Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2B1F397E08A911F0AF0D472BC4F9AE02.roa
File: 2B1F397E08A911F0AF0D472BC4F9AE02.roa (raw, json)
Hash identifier: 6rxuS3BRfx0Pjjb1qSdw6EDvHwuFvEBrxN5Tiw6RnCs=
Subject key identifier: AF:3C:73:60:1C:07:24:61:07:2D:45:0E:C2:A7:D2:FB:67:B3:8A:08
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: E327
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2B1F397E08A911F0AF0D472BC4F9AE02.roa
Signing time: Sun 31 May 2026 16:43:08 +0000
ROA not before: Sun 31 May 2026 16:43:08 +0000
ROA not after: Thu 01 Oct 2026 00:00:00 +0000
asID: 134316
IP address blocks: 14.102.188.0/24 maxlen: 24
14.102.190.0/24 maxlen: 24
14.102.191.0/24 maxlen: 24
45.115.177.0/24 maxlen: 24
45.115.178.0/24 maxlen: 24
45.115.179.0/24 maxlen: 24
103.46.236.0/24 maxlen: 24
103.46.237.0/24 maxlen: 24
103.46.238.0/24 maxlen: 24
103.46.239.0/24 maxlen: 24
103.90.207.0/24 maxlen: 24
103.116.84.0/24 maxlen: 24
103.116.85.0/24 maxlen: 24
103.116.87.0/24 maxlen: 24
103.119.164.0/22 maxlen: 22
103.119.164.0/24 maxlen: 24
103.119.165.0/24 maxlen: 24
103.119.166.0/24 maxlen: 24
103.119.167.0/24 maxlen: 24
103.199.112.0/24 maxlen: 24
103.199.113.0/24 maxlen: 24
103.199.114.0/24 maxlen: 24
103.199.115.0/24 maxlen: 24
103.201.140.0/22 maxlen: 24
103.212.130.0/24 maxlen: 24
103.219.140.0/22 maxlen: 24
139.5.222.0/23 maxlen: 24
157.119.212.0/24 maxlen: 24
157.119.213.0/24 maxlen: 24
157.119.214.0/24 maxlen: 24
157.119.215.0/24 maxlen: 24
202.9.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Jun 2026 06:09:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58151 (0xe327)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 31 16:43:08 2026 GMT
Not After : Oct 1 00:00:00 2026 GMT
Subject: CN=6a1c651c-6f2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a8:e9:26:67:65:a9:07:df:bb:c6:ba:56:59:
0b:75:65:50:51:a1:52:06:23:f1:c6:55:33:29:eb:
44:20:8d:f8:0c:5e:e8:eb:e6:0e:1f:e8:13:3c:11:
87:5b:c8:fb:6f:22:72:3c:e2:f7:f1:3f:4b:b1:2d:
4e:e8:bc:2b:dc:62:10:18:6f:8b:d9:84:d8:50:56:
3a:d0:98:b7:73:4a:d6:7f:0b:b1:d9:5e:45:7c:5a:
56:c6:2f:b6:b8:c0:6f:2d:c3:17:89:53:de:ea:8c:
ca:d4:b1:1c:5d:05:04:6e:7e:eb:53:ca:b3:f1:a0:
22:e8:82:33:ef:65:08:7f:e0:34:b7:4a:73:db:35:
6c:f5:68:1d:ec:9d:19:c8:dd:4c:25:ce:6b:4e:d7:
54:c7:68:d5:a3:24:ad:97:b7:a9:27:3d:54:cf:76:
cb:2d:e2:47:fa:99:75:fd:bb:09:4c:df:ad:7a:c1:
90:d4:7d:30:2b:0b:3c:d3:0e:a8:3f:16:6e:a9:8b:
ca:e7:bd:be:ef:9a:b0:11:9a:18:00:6c:63:6b:aa:
39:12:5c:4d:cc:40:d1:2d:e3:b2:4b:87:2e:3e:c8:
09:37:c5:33:a6:24:35:6f:c4:2c:58:0d:29:4d:6d:
1a:8f:ac:19:5a:f0:88:80:6f:9f:68:03:79:55:96:
10:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:3C:73:60:1C:07:24:61:07:2D:45:0E:C2:A7:D2:FB:67:B3:8A:08
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2B1F397E08A911F0AF0D472BC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
14.102.188.0/24
14.102.190.0/23
45.115.177.0-45.115.179.255
103.46.236.0/22
103.90.207.0/24
103.116.84.0/23
103.116.87.0/24
103.119.164.0/22
103.199.112.0/22
103.201.140.0/22
103.212.130.0/24
103.219.140.0/22
139.5.222.0/23
157.119.212.0/22
202.9.121.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:78:da:bb:fc:27:e4:85:90:36:d2:93:61:c3:79:9a:00:0a:
39:c7:64:b7:d1:ce:80:3c:35:8a:5a:31:c5:8b:50:82:a5:2f:
e3:5b:55:1c:a2:8b:d7:c2:f5:f9:5a:ce:85:68:cb:fc:f7:b4:
80:b9:fd:9f:15:ca:1c:76:1a:aa:62:04:d1:29:6d:d5:0c:36:
cc:05:46:45:d7:72:dc:a9:ed:75:8d:ae:2a:df:33:aa:4e:5d:
04:bc:4c:46:be:cd:6c:9f:f8:0e:6d:03:85:6f:f7:b0:14:55:
aa:39:6b:6b:52:52:7f:d4:85:32:ca:aa:a0:96:7d:34:2a:08:
af:bd:11:03:12:d1:96:d8:13:66:16:9a:fc:ab:37:96:e1:64:
bd:bf:10:d8:3e:ad:8c:db:9d:d9:dc:5f:35:6e:fb:b6:20:aa:
3a:eb:00:3f:25:39:8a:5d:d4:93:06:94:ff:99:94:29:ff:8e:
ca:ef:65:0a:56:92:67:84:b2:69:4f:c3:7d:08:b1:c6:a4:bb:
7e:23:11:ba:34:b3:50:66:6f:fa:82:fb:87:ab:18:78:07:2c:
54:49:ba:14:49:fc:bd:cd:89:63:7c:b8:17:f1:83:fc:f6:3c:
9b:9e:db:2e:70:08:00:6a:b8:0d:ab:0e:d8:9e:cc:07:ba:1b:
e8:eb:18:d9
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgIDAOMnMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDUzMTE2NDMwOFoXDTI2MTAwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNmExYzY1MWMtNmYyYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKOo6SZnZakH37vGulZZC3VlUFGhUgYj8cZVMynrRCCN+Axe6OvmDh/oEzwR
h1vI+28icjzi9/E/S7EtTui8K9xiEBhvi9mE2FBWOtCYt3NK1n8LsdleRXxaVsYv
trjAby3DF4lT3uqMytSxHF0FBG5+61PKs/GgIuiCM+9lCH/gNLdKc9s1bPVoHeyd
GcjdTCXOa07XVMdo1aMkrZe3qSc9VM92yy3iR/qZdf27CUzfrXrBkNR9MCsLPNMO
qD8WbqmLyue9vu+asBGaGABsY2uqORJcTcxA0S3jskuHLj7ICTfFM6YkNW/ELFgN
KU1tGo+sGVrwiIBvn2gDeVWWEHECAwEAAaOCArwwggK4MB0GA1UdDgQWBBSvPHNg
HAckYQctRQ7Cp9L7Z7OKCDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzJCMUYzOTdF
MDhBOTExRjBBRjBENDcyQkM0RjlBRTAyLnJvYTB7BggrBgEFBQcBBwEB/wRsMGow
aAQCAAEwYgMEAA5mvAMEAQ5mvjAMAwQALXOxAwQCLXOwAwQCZy7sAwQAZ1rPAwQB
Z3RUAwQAZ3RXAwQCZ3ekAwQCZ8dwAwQCZ8mMAwQAZ9SCAwQCZ9uMAwQBiwXeAwQC
nXfUAwQAygl5MA0GCSqGSIb3DQEBCwUAA4IBAQB8eNq7/CfkhZA20pNhw3maAAo5
x2S30c6APDWKWjHFi1CCpS/jW1UcoovXwvX5Ws6FaMv897SAuf2fFcocdhqqYgTR
KW3VDDbMBUZF13Lcqe11ja4q3zOqTl0EvExGvs1sn/gObQOFb/ewFFWqOWtrUlJ/
1IUyyqqgln00KgivvREDEtGW2BNmFpr8qzeW4WS9vxDYPq2M253Z3F81bvu2IKo6
6wA/JTmKXdSTBpT/mZQp/47K72UKVpJnhLJpT8N9CLHGpLt+IxG6NLNQZm/6gvuH
qxh4ByxUSboUSfy9zYljfLgX8YP89jybntsucAgAargNqw7YnswHuhvo6xjZ
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:05:53 2026 by rpki-client