Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/694CCE66E53911EF9DD1B90DC4F9AE02.roa
File: 694CCE66E53911EF9DD1B90DC4F9AE02.roa (raw, json)
Hash identifier: HZBfZMAFJxlkSmjIQOZstgSCx4ashGb51vkWovEUYbs=
Subject key identifier: 7E:77:9C:BA:FA:C6:ED:7B:EF:64:6C:63:C2:4F:55:28:09:B3:EF:11
Certificate issuer: /CN=A918495F/serialNumber=90C22F7393850E8ECF6B5F1E320D07B2D1ACD8FD
Certificate serial: 1876
Authority key identifier: 90:C2:2F:73:93:85:0E:8E:CF:6B:5F:1E:32:0D:07:B2:D1:AC:D8:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/694CCE66E53911EF9DD1B90DC4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:19:38 +0000
ROA not before: Thu 08 May 2025 17:17:44 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 134190
IP address blocks: 42.3.226.0/24 maxlen: 32
203.198.4.0/25 maxlen: 32
203.198.4.128/25 maxlen: 32
203.198.7.0/26 maxlen: 32
203.198.7.64/26 maxlen: 32
203.198.23.0/24 maxlen: 32
203.198.24.64/26 maxlen: 32
218.102.1.0/24 maxlen: 32
218.102.2.0/24 maxlen: 32
218.102.3.0/24 maxlen: 32
218.102.11.64/27 maxlen: 32
218.102.16.0/25 maxlen: 32
218.102.16.208/30 maxlen: 32
218.102.20.80/28 maxlen: 32
218.102.20.128/27 maxlen: 32
218.102.20.192/27 maxlen: 32
218.102.20.224/27 maxlen: 32
218.102.21.32/28 maxlen: 32
218.102.21.224/27 maxlen: 32
218.102.22.64/27 maxlen: 32
218.102.22.96/27 maxlen: 32
218.102.23.0/24 maxlen: 32
218.102.32.0/24 maxlen: 32
218.102.34.0/24 maxlen: 32
218.102.43.64/27 maxlen: 32
218.102.43.96/27 maxlen: 32
218.102.48.0/24 maxlen: 32
218.102.49.0/26 maxlen: 32
218.102.49.80/28 maxlen: 32
218.102.49.128/26 maxlen: 32
218.102.49.192/28 maxlen: 32
218.102.50.0/24 maxlen: 32
218.102.51.0/24 maxlen: 32
218.102.52.80/28 maxlen: 32
218.102.53.0/24 maxlen: 32
218.102.60.64/26 maxlen: 32
218.102.62.0/24 maxlen: 32
219.76.0.64/27 maxlen: 32
219.76.5.0/25 maxlen: 32
219.76.7.0/25 maxlen: 32
219.76.14.64/27 maxlen: 32
219.76.14.96/27 maxlen: 32
219.76.26.128/27 maxlen: 32
219.76.26.160/27 maxlen: 32
219.76.26.192/26 maxlen: 32
219.76.64.64/26 maxlen: 32
219.76.64.160/28 maxlen: 32
219.76.64.192/26 maxlen: 32
219.76.67.96/27 maxlen: 32
219.76.68.0/26 maxlen: 32
219.76.68.64/26 maxlen: 32
219.76.94.0/24 maxlen: 32
219.76.95.0/24 maxlen: 32
219.76.98.64/27 maxlen: 32
219.76.99.0/24 maxlen: 32
219.76.100.0/26 maxlen: 32
219.76.100.64/26 maxlen: 32
219.76.100.128/25 maxlen: 32
219.76.104.64/28 maxlen: 32
219.76.111.0/24 maxlen: 32
219.76.112.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.crl
rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 19 Mar 2026 16:26:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6262 (0x1876)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918495F, serialNumber=90C22F7393850E8ECF6B5F1E320D07B2D1ACD8FD
Validity
Not Before: May 8 17:17:44 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=69a4752a-ea89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:28:fb:bc:6f:ab:c5:7f:55:22:68:af:eb:ba:
54:53:77:48:8b:41:48:95:eb:84:cd:33:61:35:aa:
4c:f2:cc:98:6f:6d:8f:81:71:f4:b5:f6:88:7a:48:
3e:87:c7:45:4c:7f:aa:4d:bb:ac:67:92:0f:5a:e0:
59:f1:f1:23:19:d0:41:3c:54:85:5e:20:aa:4e:7e:
16:97:88:f2:0e:09:9d:fe:3d:b3:f5:6f:5b:a7:30:
37:b9:00:d6:27:8f:64:05:f1:15:7f:a1:30:c1:a6:
d7:fc:f7:88:83:6f:9f:33:cd:d7:c5:62:e5:7a:4d:
fa:ed:76:e2:5a:4e:24:5c:02:2d:52:f5:9b:87:90:
f6:a4:53:e1:1a:ff:2f:49:ac:3a:1a:22:85:3e:97:
b7:f3:85:c2:a5:94:6f:c7:54:8a:fc:c7:a1:27:06:
44:32:a7:22:ca:24:0e:3b:71:91:74:af:fe:90:67:
05:33:f1:0d:67:4c:24:85:03:fb:41:10:50:5e:c4:
99:b4:1b:7f:d5:f7:f8:ca:58:e4:48:c1:5a:e5:cd:
9a:cc:da:c6:e7:e6:63:0b:c9:bf:7e:ea:a8:aa:f1:
8f:99:4a:e8:af:1b:4b:cb:8d:44:2c:6b:25:9d:e8:
33:0f:d0:05:42:db:bb:4b:c0:95:5c:5e:d9:8c:12:
08:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:77:9C:BA:FA:C6:ED:7B:EF:64:6C:63:C2:4F:55:28:09:B3:EF:11
X509v3 Authority Key Identifier:
keyid:90:C2:2F:73:93:85:0E:8E:CF:6B:5F:1E:32:0D:07:B2:D1:AC:D8:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/694CCE66E53911EF9DD1B90DC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
42.3.226.0/24
203.198.4.0/24
203.198.7.0/25
203.198.23.0/24
203.198.24.64/26
218.102.1.0-218.102.3.255
218.102.11.64/27
218.102.16.0/25
218.102.16.208/30
218.102.20.80/28
218.102.20.128/27
218.102.20.192/26
218.102.21.32/28
218.102.21.224/27
218.102.22.64/26
218.102.23.0/24
218.102.32.0/24
218.102.34.0/24
218.102.43.64/26
218.102.48.0-218.102.49.63
218.102.49.80/28
218.102.49.128-218.102.49.207
218.102.50.0/23
218.102.52.80/28
218.102.53.0/24
218.102.60.64/26
218.102.62.0/24
219.76.0.64/27
219.76.5.0/25
219.76.7.0/25
219.76.14.64/26
219.76.26.128/25
219.76.64.64/26
219.76.64.160/28
219.76.64.192/26
219.76.67.96/27
219.76.68.0/25
219.76.94.0/23
219.76.98.64/27
219.76.99.0-219.76.100.255
219.76.104.64/28
219.76.111.0-219.76.112.255
Signature Algorithm: sha256WithRSAEncryption
0c:0b:4b:ca:7c:2c:ca:66:84:42:a0:db:87:71:e5:6f:2e:4b:
a3:6a:45:50:d4:70:ab:7c:76:8a:50:86:ed:36:24:e7:7e:28:
73:7b:5f:3c:98:68:00:6e:03:46:b4:a4:bf:c3:04:93:fc:23:
4b:e5:78:04:60:09:9e:0c:04:bf:30:d6:de:41:b6:4e:b3:cf:
6c:61:41:25:36:37:9a:94:99:6d:8f:ed:4a:0d:2c:a4:a6:f7:
41:c4:70:79:d5:59:0e:a1:3e:0d:90:0b:f1:63:ce:88:03:1f:
6c:d0:4c:35:89:10:aa:7c:52:68:ac:b7:b1:78:24:12:1a:fa:
a7:09:bd:ea:e3:09:11:9a:a8:bb:62:65:10:14:0a:3d:00:31:
8a:4a:ee:49:2d:dd:e1:78:4b:eb:af:e1:fa:ba:27:ee:8c:9b:
90:1f:1b:ea:f0:f8:79:48:5f:e8:42:65:5f:d3:33:d9:e8:ad:
c2:71:1b:b5:4e:dc:bb:c2:7a:b7:ac:d1:41:11:dc:32:d4:01:
33:bd:e6:96:0e:9d:9c:45:1c:f3:f9:79:c9:8e:4c:c4:34:37:
de:46:fe:b0:e8:91:6c:7f:ba:e5:13:ad:c7:74:bd:0e:70:23:
00:99:e7:a1:01:ce:fb:fa:de:29:4d:df:3f:d5:8b:d6:9e:7f:
73:d3:55:7b
-----BEGIN CERTIFICATE-----
MIIGgjCCBWqgAwIBAgICGHYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODQ5NUYxMTAvBgNVBAUTKDkwQzIyRjczOTM4NTBFOEVDRjZCNUYxRTMyMEQwN0Iy
RDFBQ0Q4RkQwHhcNMjUwNTA4MTcxNzQ0WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzUyYS1lYTg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyCj7vG+rxX9VImiv67pUU3dIi0FIleuEzTNhNapM8syYb22PgXH0tfaIekg+
h8dFTH+qTbusZ5IPWuBZ8fEjGdBBPFSFXiCqTn4Wl4jyDgmd/j2z9W9bpzA3uQDW
J49kBfEVf6EwwabX/PeIg2+fM83XxWLlek367XbiWk4kXAItUvWbh5D2pFPhGv8v
Saw6GiKFPpe384XCpZRvx1SK/MehJwZEMqciyiQOO3GRdK/+kGcFM/ENZ0wkhQP7
QRBQXsSZtBt/1ff4yljkSMFa5c2azNrG5+ZjC8m/fuqoqvGPmUrorxtLy41ELGsl
negzD9AFQtu7S8CVXF7ZjBIIewIDAQABo4IDpjCCA6IwHQYDVR0OBBYEFH53nLr6
xu1772RsY8JPVSgJs+8RMB8GA1UdIwQYMBaAFJDCL3OThQ6Oz2tfHjINB7LRrNj9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDk1Ri84NDhDODU3Q0RG
RUMxMUU3QTI3QTIyMTNDNEY5QUUwMi9rTUl2YzVPRkRvN1BhMThlTWcwSHN0R3My
UDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tNSXZjNU9GRG83UGExOGVNZzBIc3RHczJQMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODQ5NUYvODQ4Qzg1N0NERkVDMTFFN0EyN0EyMjEzQzRGOUFFMDIvNjk0Q0NFNjZF
NTM5MTFFRjlERDFCOTBEQzRGOUFFMDIucm9hMIIBYwYIKwYBBQUHAQcBAf8EggFS
MIIBTjCCAUoEAgABMIIBQgMEACoD4gMEAMvGBAMFB8vGBwADBADLxhcDBQbLxhhA
MAwDBADaZgEDBALaZgADBQXaZgtAAwUH2mYQAAMFAtpmENADBQTaZhRQAwUF2mYU
gAMFBtpmFMADBQTaZhUgAwUF2mYV4AMFBtpmFkADBADaZhcDBADaZiADBADaZiID
BQbaZitAMA0DBATaZjADBQbaZjEAAwUE2mYxUDAOAwUH2mYxgAMFBNpmMcADBAHa
ZjIDBQTaZjRQAwQA2mY1AwUG2mY8QAMEANpmPgMFBdtMAEADBQfbTAUAAwUH20wH
AAMFBttMDkADBQfbTBqAAwUG20xAQAMFBNtMQKADBQbbTEDAAwUF20xDYAMFB9tM
RAADBAHbTF4DBQXbTGJAMAwDBADbTGMDBADbTGQDBQTbTGhAMAwDBADbTG8DBADb
THAwDQYJKoZIhvcNAQELBQADggEBAAwLS8p8LMpmhEKg24dx5W8uS6NqRVDUcKt8
dopQhu02JOd+KHN7XzyYaABuA0a0pL/DBJP8I0vleARgCZ4MBL8w1t5Btk6zz2xh
QSU2N5qUmW2P7UoNLKSm90HEcHnVWQ6hPg2QC/FjzogDH2zQTDWJEKp8Umist7F4
JBIa+qcJverjCRGaqLtiZRAUCj0AMYpK7kkt3eF4S+uv4fq6J+6Mm5AfG+rw+HlI
X+hCZV/TM9norcJxG7VO3LvCeres0UER3DLUATO95pYOnZxFHPP5ecmOTMQ0N95G
/rDokWx/uuUTrcd0vQ5wIwCZ56EBzvv63ilN3z/Vi9aef3PTVXs=
-----END CERTIFICATE-----
Generated at Thu Mar 12 22:56:25 2026 by rpki-client