Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/89D77C1263E611F1A397C3898947A888.roa
File: 89D77C1263E611F1A397C3898947A888.roa (raw, json)
Hash identifier: +LtnAMRUFK3JIOi8M+DYcqqrXZEkdeiHfttYzNgdVsY=
Subject key identifier: 6D:48:F2:F1:8A:10:C6:BE:14:68:4A:F5:02:C0:09:DC:2A:70:AD:C3
Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Certificate serial: 1E27
Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/89D77C1263E611F1A397C3898947A888.roa
Signing time: Tue 09 Jun 2026 09:35:23 +0000
ROA not before: Tue 09 Jun 2026 09:35:23 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 132165
IP address blocks: 43.245.128.0/24 maxlen: 24
43.245.129.0/24 maxlen: 24
43.245.130.0/24 maxlen: 24
43.245.131.0/24 maxlen: 24
103.12.120.0/24 maxlen: 24
103.12.121.0/24 maxlen: 24
103.12.122.0/24 maxlen: 24
103.12.123.0/24 maxlen: 24
103.246.108.0/22 maxlen: 22
103.246.108.0/24 maxlen: 24
103.246.109.0/24 maxlen: 24
103.246.110.0/24 maxlen: 24
103.246.111.0/24 maxlen: 24
111.88.2.0/24 maxlen: 24
111.88.3.0/24 maxlen: 24
111.88.4.0/24 maxlen: 24
111.88.5.0/24 maxlen: 24
111.88.6.0/24 maxlen: 24
111.88.7.0/24 maxlen: 24
111.88.136.0/24 maxlen: 24
111.88.137.0/24 maxlen: 24
111.119.160.0/24 maxlen: 24
111.119.161.0/24 maxlen: 24
111.119.162.0/24 maxlen: 24
111.119.163.0/24 maxlen: 24
111.119.164.0/24 maxlen: 24
111.119.165.0/24 maxlen: 24
111.119.166.0/24 maxlen: 24
111.119.167.0/24 maxlen: 24
113.203.192.0/24 maxlen: 24
113.203.193.0/24 maxlen: 24
113.203.195.0/24 maxlen: 24
113.203.200.0/24 maxlen: 24
113.203.201.0/24 maxlen: 24
113.203.202.0/24 maxlen: 24
113.203.203.0/24 maxlen: 24
113.203.204.0/24 maxlen: 24
113.203.205.0/24 maxlen: 24
113.203.207.0/24 maxlen: 24
115.42.64.0/24 maxlen: 24
115.42.65.0/24 maxlen: 24
115.42.66.0/24 maxlen: 24
115.42.67.0/24 maxlen: 24
115.42.68.0/24 maxlen: 24
115.42.69.0/24 maxlen: 24
115.42.70.0/24 maxlen: 24
115.42.71.0/24 maxlen: 24
118.103.226.0/24 maxlen: 24
118.103.227.0/24 maxlen: 24
118.103.228.0/24 maxlen: 24
118.103.229.0/24 maxlen: 24
118.103.230.0/24 maxlen: 24
118.103.231.0/24 maxlen: 24
118.103.232.0/24 maxlen: 24
118.103.233.0/24 maxlen: 24
118.103.234.0/24 maxlen: 24
118.103.235.0/24 maxlen: 24
118.103.236.0/24 maxlen: 24
118.103.237.0/24 maxlen: 24
118.103.238.0/24 maxlen: 24
118.103.239.0/24 maxlen: 24
2406:d00::/48 maxlen: 48
2406:d00:2222::/48 maxlen: 48
2406:d00:5555::/48 maxlen: 48
2406:d00:aaaa::/48 maxlen: 48
2406:d00:bbbb::/48 maxlen: 48
2406:d00:ccaa::/47 maxlen: 48
2406:d00:ccad::/48 maxlen: 48
2406:d00:ccc0::/46 maxlen: 48
2406:d00:cccc::/46 maxlen: 48
2406:d00:cce0::/48 maxlen: 48
2406:d00:ccea::/48 maxlen: 48
2406:d00:ddc1::/48 maxlen: 48
2406:d00:ddcc::/48 maxlen: 48
2406:d00:ddd1::/48 maxlen: 48
2406:d00:dddd::/48 maxlen: 48
2406:d00:ddf1::/48 maxlen: 48
2406:d00:ddff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 17 Jun 2026 16:07:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7719 (0x1e27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A84A, serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Validity
Not Before: Jun 9 09:35:23 2026 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=6a27de5b-022f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:71:4e:1e:ab:c0:49:21:4f:aa:e9:d5:f4:8e:
c1:05:ec:d5:b9:54:be:c6:20:6e:da:b3:fc:cd:70:
0f:21:03:44:cf:a5:4e:87:13:75:9e:89:cd:36:75:
04:82:74:45:dd:37:bf:4c:1c:3e:e4:c9:e4:02:af:
4d:5c:ee:05:7a:13:7e:04:d1:76:6d:d6:8a:46:e9:
52:ef:e5:d1:5a:41:52:08:8b:ca:63:6c:20:e9:26:
52:a6:31:ed:a6:d7:10:3c:e0:05:4a:fc:f6:1c:73:
8f:04:44:e2:76:c9:6d:af:8b:19:7a:6e:02:6f:cd:
58:2f:83:e3:90:ab:9f:56:86:69:53:07:7d:c5:bd:
2b:fb:d0:88:b7:79:23:4c:02:5e:c5:c7:a8:1b:a4:
71:c4:cb:67:a4:8b:5b:ce:d6:7a:43:a9:10:60:60:
af:41:98:e0:81:23:21:0e:94:a4:21:fa:03:79:04:
41:18:46:92:89:52:fb:d2:e7:4b:09:5b:b3:7d:fd:
2c:2e:62:52:c4:3e:01:5b:86:84:c2:3f:9d:ab:6d:
7a:55:c5:43:b7:e9:c5:cd:c6:3d:4f:aa:d5:c1:d4:
b2:67:da:66:f0:01:a7:42:f4:a3:99:90:24:33:33:
58:f4:96:32:4e:d8:94:54:38:83:22:05:b7:25:3e:
19:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:48:F2:F1:8A:10:C6:BE:14:68:4A:F5:02:C0:09:DC:2A:70:AD:C3
X509v3 Authority Key Identifier:
keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/89D77C1263E611F1A397C3898947A888.roa
sbgp-ipAddrBlock: critical
IPv4:
43.245.128.0/22
103.12.120.0/22
103.246.108.0/22
111.88.2.0-111.88.7.255
111.88.136.0/23
111.119.160.0/21
113.203.192.0/23
113.203.195.0/24
113.203.200.0-113.203.205.255
113.203.207.0/24
115.42.64.0/21
118.103.226.0-118.103.239.255
IPv6:
2406:d00::/48
2406:d00:2222::/48
2406:d00:5555::/48
2406:d00:aaaa::/48
2406:d00:bbbb::/48
2406:d00:ccaa::/47
2406:d00:ccad::/48
2406:d00:ccc0::/46
2406:d00:cccc::/46
2406:d00:cce0::/48
2406:d00:ccea::/48
2406:d00:ddc1::/48
2406:d00:ddcc::/48
2406:d00:ddd1::/48
2406:d00:dddd::/48
2406:d00:ddf1::/48
2406:d00:ddff::/48
Signature Algorithm: sha256WithRSAEncryption
7a:fc:aa:39:3a:fa:d7:56:44:12:c0:5b:2c:2e:25:3e:49:72:
61:8a:00:0b:90:30:24:0e:da:26:27:7b:b8:36:07:d6:a9:f6:
ff:d6:da:25:56:45:10:80:f7:0c:12:8f:6f:ca:be:e4:aa:8e:
93:12:70:de:04:83:07:7a:e5:38:17:17:c1:dc:60:fb:9c:d9:
75:e8:2f:7d:73:c7:4e:78:fb:69:68:ff:ff:bc:e5:2e:1e:fd:
3c:cb:dc:44:d3:b9:fa:21:73:5f:1a:65:91:e8:0e:22:bd:3e:
6f:65:41:ac:f3:2c:c6:39:c4:c1:f5:3e:ea:70:d4:13:04:bc:
1e:c4:04:8d:e6:3d:eb:0f:e2:81:43:d4:8c:cd:73:c0:0c:a2:
33:e0:1c:6e:64:fb:41:c6:79:a3:c7:91:2c:b8:db:14:66:21:
d5:fb:6e:a2:aa:4e:11:87:c7:2e:f3:57:6b:0a:7d:06:05:8a:
b6:34:d3:f2:8b:b1:84:de:13:85:f7:b3:e5:25:0f:e9:9d:e4:
89:b7:8c:ac:4e:33:ed:7f:7b:c2:e9:44:a9:59:2d:2b:bd:f1:
b1:98:03:c8:93:6c:2e:16:c3:35:7b:4a:0d:cb:fd:4d:f7:bd:
94:a3:d9:f9:21:70:a0:25:b3:cd:54:fa:55:c5:ba:f4:7d:26:
d8:43:18:d7
-----BEGIN CERTIFICATE-----
MIIGPzCCBSegAwIBAgICHicwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB
ODEzOTYwM0EwHhcNMjYwNjA5MDkzNTIzWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTI3ZGU1Yi0wMjJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsHFOHqvASSFPqunV9I7BBezVuVS+xiBu2rP8zXAPIQNEz6VOhxN1nonNNnUE
gnRF3Te/TBw+5MnkAq9NXO4FehN+BNF2bdaKRulS7+XRWkFSCIvKY2wg6SZSpjHt
ptcQPOAFSvz2HHOPBETidsltr4sZem4Cb81YL4PjkKufVoZpUwd9xb0r+9CIt3kj
TAJexceoG6RxxMtnpItbztZ6Q6kQYGCvQZjggSMhDpSkIfoDeQRBGEaSiVL70udL
CVuzff0sLmJSxD4BW4aEwj+dq216VcVDt+nFzcY9T6rVwdSyZ9pm8AGnQvSjmZAk
MzNY9JYyTtiUVDiDIgW3JT4ZWwIDAQABo4IDYzCCA18wHQYDVR0OBBYEFG1I8vGK
EMa+FGhK9QLACdwqcK3DMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx
RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E4NEEvMTgwNTE5MUFFMUVGMTFFNjlEMzY1MDFCQzRGOUFFMDIvODlENzdDMTI2
M0U2MTFGMUEzOTdDMzg5ODk0N0E4ODgucm9hMIIBIAYIKwYBBQUHAQcBAf8EggEP
MIIBCzBmBAIAATBgAwQCK/WAAwQCZwx4AwQCZ/ZsMAwDBAFvWAIDBANvWAADBAFv
WIgDBANvd6ADBAFxy8ADBABxy8MwDAMEA3HLyAMEAXHLzAMEAHHLzwMEA3MqQDAM
AwQBdmfiAwQEdmfgMIGgBAIAAjCBmQMHACQGDQAAAAMHACQGDQAiIgMHACQGDQBV
VQMHACQGDQCqqgMHACQGDQC7uwMHASQGDQDMqgMHACQGDQDMrQMHAiQGDQDMwAMH
AiQGDQDMzAMHACQGDQDM4AMHACQGDQDM6gMHACQGDQDdwQMHACQGDQDdzAMHACQG
DQDd0QMHACQGDQDd3QMHACQGDQDd8QMHACQGDQDd/zANBgkqhkiG9w0BAQsFAAOC
AQEAevyqOTr611ZEEsBbLC4lPklyYYoAC5AwJA7aJid7uDYH1qn2/9baJVZFEID3
DBKPb8q+5KqOkxJw3gSDB3rlOBcXwdxg+5zZdegvfXPHTnj7aWj//7zlLh79PMvc
RNO5+iFzXxplkegOIr0+b2VBrPMsxjnEwfU+6nDUEwS8HsQEjeY96w/igUPUjM1z
wAyiM+AcbmT7QcZ5o8eRLLjbFGYh1ftuoqpOEYfHLvNXawp9BgWKtjTT8ouxhN4T
hfez5SUP6Z3kibeMrE4z7X97wulEqVktK73xsZgDyJNsLhbDNXtKDcv9Tfe9lKPZ
+SFwoCWzzVT6VcW69H0m2EMY1w==
-----END CERTIFICATE-----
Generated at Fri Jun 12 16:31:35 2026 by rpki-client