Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1551AC80BE6811EEA3F1816EC4F9AE02.roa
File: 1551AC80BE6811EEA3F1816EC4F9AE02.roa (raw, json)
Hash identifier: 8QkR8QofPss1qjcniiXu+WtG7I0ALJzh44HxQUvauN0=
Subject key identifier: 2A:91:D0:0C:2F:EF:D1:C1:D3:3D:68:DA:76:F3:97:08:23:77:CF:0B
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: EB63
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1551AC80BE6811EEA3F1816EC4F9AE02.roa
Signing time: Sun 31 May 2026 17:51:46 +0000
ROA not before: Sun 31 May 2026 17:51:46 +0000
ROA not after: Thu 01 Oct 2026 00:00:00 +0000
asID: 55353
IP address blocks: 103.15.64.0/22 maxlen: 22
103.15.64.0/24 maxlen: 24
103.15.65.0/24 maxlen: 24
103.15.66.0/24 maxlen: 24
103.15.67.0/24 maxlen: 24
111.118.240.0/20 maxlen: 20
111.118.240.0/24 maxlen: 24
111.118.241.0/24 maxlen: 24
111.118.242.0/24 maxlen: 24
111.118.243.0/24 maxlen: 24
111.118.244.0/24 maxlen: 24
111.118.245.0/24 maxlen: 24
111.118.246.0/24 maxlen: 24
111.118.247.0/24 maxlen: 24
111.118.248.0/24 maxlen: 24
111.118.249.0/24 maxlen: 24
111.118.250.0/24 maxlen: 24
111.118.251.0/24 maxlen: 24
111.118.252.0/24 maxlen: 24
111.118.253.0/24 maxlen: 24
111.118.254.0/24 maxlen: 24
111.118.255.0/24 maxlen: 24
150.129.144.0/22 maxlen: 22
150.129.144.0/24 maxlen: 24
150.129.145.0/24 maxlen: 24
150.129.146.0/24 maxlen: 24
150.129.147.0/24 maxlen: 24
183.182.84.0/22 maxlen: 22
183.182.84.0/24 maxlen: 24
183.182.85.0/24 maxlen: 24
183.182.86.0/24 maxlen: 24
183.182.87.0/24 maxlen: 24
2401:c300::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Jun 2026 06:09:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60259 (0xeb63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 31 17:51:46 2026 GMT
Not After : Oct 1 00:00:00 2026 GMT
Subject: CN=6a1c7532-4376
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:91:a7:74:f8:52:19:cb:32:c1:38:e5:44:04:
20:0b:51:05:50:12:1b:86:37:39:5e:d4:61:5d:46:
6f:6d:01:04:7b:e5:f1:ab:ab:0d:30:89:a8:1c:0f:
f5:61:6e:b1:b5:44:5b:da:ad:12:13:af:93:25:9f:
95:45:3e:7b:c4:9d:91:31:a0:27:52:a7:f0:e0:a1:
f1:14:e5:27:fd:8d:17:a3:a4:c1:6f:82:ba:3c:3e:
bc:a1:46:42:11:e3:43:f2:69:d5:a9:fe:28:4c:a2:
4e:05:de:2e:cb:2c:9d:3a:08:b4:5d:5a:90:7e:02:
d6:81:3f:e3:3d:a7:26:d1:0d:51:e4:19:b7:75:ec:
97:d3:07:1d:33:15:1f:c4:b6:fb:a1:0f:41:0e:5c:
d7:1f:a2:fe:e3:8a:ac:78:d3:ac:50:e5:8d:d8:3b:
fa:ed:6c:f8:2a:6d:73:1c:46:25:fc:be:f2:9d:89:
be:b6:83:39:8e:f3:28:85:45:7e:41:48:fa:26:71:
86:fc:28:9f:0d:99:5c:b2:3f:d7:bd:3e:d2:d1:a4:
19:6d:bb:f1:bb:b9:89:b3:33:70:81:9e:49:fa:61:
6f:7e:68:fc:e1:df:d6:13:74:8c:fc:ff:01:0d:d9:
c1:69:ea:0b:e3:bd:64:dd:16:5e:44:c0:de:07:ea:
71:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:91:D0:0C:2F:EF:D1:C1:D3:3D:68:DA:76:F3:97:08:23:77:CF:0B
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1551AC80BE6811EEA3F1816EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.15.64.0/22
111.118.240.0/20
150.129.144.0/22
183.182.84.0/22
IPv6:
2401:c300::/32
Signature Algorithm: sha256WithRSAEncryption
b8:a3:55:20:e3:e0:15:3c:3b:66:a6:11:b3:97:72:24:24:8b:
8e:05:d5:f6:55:06:df:c2:b6:42:fe:2e:d3:53:00:07:6c:5a:
65:06:df:03:33:2b:51:ad:41:c6:8a:42:31:7b:25:74:12:49:
9e:ec:8f:3d:7a:de:1c:f5:d9:7e:fa:7e:5d:87:29:58:a8:2c:
f7:65:df:1e:12:07:fe:51:60:85:35:7f:11:53:63:3f:60:56:
b1:52:33:3f:17:35:3b:d8:7d:78:de:e0:bc:5a:74:84:8d:59:
98:b0:1a:9e:28:49:31:d3:99:f6:0f:c6:a7:43:ec:3c:5a:62:
b8:d4:ef:87:16:98:47:24:23:f6:3a:61:6f:02:6f:ab:5b:d1:
9f:4a:d1:98:d6:91:86:ca:9b:f0:ef:5d:54:e9:df:16:17:a5:
cf:57:22:d1:a7:4e:ac:31:04:a7:7f:4d:a9:78:a1:d3:e8:65:
b1:d3:1e:b1:85:11:a9:76:99:42:1b:e3:3b:38:a7:9c:0c:f7:
30:40:0f:e1:02:30:b8:1a:8e:5d:b4:b9:05:eb:fb:99:ba:7b:
32:e2:8c:3b:25:87:55:06:20:7d:f7:62:82:66:14:ce:7e:32:
39:3e:bd:2f:1d:7b:b8:23:f6:e2:41:0d:99:e1:52:3c:b9:6b:
6d:ed:01:73
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIDAOtjMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDUzMTE3NTE0NloXDTI2MTAwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNmExYzc1MzItNDM3NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIiRp3T4UhnLMsE45UQEIAtRBVASG4Y3OV7UYV1Gb20BBHvl8aurDTCJqBwP
9WFusbVEW9qtEhOvkyWflUU+e8SdkTGgJ1Kn8OCh8RTlJ/2NF6OkwW+Cujw+vKFG
QhHjQ/Jp1an+KEyiTgXeLsssnToItF1akH4C1oE/4z2nJtENUeQZt3Xsl9MHHTMV
H8S2+6EPQQ5c1x+i/uOKrHjTrFDljdg7+u1s+CptcxxGJfy+8p2JvraDOY7zKIVF
fkFI+iZxhvwonw2ZXLI/170+0tGkGW278bu5ibMzcIGeSfphb35o/OHf1hN0jPz/
AQ3ZwWnqC+O9ZN0WXkTA3gfqcZ0CAwEAAaOCAoEwggJ9MB0GA1UdDgQWBBQqkdAM
L+/RwdM9aNp285cII3fPCzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzE1NTFBQzgw
QkU2ODExRUVBM0YxODE2RUM0RjlBRTAyLnJvYTBABggrBgEFBQcBBwEB/wQxMC8w
HgQCAAEwGAMEAmcPQAMEBG928AMEApaBkAMEAre2VDANBAIAAjAHAwUAJAHDADAN
BgkqhkiG9w0BAQsFAAOCAQEAuKNVIOPgFTw7ZqYRs5dyJCSLjgXV9lUG38K2Qv4u
01MAB2xaZQbfAzMrUa1BxopCMXsldBJJnuyPPXreHPXZfvp+XYcpWKgs92XfHhIH
/lFghTV/EVNjP2BWsVIzPxc1O9h9eN7gvFp0hI1ZmLAanihJMdOZ9g/Gp0PsPFpi
uNTvhxaYRyQj9jphbwJvq1vRn0rRmNaRhsqb8O9dVOnfFhelz1ci0adOrDEEp39N
qXih0+hlsdMesYURqXaZQhvjOzinnAz3MEAP4QIwuBqOXbS5Bev7mbp7MuKMOyWH
VQYgffdigmYUzn4yOT69Lx17uCP24kENmeFSPLlrbe0Bcw==
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:06:49 2026 by rpki-client