a00::/48 maxlen: 48
2404:8a00:64::/48 maxlen: 48
2404:8a00:65::/48 maxlen: 48
2404:8a00:66::/48 maxlen: 48
2404:8a00:67::/48 maxlen: 48
2404:8a00:68::/48 maxlen: 48
2404:8a00:69::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9174A6B/75244B62A16311E4B966DD0FC4F9AE02/vhLS7vQqHJ3CpXIERscDFsfCBlA.crl
rsync://rpki.apnic.net/member_repository/A9174A6B/75244B62A16311E4B966DD0FC4F9AE02/vhLS7vQqHJ3CpXIERscDFsfCBlA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vhLS7vQqHJ3CpXIERscDFsfCBlA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 25 Feb 2026 15:29:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10367 (0x287f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9174A6B, serialNumber=BE12D2EEF42A1C9DC2A5720446C70316C7C20650
Validity
Not Before: Feb 12 07:38:05 2026 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=698d835d-a41c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:45:66:17:41:ee:ca:43:f1:dc:49:d4:4a:d2:
8b:11:96:91:57:93:24:0c:7e:cc:38:85:f1:04:ca:
d5:87:40:a1:de:31:bd:2d:0d:ed:2d:0a:c1:62:18:
c4:7e:68:56:ac:ec:78:f1:f4:c2:9e:4c:cd:dc:10:
2b:36:e8:0a:89:cc:4d:6b:c7:f1:27:0b:dc:2c:20:
0b:8e:b7:b9:42:f3:81:2a:f8:54:37:9b:d6:e6:08:
77:a2:78:a1:48:73:79:39:e5:27:9b:e3:e5:76:3f:
2f:7e:0c:c2:9b:12:86:32:5e:2e:d7:c8:a3:11:c1:
74:26:c6:20:08:ca:9d:e7:ec:dc:42:03:25:b4:ba:
98:ac:31:ed:10:c2:53:79:14:9f:0d:76:e6:94:b3:
2b:86:28:60:68:2e:6b:67:93:7b:34:9f:c1:fd:0d:
d9:69:0b:ea:bd:9f:29:d9:86:5e:18:46:4b:aa:1f:
bd:48:86:48:32:30:1b:46:54:c1:10:72:c9:f6:df:
d3:29:f6:64:dc:12:3d:5a:57:97:ff:cd:b6:bd:5b:
c0:2a:fe:5f:58:9a:55:9a:ca:36:3f:56:83:2a:c4:
83:a1:70:0b:a1:56:64:af:70:f1:ac:5b:3a:3b:9f:
b7:45:71:a4:2d:31:37:14:d8:70:9a:74:b0:5d:35:
e5:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:31:27:92:1B:5E:CE:55:3A:6D:C6:C8:B2:CB:84:A8:68:EC:F5:8E
X509v3 Authority Key Identifier:
keyid:BE:12:D2:EE:F4:2A:1C:9D:C2:A5:72:04:46:C7:03:16:C7:C2:06:50
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9174A6B/75244B62A16311E4B966DD0FC4F9AE02/vhLS7vQqHJ3CpXIERscDFsfCBlA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vhLS7vQqHJ3CpXIERscDFsfCBlA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9174A6B/75244B62A16311E4B966DD0FC4F9AE02/5B7F22440AF811ECB423A671C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.12.0/22
103.247.48.0/22
203.189.184.0/21
IPv6:
2404:8a00::/48
2404:8a00:64::-2404:8a00:69:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a6:c7:b4:44:cc:3c:a2:03:f1:10:11:5d:96:9c:0d:ba:47:33:
af:b9:b8:2e:fe:8d:a6:32:7c:16:df:b1:bd:b0:98:4f:ce:b4:
b0:50:fd:c6:af:c2:be:1e:08:76:c8:86:71:be:31:5b:db:a2:
e5:96:94:e3:13:f1:1b:05:38:85:ab:3c:a4:cf:69:dc:72:9c:
b4:b2:3c:ac:e4:56:4b:64:4f:25:0f:78:25:2d:57:47:8d:b8:
f6:3c:8e:1b:b7:73:c7:f9:e2:78:dd:be:81:d0:b9:43:3d:32:
34:c9:ca:bd:41:71:9b:4d:29:9e:b2:a1:93:49:b0:02:f7:f5:
52:22:84:58:d2:cf:05:cc:0d:72:98:d9:a3:66:38:02:70:a2:
ed:19:d8:71:05:e5:5f:20:b5:7f:b9:e1:44:a9:15:42:48:f5:
9b:df:a5:1e:51:2e:d6:54:fa:f2:0b:f2:10:8e:96:6b:fc:c4:
19:c3:99:91:c3:ea:e1:61:57:8c:59:0f:87:d4:89:dc:7b:f6:
30:d7:b3:e4:7d:07:8e:b7:28:80:6b:77:c2:2f:d9:30:77:17:
5c:c6:b9:1d:59:cf:c9:a9:f2:ce:15:d2:37:ea:bc:d6:8b:99:
6b:f9:ce:cf:d1:c4:bc:01:39:04:de:de:2a:15:5c:17:b8:2e:
4f:34:a2:8e
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgICKH8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzRBNkIxMTAvBgNVBAUTKEJFMTJEMkVFRjQyQTFDOURDMkE1NzIwNDQ2QzcwMzE2
QzdDMjA2NTAwHhcNMjYwMjEyMDczODA1WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDDA02OThkODM1ZC1hNDFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoUVmF0HuykPx3EnUStKLEZaRV5MkDH7MOIXxBMrVh0Ch3jG9LQ3tLQrBYhjE
fmhWrOx48fTCnkzN3BArNugKicxNa8fxJwvcLCALjre5QvOBKvhUN5vW5gh3onih
SHN5OeUnm+Pldj8vfgzCmxKGMl4u18ijEcF0JsYgCMqd5+zcQgMltLqYrDHtEMJT
eRSfDXbmlLMrhihgaC5rZ5N7NJ/B/Q3ZaQvqvZ8p2YZeGEZLqh+9SIZIMjAbRlTB
EHLJ9t/TKfZk3BI9WleX/822vVvAKv5fWJpVmso2P1aDKsSDoXALoVZkr3DxrFs6
O5+3RXGkLTE3FNhwmnSwXTXluwIDAQABo4ICxjCCAsIwHQYDVR0OBBYEFPUxJ5Ib
Xs5VOm3GyLLLhKho7PWOMB8GA1UdIwQYMBaAFL4S0u70KhydwqVyBEbHAxbHwgZQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NEE2Qi83NTI0NEI2MkEx
NjMxMUU0Qjk2NkREMEZDNEY5QUUwMi92aExTN3ZRcUhKM0NwWElFUnNjREZzZkNC
bEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZoTFM3dlFxSEozQ3BYSUVSc2NERnNmQ0JsQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzRBNkIvNzUyNDRCNjJBMTYzMTFFNEI5NjZERDBGQzRGOUFFMDIvNUI3RjIyNDQw
QUY4MTFFQ0I0MjNBNjcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUAYIKwYBBQUHAQcBAf8E
QTA/MBgEAgABMBIDBAIr/AwDBAJn9zADBAPLvbgwIwQCAAIwHQMHACQEigAAADAS
AwcCJASKAABkAwcBJASKAABoMA0GCSqGSIb3DQEBCwUAA4IBAQCmx7REzDyiA/EQ
EV2WnA26RzOvubgu/o2mMnwW37G9sJhPzrSwUP3Gr8K+Hgh2yIZxvjFb26LllpTj
E/EbBTiFqzykz2nccpy0sjys5FZLZE8lD3glLVdHjbj2PI4bt3PH+eJ43b6B0LlD
PTI0ycq9QXGbTSmesqGTSbAC9/VSIoRY0s8FzA1ymNmjZjgCcKLtGdhxBeVfILV/
ueFEqRVCSPWb36UeUS7WVPryC/IQjpZr/MQZw5mRw+rhYVeMWQ+H1Ince/Yw17Pk
fQeOtyiAa3fCL9kwdxdcxrkdWc/JqfLOFdI36rzWi5lr+c7P0cS8ATkE3t4qFVwX
uC5PNKKO
-----END CERTIFICATE-----
Generated at Thu Feb 19 18:17:47 2026 by rpki-client