Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/B04675FC959711EA9F290A33C4F9AE02.roa
File: B04675FC959711EA9F290A33C4F9AE02.roa (raw, json)
Hash identifier: wWZc4DPL/CIi2uHPFRZ5kI0NT8FM5d7k/tcwO50MfhM=
Subject key identifier: 78:12:36:9D:17:D2:21:12:26:05:9D:C7:C0:44:47:A3:5A:0F:2D:DA
Certificate issuer: /CN=A918495F/serialNumber=90C22F7393850E8ECF6B5F1E320D07B2D1ACD8FD
Certificate serial: 187D
Authority key identifier: 90:C2:2F:73:93:85:0E:8E:CF:6B:5F:1E:32:0D:07:B2:D1:AC:D8:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/B04675FC959711EA9F290A33C4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:19:44 +0000
ROA not before: Fri 10 Oct 2025 10:01:37 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 4515
IP address blocks: 42.3.226.0/24 maxlen: 24
58.152.0.0/21 maxlen: 21
58.153.255.0/24 maxlen: 24
203.198.40.0/23 maxlen: 23
203.198.42.0/23 maxlen: 23
203.198.44.0/23 maxlen: 23
203.198.46.0/23 maxlen: 23
203.198.48.0/21 maxlen: 21
203.198.56.0/21 maxlen: 21
203.198.64.0/24 maxlen: 24
203.198.65.0/24 maxlen: 24
203.198.66.0/23 maxlen: 23
203.198.68.0/23 maxlen: 23
203.198.70.0/23 maxlen: 23
203.198.72.0/22 maxlen: 22
203.198.76.0/22 maxlen: 22
203.198.152.0/22 maxlen: 22
203.198.156.0/22 maxlen: 22
203.198.160.0/21 maxlen: 21
203.198.168.0/21 maxlen: 21
203.198.176.0/22 maxlen: 22
203.198.180.0/22 maxlen: 22
203.198.180.0/24 maxlen: 24
203.198.184.0/22 maxlen: 22
203.198.185.0/24 maxlen: 24
203.198.188.0/22 maxlen: 22
203.198.192.0/22 maxlen: 22
203.198.196.0/22 maxlen: 22
203.198.196.0/24 maxlen: 24
203.198.200.0/22 maxlen: 22
203.198.204.0/23 maxlen: 23
203.198.204.0/24 maxlen: 24
203.198.206.0/23 maxlen: 23
203.198.208.0/21 maxlen: 21
203.198.216.0/21 maxlen: 21
203.198.236.0/22 maxlen: 22
218.103.0.0/19 maxlen: 19
218.103.40.0/22 maxlen: 22
218.103.44.0/22 maxlen: 22
218.103.48.0/21 maxlen: 21
218.103.56.0/23 maxlen: 23
218.103.58.0/23 maxlen: 23
218.103.60.0/22 maxlen: 22
218.103.64.0/22 maxlen: 22
218.103.68.0/22 maxlen: 22
218.103.72.0/22 maxlen: 22
218.103.76.0/22 maxlen: 22
218.103.80.0/20 maxlen: 20
218.103.96.0/20 maxlen: 20
219.76.192.0/19 maxlen: 19
219.76.220.0/22 maxlen: 22
219.76.224.0/20 maxlen: 20
220.246.0.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.crl
rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 19 Mar 2026 16:26:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6269 (0x187d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918495F, serialNumber=90C22F7393850E8ECF6B5F1E320D07B2D1ACD8FD
Validity
Not Before: Oct 10 10:01:37 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=69a47530-bcdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:39:65:df:18:7d:60:cb:d4:f8:bc:fe:aa:8e:
88:ba:74:cb:b1:3b:26:4d:5b:66:4c:6c:50:14:e7:
9d:aa:c4:8c:73:3e:92:4a:67:d0:db:85:58:b2:dd:
31:19:19:2b:49:ce:82:b0:96:a5:80:5e:aa:df:8a:
68:ac:53:7a:a6:27:d2:ef:bf:6a:f0:a1:07:4a:90:
12:fa:5f:45:60:2e:39:fd:e2:35:9d:ca:43:ed:a8:
ab:2d:66:51:cf:e5:8f:e8:f3:84:0b:e2:ea:c5:25:
00:e1:58:ac:93:e6:1a:90:96:50:04:12:1b:f1:8c:
9a:fc:5d:9b:32:98:07:99:44:6d:55:a9:34:71:39:
f6:e9:40:f5:9a:c2:4b:3f:c8:b4:64:05:a1:6b:61:
c5:69:a4:76:82:23:40:9a:fb:5f:cb:7a:d9:a2:b0:
99:4c:c7:06:fa:ca:fb:8c:c9:05:c4:ec:f0:08:69:
2e:83:8a:38:03:2c:53:1f:57:4c:5b:b4:90:51:83:
a6:90:3f:d5:df:38:61:a5:89:a4:7b:61:88:ac:c8:
c1:ab:4a:f1:87:dc:38:f3:28:15:34:a0:b5:69:4a:
b4:77:1c:01:f2:40:7f:cd:9d:67:3f:5b:36:1f:8d:
01:f4:18:63:2e:4a:62:82:73:80:47:6c:d8:62:52:
d8:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:12:36:9D:17:D2:21:12:26:05:9D:C7:C0:44:47:A3:5A:0F:2D:DA
X509v3 Authority Key Identifier:
keyid:90:C2:2F:73:93:85:0E:8E:CF:6B:5F:1E:32:0D:07:B2:D1:AC:D8:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/B04675FC959711EA9F290A33C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
42.3.226.0/24
58.152.0.0/21
58.153.255.0/24
203.198.40.0-203.198.79.255
203.198.152.0-203.198.223.255
203.198.236.0/22
218.103.0.0/19
218.103.40.0-218.103.111.255
219.76.192.0-219.76.239.255
220.246.0.0/19
Signature Algorithm: sha256WithRSAEncryption
38:bb:89:39:ba:57:46:68:3b:df:f2:b7:39:98:b1:59:a9:90:
55:46:20:8b:fb:49:92:ec:f4:cf:18:bb:07:34:0b:a4:9f:77:
ad:ed:1e:ca:d1:ad:ba:26:cb:ab:30:55:4c:4f:41:25:29:4c:
85:40:31:45:37:aa:15:30:b3:9d:63:7c:85:99:0c:cb:56:48:
25:e8:30:bf:6b:10:51:e8:49:41:74:d8:1d:a3:da:2e:c3:f9:
60:e5:c2:fc:a5:4a:cd:1d:24:40:5c:59:55:b3:d7:7d:c4:8c:
9a:65:97:38:69:f5:4b:06:90:4e:0c:6d:65:b0:78:e4:fa:30:
ec:76:f8:35:04:56:cc:d6:2a:3f:d0:13:e2:a8:c1:c0:db:d4:
7d:9e:ac:ac:24:fc:1d:7f:c1:77:5f:04:b7:8c:2a:06:8d:43:
3a:16:7b:92:1e:dc:da:bd:df:e7:03:55:63:bf:bc:9a:9e:31:
4b:8e:91:c1:c9:86:6c:68:ad:92:e2:00:b4:1c:c9:29:d4:c5:
38:95:9c:49:43:b7:48:02:e2:b0:a4:a0:31:90:08:e1:b6:01:
88:1e:1d:a7:15:9b:ee:31:40:f8:ce:bd:22:1c:08:5c:80:a1:
00:d7:b1:1c:64:4f:4d:13:e5:aa:b4:1a:5d:81:95:be:22:06:
a9:69:99:74
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICGH0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODQ5NUYxMTAvBgNVBAUTKDkwQzIyRjczOTM4NTBFOEVDRjZCNUYxRTMyMEQwN0Iy
RDFBQ0Q4RkQwHhcNMjUxMDEwMTAwMTM3WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzUzMC1iY2RmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0zll3xh9YMvU+Lz+qo6IunTLsTsmTVtmTGxQFOedqsSMcz6SSmfQ24VYst0x
GRkrSc6CsJalgF6q34porFN6pifS779q8KEHSpAS+l9FYC45/eI1ncpD7airLWZR
z+WP6POEC+LqxSUA4Visk+YakJZQBBIb8Yya/F2bMpgHmURtVak0cTn26UD1msJL
P8i0ZAWha2HFaaR2giNAmvtfy3rZorCZTMcG+sr7jMkFxOzwCGkug4o4AyxTH1dM
W7SQUYOmkD/V3zhhpYmke2GIrMjBq0rxh9w48ygVNKC1aUq0dxwB8kB/zZ1nP1s2
H40B9BhjLkpignOAR2zYYlLYHQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFHgSNp0X
0iESJgWdx8BER6NaDy3aMB8GA1UdIwQYMBaAFJDCL3OThQ6Oz2tfHjINB7LRrNj9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDk1Ri84NDhDODU3Q0RG
RUMxMUU3QTI3QTIyMTNDNEY5QUUwMi9rTUl2YzVPRkRvN1BhMThlTWcwSHN0R3My
UDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tNSXZjNU9GRG83UGExOGVNZzBIc3RHczJQMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODQ5NUYvODQ4Qzg1N0NERkVDMTFFN0EyN0EyMjEzQzRGOUFFMDIvQjA0Njc1RkM5
NTk3MTFFQTlGMjkwQTMzQzRGOUFFMDIucm9hMHUGCCsGAQUFBwEHAQH/BGYwZDBi
BAIAATBcAwQAKgPiAwQDOpgAAwQAOpn/MAwDBAPLxigDBATLxkAwDAMEA8vGmAME
BcvGwAMEAsvG7AMEBdpnADAMAwQD2mcoAwQE2mdgMAwDBAbbTMADBATbTOADBAXc
9gAwDQYJKoZIhvcNAQELBQADggEBADi7iTm6V0ZoO9/ytzmYsVmpkFVGIIv7SZLs
9M8Yuwc0C6Sfd63tHsrRrbomy6swVUxPQSUpTIVAMUU3qhUws51jfIWZDMtWSCXo
ML9rEFHoSUF02B2j2i7D+WDlwvylSs0dJEBcWVWz133EjJpllzhp9UsGkE4MbWWw
eOT6MOx2+DUEVszWKj/QE+KowcDb1H2erKwk/B1/wXdfBLeMKgaNQzoWe5Ie3Nq9
3+cDVWO/vJqeMUuOkcHJhmxorZLiALQcySnUxTiVnElDt0gC4rCkoDGQCOG2AYge
HacVm+4xQPjOvSIcCFyAoQDXsRxkT00T5aq0Gl2Blb4iBqlpmXQ=
-----END CERTIFICATE-----
Generated at Thu Mar 12 22:56:53 2026 by rpki-client