Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/225BB4A634A611F0905BBC68C4F9AE02.roa
File: 225BB4A634A611F0905BBC68C4F9AE02.roa (raw, json)
Hash identifier: W2rPaNTrBzUW6hFP8P4tXW3X7l5BXLv4Nxl+ERlWuOI=
Subject key identifier: 36:51:30:61:DA:95:41:E6:E3:82:20:AF:6F:3E:2F:45:98:3F:8F:77
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: EB84
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/225BB4A634A611F0905BBC68C4F9AE02.roa
Signing time: Sun 31 May 2026 17:52:44 +0000
ROA not before: Sun 31 May 2026 17:52:44 +0000
ROA not after: Thu 01 Oct 2026 00:00:00 +0000
asID: 58762
IP address blocks: 45.117.180.0/24 maxlen: 24
45.117.181.0/24 maxlen: 24
45.117.182.0/24 maxlen: 24
45.117.183.0/24 maxlen: 24
103.18.72.0/24 maxlen: 24
103.18.73.0/24 maxlen: 24
103.18.74.0/24 maxlen: 24
103.18.75.0/24 maxlen: 24
103.69.12.0/22 maxlen: 24
103.88.0.0/22 maxlen: 24
103.138.8.0/24 maxlen: 24
103.138.9.0/24 maxlen: 24
103.147.0.0/24 maxlen: 24
103.147.1.0/24 maxlen: 24
103.153.12.0/24 maxlen: 24
103.157.4.0/23 maxlen: 24
103.157.10.0/23 maxlen: 24
103.164.46.0/23 maxlen: 24
103.165.28.0/23 maxlen: 24
103.225.56.0/22 maxlen: 22
103.225.56.0/24 maxlen: 24
103.225.57.0/24 maxlen: 24
103.225.58.0/24 maxlen: 24
103.225.59.0/24 maxlen: 24
150.129.44.0/24 maxlen: 24
150.129.45.0/24 maxlen: 24
150.129.46.0/24 maxlen: 24
150.129.47.0/24 maxlen: 24
2001:df0:8000::/48 maxlen: 56
2407:c140::/32 maxlen: 38
2407:c140::/36 maxlen: 40
2407:c140:1000::/37 maxlen: 40
2407:c140:1800::/38 maxlen: 40
2407:c140:1c00::/39 maxlen: 40
2407:c140:1e00::/40 maxlen: 40
2407:c140:1f00::/40 maxlen: 40
2407:c140:2000::/35 maxlen: 40
2407:c140:4000::/34 maxlen: 40
2407:c140:8000::/33 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Jun 2026 06:09:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60292 (0xeb84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 31 17:52:44 2026 GMT
Not After : Oct 1 00:00:00 2026 GMT
Subject: CN=6a1c756c-6a72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:3e:55:ed:54:84:e3:d2:f0:ad:4b:cf:d7:1b:
47:95:fe:72:79:7a:05:a7:c0:de:db:7b:2c:63:7d:
84:0a:eb:ec:ba:b7:73:de:b1:03:ec:21:9f:66:f4:
17:98:f1:56:c0:d9:4d:94:94:3a:95:ef:2a:b1:44:
6e:7f:3b:19:0c:26:cf:81:c8:d9:e0:a2:09:07:ea:
5e:5c:de:d8:bf:7b:7b:83:66:2b:d4:85:74:dc:56:
fd:d8:d0:13:4d:2e:47:e1:18:19:40:ab:25:c9:c6:
08:61:65:6b:e3:ae:72:33:cf:d4:98:47:8e:ec:2e:
e9:7f:41:0a:2c:29:c8:8c:43:d7:f8:17:39:a5:15:
e2:6a:77:86:22:33:77:ac:3d:3b:ae:82:af:0b:3e:
e9:c7:02:71:22:0b:b8:0e:4d:1f:11:c1:ca:af:3e:
64:53:ec:92:7b:e9:b9:bc:ef:ed:83:cc:56:91:cb:
62:e4:cb:d9:c1:91:f4:2d:6a:0e:e9:f1:96:ba:5b:
8b:95:35:67:cd:32:38:d2:49:e2:18:c0:37:53:86:
d0:23:56:ee:4e:51:53:74:2c:2b:c8:1e:bc:aa:06:
60:17:32:50:3e:90:7b:b1:bd:07:79:bb:36:cc:bd:
96:c4:b6:00:0d:a4:48:05:50:d3:21:5f:f1:07:d2:
ff:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:51:30:61:DA:95:41:E6:E3:82:20:AF:6F:3E:2F:45:98:3F:8F:77
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/225BB4A634A611F0905BBC68C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.117.180.0/22
103.18.72.0/22
103.69.12.0/22
103.88.0.0/22
103.138.8.0/23
103.147.0.0/23
103.153.12.0/24
103.157.4.0/23
103.157.10.0/23
103.164.46.0/23
103.165.28.0/23
103.225.56.0/22
150.129.44.0/22
IPv6:
2001:df0:8000::/48
2407:c140::/32
Signature Algorithm: sha256WithRSAEncryption
3f:3e:38:25:a0:5e:70:6e:d7:dd:cd:6c:73:52:12:8b:59:6d:
fa:2e:ff:7e:4a:3b:bd:f5:0e:70:2d:51:80:b2:de:80:73:c6:
9d:a7:eb:9b:0a:db:29:10:be:c6:a3:66:54:ac:b5:9f:20:0c:
53:55:61:31:f2:65:70:d1:68:f4:d4:26:a5:46:61:45:80:22:
a4:48:4e:fa:60:61:82:1c:ff:5f:c1:58:15:dd:e1:18:6d:e4:
a9:cb:f9:c6:9c:07:7e:9b:df:1b:7f:f7:83:c0:b5:24:4d:ea:
25:41:67:55:a0:44:02:7d:be:69:50:ba:38:3d:2a:2f:0a:1c:
75:65:2b:6d:59:62:8b:bc:7a:0b:7c:e4:96:0b:d4:88:61:e8:
6c:2c:ce:a9:f8:19:46:1e:ee:58:ba:2c:71:05:cf:1a:76:1f:
88:8e:01:cc:53:34:1d:4e:80:14:62:1a:e9:13:f3:b6:41:c2:
5b:c9:2e:c7:75:62:17:0c:f4:59:55:46:b3:5d:e2:36:c2:5e:
bf:f1:bc:5b:91:fb:47:d4:ee:21:97:9c:e6:f3:3f:43:08:c7:
b1:c0:ea:36:39:8a:54:10:20:fb:b6:56:94:97:a4:99:8c:99:
22:8c:9d:96:ee:41:c3:d1:4e:82:7f:95:c7:f1:ad:53:87:a4:
a3:0d:10:a9
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIDAOuEMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDUzMTE3NTI0NFoXDTI2MTAwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNmExYzc1NmMtNmE3MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ4+Ve1UhOPS8K1Lz9cbR5X+cnl6BafA3tt7LGN9hArr7Lq3c96xA+whn2b0
F5jxVsDZTZSUOpXvKrFEbn87GQwmz4HI2eCiCQfqXlze2L97e4NmK9SFdNxW/djQ
E00uR+EYGUCrJcnGCGFla+OucjPP1JhHjuwu6X9BCiwpyIxD1/gXOaUV4mp3hiIz
d6w9O66Crws+6ccCcSILuA5NHxHByq8+ZFPsknvpubzv7YPMVpHLYuTL2cGR9C1q
Dunxlrpbi5U1Z80yONJJ4hjAN1OG0CNW7k5RU3QsK8gevKoGYBcyUD6Qe7G9B3m7
Nsy9lsS2AA2kSAVQ0yFf8QfS/5MCAwEAAaOCAsAwggK8MB0GA1UdDgQWBBQ2UTBh
2pVB5uOCIK9vPi9FmD+PdzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzIyNUJCNEE2
MzRBNjExRjA5MDVCQkM2OEM0RjlBRTAyLnJvYTB/BggrBgEFBQcBBwEB/wRwMG4w
VAQCAAEwTgMEAi11tAMEAmcSSAMEAmdFDAMEAmdYAAMEAWeKCAMEAWeTAAMEAGeZ
DAMEAWedBAMEAWedCgMEAWekLgMEAWelHAMEAmfhOAMEApaBLDAWBAIAAjAQAwcA
IAEN8IAAAwUAJAfBQDANBgkqhkiG9w0BAQsFAAOCAQEAPz44JaBecG7X3c1sc1IS
i1lt+i7/fko7vfUOcC1RgLLegHPGnafrmwrbKRC+xqNmVKy1nyAMU1VhMfJlcNFo
9NQmpUZhRYAipEhO+mBhghz/X8FYFd3hGG3kqcv5xpwHfpvfG3/3g8C1JE3qJUFn
VaBEAn2+aVC6OD0qLwocdWUrbVlii7x6C3zklgvUiGHobCzOqfgZRh7uWLoscQXP
GnYfiI4BzFM0HU6AFGIa6RPztkHCW8kux3ViFwz0WVVGs13iNsJev/G8W5H7R9Tu
IZec5vM/QwjHscDqNjmKVBAg+7ZWlJekmYyZIoydlu5Bw9FOgn+Vx/GtU4ekow0Q
qQ==
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:07:02 2026 by rpki-client