Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/92E79D5C03DC11EBBC0DBC0BC4F9AE02.roa
File: 92E79D5C03DC11EBBC0DBC0BC4F9AE02.roa (raw, json)
Hash identifier: u6Il8J0Fq1S30xp7bfCCu9aGLmRdgyTrhtJJ1krMFEw=
Subject key identifier: 79:C0:DC:C6:B7:DF:44:85:1C:B3:C9:56:D1:C1:EF:A7:72:2C:7B:72
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: E1C8
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/92E79D5C03DC11EBBC0DBC0BC4F9AE02.roa
Signing time: Sun 31 May 2026 16:31:47 +0000
ROA not before: Sun 31 May 2026 16:31:47 +0000
ROA not after: Thu 01 Oct 2026 00:00:00 +0000
asID: 132137
IP address blocks: 45.112.0.0/22 maxlen: 24
45.123.92.0/22 maxlen: 24
45.252.68.0/22 maxlen: 24
103.1.48.0/23 maxlen: 24
103.36.44.0/22 maxlen: 24
103.51.72.0/22 maxlen: 24
103.74.196.0/22 maxlen: 24
103.75.28.0/22 maxlen: 24
103.135.200.0/24 maxlen: 24
103.135.201.0/24 maxlen: 24
103.135.202.0/24 maxlen: 24
103.135.203.0/24 maxlen: 24
103.162.162.0/23 maxlen: 24
103.221.68.0/22 maxlen: 24
103.246.240.0/22 maxlen: 24
110.44.100.0/22 maxlen: 24
111.125.244.0/24 maxlen: 24
113.30.216.0/22 maxlen: 24
183.87.192.0/24 maxlen: 24
183.87.240.0/21 maxlen: 24
183.87.248.0/23 maxlen: 24
2401:e500::/32 maxlen: 32
2401:e500::/33 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Jun 2026 06:09:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57800 (0xe1c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 31 16:31:47 2026 GMT
Not After : Oct 1 00:00:00 2026 GMT
Subject: CN=6a1c6273-e8e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d1:bd:42:40:09:0e:fd:a2:3d:02:12:bf:da:
1b:67:7e:2f:e4:bb:c5:85:30:5c:da:6b:4b:df:30:
2f:19:f4:d9:dc:91:5e:7b:ef:d8:b0:c8:f8:8a:26:
78:a1:e9:1b:f7:02:70:da:1f:87:24:a6:7e:98:c7:
2c:c4:4c:3d:76:7d:c5:67:44:5b:e3:91:f3:52:ef:
14:8f:dc:29:fe:a2:45:24:8a:3f:3c:1c:21:fd:2f:
41:a6:05:b3:63:65:48:80:b4:16:8a:16:0a:7b:3c:
8b:85:3a:52:fe:b5:15:70:dd:8c:b2:9c:3d:fb:23:
cc:c2:6c:f2:d0:26:33:46:d1:83:51:0b:d6:83:ba:
34:b6:6a:b9:97:1c:ce:be:73:38:98:10:a8:d8:f2:
20:2d:e9:f8:6b:74:65:21:55:5a:f5:1c:41:bf:ed:
32:22:60:97:e4:d4:e9:9b:b1:82:5e:b4:06:a7:c8:
95:9b:bd:3b:63:68:57:17:2b:e9:05:4f:17:66:e6:
eb:aa:14:3f:73:a4:7a:56:1f:f9:17:64:93:94:81:
fb:8e:f5:8b:69:3f:da:fc:6d:cb:a4:4c:90:ae:b2:
32:96:f6:4b:89:14:e5:0b:e8:5a:aa:34:7e:52:37:
b7:dc:7a:9a:60:53:d4:a2:bc:4f:4d:c9:5b:89:8a:
dd:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:C0:DC:C6:B7:DF:44:85:1C:B3:C9:56:D1:C1:EF:A7:72:2C:7B:72
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/92E79D5C03DC11EBBC0DBC0BC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.112.0.0/22
45.123.92.0/22
45.252.68.0/22
103.1.48.0/23
103.36.44.0/22
103.51.72.0/22
103.74.196.0/22
103.75.28.0/22
103.135.200.0/22
103.162.162.0/23
103.221.68.0/22
103.246.240.0/22
110.44.100.0/22
111.125.244.0/24
113.30.216.0/22
183.87.192.0/24
183.87.240.0-183.87.249.255
IPv6:
2401:e500::/32
Signature Algorithm: sha256WithRSAEncryption
0f:49:61:d9:93:54:e9:a5:9c:c2:62:14:01:d6:cb:3a:32:f0:
6c:f6:2c:79:d2:b4:6e:0f:8e:e7:4f:0c:8a:61:62:aa:ea:ce:
7a:7b:67:dc:94:d5:40:bb:77:c9:f8:ae:7c:66:54:0f:1e:9b:
e6:7e:25:bf:a0:6d:5d:d9:0e:ab:44:2d:b0:1a:1b:a3:43:b1:
3a:07:ea:de:51:0e:23:41:10:0a:bd:88:8b:49:da:33:e0:99:
1d:64:1e:b9:dc:40:23:de:fc:a6:c7:af:68:8e:50:7e:44:1d:
5f:c1:ef:0d:df:91:13:ef:53:75:17:bd:c4:7b:cf:98:92:01:
98:8a:69:e5:9f:f5:4e:1e:e6:6e:6b:01:bb:36:8d:a9:ee:38:
2f:46:94:a1:99:a3:71:69:de:69:8c:02:a4:1b:b2:7d:9c:d4:
d2:28:8a:06:1b:a5:99:8c:76:eb:9e:d7:53:a4:ca:33:25:d5:
02:73:34:54:bc:11:e9:11:0d:99:cb:74:fe:3a:c0:40:cd:df:
a6:94:74:8a:bc:d5:8d:f0:08:56:55:a9:c6:76:7e:d2:51:4f:
c0:76:20:30:b6:27:57:42:e3:fe:90:0e:54:7c:36:7f:c1:c2:
5d:cf:97:f9:68:16:df:58:00:72:3f:3f:e0:96:15:e2:e4:eb:
55:5d:92:c6
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgIDAOHIMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDUzMTE2MzE0N1oXDTI2MTAwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNmExYzYyNzMtZThlODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJfRvUJACQ79oj0CEr/aG2d+L+S7xYUwXNprS98wLxn02dyRXnvv2LDI+Iom
eKHpG/cCcNofhySmfpjHLMRMPXZ9xWdEW+OR81LvFI/cKf6iRSSKPzwcIf0vQaYF
s2NlSIC0FooWCns8i4U6Uv61FXDdjLKcPfsjzMJs8tAmM0bRg1EL1oO6NLZquZcc
zr5zOJgQqNjyIC3p+Gt0ZSFVWvUcQb/tMiJgl+TU6Zuxgl60BqfIlZu9O2NoVxcr
6QVPF2bm66oUP3OkelYf+Rdkk5SB+471i2k/2vxty6RMkK6yMpb2S4kU5QvoWqo0
flI3t9x6mmBT1KK8T03JW4mK3esCAwEAAaOCAtowggLWMB0GA1UdDgQWBBR5wNzG
t99EhRyzyVbRwe+ncix7cjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzkyRTc5RDVD
MDNEQzExRUJCQzBEQkMwQkM0RjlBRTAyLnJvYTCBmAYIKwYBBQUHAQcBAf8EgYgw
gYUwdAQCAAEwbgMEAi1wAAMEAi17XAMEAi38RAMEAWcBMAMEAmckLAMEAmczSAME
AmdKxAMEAmdLHAMEAmeHyAMEAWeiogMEAmfdRAMEAmf28AMEAm4sZAMEAG999AME
AnEe2AMEALdXwDAMAwQEt1fwAwQBt1f4MA0EAgACMAcDBQAkAeUAMA0GCSqGSIb3
DQEBCwUAA4IBAQAPSWHZk1TppZzCYhQB1ss6MvBs9ix50rRuD47nTwyKYWKq6s56
e2fclNVAu3fJ+K58ZlQPHpvmfiW/oG1d2Q6rRC2wGhujQ7E6B+reUQ4jQRAKvYiL
Sdoz4JkdZB653EAj3vymx69ojlB+RB1fwe8N35ET71N1F73Ee8+YkgGYimnln/VO
HuZuawG7No2p7jgvRpShmaNxad5pjAKkG7J9nNTSKIoGG6WZjHbrntdTpMozJdUC
czRUvBHpEQ2Zy3T+OsBAzd+mlHSKvNWN8AhWVanGdn7SUU/AdiAwtidXQuP+kA5U
fDZ/wcJdz5f5aBbfWAByPz/glhXi5OtVXZLG
-----END CERTIFICATE-----
Generated at Thu Jun 4 10:06:32 2026 by rpki-client