Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/329956720BEA11F1B85EC7FC343D8C67.roa
File: 329956720BEA11F1B85EC7FC343D8C67.roa (raw, json)
Hash identifier: WIh708O8bY/ELEuHKzgRcKVJNQyWbwBdX+N73v5o1iM=
Subject key identifier: 4B:05:B6:89:A6:E1:E3:CA:91:C5:17:31:32:08:40:CF:57:2F:E7:8B
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: D0E8
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/329956720BEA11F1B85EC7FC343D8C67.roa
Signing time: Tue 17 Feb 2026 10:19:52 +0000
ROA not before: Tue 17 Feb 2026 10:19:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132296
IP address blocks: 43.248.68.0/24 maxlen: 24
43.248.69.0/24 maxlen: 24
43.248.70.0/24 maxlen: 24
43.248.71.0/24 maxlen: 24
45.119.12.0/24 maxlen: 24
45.119.13.0/24 maxlen: 24
45.119.14.0/24 maxlen: 24
45.119.15.0/24 maxlen: 24
103.57.252.0/24 maxlen: 24
103.57.253.0/24 maxlen: 24
103.57.254.0/24 maxlen: 24
103.57.255.0/24 maxlen: 24
103.116.169.0/24 maxlen: 24
103.147.174.0/23 maxlen: 24
103.148.138.0/23 maxlen: 24
103.157.206.0/23 maxlen: 24
103.157.230.0/23 maxlen: 24
103.162.224.0/23 maxlen: 24
103.171.126.0/23 maxlen: 24
103.174.26.0/23 maxlen: 24
103.177.58.0/23 maxlen: 24
103.177.128.0/24 maxlen: 24
103.177.129.0/24 maxlen: 24
103.181.147.0/24 maxlen: 24
103.255.36.0/24 maxlen: 24
103.255.37.0/24 maxlen: 24
103.255.38.0/24 maxlen: 24
103.255.39.0/24 maxlen: 24
2402:5c80::/32 maxlen: 32
2407:6fc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 26 Feb 2026 13:12:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53480 (0xd0e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Feb 17 10:19:52 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=699440c8-78d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b5:2b:70:39:c7:6e:fa:cc:67:5d:9d:3b:2c:
ad:91:63:29:24:64:02:be:97:0f:1d:55:2a:4e:3e:
50:56:2c:4d:08:eb:8a:f8:17:9b:99:22:44:0f:78:
e7:5c:7b:53:ca:83:ee:3f:ab:6f:40:2c:e6:f3:8c:
3b:69:f9:7c:7f:95:1e:3f:cb:97:13:2e:4c:88:68:
23:9c:95:88:82:18:4f:81:39:eb:4f:ad:d3:af:5e:
c9:70:ad:90:2f:ad:fb:30:45:7b:d1:0a:be:7e:df:
ae:9a:c8:53:07:2c:f1:f9:45:62:41:bb:60:41:91:
62:42:3b:26:00:ad:b2:eb:ad:83:73:3c:a5:41:99:
15:92:39:ea:fb:22:f2:50:ca:af:c9:11:d6:ab:3f:
16:04:21:64:f6:be:ad:e2:e2:76:79:ed:25:f9:98:
a9:26:ef:b1:7b:37:63:27:0c:ce:8c:10:12:6f:28:
10:31:a9:63:39:3d:46:1a:b9:f5:65:50:96:a7:54:
19:b1:4f:91:19:0c:44:70:df:ad:6d:df:f5:45:4f:
cd:e8:9f:d0:ae:fa:8c:82:33:e9:5d:a8:df:e6:28:
67:02:4b:14:19:ad:28:3a:7b:c7:cd:11:39:5a:7a:
54:9c:d2:4e:80:9e:f0:91:ec:61:15:5f:05:41:e6:
fe:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:05:B6:89:A6:E1:E3:CA:91:C5:17:31:32:08:40:CF:57:2F:E7:8B
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/329956720BEA11F1B85EC7FC343D8C67.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.248.68.0/22
45.119.12.0/22
103.57.252.0/22
103.116.169.0/24
103.147.174.0/23
103.148.138.0/23
103.157.206.0/23
103.157.230.0/23
103.162.224.0/23
103.171.126.0/23
103.174.26.0/23
103.177.58.0/23
103.177.128.0/23
103.181.147.0/24
103.255.36.0/22
IPv6:
2402:5c80::/32
2407:6fc0::/32
Signature Algorithm: sha256WithRSAEncryption
98:18:c7:74:6b:77:b7:48:bf:2a:9c:1b:dd:23:14:b1:44:fd:
5e:e9:d3:c6:c9:05:89:d9:45:60:46:d0:db:35:40:56:ab:b0:
58:30:83:2f:26:72:0c:90:1b:56:e4:e7:0a:96:fc:cf:fd:d3:
a3:9e:8e:05:29:42:1d:f0:98:a4:55:ad:8e:69:e0:d4:9f:e4:
88:be:61:26:34:87:1c:11:9a:e2:48:20:40:52:de:2d:0d:f9:
7e:5f:74:40:ee:ea:7d:3b:f4:b6:43:3a:9e:dd:d2:72:26:8f:
cc:b4:33:c9:b0:ba:81:6e:c1:8f:f9:65:a1:55:b4:98:8e:c1:
20:61:11:21:a5:7f:a4:57:1d:16:3d:94:04:60:71:3f:b7:c0:
25:b4:2b:85:ae:bf:f3:8c:13:a6:d8:5b:10:c2:31:9b:ac:8e:
a9:d2:8b:8e:f2:58:bb:25:a3:7a:cc:85:b1:ae:48:13:28:66:
fa:82:10:ad:98:c4:92:ee:0a:c5:1c:5a:85:73:ec:2e:22:14:
48:f2:a9:62:bc:f9:53:71:db:d4:aa:85:49:61:5e:de:68:2a:
59:6b:b9:f9:f3:e7:65:ac:4a:7c:fd:c6:e7:8e:13:82:59:72:
f2:43:e5:4a:f2:d3:36:c2:c5:b7:19:d9:d3:78:e0:17:52:12:
75:c2:75:ed
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgIDANDoMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMMCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDIxNzEwMTk1MloXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAwwNNjk5NDQwYzgtNzhkNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKC1K3A5x276zGddnTssrZFjKSRkAr6XDx1VKk4+UFYsTQjrivgXm5kiRA94
51x7U8qD7j+rb0As5vOMO2n5fH+VHj/LlxMuTIhoI5yViIIYT4E560+t069eyXCt
kC+t+zBFe9EKvn7frprIUwcs8flFYkG7YEGRYkI7JgCtsuutg3M8pUGZFZI56vsi
8lDKr8kR1qs/FgQhZPa+reLidnntJfmYqSbvsXs3YycMzowQEm8oEDGpYzk9Rhq5
9WVQlqdUGbFPkRkMRHDfrW3f9UVPzeif0K76jIIz6V2o3+YoZwJLFBmtKDp7x80R
OVp6VJzSToCe8JHsYRVfBUHm/oECAwEAAaOCAwAwggL8MB0GA1UdDgQWBBRLBbaJ
puHjypHFFzEyCEDPVy/nizAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzMyOTk1Njcy
MEJFQTExRjFCODVFQzdGQzM0M0Q4QzY3LnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGJBggrBgEFBQcBBwEB
/wR6MHgwYAQCAAEwWgMEAiv4RAMEAi13DAMEAmc5/AMEAGd0qQMEAWeTrgMEAWeU
igMEAWedzgMEAWed5gMEAWei4AMEAWerfgMEAWeuGgMEAWexOgMEAWexgAMEAGe1
kwMEAmf/JDAUBAIAAjAOAwUAJAJcgAMFACQHb8AwDQYJKoZIhvcNAQELBQADggEB
AJgYx3Rrd7dIvyqcG90jFLFE/V7p08bJBYnZRWBG0Ns1QFarsFgwgy8mcgyQG1bk
5wqW/M/906OejgUpQh3wmKRVrY5p4NSf5Ii+YSY0hxwRmuJIIEBS3i0N+X5fdEDu
6n079LZDOp7d0nImj8y0M8mwuoFuwY/5ZaFVtJiOwSBhESGlf6RXHRY9lARgcT+3
wCW0K4Wuv/OME6bYWxDCMZusjqnSi47yWLslo3rMhbGuSBMoZvqCEK2YxJLuCsUc
WoVz7C4iFEjyqWK8+VNx29SqhUlhXt5oKllrufnz52WsSnz9xueOE4JZcvJD5Ury
0zbCxbcZ2dN44BdSEnXCde0=
-----END CERTIFICATE-----
Generated at Fri Feb 20 02:18:03 2026 by rpki-client