Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1C3A6780F11511F0AE6AB1984B6F56BC.roa
File: 1C3A6780F11511F0AE6AB1984B6F56BC.roa (raw, json)
Hash identifier: PXCzi/VX5UdAqCB+ZeX/S7mlLMdtezxQ68NJ37O0Oqg=
Subject key identifier: 18:05:50:AF:3A:6A:F8:B0:30:A8:89:C1:26:BE:2B:C7:86:E9:38:57
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: E9E6
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1C3A6780F11511F0AE6AB1984B6F56BC.roa
Signing time: Sun 31 May 2026 17:39:46 +0000
ROA not before: Sun 31 May 2026 17:39:46 +0000
ROA not after: Thu 01 Oct 2026 00:00:00 +0000
asID: 151690
IP address blocks: 43.228.166.0/23 maxlen: 24
43.230.132.0/23 maxlen: 24
103.96.15.0/24 maxlen: 24
103.109.220.0/22 maxlen: 24
103.110.244.0/23 maxlen: 24
103.115.128.0/24 maxlen: 24
103.115.131.0/24 maxlen: 24
103.147.93.0/24 maxlen: 24
103.155.206.0/23 maxlen: 24
103.157.162.0/23 maxlen: 24
103.162.74.0/24 maxlen: 24
103.162.75.0/24 maxlen: 24
103.172.56.0/24 maxlen: 24
103.180.67.0/24 maxlen: 24
103.185.100.0/24 maxlen: 24
103.216.99.0/24 maxlen: 24
103.225.70.0/24 maxlen: 24
103.239.12.0/23 maxlen: 24
2001:df1:8040::/48 maxlen: 48
2001:df2:23c0::/48 maxlen: 48
2001:df2:9640::/48 maxlen: 48
2001:df3:29c0::/48 maxlen: 48
2001:df4:88c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Jun 2026 06:09:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59878 (0xe9e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 31 17:39:46 2026 GMT
Not After : Oct 1 00:00:00 2026 GMT
Subject: CN=6a1c7262-1ba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0e:44:8b:4b:2a:48:c1:fa:bd:aa:81:66:2b:
0d:a9:13:e6:2f:df:7b:ce:da:4d:49:1a:82:e4:55:
af:11:57:42:80:6f:d5:e8:88:c9:c9:e6:74:73:ab:
0c:6b:a7:30:97:b5:a1:47:89:43:aa:73:bc:ae:e2:
93:2a:38:6a:f8:fa:8c:e1:ac:e7:ec:07:4f:33:01:
db:8e:3d:c5:3e:9e:a5:cb:69:79:2d:1e:5b:5e:a8:
21:ad:cd:97:4e:37:96:a6:d8:f6:b1:43:92:94:68:
5a:b6:8e:7f:b5:77:ae:21:73:91:84:bf:7a:4b:cb:
d3:ee:78:bc:50:9a:81:cc:b5:4d:39:8b:b5:28:06:
8c:19:5d:06:d1:36:45:60:19:e8:b1:24:1f:f0:33:
41:ea:57:65:3b:91:42:09:05:86:1b:bf:9b:09:bb:
b9:5f:f3:b2:96:e1:33:3d:6b:f2:83:3f:75:8c:76:
15:0a:3f:a7:a8:4e:3b:e8:84:57:5f:65:ee:af:18:
60:3e:0b:49:66:03:04:0b:67:90:c6:3c:d4:f3:c9:
28:21:b2:e1:82:25:e2:f6:2f:72:cb:28:09:d1:27:
a6:77:79:57:4c:b4:72:b0:c8:71:ca:56:7e:e7:7f:
d3:5f:57:f0:3f:89:11:54:b2:6c:1b:5e:0d:83:84:
c0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:05:50:AF:3A:6A:F8:B0:30:A8:89:C1:26:BE:2B:C7:86:E9:38:57
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1C3A6780F11511F0AE6AB1984B6F56BC.roa
sbgp-ipAddrBlock: critical
IPv4:
43.228.166.0/23
43.230.132.0/23
103.96.15.0/24
103.109.220.0/22
103.110.244.0/23
103.115.128.0/24
103.115.131.0/24
103.147.93.0/24
103.155.206.0/23
103.157.162.0/23
103.162.74.0/23
103.172.56.0/24
103.180.67.0/24
103.185.100.0/24
103.216.99.0/24
103.225.70.0/24
103.239.12.0/23
IPv6:
2001:df1:8040::/48
2001:df2:23c0::/48
2001:df2:9640::/48
2001:df3:29c0::/48
2001:df4:88c0::/48
Signature Algorithm: sha256WithRSAEncryption
ae:2a:93:a3:bb:32:05:9b:c5:87:98:14:31:27:c5:a9:63:f2:
d4:68:30:ee:d3:f7:3f:2a:9b:8b:53:23:d7:5c:43:2d:9f:07:
37:03:b2:c1:df:bc:fe:b2:ff:c2:84:5c:48:6f:42:e2:1b:73:
85:47:1f:92:78:d6:9d:5d:b0:f9:c5:a7:92:e1:fd:4c:7e:e1:
fb:90:2d:7f:a5:89:fd:83:4d:dd:ac:87:6f:03:d8:fb:a1:59:
69:a6:a4:ac:e4:b6:1f:a0:a6:84:90:a6:f0:d4:94:f4:ce:2e:
70:c8:0d:5b:1e:f8:c9:2a:38:b7:bc:62:d1:69:5d:4d:88:bb:
2d:fd:e4:05:86:0b:26:f1:52:e8:50:7c:d7:05:fa:79:95:46:
b6:96:b2:68:21:95:61:32:ec:21:ad:3c:e1:74:74:86:2c:49:
69:d1:e7:f2:8a:40:41:3c:e3:b5:97:75:6e:b3:ef:d1:17:fc:
be:e3:69:7c:76:f5:a4:b4:19:72:4a:9e:1f:ea:00:2c:3e:ce:
5d:bb:6c:e4:c8:88:6e:68:ba:01:99:11:31:73:52:65:f9:48:
ed:a3:a7:c5:01:6f:80:52:99:a3:34:3a:bf:78:68:7a:10:59:
d9:81:66:ee:7a:9a:cd:b2:d7:2c:6c:28:27:b8:a1:6c:4e:9f:
27:a0:c2:28
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgIDAOnmMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDUzMTE3Mzk0NloXDTI2MTAwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNmExYzcyNjItMWJhMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMkORItLKkjB+r2qgWYrDakT5i/fe87aTUkaguRVrxFXQoBv1eiIycnmdHOr
DGunMJe1oUeJQ6pzvK7ikyo4avj6jOGs5+wHTzMB2449xT6epctpeS0eW16oIa3N
l043lqbY9rFDkpRoWraOf7V3riFzkYS/ekvL0+54vFCagcy1TTmLtSgGjBldBtE2
RWAZ6LEkH/AzQepXZTuRQgkFhhu/mwm7uV/zspbhMz1r8oM/dYx2FQo/p6hOO+iE
V19l7q8YYD4LSWYDBAtnkMY81PPJKCGy4YIl4vYvcssoCdEnpnd5V0y0crDIccpW
fud/019X8D+JEVSybBteDYOEwL8CAwEAAaOCAvgwggL0MB0GA1UdDgQWBBQYBVCv
Omr4sDCoicEmvivHhuk4VzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzFDM0E2Nzgw
RjExNTExRjBBRTZBQjE5ODRCNkY1NkJDLnJvYTCBtgYIKwYBBQUHAQcBAf8EgaYw
gaMwbAQCAAEwZgMEASvkpgMEASvmhAMEAGdgDwMEAmdt3AMEAWdu9AMEAGdzgAME
AGdzgwMEAGeTXQMEAWebzgMEAWedogMEAWeiSgMEAGesOAMEAGe0QwMEAGe5ZAME
AGfYYwMEAGfhRgMEAWfvDDAzBAIAAjAtAwcAIAEN8YBAAwcAIAEN8iPAAwcAIAEN
8pZAAwcAIAEN8ynAAwcAIAEN9IjAMA0GCSqGSIb3DQEBCwUAA4IBAQCuKpOjuzIF
m8WHmBQxJ8WpY/LUaDDu0/c/KpuLUyPXXEMtnwc3A7LB37z+sv/ChFxIb0LiG3OF
Rx+SeNadXbD5xaeS4f1MfuH7kC1/pYn9g03drIdvA9j7oVlppqSs5LYfoKaEkKbw
1JT0zi5wyA1bHvjJKji3vGLRaV1NiLst/eQFhgsm8VLoUHzXBfp5lUa2lrJoIZVh
MuwhrTzhdHSGLElp0efyikBBPOO1l3Vus+/RF/y+42l8dvWktBlySp4f6gAsPs5d
u2zkyIhuaLoBmRExc1Jl+Ujto6fFAW+AUpmjNDq/eGh6EFnZgWbueprNstcsbCgn
uKFsTp8noMIo
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:08:51 2026 by rpki-client