Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B795678A8D4B11F0872E1828C4F9AE02.roa
File: B795678A8D4B11F0872E1828C4F9AE02.roa (raw, json)
Hash identifier: aVtt8KsuwkACW6LXvEM4TwBNqVL2LfGvsBafNvBJHrI=
Subject key identifier: CC:54:42:36:49:39:6B:6C:A6:1E:68:F8:35:DB:9C:3C:54:4C:E0:23
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: E1CB
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B795678A8D4B11F0872E1828C4F9AE02.roa
Signing time: Sun 31 May 2026 16:31:53 +0000
ROA not before: Sun 31 May 2026 16:31:53 +0000
ROA not after: Thu 01 Oct 2026 00:00:00 +0000
asID: 132215
IP address blocks: 1.6.136.0/24 maxlen: 24
1.6.226.0/24 maxlen: 24
1.6.227.0/24 maxlen: 24
1.6.228.0/24 maxlen: 24
1.7.142.0/24 maxlen: 24
1.7.151.0/24 maxlen: 24
1.7.161.0/24 maxlen: 24
1.7.162.0/24 maxlen: 24
1.7.180.0/24 maxlen: 24
1.7.200.0/24 maxlen: 24
1.7.201.0/24 maxlen: 24
1.7.202.0/24 maxlen: 24
43.227.132.0/22 maxlen: 24
45.127.208.0/22 maxlen: 24
45.127.228.0/22 maxlen: 24
45.127.236.0/22 maxlen: 24
45.249.232.0/22 maxlen: 22
45.249.234.0/24 maxlen: 24
45.249.235.0/24 maxlen: 24
58.84.20.0/22 maxlen: 24
58.84.24.0/22 maxlen: 24
59.152.80.0/22 maxlen: 24
61.14.204.0/22 maxlen: 24
103.7.128.0/22 maxlen: 24
103.15.228.0/22 maxlen: 24
103.59.140.0/22 maxlen: 24
103.70.60.0/22 maxlen: 24
103.120.28.0/22 maxlen: 24
103.196.188.0/22 maxlen: 24
103.196.216.0/22 maxlen: 24
103.196.224.0/22 maxlen: 24
103.197.36.0/22 maxlen: 24
103.197.40.0/22 maxlen: 24
103.197.80.0/22 maxlen: 24
103.197.100.0/22 maxlen: 24
103.197.124.0/22 maxlen: 24
103.197.128.0/22 maxlen: 24
103.197.136.0/22 maxlen: 24
103.197.140.0/22 maxlen: 24
103.200.76.0/22 maxlen: 24
103.200.80.0/22 maxlen: 24
103.200.88.0/22 maxlen: 24
103.203.80.0/22 maxlen: 24
103.218.228.0/24 maxlen: 24
103.218.229.0/24 maxlen: 24
111.235.68.0/22 maxlen: 24
114.134.16.0/22 maxlen: 24
202.177.153.0/24 maxlen: 24
202.177.157.0/24 maxlen: 24
218.185.248.0/22 maxlen: 24
220.158.128.0/22 maxlen: 24
220.158.144.0/22 maxlen: 24
220.158.168.0/22 maxlen: 24
220.158.172.0/22 maxlen: 24
220.158.180.0/22 maxlen: 24
220.158.184.0/22 maxlen: 24
223.31.120.0/24 maxlen: 24
223.31.121.0/24 maxlen: 24
223.31.122.0/24 maxlen: 24
223.31.123.0/24 maxlen: 24
223.31.159.0/24 maxlen: 24
223.31.174.0/24 maxlen: 24
2401:ac20::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Jun 2026 06:09:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57803 (0xe1cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 31 16:31:53 2026 GMT
Not After : Oct 1 00:00:00 2026 GMT
Subject: CN=6a1c6279-8320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f1:95:27:ec:65:54:d9:1d:4c:fb:60:98:d2:
6f:e9:5b:15:a6:86:ef:40:be:96:ee:01:e9:65:ac:
36:93:02:b8:35:3b:e8:23:cb:65:ea:1b:3d:12:49:
0d:12:9a:dd:68:be:38:8d:a3:05:64:c2:d1:3c:91:
46:1d:c7:83:9d:87:6d:b2:07:ff:41:90:8d:16:8e:
0c:7e:0d:37:d7:2f:3e:86:1c:da:60:d8:87:33:4a:
3f:9c:67:77:b8:f7:50:70:1a:c2:f0:81:0d:f8:3d:
88:d6:1a:2e:c9:0f:38:b4:00:5d:c0:6e:85:3f:bc:
e2:01:42:f4:21:b9:b1:7e:c4:0b:6d:0b:5a:ef:53:
42:18:69:df:56:1a:26:1a:10:9b:46:c8:53:fc:d8:
38:9c:0a:1b:80:8b:79:da:8d:20:bd:79:24:3c:fc:
fd:eb:e8:ab:25:61:4a:60:5d:cf:44:f5:5d:57:a8:
e3:3b:5c:7f:2c:d6:13:e1:f5:e9:d9:f6:50:aa:95:
1b:45:e5:0b:d6:a2:9b:b9:dc:35:1d:c0:24:3e:d8:
62:85:fa:3b:4d:b6:0a:9d:0c:53:a3:1a:30:21:e9:
60:a8:3d:5a:43:88:d1:75:14:26:00:06:9f:e1:81:
dc:ef:8f:6f:e9:0b:3f:5a:04:7f:e9:3a:83:32:87:
77:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:54:42:36:49:39:6B:6C:A6:1E:68:F8:35:DB:9C:3C:54:4C:E0:23
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B795678A8D4B11F0872E1828C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
1.6.136.0/24
1.6.226.0-1.6.228.255
1.7.142.0/24
1.7.151.0/24
1.7.161.0-1.7.162.255
1.7.180.0/24
1.7.200.0-1.7.202.255
43.227.132.0/22
45.127.208.0/22
45.127.228.0/22
45.127.236.0/22
45.249.232.0/22
58.84.20.0-58.84.27.255
59.152.80.0/22
61.14.204.0/22
103.7.128.0/22
103.15.228.0/22
103.59.140.0/22
103.70.60.0/22
103.120.28.0/22
103.196.188.0/22
103.196.216.0/22
103.196.224.0/22
103.197.36.0-103.197.43.255
103.197.80.0/22
103.197.100.0/22
103.197.124.0-103.197.131.255
103.197.136.0/21
103.200.76.0-103.200.83.255
103.200.88.0/22
103.203.80.0/22
103.218.228.0/23
111.235.68.0/22
114.134.16.0/22
202.177.153.0/24
202.177.157.0/24
218.185.248.0/22
220.158.128.0/22
220.158.144.0/22
220.158.168.0/21
220.158.180.0-220.158.187.255
223.31.120.0/22
223.31.159.0/24
223.31.174.0/24
IPv6:
2401:ac20::/32
Signature Algorithm: sha256WithRSAEncryption
b5:5b:81:22:c6:ae:b2:77:fc:08:72:37:d4:44:35:89:0f:03:
62:ea:55:52:2b:91:78:64:83:64:93:b8:ca:87:8d:81:41:57:
23:ad:0d:88:8f:13:2e:e3:15:96:b5:2b:95:af:3a:34:ca:5d:
ff:4c:d5:30:37:81:85:1a:34:69:97:5f:68:6c:00:da:33:aa:
0b:83:be:51:d1:cc:fc:19:7f:22:29:44:5e:72:33:a6:c8:e9:
98:9e:89:ff:f9:ef:c3:eb:b7:38:75:e7:9c:81:3c:50:d9:ab:
46:fe:56:5e:b5:95:e1:27:fb:47:3e:ea:35:4b:da:64:d1:3d:
0d:e7:bf:2d:15:36:8a:7b:86:ca:3a:fa:d8:da:b8:61:fe:29:
72:ca:3f:3c:31:66:64:91:3c:38:86:a0:50:e2:3e:20:9f:23:
f8:bf:59:c5:18:e9:7d:44:eb:53:2a:9d:d9:b2:bc:8d:23:44:
bc:94:33:07:47:7e:fd:e7:db:25:04:d5:9e:44:25:8c:45:ae:
85:52:6e:2b:34:55:fd:a1:34:17:8d:b3:94:4a:e8:f8:61:6c:
37:3a:e5:09:dc:ee:98:dc:03:0a:79:11:98:49:29:00:6c:12:
a5:91:05:9c:91:69:ba:31:32:30:41:89:b3:3d:aa:ef:b8:5c:
18:f1:af:80
-----BEGIN CERTIFICATE-----
MIIGmDCCBYCgAwIBAgIDAOHLMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDUzMTE2MzE1M1oXDTI2MTAwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNmExYzYyNzktODMyMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzxlSfsZVTZHUz7YJjSb+lbFaaG70C+lu4B6WWsNpMCuDU76CPLZeobPRJJ
DRKa3Wi+OI2jBWTC0TyRRh3Hg52HbbIH/0GQjRaODH4NN9cvPoYc2mDYhzNKP5xn
d7j3UHAawvCBDfg9iNYaLskPOLQAXcBuhT+84gFC9CG5sX7EC20LWu9TQhhp31Ya
JhoQm0bIU/zYOJwKG4CLedqNIL15JDz8/evoqyVhSmBdz0T1XVeo4ztcfyzWE+H1
6dn2UKqVG0XlC9aim7ncNR3AJD7YYoX6O022Cp0MU6MaMCHpYKg9WkOI0XUUJgAG
n+GB3O+Pb+kLP1oEf+k6gzKHd3UCAwEAAaOCA7swggO3MB0GA1UdDgQWBBTMVEI2
STlrbKYeaPg125w8VEzgIzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0I3OTU2NzhB
OEQ0QjExRjA4NzJFMTgyOEM0RjlBRTAyLnJvYTCCAXgGCCsGAQUFBwEHAQH/BIIB
ZzCCAWMwggFQBAIAATCCAUgDBAABBogwDAMEAQEG4gMEAAEG5AMEAAEHjgMEAAEH
lzAMAwQAAQehAwQAAQeiAwQAAQe0MAwDBAMBB8gDBAABB8oDBAIr44QDBAItf9AD
BAItf+QDBAItf+wDBAIt+egwDAMEAjpUFAMEAjpUGAMEAjuYUAMEAj0OzAMEAmcH
gAMEAmcP5AMEAmc7jAMEAmdGPAMEAmd4HAMEAmfEvAMEAmfE2AMEAmfE4DAMAwQC
Z8UkAwQCZ8UoAwQCZ8VQAwQCZ8VkMAwDBAJnxXwDBAJnxYADBANnxYgwDAMEAmfI
TAMEAmfIUAMEAmfIWAMEAmfLUAMEAWfa5AMEAm/rRAMEAnKGEAMEAMqxmQMEAMqx
nQMEAtq5+AMEAtyegAMEAtyekAMEA9yeqDAMAwQC3J60AwQC3J64AwQC3x94AwQA
3x+fAwQA3x+uMA0EAgACMAcDBQAkAawgMA0GCSqGSIb3DQEBCwUAA4IBAQC1W4Ei
xq6yd/wIcjfURDWJDwNi6lVSK5F4ZINkk7jKh42BQVcjrQ2IjxMu4xWWtSuVrzo0
yl3/TNUwN4GFGjRpl19obADaM6oLg75R0cz8GX8iKURecjOmyOmYnon/+e/D67c4
deecgTxQ2atG/lZetZXhJ/tHPuo1S9pk0T0N578tFTaKe4bKOvrY2rhh/ilyyj88
MWZkkTw4hqBQ4j4gnyP4v1nFGOl9ROtTKp3ZsryNI0S8lDMHR37959slBNWeRCWM
Ra6FUm4rNFX9oTQXjbOUSuj4YWw3OuUJ3O6Y3AMKeRGYSSkAbBKlkQWckWm6MTIw
QYmzParvuFwY8a+A
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:07:55 2026 by rpki-client