Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D7C7E520420711F1A013ED56C4833773.roa
File: D7C7E520420711F1A013ED56C4833773.roa (raw, json)
Hash identifier: ijgzfBjQJ4JTgubGKMVSMjETJ4pgZRNxQf9PolUYwE8=
Subject key identifier: 31:9D:FC:C2:F0:A2:19:99:24:42:FF:C2:4D:59:8E:95:A7:40:FC:09
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: E47E
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D7C7E520420711F1A013ED56C4833773.roa
Signing time: Sun 31 May 2026 16:54:18 +0000
ROA not before: Sun 31 May 2026 16:54:18 +0000
ROA not after: Thu 01 Oct 2026 00:00:00 +0000
asID: 136308
IP address blocks: 43.240.232.0/24 maxlen: 24
43.240.233.0/24 maxlen: 24
103.62.150.0/23 maxlen: 24
103.141.112.0/23 maxlen: 24
103.167.210.0/23 maxlen: 24
103.188.18.0/23 maxlen: 24
103.189.56.0/23 maxlen: 24
2001:df5:f0c0::/48 maxlen: 48
2001:df6:f140::/48 maxlen: 48
2401:ea20::/32 maxlen: 32
2403:7340::/32 maxlen: 32
2403:7340::/48 maxlen: 48
2403:7340:1::/48 maxlen: 48
2403:7340:2::/48 maxlen: 48
2403:7340:3::/48 maxlen: 48
2403:7340:4::/48 maxlen: 48
2403:7340:5::/48 maxlen: 48
2403:7340:6::/48 maxlen: 48
2403:7340:7::/48 maxlen: 48
2403:7340:8::/48 maxlen: 48
2403:7340:9::/48 maxlen: 48
2403:7340:a::/48 maxlen: 48
2403:7340:b::/48 maxlen: 48
2403:7340:c::/48 maxlen: 48
2403:7340:d::/48 maxlen: 48
2403:7340:e::/48 maxlen: 48
2403:7340:f::/48 maxlen: 48
2403:7340:10::/48 maxlen: 48
2403:7340:11::/48 maxlen: 48
2403:7340:12::/48 maxlen: 48
2403:7340:13::/48 maxlen: 48
2403:7340:14::/48 maxlen: 48
2403:7340:15::/48 maxlen: 48
2403:7340:16::/48 maxlen: 48
2403:7340:17::/48 maxlen: 48
2403:7340:7340::/48 maxlen: 48
2403:7340:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Jun 2026 06:09:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58494 (0xe47e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 31 16:54:18 2026 GMT
Not After : Oct 1 00:00:00 2026 GMT
Subject: CN=6a1c67ba-8d13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:79:78:92:df:7e:fe:88:fe:3f:e3:15:ec:d9:
5a:b9:dd:ba:48:61:0b:9b:a4:8d:df:31:9f:6b:91:
a2:e0:f4:26:33:38:22:b7:5d:33:36:51:2a:12:57:
08:8f:3a:24:72:60:d5:3c:e3:de:4b:c1:f6:a5:1e:
75:33:c9:ef:0b:f4:a2:03:0c:ba:ab:11:58:89:d6:
67:17:42:bc:ab:40:ed:9f:63:f6:9f:17:af:07:17:
8c:24:bc:eb:0d:04:71:a2:83:aa:e9:a1:04:76:3d:
b6:e0:14:a2:3d:7d:70:7f:d8:ce:1a:9a:cb:b7:c3:
17:16:32:8f:3f:b5:9c:75:e9:d0:3f:95:90:c6:83:
b8:f7:ff:d5:a2:03:57:27:ff:5f:7a:31:e4:ca:18:
31:4b:b4:6f:71:bd:ba:be:76:63:9c:5e:d8:a4:a8:
22:69:ff:d2:31:17:f8:e1:ba:10:ef:52:37:27:83:
7d:94:88:21:c8:63:df:a8:37:72:16:c2:e3:05:9c:
7b:0c:a6:8f:07:ec:b2:c6:d3:f0:c5:77:e1:2d:74:
58:ab:93:8f:35:fc:e3:bb:86:9c:cb:a4:9c:51:f1:
28:b6:77:d8:83:7b:e4:37:ac:d0:18:8f:c7:8b:85:
60:fa:ad:cd:dd:8a:67:fb:8f:c1:8f:8f:2a:a8:e7:
c0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:9D:FC:C2:F0:A2:19:99:24:42:FF:C2:4D:59:8E:95:A7:40:FC:09
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D7C7E520420711F1A013ED56C4833773.roa
sbgp-ipAddrBlock: critical
IPv4:
43.240.232.0/23
103.62.150.0/23
103.141.112.0/23
103.167.210.0/23
103.188.18.0/23
103.189.56.0/23
IPv6:
2001:df5:f0c0::/48
2001:df6:f140::/48
2401:ea20::/32
2403:7340::/32
Signature Algorithm: sha256WithRSAEncryption
09:2e:ae:3a:78:60:a1:7d:a6:80:8d:3a:1e:7a:0a:e3:e6:83:
6d:c0:36:ac:2c:54:0b:24:5d:d1:03:68:2e:08:ae:ac:75:a7:
ec:dc:a4:20:fa:ab:4f:2f:8f:a4:2b:27:fa:2c:ca:3b:6e:40:
3d:44:b3:ab:01:44:1f:c7:a6:7b:a8:9e:c7:fb:03:9f:9d:09:
17:6d:85:95:20:fa:9c:11:ee:5c:07:5d:08:0f:ec:6d:ea:96:
2f:91:44:3d:d0:d5:d7:77:21:65:fc:ac:e5:b3:02:9d:65:8b:
87:48:ee:15:82:a6:d4:11:b0:c6:6c:be:f5:d0:04:61:4d:55:
82:a2:84:cf:f8:b9:2b:b4:cb:1c:21:23:03:1c:b2:44:18:fd:
61:88:9e:7b:83:6b:6b:af:0d:1e:0e:65:ef:27:90:d2:13:d2:
a9:ea:df:22:22:cb:13:0a:cc:37:a0:9e:09:78:3c:f5:76:9b:
83:03:b2:4d:63:3e:e2:e8:fd:96:5f:dc:3c:fb:3d:c9:e6:e4:
f9:e7:02:4c:a8:c3:7e:4d:26:1a:69:86:b2:c4:f6:4e:91:6c:
b2:1a:84:59:a1:ef:a5:ed:51:25:33:46:b8:af:50:df:26:a2:
df:f2:77:ce:27:d5:6a:7c:d6:1f:5b:d0:2b:33:d0:e9:d1:4e:
c6:a9:99:a3
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIDAOR+MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDUzMTE2NTQxOFoXDTI2MTAwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNmExYzY3YmEtOGQxMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJp5eJLffv6I/j/jFezZWrndukhhC5ukjd8xn2uRouD0JjM4IrddMzZRKhJX
CI86JHJg1Tzj3kvB9qUedTPJ7wv0ogMMuqsRWInWZxdCvKtA7Z9j9p8XrwcXjCS8
6w0EcaKDqumhBHY9tuAUoj19cH/Yzhqay7fDFxYyjz+1nHXp0D+VkMaDuPf/1aID
Vyf/X3ox5MoYMUu0b3G9ur52Y5xe2KSoImn/0jEX+OG6EO9SNyeDfZSIIchj36g3
chbC4wWcewymjwfsssbT8MV34S10WKuTjzX847uGnMuknFHxKLZ32IN75Des0BiP
x4uFYPqtzd2KZ/uPwY+PKqjnwPkCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBQxnfzC
8KIZmSRC/8JNWY6Vp0D8CTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0Q3QzdFNTIw
NDIwNzExRjFBMDEzRUQ1NkM0ODMzNzczLnJvYTBlBggrBgEFBQcBBwEB/wRWMFQw
KgQCAAEwJAMEASvw6AMEAWc+lgMEAWeNcAMEAWen0gMEAWe8EgMEAWe9ODAmBAIA
AjAgAwcAIAEN9fDAAwcAIAEN9vFAAwUAJAHqIAMFACQDc0AwDQYJKoZIhvcNAQEL
BQADggEBAAkurjp4YKF9poCNOh56CuPmg23ANqwsVAskXdEDaC4Irqx1p+zcpCD6
q08vj6QrJ/osyjtuQD1Es6sBRB/Hpnuonsf7A5+dCRdthZUg+pwR7lwHXQgP7G3q
li+RRD3Q1dd3IWX8rOWzAp1li4dI7hWCptQRsMZsvvXQBGFNVYKihM/4uSu0yxwh
IwMcskQY/WGInnuDa2uvDR4OZe8nkNIT0qnq3yIiyxMKzDegngl4PPV2m4MDsk1j
PuLo/ZZf3Dz7Pcnm5PnnAkyow35NJhpphrLE9k6RbLIahFmh76XtUSUzRrivUN8m
ot/yd84n1Wp81h9b0Csz0OnRTsapmaM=
-----END CERTIFICATE-----
Generated at Thu Jun 4 10:00:20 2026 by rpki-client