Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/329956720BEA11F1B85EC7FC343D8C67.roa
File: 329956720BEA11F1B85EC7FC343D8C67.roa (raw, json)
Hash identifier: a9eKLyVpyW18L6xis1Hwi7jpvbV0xzch9EMXEZoZOiI=
Subject key identifier: 68:10:2C:8F:14:E7:31:EF:56:25:D8:7F:E6:2B:49:F4:69:EE:4A:C4
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: E1CD
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/329956720BEA11F1B85EC7FC343D8C67.roa
Signing time: Sun 31 May 2026 16:31:57 +0000
ROA not before: Sun 31 May 2026 16:31:57 +0000
ROA not after: Thu 01 Oct 2026 00:00:00 +0000
asID: 132296
IP address blocks: 43.248.68.0/24 maxlen: 24
43.248.69.0/24 maxlen: 24
43.248.70.0/24 maxlen: 24
43.248.71.0/24 maxlen: 24
45.119.12.0/24 maxlen: 24
45.119.13.0/24 maxlen: 24
45.119.14.0/24 maxlen: 24
45.119.15.0/24 maxlen: 24
49.213.39.0/24 maxlen: 24
103.57.252.0/24 maxlen: 24
103.57.253.0/24 maxlen: 24
103.57.254.0/24 maxlen: 24
103.57.255.0/24 maxlen: 24
103.116.169.0/24 maxlen: 24
103.138.211.0/24 maxlen: 24
103.147.174.0/23 maxlen: 24
103.148.138.0/23 maxlen: 24
103.157.206.0/23 maxlen: 24
103.157.230.0/23 maxlen: 24
103.162.224.0/23 maxlen: 24
103.171.126.0/23 maxlen: 24
103.174.26.0/23 maxlen: 24
103.177.58.0/23 maxlen: 24
103.177.128.0/24 maxlen: 24
103.177.129.0/24 maxlen: 24
103.181.147.0/24 maxlen: 24
103.255.36.0/24 maxlen: 24
103.255.37.0/24 maxlen: 24
103.255.38.0/24 maxlen: 24
103.255.39.0/24 maxlen: 24
163.128.91.0/24 maxlen: 24
163.227.152.0/24 maxlen: 24
163.227.153.0/24 maxlen: 24
2402:5c80::/32 maxlen: 32
2407:6fc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Jun 2026 06:09:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57805 (0xe1cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 31 16:31:57 2026 GMT
Not After : Oct 1 00:00:00 2026 GMT
Subject: CN=6a1c627d-03f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c5:7f:27:02:e1:cd:96:d0:92:41:5b:49:e8:
33:ee:88:c2:0d:85:dd:de:20:9f:2a:d8:22:e2:62:
13:80:a9:2b:66:05:0e:ae:b1:85:8f:57:e8:cd:52:
eb:a1:bd:a1:95:1c:50:b2:75:b3:ab:26:c4:88:58:
fe:76:df:50:93:a9:40:ac:22:50:3f:61:6d:3c:9a:
d4:c8:97:6d:b2:48:49:af:f5:09:48:27:f7:87:85:
8a:df:08:78:b9:b8:fd:74:76:9c:a4:d8:63:14:21:
3f:fa:e2:9e:60:c9:87:d8:d4:53:a2:7b:90:64:82:
ea:ce:ec:42:5e:ef:66:7f:fb:89:4f:f1:70:99:3f:
e8:e6:42:9d:d6:e5:86:05:88:8e:91:3b:83:1e:c7:
d9:37:2a:39:ac:98:6b:28:8e:25:78:d2:35:46:ce:
cb:4e:23:8e:40:72:b0:cc:91:4c:53:ac:15:74:51:
0d:2c:46:55:ae:3c:2b:4f:39:2f:92:11:40:4b:7c:
fd:87:b9:20:b8:c0:2c:bf:76:f1:a8:6e:0b:36:fd:
b2:31:14:4f:06:9b:5d:e4:49:52:49:51:58:67:1a:
8a:2a:4f:0b:67:91:4f:1a:86:19:a7:ce:7b:10:6e:
32:2d:5f:4f:9e:cf:ed:84:ad:1c:1a:35:01:6f:de:
74:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:10:2C:8F:14:E7:31:EF:56:25:D8:7F:E6:2B:49:F4:69:EE:4A:C4
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/329956720BEA11F1B85EC7FC343D8C67.roa
sbgp-ipAddrBlock: critical
IPv4:
43.248.68.0/22
45.119.12.0/22
49.213.39.0/24
103.57.252.0/22
103.116.169.0/24
103.138.211.0/24
103.147.174.0/23
103.148.138.0/23
103.157.206.0/23
103.157.230.0/23
103.162.224.0/23
103.171.126.0/23
103.174.26.0/23
103.177.58.0/23
103.177.128.0/23
103.181.147.0/24
103.255.36.0/22
163.128.91.0/24
163.227.152.0/23
IPv6:
2402:5c80::/32
2407:6fc0::/32
Signature Algorithm: sha256WithRSAEncryption
24:d9:8f:77:7a:b7:28:3d:0b:8f:f6:9f:31:1e:47:47:a6:10:
af:09:af:f8:73:7d:41:c4:0d:da:c3:38:69:d3:96:cb:fd:93:
cf:32:1a:05:68:41:3d:34:12:b7:a8:30:66:b2:ef:0f:46:3e:
0e:ca:b5:df:64:d4:24:da:32:d8:88:fe:b3:42:0a:aa:dd:b3:
c0:c5:35:03:22:a0:6b:ed:e6:d9:ba:7d:91:72:af:a4:a6:ca:
c1:76:11:19:56:65:12:59:39:6f:cc:f8:b9:42:35:05:3a:83:
b8:d1:58:2b:73:b7:25:2e:9a:d0:5c:dc:7d:c1:b4:cc:01:26:
f8:e4:95:3a:42:fe:43:24:99:51:14:4c:f4:7c:44:d7:83:b6:
96:65:33:6b:8c:37:04:88:8c:a5:d0:b9:92:30:fa:33:20:b3:
9a:aa:1c:22:c5:98:bc:a1:6b:a0:ed:64:e3:37:4d:a6:b2:70:
80:9f:12:24:cd:c7:0e:43:cf:d7:a5:73:69:10:d2:c9:53:92:
42:9d:0f:b5:1d:06:46:f5:55:12:1e:b8:26:5a:0b:64:b1:1a:
90:5a:95:3c:80:23:13:0d:38:2d:c7:1d:39:4d:d9:4e:8a:7c:
88:0c:df:68:0e:db:2e:ce:47:44:c7:05:e6:d2:79:06:5d:fc:
66:2d:22:47
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIDAOHNMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDUzMTE2MzE1N1oXDTI2MTAwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNmExYzYyN2QtMDNmNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfFfycC4c2W0JJBW0noM+6Iwg2F3d4gnyrYIuJiE4CpK2YFDq6xhY9X6M1S
66G9oZUcULJ1s6smxIhY/nbfUJOpQKwiUD9hbTya1MiXbbJISa/1CUgn94eFit8I
eLm4/XR2nKTYYxQhP/rinmDJh9jUU6J7kGSC6s7sQl7vZn/7iU/xcJk/6OZCndbl
hgWIjpE7gx7H2TcqOayYayiOJXjSNUbOy04jjkBysMyRTFOsFXRRDSxGVa48K085
L5IRQEt8/Ye5ILjALL928ahuCzb9sjEUTwabXeRJUklRWGcaiipPC2eRTxqGGafO
exBuMi1fT57P7YStHBo1AW/edIECAwEAAaOCAuUwggLhMB0GA1UdDgQWBBRoECyP
FOcx71Yl2H/mK0n0ae5KxDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzMyOTk1Njcy
MEJFQTExRjFCODVFQzdGQzM0M0Q4QzY3LnJvYTCBowYIKwYBBQUHAQcBAf8EgZMw
gZAweAQCAAEwcgMEAiv4RAMEAi13DAMEADHVJwMEAmc5/AMEAGd0qQMEAGeK0wME
AWeTrgMEAWeUigMEAWedzgMEAWed5gMEAWei4AMEAWerfgMEAWeuGgMEAWexOgME
AWexgAMEAGe1kwMEAmf/JAMEAKOAWwMEAaPjmDAUBAIAAjAOAwUAJAJcgAMFACQH
b8AwDQYJKoZIhvcNAQELBQADggEBACTZj3d6tyg9C4/2nzEeR0emEK8Jr/hzfUHE
DdrDOGnTlsv9k88yGgVoQT00EreoMGay7w9GPg7Ktd9k1CTaMtiI/rNCCqrds8DF
NQMioGvt5tm6fZFyr6SmysF2ERlWZRJZOW/M+LlCNQU6g7jRWCtztyUumtBc3H3B
tMwBJvjklTpC/kMkmVEUTPR8RNeDtpZlM2uMNwSIjKXQuZIw+jMgs5qqHCLFmLyh
a6DtZOM3TaaycICfEiTNxw5Dz9elc2kQ0slTkkKdD7UdBkb1VRIeuCZaC2SxGpBa
lTyAIxMNOC3HHTlN2U6KfIgM32gO2y7OR0THBebSeQZd/GYtIkc=
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:06:38 2026 by rpki-client