Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/694CCE66E53911EF9DD1B90DC4F9AE02.roa
File: 694CCE66E53911EF9DD1B90DC4F9AE02.roa (raw, json)
Hash identifier: B1YiGgCtYnl0DniTkWdLU0vwQGEcmW0KOtnOvpcFKdM=
Subject key identifier: D3:90:8F:83:20:39:1B:30:44:E1:C1:28:D8:FB:2E:E7:B0:47:78:BA
Certificate issuer: /CN=A918495F/serialNumber=90C22F7393850E8ECF6B5F1E320D07B2D1ACD8FD
Certificate serial: 18B8
Authority key identifier: 90:C2:2F:73:93:85:0E:8E:CF:6B:5F:1E:32:0D:07:B2:D1:AC:D8:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/694CCE66E53911EF9DD1B90DC4F9AE02.roa
Signing time: Thu 04 Jun 2026 17:19:49 +0000
ROA not before: Thu 04 Jun 2026 17:19:49 +0000
ROA not after: Fri 30 Jul 2027 00:00:00 +0000
asID: 134190
IP address blocks: 42.3.226.0/24 maxlen: 32
203.198.4.0/25 maxlen: 32
203.198.4.128/25 maxlen: 32
203.198.7.0/26 maxlen: 32
203.198.7.64/26 maxlen: 32
203.198.23.0/24 maxlen: 32
203.198.24.64/26 maxlen: 32
218.102.1.0/24 maxlen: 32
218.102.2.0/24 maxlen: 32
218.102.3.0/24 maxlen: 32
218.102.11.64/27 maxlen: 32
218.102.16.0/25 maxlen: 32
218.102.16.208/30 maxlen: 32
218.102.20.80/28 maxlen: 32
218.102.20.128/27 maxlen: 32
218.102.20.192/27 maxlen: 32
218.102.20.224/27 maxlen: 32
218.102.21.32/28 maxlen: 32
218.102.21.224/27 maxlen: 32
218.102.22.64/27 maxlen: 32
218.102.22.96/27 maxlen: 32
218.102.23.0/24 maxlen: 32
218.102.32.0/24 maxlen: 32
218.102.34.0/24 maxlen: 32
218.102.43.64/27 maxlen: 32
218.102.43.96/27 maxlen: 32
218.102.48.0/24 maxlen: 32
218.102.49.0/26 maxlen: 32
218.102.49.80/28 maxlen: 32
218.102.49.128/26 maxlen: 32
218.102.49.192/28 maxlen: 32
218.102.50.0/24 maxlen: 32
218.102.51.0/24 maxlen: 32
218.102.52.80/28 maxlen: 32
218.102.53.0/24 maxlen: 32
218.102.60.64/26 maxlen: 32
218.102.62.0/24 maxlen: 32
219.76.0.64/27 maxlen: 32
219.76.5.0/25 maxlen: 32
219.76.7.0/25 maxlen: 32
219.76.14.64/27 maxlen: 32
219.76.14.96/27 maxlen: 32
219.76.26.128/27 maxlen: 32
219.76.26.160/27 maxlen: 32
219.76.26.192/26 maxlen: 32
219.76.64.64/26 maxlen: 32
219.76.64.160/28 maxlen: 32
219.76.64.192/26 maxlen: 32
219.76.67.96/27 maxlen: 32
219.76.68.0/26 maxlen: 32
219.76.68.64/26 maxlen: 32
219.76.94.0/24 maxlen: 32
219.76.95.0/24 maxlen: 32
219.76.98.64/27 maxlen: 32
219.76.99.0/24 maxlen: 32
219.76.100.0/26 maxlen: 32
219.76.100.64/26 maxlen: 32
219.76.100.128/25 maxlen: 32
219.76.104.64/28 maxlen: 32
219.76.111.0/24 maxlen: 32
219.76.112.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.crl
rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 17 Jun 2026 16:31:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6328 (0x18b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918495F, serialNumber=90C22F7393850E8ECF6B5F1E320D07B2D1ACD8FD
Validity
Not Before: Jun 4 17:19:49 2026 GMT
Not After : Jul 30 00:00:00 2027 GMT
Subject: CN=6a21b3b5-38a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:1a:5d:a6:84:31:eb:49:43:f3:fe:d6:51:68:
ba:59:db:3a:51:5b:8d:d9:cd:05:3e:a7:36:a2:7c:
3e:5c:e4:da:6b:37:15:cc:99:d0:e8:05:90:d6:d7:
52:aa:5c:a2:99:a6:c2:51:83:00:45:9d:84:9f:54:
f7:be:e5:bf:60:73:23:c8:91:f9:b1:02:2d:59:2d:
d2:49:e8:8e:d5:b6:16:31:9c:f5:32:c2:b4:c0:74:
59:f5:86:64:b9:25:90:e5:81:ae:59:3b:c5:28:e3:
d8:9a:4a:e2:d7:f2:40:a0:3d:bf:5a:9a:12:a6:59:
af:50:bf:f4:fa:2f:f3:c1:c0:e3:82:30:d9:dc:a8:
0a:c8:9e:11:71:51:09:34:58:c3:9a:95:be:16:4c:
e3:30:5b:b0:d8:58:96:ce:62:f4:d1:64:3f:df:f7:
80:f1:6b:d2:45:c6:40:b6:3d:d4:7b:94:ce:e8:ce:
76:db:82:3b:71:87:37:24:79:76:a7:fb:a1:c1:0a:
a9:be:7c:71:dd:ae:c2:a4:e4:03:05:bc:5a:02:73:
96:75:a6:80:71:52:5b:64:55:37:7f:bf:82:d2:b0:
d0:35:79:6d:80:23:fb:7e:10:53:1c:79:2a:16:87:
8a:56:cc:0c:6f:ca:3e:fc:3a:ff:73:5b:6b:69:b4:
65:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:90:8F:83:20:39:1B:30:44:E1:C1:28:D8:FB:2E:E7:B0:47:78:BA
X509v3 Authority Key Identifier:
keyid:90:C2:2F:73:93:85:0E:8E:CF:6B:5F:1E:32:0D:07:B2:D1:AC:D8:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/694CCE66E53911EF9DD1B90DC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
42.3.226.0/24
203.198.4.0/24
203.198.7.0/25
203.198.23.0/24
203.198.24.64/26
218.102.1.0-218.102.3.255
218.102.11.64/27
218.102.16.0/25
218.102.16.208/30
218.102.20.80/28
218.102.20.128/27
218.102.20.192/26
218.102.21.32/28
218.102.21.224/27
218.102.22.64/26
218.102.23.0/24
218.102.32.0/24
218.102.34.0/24
218.102.43.64/26
218.102.48.0-218.102.49.63
218.102.49.80/28
218.102.49.128-218.102.49.207
218.102.50.0/23
218.102.52.80/28
218.102.53.0/24
218.102.60.64/26
218.102.62.0/24
219.76.0.64/27
219.76.5.0/25
219.76.7.0/25
219.76.14.64/26
219.76.26.128/25
219.76.64.64/26
219.76.64.160/28
219.76.64.192/26
219.76.67.96/27
219.76.68.0/25
219.76.94.0/23
219.76.98.64/27
219.76.99.0-219.76.100.255
219.76.104.64/28
219.76.111.0-219.76.112.255
Signature Algorithm: sha256WithRSAEncryption
34:3d:12:fd:85:b7:3c:5b:e3:a5:71:c5:48:17:09:c9:44:6e:
2b:9a:05:31:09:b6:6f:af:c2:13:f2:08:2d:a8:76:81:53:e7:
8f:6c:4a:31:25:ef:da:48:1a:e4:2c:6c:8b:ed:48:66:ab:b9:
e1:f6:78:fa:80:1a:66:40:c6:f7:fd:37:33:c8:83:5a:e1:99:
49:57:25:97:69:d0:4f:d7:a8:27:47:5e:92:e5:1c:0e:6e:50:
7e:54:bf:28:e1:b4:fd:dc:d8:3b:3b:70:05:dc:77:03:b0:99:
8d:99:28:45:af:73:56:14:fc:cb:44:92:6a:ba:fb:34:28:99:
cf:e9:ce:8b:d8:ab:c2:15:41:4d:98:e7:c3:b1:70:aa:05:40:
39:5c:a1:9d:f1:57:65:86:bd:03:2d:55:e6:19:46:ca:8f:13:
b0:58:b7:cb:8a:7c:b6:c5:cb:86:a6:e0:73:1f:65:90:13:09:
17:02:1a:19:16:b1:1a:66:6f:dc:c0:b1:f3:28:64:7b:64:f5:
49:54:e8:52:39:83:7e:7c:4a:39:6e:31:61:0a:e6:69:90:29:
4a:5d:bd:61:43:28:7c:15:92:ee:40:8d:ff:05:c3:a2:1d:66:
a0:d2:eb:c4:ef:91:92:4f:f3:d6:19:ce:7c:2d:6e:ed:0e:55:
a0:ce:a5:8e
-----BEGIN CERTIFICATE-----
MIIGgjCCBWqgAwIBAgICGLgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODQ5NUYxMTAvBgNVBAUTKDkwQzIyRjczOTM4NTBFOEVDRjZCNUYxRTMyMEQwN0Iy
RDFBQ0Q4RkQwHhcNMjYwNjA0MTcxOTQ5WhcNMjcwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTIxYjNiNS0zOGEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzBpdpoQx60lD8/7WUWi6Wds6UVuN2c0FPqc2onw+XOTaazcVzJnQ6AWQ1tdS
qlyimabCUYMARZ2En1T3vuW/YHMjyJH5sQItWS3SSeiO1bYWMZz1MsK0wHRZ9YZk
uSWQ5YGuWTvFKOPYmkri1/JAoD2/WpoSplmvUL/0+i/zwcDjgjDZ3KgKyJ4RcVEJ
NFjDmpW+FkzjMFuw2FiWzmL00WQ/3/eA8WvSRcZAtj3Ue5TO6M5224I7cYc3JHl2
p/uhwQqpvnxx3a7CpOQDBbxaAnOWdaaAcVJbZFU3f7+C0rDQNXltgCP7fhBTHHkq
FoeKVswMb8o+/Dr/c1trabRl0wIDAQABo4IDpjCCA6IwHQYDVR0OBBYEFNOQj4Mg
ORswROHBKNj7LuewR3i6MB8GA1UdIwQYMBaAFJDCL3OThQ6Oz2tfHjINB7LRrNj9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDk1Ri84NDhDODU3Q0RG
RUMxMUU3QTI3QTIyMTNDNEY5QUUwMi9rTUl2YzVPRkRvN1BhMThlTWcwSHN0R3My
UDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tNSXZjNU9GRG83UGExOGVNZzBIc3RHczJQMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODQ5NUYvODQ4Qzg1N0NERkVDMTFFN0EyN0EyMjEzQzRGOUFFMDIvNjk0Q0NFNjZF
NTM5MTFFRjlERDFCOTBEQzRGOUFFMDIucm9hMIIBYwYIKwYBBQUHAQcBAf8EggFS
MIIBTjCCAUoEAgABMIIBQgMEACoD4gMEAMvGBAMFB8vGBwADBADLxhcDBQbLxhhA
MAwDBADaZgEDBALaZgADBQXaZgtAAwUH2mYQAAMFAtpmENADBQTaZhRQAwUF2mYU
gAMFBtpmFMADBQTaZhUgAwUF2mYV4AMFBtpmFkADBADaZhcDBADaZiADBADaZiID
BQbaZitAMA0DBATaZjADBQbaZjEAAwUE2mYxUDAOAwUH2mYxgAMFBNpmMcADBAHa
ZjIDBQTaZjRQAwQA2mY1AwUG2mY8QAMEANpmPgMFBdtMAEADBQfbTAUAAwUH20wH
AAMFBttMDkADBQfbTBqAAwUG20xAQAMFBNtMQKADBQbbTEDAAwUF20xDYAMFB9tM
RAADBAHbTF4DBQXbTGJAMAwDBADbTGMDBADbTGQDBQTbTGhAMAwDBADbTG8DBADb
THAwDQYJKoZIhvcNAQELBQADggEBADQ9Ev2Ftzxb46VxxUgXCclEbiuaBTEJtm+v
whPyCC2odoFT549sSjEl79pIGuQsbIvtSGarueH2ePqAGmZAxvf9NzPIg1rhmUlX
JZdp0E/XqCdHXpLlHA5uUH5UvyjhtP3c2Ds7cAXcdwOwmY2ZKEWvc1YU/MtEkmq6
+zQomc/pzovYq8IVQU2Y58OxcKoFQDlcoZ3xV2WGvQMtVeYZRsqPE7BYt8uKfLbF
y4am4HMfZZATCRcCGhkWsRpmb9zAsfMoZHtk9UlU6FI5g358SjluMWEK5mmQKUpd
vWFDKHwVku5Ajf8Fw6IdZqDS68TvkZJP89YZznwtbu0OVaDOpY4=
-----END CERTIFICATE-----
Generated at Fri Jun 12 00:12:15 2026 by rpki-client