Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6E3B2B58070211EB85C3297EC4F9AE02.roa
File: 6E3B2B58070211EB85C3297EC4F9AE02.roa (raw, json)
Hash identifier: /wfqX8VTfMTXOUAixg/hP7v6UZPEIeoLmK5J19il5q0=
Subject key identifier: 78:91:5B:28:5F:2F:7A:BD:3B:F1:57:D0:3D:A1:E0:D5:3E:C4:FE:D4
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: EB45
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6E3B2B58070211EB85C3297EC4F9AE02.roa
Signing time: Sun 31 May 2026 17:50:51 +0000
ROA not before: Sun 31 May 2026 17:50:51 +0000
ROA not after: Thu 01 Oct 2026 00:00:00 +0000
asID: 45415
IP address blocks: 27.0.48.0/20 maxlen: 23
27.0.49.0/24 maxlen: 24
27.0.50.0/23 maxlen: 24
27.0.52.0/22 maxlen: 24
27.0.56.0/22 maxlen: 24
27.0.60.0/24 maxlen: 24
27.0.62.0/24 maxlen: 24
43.246.156.0/22 maxlen: 24
45.112.12.0/22 maxlen: 24
45.112.40.0/22 maxlen: 24
45.114.248.0/22 maxlen: 24
103.17.104.0/22 maxlen: 23
103.17.104.0/23 maxlen: 24
103.17.106.0/24 maxlen: 24
103.20.64.0/22 maxlen: 24
103.170.10.0/23 maxlen: 24
103.224.4.0/22 maxlen: 24
103.228.40.0/22 maxlen: 24
103.233.112.0/22 maxlen: 24
103.245.64.0/22 maxlen: 24
115.69.240.0/22 maxlen: 24
115.69.244.0/22 maxlen: 24
115.69.248.0/22 maxlen: 24
115.69.252.0/22 maxlen: 23
115.69.252.0/24 maxlen: 24
115.69.254.0/23 maxlen: 24
150.107.96.0/22 maxlen: 24
2406:ab00::/32 maxlen: 32
2407:8700::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Jun 2026 06:09:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60229 (0xeb45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 31 17:50:51 2026 GMT
Not After : Oct 1 00:00:00 2026 GMT
Subject: CN=6a1c74fb-7b18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3b:06:81:4d:a2:42:4e:b0:97:c9:27:d2:62:
76:a6:29:f0:6b:b5:02:43:c6:73:65:f5:b7:d4:47:
eb:25:ac:80:06:73:84:e4:53:18:75:a7:90:bb:06:
eb:fe:f5:74:ca:60:5b:a5:31:89:fe:ab:a1:e1:a5:
06:b9:8a:89:a5:81:7e:bb:f0:fa:44:e0:6f:79:f8:
ac:33:f7:8b:73:ed:84:ff:72:f0:9e:fd:ab:16:4c:
b9:51:6b:7c:d5:d2:64:22:2d:5e:4c:29:fd:fc:de:
75:8c:42:7b:f8:6f:b3:9b:73:3a:69:6f:81:a2:da:
98:06:24:c2:f3:22:9d:ff:85:b7:71:fc:67:ed:93:
ef:a6:e1:5f:56:c1:64:c2:5e:54:f4:40:a4:29:fc:
c5:d9:84:92:ae:b9:6b:8b:02:29:db:cd:11:89:8d:
26:f4:5d:e9:2a:b0:09:32:fe:57:55:a8:56:6a:95:
22:54:e4:c5:d1:b9:07:e1:3a:e0:22:c1:32:d4:ab:
f3:58:21:44:60:cf:65:23:32:c4:6d:a4:ee:8a:27:
bb:cf:9e:8d:9b:2c:cd:55:1d:74:94:ec:0d:a8:9b:
64:88:49:58:9c:00:6f:c5:35:1e:76:0a:d4:1b:49:
3f:44:49:7c:89:ad:fb:f6:59:3a:5c:2e:6a:98:56:
8f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:91:5B:28:5F:2F:7A:BD:3B:F1:57:D0:3D:A1:E0:D5:3E:C4:FE:D4
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6E3B2B58070211EB85C3297EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
27.0.48.0/20
43.246.156.0/22
45.112.12.0/22
45.112.40.0/22
45.114.248.0/22
103.17.104.0/22
103.20.64.0/22
103.170.10.0/23
103.224.4.0/22
103.228.40.0/22
103.233.112.0/22
103.245.64.0/22
115.69.240.0/20
150.107.96.0/22
IPv6:
2406:ab00::/32
2407:8700::/32
Signature Algorithm: sha256WithRSAEncryption
64:ac:50:63:7c:db:2f:4f:5e:17:68:db:da:97:6d:be:97:0a:
42:5c:53:d8:1b:74:43:7d:69:9a:a8:17:b4:47:67:2e:f5:63:
45:01:67:72:3e:8b:8e:08:5f:38:f4:2a:36:02:0f:92:99:25:
a1:df:7b:e0:cf:7d:ad:82:ca:c6:d9:5b:cb:32:f2:c0:80:6c:
17:ab:94:aa:0c:e3:64:a2:31:f2:2f:e5:e1:1d:b6:89:e4:a0:
e2:8f:f9:f1:04:10:9a:a8:f5:ef:dc:f2:ee:2e:af:0a:97:b9:
1a:95:ea:b3:9e:5a:f4:1b:39:42:75:32:3a:54:25:91:e3:22:
3b:cf:07:04:e3:05:aa:5c:31:63:85:d3:1e:db:db:b0:50:ce:
21:6c:2a:33:6d:c7:e9:92:73:aa:01:a2:33:8c:33:59:25:24:
df:fd:9b:a0:fa:5b:17:0b:64:7b:8e:54:65:ee:96:88:40:94:
a7:55:23:d9:1e:6b:7c:b3:a8:12:cb:58:5c:52:28:f8:10:1f:
ee:2d:ee:66:d8:6f:4b:e4:ed:68:88:d5:a9:7d:c2:61:7f:54:
68:d0:33:e4:33:db:36:55:bb:75:fc:0e:b9:f5:57:c3:a9:90:
6f:5b:84:86:7d:4a:ac:59:42:4a:93:11:d0:f7:60:2b:58:7f:
1b:0f:30:ad
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgIDAOtFMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDUzMTE3NTA1MVoXDTI2MTAwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNmExYzc0ZmItN2IxODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIg7BoFNokJOsJfJJ9JidqYp8Gu1AkPGc2X1t9RH6yWsgAZzhORTGHWnkLsG
6/71dMpgW6Uxif6roeGlBrmKiaWBfrvw+kTgb3n4rDP3i3PthP9y8J79qxZMuVFr
fNXSZCItXkwp/fzedYxCe/hvs5tzOmlvgaLamAYkwvMinf+Ft3H8Z+2T76bhX1bB
ZMJeVPRApCn8xdmEkq65a4sCKdvNEYmNJvRd6SqwCTL+V1WoVmqVIlTkxdG5B+E6
4CLBMtSr81ghRGDPZSMyxG2k7oonu8+ejZsszVUddJTsDaibZIhJWJwAb8U1HnYK
1BtJP0RJfImt+/ZZOlwuaphWj00CAwEAAaOCAsUwggLBMB0GA1UdDgQWBBR4kVso
Xy96vTvxV9A9oeDVPsT+1DAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzZFM0IyQjU4
MDcwMjExRUI4NUMzMjk3RUM0RjlBRTAyLnJvYTCBgwYIKwYBBQUHAQcBAf8EdDBy
MFoEAgABMFQDBAQbADADBAIr9pwDBAItcAwDBAItcCgDBAItcvgDBAJnEWgDBAJn
FEADBAFnqgoDBAJn4AQDBAJn5CgDBAJn6XADBAJn9UADBARzRfADBAKWa2AwFAQC
AAIwDgMFACQGqwADBQAkB4cAMA0GCSqGSIb3DQEBCwUAA4IBAQBkrFBjfNsvT14X
aNval22+lwpCXFPYG3RDfWmaqBe0R2cu9WNFAWdyPouOCF849Co2Ag+SmSWh33vg
z32tgsrG2VvLMvLAgGwXq5SqDONkojHyL+XhHbaJ5KDij/nxBBCaqPXv3PLuLq8K
l7kaleqznlr0GzlCdTI6VCWR4yI7zwcE4wWqXDFjhdMe29uwUM4hbCozbcfpknOq
AaIzjDNZJSTf/Zug+lsXC2R7jlRl7paIQJSnVSPZHmt8s6gSy1hcUij4EB/uLe5m
2G9L5O1oiNWpfcJhf1Ro0DPkM9s2Vbt1/A659VfDqZBvW4SGfUqsWUJKkxHQ92Ar
WH8bDzCt
-----END CERTIFICATE-----
Generated at Thu Jun 4 10:06:37 2026 by rpki-client