Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7403EBDAEC7911F09ED87EBA536F56BC.roa
File: 7403EBDAEC7911F09ED87EBA536F56BC.roa (raw, json)
Hash identifier: u9yjz/3MrcfaGGgw2fTEpGxWbtxPDs6xbb/LVq4I4Ms=
Subject key identifier: 31:9D:BC:8D:0A:C1:24:6C:31:A7:9B:29:F6:8C:21:10:27:95:34:8B
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: DB08
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7403EBDAEC7911F09ED87EBA536F56BC.roa
Signing time: Sun 01 Mar 2026 23:06:31 +0000
ROA not before: Mon 09 Feb 2026 06:51:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 140641
IP address blocks: 103.69.43.0/24 maxlen: 24
103.93.94.0/24 maxlen: 24
103.95.50.0/23 maxlen: 24
103.97.104.0/24 maxlen: 24
103.97.105.0/24 maxlen: 24
103.97.106.0/24 maxlen: 24
103.97.107.0/24 maxlen: 24
103.117.212.0/24 maxlen: 24
103.119.170.0/23 maxlen: 24
103.129.97.0/24 maxlen: 24
103.131.26.0/24 maxlen: 24
103.139.7.0/24 maxlen: 24
103.140.72.0/24 maxlen: 24
103.152.79.0/24 maxlen: 24
103.171.44.0/24 maxlen: 24
103.171.45.0/24 maxlen: 24
103.218.124.0/24 maxlen: 24
103.218.125.0/24 maxlen: 24
103.218.126.0/24 maxlen: 24
103.218.127.0/24 maxlen: 24
103.240.89.0/24 maxlen: 24
103.251.150.0/24 maxlen: 24
103.253.70.0/24 maxlen: 24
163.227.186.0/24 maxlen: 24
163.227.187.0/24 maxlen: 24
175.158.75.0/24 maxlen: 24
202.162.240.0/24 maxlen: 24
202.162.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 12 Mar 2026 06:19:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56072 (0xdb08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Feb 9 06:51:11 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a4c677-567e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:7d:32:8f:80:76:56:9a:43:47:d1:46:cc:44:
c4:32:f6:67:f8:c9:e6:0e:65:8f:b4:b0:4e:6c:c8:
7c:97:5d:b9:21:3a:f4:d1:95:2e:e3:63:be:a5:a5:
43:c3:70:2b:f4:ba:de:33:55:5d:0f:10:f9:7f:3b:
ff:0f:be:aa:da:1e:df:14:18:c7:99:65:c7:5d:19:
62:8c:02:b6:9c:24:95:f2:fb:e5:92:dd:0b:5d:0d:
30:ce:f1:e6:e0:b3:82:a8:51:55:37:da:08:bd:69:
1d:ed:10:76:31:6c:1b:2a:a4:68:4d:23:d2:2f:74:
c3:ba:3d:62:c2:1e:b1:66:b2:33:83:74:96:0d:a7:
3e:7b:4e:60:d6:32:27:95:5e:3a:bb:31:79:6b:c2:
ac:2c:8e:65:12:1e:3b:5c:c8:42:78:d9:02:b6:cd:
d1:a7:d9:ac:6a:f4:3f:f9:be:f6:c7:3e:5d:ef:02:
d1:15:25:b8:3d:bd:15:e8:94:c8:6b:1e:6c:0d:de:
45:21:a5:83:c5:1b:0d:b0:db:3c:b4:85:29:1b:14:
60:2e:07:05:08:a3:6d:31:7c:fb:bd:b6:e0:89:7b:
7a:ff:8b:71:be:19:80:0d:5b:43:6b:ea:90:9d:7d:
3c:68:e1:8a:c2:69:cd:49:cd:c9:62:96:79:0c:e2:
cc:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:9D:BC:8D:0A:C1:24:6C:31:A7:9B:29:F6:8C:21:10:27:95:34:8B
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7403EBDAEC7911F09ED87EBA536F56BC.roa
sbgp-ipAddrBlock: critical
IPv4:
103.69.43.0/24
103.93.94.0/24
103.95.50.0/23
103.97.104.0/22
103.117.212.0/24
103.119.170.0/23
103.129.97.0/24
103.131.26.0/24
103.139.7.0/24
103.140.72.0/24
103.152.79.0/24
103.171.44.0/23
103.218.124.0/22
103.240.89.0/24
103.251.150.0/24
103.253.70.0/24
163.227.186.0/23
175.158.75.0/24
202.162.240.0/23
Signature Algorithm: sha256WithRSAEncryption
99:b9:61:2e:56:d2:41:a6:72:cb:7a:3c:9c:0d:2e:2c:15:b0:
e5:f9:6f:c6:89:a2:29:70:a9:78:6e:2b:3c:38:97:5a:15:83:
7a:a6:46:1b:2e:b6:7c:23:5c:80:71:5c:e0:9d:66:26:f3:22:
87:5f:f7:3c:ea:f8:be:4a:e7:26:d1:20:5d:4e:87:7a:62:c9:
42:df:ae:56:55:87:b8:52:75:52:57:6c:99:fb:c2:50:60:08:
84:e1:fb:15:e3:b6:85:15:e5:9e:db:a4:f3:30:8d:56:dc:0f:
8b:ce:de:ee:c6:c5:c5:a0:da:76:02:ad:0a:c3:8a:35:cb:7c:
89:90:dd:fd:a1:24:2b:ba:98:06:92:35:bf:61:9a:2c:8a:c4:
67:4e:2e:4d:e1:24:93:a1:4d:67:fe:17:a4:17:93:e1:d8:37:
35:07:a5:07:38:d5:07:fe:ef:45:9e:ed:02:c2:ee:3c:3a:a7:
a4:c7:5d:c3:38:eb:a9:69:cf:82:cd:19:11:cb:e1:82:ac:ca:
87:63:3e:43:ca:51:84:37:9d:d7:a6:b1:d7:ce:60:fa:90:64:
82:aa:b2:3f:0b:d7:98:83:c3:b5:69:c1:52:5c:d0:0c:18:91:
bd:04:e0:66:67:09:c8:a1:37:7b:6f:51:ab:30:ec:04:4e:d1:
3c:c6:fb:fa
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgIDANsIMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDIwOTA2NTExMVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjlhNGM2NzctNTY3ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM19Mo+AdlaaQ0fRRsxExDL2Z/jJ5g5lj7SwTmzIfJdduSE69NGVLuNjvqWl
Q8NwK/S63jNVXQ8Q+X87/w++qtoe3xQYx5llx10ZYowCtpwklfL75ZLdC10NMM7x
5uCzgqhRVTfaCL1pHe0QdjFsGyqkaE0j0i90w7o9YsIesWayM4N0lg2nPntOYNYy
J5VeOrsxeWvCrCyOZRIeO1zIQnjZArbN0afZrGr0P/m+9sc+Xe8C0RUluD29FeiU
yGsebA3eRSGlg8UbDbDbPLSFKRsUYC4HBQijbTF8+7224Il7ev+Lcb4ZgA1bQ2vq
kJ19PGjhisJpzUnNyWKWeQzizKUCAwEAAaOCAs0wggLJMB0GA1UdDgQWBBQxnbyN
CsEkbDGnmyn2jCEQJ5U0izAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzc0MDNFQkRB
RUM3OTExRjA5RUQ4N0VCQTUzNkY1NkJDLnJvYTCBiwYIKwYBBQUHAQcBAf8EfDB6
MHgEAgABMHIDBABnRSsDBABnXV4DBAFnXzIDBAJnYWgDBABnddQDBAFnd6oDBABn
gWEDBABngxoDBABniwcDBABnjEgDBABnmE8DBAFnqywDBAJn2nwDBABn8FkDBABn
+5YDBABn/UYDBAGj47oDBACvnksDBAHKovAwDQYJKoZIhvcNAQELBQADggEBAJm5
YS5W0kGmcst6PJwNLiwVsOX5b8aJoilwqXhuKzw4l1oVg3qmRhsutnwjXIBxXOCd
ZibzIodf9zzq+L5K5ybRIF1Oh3piyULfrlZVh7hSdVJXbJn7wlBgCITh+xXjtoUV
5Z7bpPMwjVbcD4vO3u7GxcWg2nYCrQrDijXLfImQ3f2hJCu6mAaSNb9hmiyKxGdO
Lk3hJJOhTWf+F6QXk+HYNzUHpQc41Qf+70We7QLC7jw6p6THXcM466lpz4LNGRHL
4YKsyodjPkPKUYQ3ndemsdfOYPqQZIKqsj8L15iDw7VpwVJc0AwYkb0E4GZnCcih
N3tvUasw7ARO0TzG+/o=
-----END CERTIFICATE-----
Generated at Thu Mar 5 23:54:48 2026 by rpki-client