Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7403EBDAEC7911F09ED87EBA536F56BC.roa
File: 7403EBDAEC7911F09ED87EBA536F56BC.roa (raw, json)
Hash identifier: HD0Esp1LtVAt0kddz3IQCZWZKxgeKibUP9HOJ589L4U=
Subject key identifier: 5F:EA:43:57:43:93:15:00:F6:4E:8F:9E:D0:F5:FB:1E:51:6E:0C:00
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: EBF4
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7403EBDAEC7911F09ED87EBA536F56BC.roa
Signing time: Tue 02 Jun 2026 11:12:12 +0000
ROA not before: Tue 02 Jun 2026 11:12:12 +0000
ROA not after: Thu 01 Oct 2026 00:00:00 +0000
asID: 140641
IP address blocks: 103.69.43.0/24 maxlen: 24
103.93.94.0/24 maxlen: 24
103.95.50.0/23 maxlen: 24
103.97.104.0/24 maxlen: 24
103.97.105.0/24 maxlen: 24
103.97.106.0/24 maxlen: 24
103.97.107.0/24 maxlen: 24
103.110.12.0/24 maxlen: 24
103.110.13.0/24 maxlen: 24
103.110.14.0/24 maxlen: 24
103.110.15.0/24 maxlen: 24
103.117.212.0/24 maxlen: 24
103.119.170.0/23 maxlen: 24
103.129.97.0/24 maxlen: 24
103.131.26.0/24 maxlen: 24
103.139.7.0/24 maxlen: 24
103.140.72.0/24 maxlen: 24
103.152.79.0/24 maxlen: 24
103.171.44.0/24 maxlen: 24
103.171.45.0/24 maxlen: 24
103.218.124.0/24 maxlen: 24
103.218.125.0/24 maxlen: 24
103.218.126.0/24 maxlen: 24
103.218.127.0/24 maxlen: 24
103.240.89.0/24 maxlen: 24
103.251.150.0/24 maxlen: 24
103.253.70.0/24 maxlen: 24
163.227.186.0/24 maxlen: 24
163.227.187.0/24 maxlen: 24
175.158.75.0/24 maxlen: 24
182.255.56.0/24 maxlen: 24
182.255.57.0/24 maxlen: 24
182.255.58.0/24 maxlen: 24
182.255.59.0/24 maxlen: 24
202.162.240.0/24 maxlen: 24
202.162.241.0/24 maxlen: 24
202.162.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Jun 2026 06:09:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60404 (0xebf4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jun 2 11:12:12 2026 GMT
Not After : Oct 1 00:00:00 2026 GMT
Subject: CN=6a1eba8c-e58a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5a:d4:7d:96:be:f0:20:e0:4b:88:52:05:b8:
88:7a:44:50:f3:d3:e1:26:0e:e5:03:9f:0e:cc:12:
d1:23:b5:a8:ee:79:96:f3:77:2f:bd:0f:b8:d1:7a:
f5:0a:57:83:2e:36:79:df:f7:96:2e:02:39:9a:ae:
e5:f4:ed:23:0b:c4:d6:ac:59:89:f7:8f:d8:df:47:
71:5d:ee:07:e4:6d:ab:16:a4:b2:ac:cb:74:67:a1:
f0:75:44:c7:10:37:0b:3b:b6:a3:37:f8:2a:52:f9:
f7:35:5d:26:47:bf:21:4c:c7:1f:c9:70:4f:9a:29:
bc:74:99:fb:7a:ef:fe:40:4c:00:2d:a0:60:3a:07:
54:ce:02:38:a9:ee:cb:b7:17:a8:18:10:d4:b6:e5:
0c:bd:17:86:25:31:f7:8f:4c:cd:12:9a:a9:10:ea:
1c:5c:73:b6:63:6a:80:dd:ad:e7:29:f9:64:fc:1a:
03:a5:86:8e:21:c1:d0:44:9e:c1:f4:91:43:9a:9a:
9a:8f:20:f2:50:8f:ee:5f:86:a0:b5:f1:27:64:00:
5a:5b:54:5d:de:51:d7:08:56:de:51:49:0b:24:05:
8f:25:74:87:28:5a:5d:5e:a7:21:32:af:7e:1f:c5:
2f:5a:18:ed:cd:8d:7e:48:de:7e:78:be:a3:1b:fe:
cf:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:EA:43:57:43:93:15:00:F6:4E:8F:9E:D0:F5:FB:1E:51:6E:0C:00
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7403EBDAEC7911F09ED87EBA536F56BC.roa
sbgp-ipAddrBlock: critical
IPv4:
103.69.43.0/24
103.93.94.0/24
103.95.50.0/23
103.97.104.0/22
103.110.12.0/22
103.117.212.0/24
103.119.170.0/23
103.129.97.0/24
103.131.26.0/24
103.139.7.0/24
103.140.72.0/24
103.152.79.0/24
103.171.44.0/23
103.218.124.0/22
103.240.89.0/24
103.251.150.0/24
103.253.70.0/24
163.227.186.0/23
175.158.75.0/24
182.255.56.0/22
202.162.240.0/23
202.162.243.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:7a:eb:3c:fc:28:d0:c4:11:12:3d:80:a6:47:8f:6b:ec:1c:
d1:64:60:ac:4a:fc:38:97:36:19:a5:d5:61:54:63:63:d1:6a:
34:41:1f:47:71:95:9b:0b:0e:26:a5:1d:33:d6:96:75:45:20:
eb:ce:1d:c6:44:e4:c3:fb:ff:ad:c2:03:0f:26:7a:d7:b6:a0:
a7:c6:dc:ed:9f:5a:e3:4e:7f:71:1d:d1:4a:7e:86:59:fe:6f:
45:6f:a8:91:ea:7b:a8:f5:6c:72:56:8f:84:48:74:fb:43:79:
63:41:7b:c3:5f:b7:59:51:15:4f:80:6e:42:36:ea:86:83:5d:
39:1f:6a:e9:6e:92:7e:20:d1:2c:d5:94:d7:92:2a:3a:fd:30:
b5:df:9a:92:0d:13:19:2f:d5:23:75:58:20:cf:f9:44:4b:6e:
8e:09:57:52:d8:03:13:0f:33:33:62:91:f7:ac:59:0a:6b:60:
5d:c3:18:51:f2:d8:10:88:dc:33:39:c2:1e:3a:74:8f:a9:69:
56:e3:27:bf:c5:a3:a0:dd:38:c6:55:13:47:94:61:00:5f:60:
e5:72:32:f6:45:2d:39:72:d2:47:58:c6:b5:c3:3c:1f:33:12:
d1:4c:a6:f6:12:03:bb:e5:4b:11:79:2a:c2:3b:4d:3d:f3:b0:
b4:94:00:c4
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIDAOv0MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDYwMjExMTIxMloXDTI2MTAwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNmExZWJhOGMtZTU4YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJa1H2WvvAg4EuIUgW4iHpEUPPT4SYO5QOfDswS0SO1qO55lvN3L70PuNF6
9QpXgy42ed/3li4COZqu5fTtIwvE1qxZifeP2N9HcV3uB+RtqxaksqzLdGeh8HVE
xxA3Czu2ozf4KlL59zVdJke/IUzHH8lwT5opvHSZ+3rv/kBMAC2gYDoHVM4COKnu
y7cXqBgQ1LblDL0XhiUx949MzRKaqRDqHFxztmNqgN2t5yn5ZPwaA6WGjiHB0ESe
wfSRQ5qamo8g8lCP7l+GoLXxJ2QAWltUXd5R1whW3lFJCyQFjyV0hyhaXV6nITKv
fh/FL1oY7c2Nfkjefni+oxv+z/UCAwEAAaOCAuMwggLfMB0GA1UdDgQWBBRf6kNX
Q5MVAPZOj57Q9fseUW4MADAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzc0MDNFQkRB
RUM3OTExRjA5RUQ4N0VCQTUzNkY1NkJDLnJvYTCBoQYIKwYBBQUHAQcBAf8EgZEw
gY4wgYsEAgABMIGEAwQAZ0UrAwQAZ11eAwQBZ18yAwQCZ2FoAwQCZ24MAwQAZ3XU
AwQBZ3eqAwQAZ4FhAwQAZ4MaAwQAZ4sHAwQAZ4xIAwQAZ5hPAwQBZ6ssAwQCZ9p8
AwQAZ/BZAwQAZ/uWAwQAZ/1GAwQBo+O6AwQAr55LAwQCtv84AwQByqLwAwQAyqLz
MA0GCSqGSIb3DQEBCwUAA4IBAQCzeus8/CjQxBESPYCmR49r7BzRZGCsSvw4lzYZ
pdVhVGNj0Wo0QR9HcZWbCw4mpR0z1pZ1RSDrzh3GROTD+/+twgMPJnrXtqCnxtzt
n1rjTn9xHdFKfoZZ/m9Fb6iR6nuo9WxyVo+ESHT7Q3ljQXvDX7dZURVPgG5CNuqG
g105H2rpbpJ+INEs1ZTXkio6/TC135qSDRMZL9UjdVggz/lES26OCVdS2AMTDzMz
YpH3rFkKa2BdwxhR8tgQiNwzOcIeOnSPqWlW4ye/xaOg3TjGVRNHlGEAX2DlcjL2
RS05ctJHWMa1wzwfMxLRTKb2EgO75UsReSrCO00987C0lADE
-----END CERTIFICATE-----
Generated at Thu Jun 4 11:09:07 2026 by rpki-client