Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1FE58C10EC7A11F098ACD3F1536F56BC.roa
File: 1FE58C10EC7A11F098ACD3F1536F56BC.roa (raw, json)
Hash identifier: ycO6gFDl9URLgjUYJahloWZCZEuo+ciocxB0lQXdfWk=
Subject key identifier: 1C:72:D4:9F:C3:AC:5D:ED:B7:84:6F:6F:A6:34:A3:24:0B:34:74:5C
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: E26A
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1FE58C10EC7A11F098ACD3F1536F56BC.roa
Signing time: Sun 31 May 2026 16:37:01 +0000
ROA not before: Sun 31 May 2026 16:37:01 +0000
ROA not after: Thu 01 Oct 2026 00:00:00 +0000
asID: 133296
IP address blocks: 43.239.110.0/24 maxlen: 24
43.243.76.0/24 maxlen: 24
43.243.77.0/24 maxlen: 24
43.243.78.0/24 maxlen: 24
103.78.245.0/24 maxlen: 24
103.78.247.0/24 maxlen: 24
103.131.24.0/23 maxlen: 24
103.182.176.0/23 maxlen: 24
103.228.149.0/24 maxlen: 24
103.233.24.0/23 maxlen: 24
103.251.22.0/24 maxlen: 24
150.129.235.0/24 maxlen: 24
202.162.231.0/24 maxlen: 24
202.162.240.0/24 maxlen: 24
202.162.241.0/24 maxlen: 24
202.162.248.0/24 maxlen: 24
202.162.249.0/24 maxlen: 24
202.162.251.0/24 maxlen: 24
203.115.82.0/23 maxlen: 24
210.89.32.0/24 maxlen: 24
210.89.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Jun 2026 06:09:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57962 (0xe26a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 31 16:37:01 2026 GMT
Not After : Oct 1 00:00:00 2026 GMT
Subject: CN=6a1c63ad-220a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:81:f3:04:86:5a:f4:28:cd:b8:53:a7:7d:0c:
7f:ad:d6:98:22:ae:13:55:fb:fb:ca:e7:3d:f3:8f:
d0:1a:02:b4:1d:39:a5:46:62:d3:d5:f6:86:8b:0f:
9d:99:2f:d2:1c:4e:ef:bd:da:6d:57:21:b5:26:73:
34:f8:f5:a5:ac:ff:4b:a1:7b:13:7a:3b:bb:2a:dc:
61:27:89:62:1c:65:3d:36:27:59:02:63:d1:2a:f8:
b0:e9:1b:6c:89:ee:e9:27:7b:d3:46:4a:c9:e3:6a:
65:8c:a2:92:01:63:40:b0:fb:07:96:7a:2b:11:dc:
a2:22:20:46:81:85:8a:98:8f:c8:86:fd:24:f8:b0:
be:fe:39:47:fb:ba:c8:de:e4:f8:d0:6c:44:48:8a:
a3:0f:b1:20:81:ff:64:49:bd:fb:a3:6f:d0:2e:d1:
17:76:2f:b6:2d:b0:6f:29:3d:ce:40:1a:e4:f5:3c:
16:a7:b9:38:8f:e3:38:3d:9f:67:5d:59:8c:a5:95:
51:83:37:cf:98:2a:86:e4:aa:66:eb:c7:ae:a0:76:
c8:ff:2f:4e:c7:24:5d:66:08:0b:19:d3:fb:fe:9b:
21:5f:6f:26:ac:3e:30:c9:2b:0a:76:76:46:19:df:
58:6d:87:11:b7:06:40:a3:dc:11:0f:5d:57:a6:f4:
39:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:72:D4:9F:C3:AC:5D:ED:B7:84:6F:6F:A6:34:A3:24:0B:34:74:5C
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1FE58C10EC7A11F098ACD3F1536F56BC.roa
sbgp-ipAddrBlock: critical
IPv4:
43.239.110.0/24
43.243.76.0-43.243.78.255
103.78.245.0/24
103.78.247.0/24
103.131.24.0/23
103.182.176.0/23
103.228.149.0/24
103.233.24.0/23
103.251.22.0/24
150.129.235.0/24
202.162.231.0/24
202.162.240.0/23
202.162.248.0/23
202.162.251.0/24
203.115.82.0/23
210.89.32.0/24
210.89.49.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:c5:a0:72:d4:76:56:0e:1d:d4:8b:69:2c:8d:a1:ad:bf:9f:
ff:86:b7:12:e3:3f:a7:11:67:af:0b:ed:82:63:d5:01:3c:3d:
d7:1b:de:d9:f6:dc:eb:c3:57:33:24:2b:4d:98:4d:60:af:f7:
c1:8f:cd:89:81:c1:9d:6c:2c:72:db:72:88:d2:48:ae:ee:80:
a3:07:d4:46:6c:f9:74:6b:54:78:1a:21:41:b6:24:6c:3d:fe:
98:ce:c3:47:86:a5:7d:f1:a3:a0:df:c3:b6:fe:62:78:3c:d7:
a6:96:99:30:9d:65:c9:17:f5:4b:45:4f:ec:03:9f:53:49:cc:
c4:42:35:fc:bc:8e:5a:7c:18:35:13:6c:44:ce:bf:9d:9f:c0:
da:09:e7:cd:35:ae:42:f5:e8:d5:4b:70:fa:5b:39:f6:9c:cc:
89:35:b0:60:f8:c0:6a:d4:26:21:ee:ba:cc:21:f9:e5:3b:4d:
10:81:5b:2b:04:15:53:ab:ae:28:db:8d:ca:56:87:2e:e2:f2:
bc:d0:a8:04:07:42:c5:5e:01:97:09:04:7a:83:36:84:a3:c1:
a3:7f:40:96:30:d7:7f:06:d0:6d:07:61:97:95:94:4b:4f:76:
96:ff:7e:92:83:2f:6c:47:87:f1:4b:b7:6c:30:7d:c1:ac:e9:
3f:df:e5:ea
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgIDAOJqMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDUzMTE2MzcwMVoXDTI2MTAwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNmExYzYzYWQtMjIwYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGB8wSGWvQozbhTp30Mf63WmCKuE1X7+8rnPfOP0BoCtB05pUZi09X2hosP
nZkv0hxO773abVchtSZzNPj1paz/S6F7E3o7uyrcYSeJYhxlPTYnWQJj0Sr4sOkb
bInu6Sd700ZKyeNqZYyikgFjQLD7B5Z6KxHcoiIgRoGFipiPyIb9JPiwvv45R/u6
yN7k+NBsREiKow+xIIH/ZEm9+6Nv0C7RF3Yvti2wbyk9zkAa5PU8Fqe5OI/jOD2f
Z11ZjKWVUYM3z5gqhuSqZuvHrqB2yP8vTsckXWYICxnT+/6bIV9vJqw+MMkrCnZ2
RhnfWG2HEbcGQKPcEQ9dV6b0OakCAwEAAaOCAskwggLFMB0GA1UdDgQWBBQcctSf
w6xd7beEb2+mNKMkCzR0XDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzFGRTU4QzEw
RUM3QTExRjA5OEFDRDNGMTUzNkY1NkJDLnJvYTCBhwYIKwYBBQUHAQcBAf8EeDB2
MHQEAgABMG4DBAAr724wDAMEAivzTAMEACvzTgMEAGdO9QMEAGdO9wMEAWeDGAME
AWe2sAMEAGfklQMEAWfpGAMEAGf7FgMEAJaB6wMEAMqi5wMEAcqi8AMEAcqi+AME
AMqi+wMEActzUgMEANJZIAMEANJZMTANBgkqhkiG9w0BAQsFAAOCAQEAucWgctR2
Vg4d1ItpLI2hrb+f/4a3EuM/pxFnrwvtgmPVATw91xve2fbc68NXMyQrTZhNYK/3
wY/NiYHBnWwscttyiNJIru6AowfURmz5dGtUeBohQbYkbD3+mM7DR4alffGjoN/D
tv5ieDzXppaZMJ1lyRf1S0VP7AOfU0nMxEI1/LyOWnwYNRNsRM6/nZ/A2gnnzTWu
QvXo1Utw+ls59pzMiTWwYPjAatQmIe66zCH55TtNEIFbKwQVU6uuKNuNylaHLuLy
vNCoBAdCxV4BlwkEeoM2hKPBo39AljDXfwbQbQdhl5WUS092lv9+koMvbEeH8Uu3
bDB9wazpP9/l6g==
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:05:16 2026 by rpki-client