Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/25ECFE32BDE011EF85554E6FC4F9AE02.roa
File: 25ECFE32BDE011EF85554E6FC4F9AE02.roa (raw, json)
Hash identifier: eu4o8lPKBvYzai78CLX1dw6fldnFXMEGdmlUEl5oA8A=
Subject key identifier: DF:AC:43:EC:F2:46:92:D8:B2:AB:FC:67:B3:8D:54:E7:61:0C:18:EA
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: E1D4
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/25ECFE32BDE011EF85554E6FC4F9AE02.roa
Signing time: Sun 31 May 2026 16:32:11 +0000
ROA not before: Sun 31 May 2026 16:32:11 +0000
ROA not after: Thu 01 Oct 2026 00:00:00 +0000
asID: 132453
IP address blocks: 103.21.184.0/22 maxlen: 24
103.227.68.0/22 maxlen: 22
103.227.68.0/24 maxlen: 24
103.227.69.0/24 maxlen: 24
103.227.70.0/24 maxlen: 24
103.227.71.0/24 maxlen: 24
103.240.192.0/22 maxlen: 22
103.240.192.0/24 maxlen: 24
103.240.193.0/24 maxlen: 24
103.240.194.0/24 maxlen: 24
103.240.195.0/24 maxlen: 24
103.240.232.0/22 maxlen: 22
103.240.232.0/24 maxlen: 24
103.240.233.0/24 maxlen: 24
103.240.234.0/24 maxlen: 24
103.240.235.0/24 maxlen: 24
103.240.236.0/22 maxlen: 22
103.240.236.0/24 maxlen: 24
103.240.237.0/24 maxlen: 24
103.240.238.0/24 maxlen: 24
103.240.239.0/24 maxlen: 24
103.245.12.0/22 maxlen: 22
103.245.12.0/24 maxlen: 24
103.245.13.0/24 maxlen: 24
103.245.14.0/24 maxlen: 24
103.245.15.0/24 maxlen: 24
103.248.84.0/22 maxlen: 22
103.248.84.0/24 maxlen: 24
103.248.85.0/24 maxlen: 24
103.248.86.0/24 maxlen: 24
103.248.87.0/24 maxlen: 24
103.252.216.0/22 maxlen: 22
103.252.216.0/24 maxlen: 24
103.252.217.0/24 maxlen: 24
103.252.218.0/24 maxlen: 24
103.252.219.0/24 maxlen: 24
103.253.172.0/22 maxlen: 22
103.253.172.0/24 maxlen: 24
103.253.173.0/24 maxlen: 24
103.253.174.0/24 maxlen: 24
103.253.175.0/24 maxlen: 24
111.125.196.0/22 maxlen: 24
150.129.180.0/22 maxlen: 22
150.129.180.0/24 maxlen: 24
150.129.181.0/24 maxlen: 24
150.129.182.0/24 maxlen: 24
150.129.183.0/24 maxlen: 24
150.129.236.0/22 maxlen: 22
150.129.236.0/24 maxlen: 24
150.129.237.0/24 maxlen: 24
150.129.238.0/24 maxlen: 24
150.129.239.0/24 maxlen: 24
150.129.248.0/22 maxlen: 22
150.129.248.0/24 maxlen: 24
150.129.249.0/24 maxlen: 24
150.129.250.0/24 maxlen: 24
150.129.251.0/24 maxlen: 24
150.242.60.0/22 maxlen: 22
150.242.60.0/24 maxlen: 24
150.242.61.0/24 maxlen: 24
150.242.62.0/24 maxlen: 24
150.242.63.0/24 maxlen: 24
150.242.64.0/22 maxlen: 22
150.242.64.0/24 maxlen: 24
150.242.65.0/24 maxlen: 24
150.242.66.0/24 maxlen: 24
150.242.67.0/24 maxlen: 24
150.242.72.0/22 maxlen: 22
150.242.72.0/24 maxlen: 24
150.242.73.0/24 maxlen: 24
150.242.74.0/24 maxlen: 24
150.242.75.0/24 maxlen: 24
150.242.84.0/22 maxlen: 22
150.242.84.0/24 maxlen: 24
150.242.85.0/24 maxlen: 24
150.242.86.0/24 maxlen: 24
150.242.87.0/24 maxlen: 24
150.242.172.0/22 maxlen: 22
150.242.172.0/24 maxlen: 24
150.242.173.0/24 maxlen: 24
150.242.174.0/24 maxlen: 24
150.242.175.0/24 maxlen: 24
2400:80c0::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Jun 2026 06:09:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57812 (0xe1d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 31 16:32:11 2026 GMT
Not After : Oct 1 00:00:00 2026 GMT
Subject: CN=6a1c628b-5e7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c0:85:55:72:8f:da:f4:0f:d5:ce:9d:f6:23:
48:22:ec:16:25:ee:78:97:bf:7c:37:c9:0b:e1:7e:
cb:bb:13:b3:6a:cb:0d:21:76:a3:93:5c:2b:1f:58:
88:5b:0e:35:c9:9a:0b:75:bd:0f:a0:a6:2e:ec:51:
b1:87:47:c6:7b:c7:09:17:21:58:b1:e6:77:af:44:
cf:b4:f4:b3:95:77:cc:8d:d1:e6:59:f2:f7:0c:fc:
af:de:35:2f:ba:66:49:a1:fa:0b:9c:f1:f5:93:06:
7c:88:2b:d2:75:7b:ee:09:87:3c:8b:fa:c5:ee:9f:
f0:23:43:c7:49:98:58:da:c6:ce:bb:e8:8f:03:7f:
1b:c8:95:f6:15:22:dd:4f:8f:1f:66:d9:2e:72:7b:
3f:2b:fa:4c:07:5c:a9:f6:18:44:f6:65:23:66:d1:
d5:43:81:19:0b:e5:65:cb:cd:35:7c:52:87:45:cf:
d9:a7:3d:68:20:c6:67:50:a4:f6:70:ed:4c:d3:8e:
b3:1f:0b:d2:c7:cf:59:90:d7:b7:47:4f:f2:e6:f9:
e5:29:ea:14:9c:6e:b1:77:e4:4d:f9:85:8f:81:ec:
b1:2d:83:ea:8b:93:bb:65:32:c9:5d:26:e9:49:93:
4e:1d:6b:32:98:4c:e3:4e:84:72:f9:62:c2:8e:c6:
01:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:AC:43:EC:F2:46:92:D8:B2:AB:FC:67:B3:8D:54:E7:61:0C:18:EA
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/25ECFE32BDE011EF85554E6FC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.21.184.0/22
103.227.68.0/22
103.240.192.0/22
103.240.232.0/21
103.245.12.0/22
103.248.84.0/22
103.252.216.0/22
103.253.172.0/22
111.125.196.0/22
150.129.180.0/22
150.129.236.0/22
150.129.248.0/22
150.242.60.0-150.242.67.255
150.242.72.0/22
150.242.84.0/22
150.242.172.0/22
IPv6:
2400:80c0::/32
Signature Algorithm: sha256WithRSAEncryption
83:d1:97:d8:b3:f6:52:62:7b:05:7b:8c:01:18:54:90:be:2f:
a0:c0:e2:85:15:a4:bf:ca:f6:c0:5c:0b:c4:85:1e:f8:29:a0:
e7:de:ee:e5:a3:4e:86:51:41:ce:5c:8f:7b:88:3d:b3:09:cd:
18:22:df:c3:e4:a4:ee:70:f2:5d:25:ae:86:11:ee:4f:61:48:
35:6f:ea:41:c5:aa:e3:87:06:e0:49:d0:fd:a3:42:be:71:2d:
87:ad:e1:92:84:6f:d4:ac:ff:20:c6:f0:ca:9f:f9:67:65:30:
dd:5b:c0:0a:f2:d1:f0:09:b7:2b:3b:1b:f8:5d:25:dc:7e:9d:
45:d4:4a:a3:b6:a8:76:03:9c:16:62:f1:ab:b3:ac:2f:91:90:
64:e3:53:00:b3:da:58:a2:ad:03:57:77:d6:03:11:be:04:ee:
d8:83:1c:2e:63:a2:bd:5e:b0:eb:a3:07:76:c0:ad:9c:12:a4:
4c:1e:1d:aa:63:0e:9b:80:90:00:11:c6:b4:eb:aa:ce:5f:60:
97:f5:ae:e1:8f:c3:6d:6f:99:53:32:b8:7a:05:45:83:43:01:
eb:06:f1:02:9d:e9:c4:96:c9:1f:d6:52:ad:68:c5:3e:10:17:
d8:28:f7:b3:81:da:f6:ba:91:5f:34:d7:7c:2c:84:71:7b:f9:
d5:d4:d0:10
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgIDAOHUMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDUzMTE2MzIxMVoXDTI2MTAwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNmExYzYyOGItNWU3ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvAhVVyj9r0D9XOnfYjSCLsFiXueJe/fDfJC+F+y7sTs2rLDSF2o5NcKx9Y
iFsONcmaC3W9D6CmLuxRsYdHxnvHCRchWLHmd69Ez7T0s5V3zI3R5lny9wz8r941
L7pmSaH6C5zx9ZMGfIgr0nV77gmHPIv6xe6f8CNDx0mYWNrGzrvojwN/G8iV9hUi
3U+PH2bZLnJ7Pyv6TAdcqfYYRPZlI2bR1UOBGQvlZcvNNXxSh0XP2ac9aCDGZ1Ck
9nDtTNOOsx8L0sfPWZDXt0dP8ub55SnqFJxusXfkTfmFj4HssS2D6ouTu2UyyV0m
6UmTTh1rMphM406Ecvliwo7GAXkCAwEAAaOCAtMwggLPMB0GA1UdDgQWBBTfrEPs
8kaS2LKr/GezjVTnYQwY6jAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzI1RUNGRTMy
QkRFMDExRUY4NTU1NEU2RkM0RjlBRTAyLnJvYTCBkQYIKwYBBQUHAQcBAf8EgYEw
fzBuBAIAATBoAwQCZxW4AwQCZ+NEAwQCZ/DAAwQDZ/DoAwQCZ/UMAwQCZ/hUAwQC
Z/zYAwQCZ/2sAwQCb33EAwQCloG0AwQCloHsAwQCloH4MAwDBAKW8jwDBAKW8kAD
BAKW8kgDBAKW8lQDBAKW8qwwDQQCAAIwBwMFACQAgMAwDQYJKoZIhvcNAQELBQAD
ggEBAIPRl9iz9lJiewV7jAEYVJC+L6DA4oUVpL/K9sBcC8SFHvgpoOfe7uWjToZR
Qc5cj3uIPbMJzRgi38PkpO5w8l0lroYR7k9hSDVv6kHFquOHBuBJ0P2jQr5xLYet
4ZKEb9Ss/yDG8Mqf+WdlMN1bwAry0fAJtys7G/hdJdx+nUXUSqO2qHYDnBZi8auz
rC+RkGTjUwCz2liirQNXd9YDEb4E7tiDHC5jor1esOujB3bArZwSpEweHapjDpuA
kAARxrTrqs5fYJf1ruGPw21vmVMyuHoFRYNDAesG8QKd6cSWyR/WUq1oxT4QF9go
97OB2va6kV8013wshHF7+dXU0BA=
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:07:49 2026 by rpki-client