Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/B04675FC959711EA9F290A33C4F9AE02.roa
File: B04675FC959711EA9F290A33C4F9AE02.roa (raw, json)
Hash identifier: bVsFv/oKfnNnwxPwmc/HnCYntRgfJw5+yTQyNn6XJ1s=
Subject key identifier: 4E:89:BA:B1:2E:22:F8:3A:5D:21:E6:15:F9:CC:40:EF:62:54:81:99
Certificate issuer: /CN=A918495F/serialNumber=90C22F7393850E8ECF6B5F1E320D07B2D1ACD8FD
Certificate serial: 18BC
Authority key identifier: 90:C2:2F:73:93:85:0E:8E:CF:6B:5F:1E:32:0D:07:B2:D1:AC:D8:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/B04675FC959711EA9F290A33C4F9AE02.roa
Signing time: Thu 04 Jun 2026 17:19:57 +0000
ROA not before: Thu 04 Jun 2026 17:19:57 +0000
ROA not after: Fri 30 Jul 2027 00:00:00 +0000
asID: 4515
IP address blocks: 42.3.226.0/24 maxlen: 24
58.152.0.0/21 maxlen: 21
58.153.255.0/24 maxlen: 24
203.198.40.0/23 maxlen: 23
203.198.42.0/23 maxlen: 23
203.198.44.0/23 maxlen: 23
203.198.46.0/23 maxlen: 23
203.198.48.0/21 maxlen: 21
203.198.56.0/21 maxlen: 21
203.198.64.0/24 maxlen: 24
203.198.65.0/24 maxlen: 24
203.198.66.0/23 maxlen: 23
203.198.68.0/23 maxlen: 23
203.198.70.0/23 maxlen: 23
203.198.72.0/22 maxlen: 22
203.198.76.0/22 maxlen: 22
203.198.152.0/22 maxlen: 22
203.198.156.0/22 maxlen: 22
203.198.160.0/21 maxlen: 21
203.198.168.0/21 maxlen: 21
203.198.176.0/22 maxlen: 22
203.198.180.0/22 maxlen: 22
203.198.180.0/24 maxlen: 24
203.198.184.0/22 maxlen: 22
203.198.185.0/24 maxlen: 24
203.198.188.0/22 maxlen: 22
203.198.192.0/22 maxlen: 22
203.198.196.0/22 maxlen: 22
203.198.196.0/24 maxlen: 24
203.198.200.0/22 maxlen: 22
203.198.204.0/23 maxlen: 23
203.198.204.0/24 maxlen: 24
203.198.206.0/23 maxlen: 23
203.198.208.0/21 maxlen: 21
203.198.216.0/21 maxlen: 21
203.198.236.0/22 maxlen: 22
218.103.0.0/19 maxlen: 19
218.103.40.0/22 maxlen: 22
218.103.44.0/22 maxlen: 22
218.103.48.0/21 maxlen: 21
218.103.56.0/23 maxlen: 23
218.103.58.0/23 maxlen: 23
218.103.60.0/22 maxlen: 22
218.103.64.0/22 maxlen: 22
218.103.68.0/22 maxlen: 22
218.103.72.0/22 maxlen: 22
218.103.76.0/22 maxlen: 22
218.103.80.0/20 maxlen: 20
218.103.96.0/20 maxlen: 20
219.76.192.0/19 maxlen: 19
219.76.220.0/22 maxlen: 22
219.76.224.0/20 maxlen: 20
220.246.0.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.crl
rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 17 Jun 2026 16:31:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6332 (0x18bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918495F, serialNumber=90C22F7393850E8ECF6B5F1E320D07B2D1ACD8FD
Validity
Not Before: Jun 4 17:19:57 2026 GMT
Not After : Jul 30 00:00:00 2027 GMT
Subject: CN=6a21b3bd-7e49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e4:ea:d5:59:4f:cd:c0:2a:1e:0f:7a:c7:e6:
bd:0e:8d:f8:ec:d6:ea:b6:66:32:a4:b4:ca:a5:8b:
94:61:18:4a:06:a4:4a:75:5a:7b:6e:e0:2c:76:e1:
5d:bd:86:41:57:ec:84:f8:c0:eb:8a:01:6b:17:31:
12:2c:2d:c4:75:05:c3:39:a8:e9:06:fc:26:1b:b0:
0d:a9:99:40:92:e2:82:e6:c5:a5:85:41:25:e4:93:
5f:f0:4f:17:2a:a5:35:12:a4:9c:cc:f9:74:ee:e7:
d6:60:6f:c1:49:ee:fc:1f:8d:9a:47:5a:34:b3:1f:
12:0e:0e:68:d3:59:3b:6e:1c:4a:0b:0e:fa:f6:72:
e0:78:b9:2a:a1:76:fb:09:23:57:9a:42:dc:76:3e:
ac:ad:9c:b0:7d:68:3b:00:79:c3:21:8d:83:5c:92:
94:1c:67:bf:37:c8:8c:13:d7:ec:27:75:32:2c:d8:
d6:52:61:49:74:aa:be:d6:6b:e9:2e:95:75:d1:b2:
d0:9e:12:14:ae:46:57:f8:2b:92:49:1d:bd:09:e7:
d6:ab:38:c2:91:86:00:df:30:bf:09:06:a6:69:44:
46:11:50:bb:4f:02:dd:00:a8:bc:5a:7b:7d:e8:2b:
78:1c:53:58:97:55:0d:80:36:6a:60:de:62:69:e1:
40:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:89:BA:B1:2E:22:F8:3A:5D:21:E6:15:F9:CC:40:EF:62:54:81:99
X509v3 Authority Key Identifier:
keyid:90:C2:2F:73:93:85:0E:8E:CF:6B:5F:1E:32:0D:07:B2:D1:AC:D8:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/B04675FC959711EA9F290A33C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
42.3.226.0/24
58.152.0.0/21
58.153.255.0/24
203.198.40.0-203.198.79.255
203.198.152.0-203.198.223.255
203.198.236.0/22
218.103.0.0/19
218.103.40.0-218.103.111.255
219.76.192.0-219.76.239.255
220.246.0.0/19
Signature Algorithm: sha256WithRSAEncryption
30:c3:b3:15:df:d9:86:70:28:15:fa:39:2d:a3:e2:52:a3:b6:
4c:53:10:d6:c2:34:44:9b:c9:f3:a3:90:93:64:22:99:61:d1:
9f:af:aa:9e:02:fe:8b:3d:2d:f4:ee:df:e6:52:c3:90:46:3a:
85:c6:0e:d0:63:aa:26:26:5f:8a:a4:33:0f:74:ce:d0:ef:7e:
bd:0d:1a:df:ca:13:54:56:a1:06:62:aa:73:fb:f2:cf:e4:0b:
e0:fa:59:61:08:80:57:82:f4:f6:e1:bf:4e:60:8f:2c:ab:a2:
72:f6:b5:c5:30:24:63:5f:5f:2b:8a:41:54:94:91:de:43:c1:
c0:6f:db:fd:98:a9:5c:36:ea:10:7c:12:4c:70:89:ed:86:d3:
b4:b8:dd:94:c9:5a:82:1e:a5:2d:98:e0:e0:a7:c8:d4:e8:23:
68:ed:44:ab:cb:14:60:6e:6e:f2:f7:a6:32:0e:c2:5a:40:40:
19:8a:63:b2:fd:85:23:ae:79:6b:b4:ae:82:e2:3a:88:cd:f1:
49:b1:a1:69:83:05:dc:2e:df:1e:6d:9b:bb:54:46:d2:1d:4b:
72:9b:8e:ea:da:0c:30:eb:b7:be:79:d7:ca:e5:88:c9:23:76:
96:9e:12:1d:1c:21:b6:c6:e8:e0:53:c6:80:bd:a3:d2:fa:6c:
c7:30:fc:47
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICGLwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODQ5NUYxMTAvBgNVBAUTKDkwQzIyRjczOTM4NTBFOEVDRjZCNUYxRTMyMEQwN0Iy
RDFBQ0Q4RkQwHhcNMjYwNjA0MTcxOTU3WhcNMjcwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTIxYjNiZC03ZTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1OTq1VlPzcAqHg96x+a9Do347NbqtmYypLTKpYuUYRhKBqRKdVp7buAsduFd
vYZBV+yE+MDrigFrFzESLC3EdQXDOajpBvwmG7ANqZlAkuKC5sWlhUEl5JNf8E8X
KqU1EqSczPl07ufWYG/BSe78H42aR1o0sx8SDg5o01k7bhxKCw769nLgeLkqoXb7
CSNXmkLcdj6srZywfWg7AHnDIY2DXJKUHGe/N8iME9fsJ3UyLNjWUmFJdKq+1mvp
LpV10bLQnhIUrkZX+CuSSR29CefWqzjCkYYA3zC/CQamaURGEVC7TwLdAKi8Wnt9
6Ct4HFNYl1UNgDZqYN5iaeFAfQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFE6JurEu
Ivg6XSHmFfnMQO9iVIGZMB8GA1UdIwQYMBaAFJDCL3OThQ6Oz2tfHjINB7LRrNj9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDk1Ri84NDhDODU3Q0RG
RUMxMUU3QTI3QTIyMTNDNEY5QUUwMi9rTUl2YzVPRkRvN1BhMThlTWcwSHN0R3My
UDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tNSXZjNU9GRG83UGExOGVNZzBIc3RHczJQMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODQ5NUYvODQ4Qzg1N0NERkVDMTFFN0EyN0EyMjEzQzRGOUFFMDIvQjA0Njc1RkM5
NTk3MTFFQTlGMjkwQTMzQzRGOUFFMDIucm9hMHUGCCsGAQUFBwEHAQH/BGYwZDBi
BAIAATBcAwQAKgPiAwQDOpgAAwQAOpn/MAwDBAPLxigDBATLxkAwDAMEA8vGmAME
BcvGwAMEAsvG7AMEBdpnADAMAwQD2mcoAwQE2mdgMAwDBAbbTMADBATbTOADBAXc
9gAwDQYJKoZIhvcNAQELBQADggEBADDDsxXf2YZwKBX6OS2j4lKjtkxTENbCNESb
yfOjkJNkIplh0Z+vqp4C/os9LfTu3+ZSw5BGOoXGDtBjqiYmX4qkMw90ztDvfr0N
Gt/KE1RWoQZiqnP78s/kC+D6WWEIgFeC9Pbhv05gjyyronL2tcUwJGNfXyuKQVSU
kd5DwcBv2/2YqVw26hB8Ekxwie2G07S43ZTJWoIepS2Y4OCnyNToI2jtRKvLFGBu
bvL3pjIOwlpAQBmKY7L9hSOueWu0roLiOojN8UmxoWmDBdwu3x5tm7tURtIdS3Kb
juraDDDrt75518rliMkjdpaeEh0cIbbG6OBTxoC9o9L6bMcw/Ec=
-----END CERTIFICATE-----
Generated at Fri Jun 12 00:12:27 2026 by rpki-client