Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E8C8C2CC60BB11F1973C9C268047A888.roa
File: E8C8C2CC60BB11F1973C9C268047A888.roa (raw, json)
Hash identifier: oqxnlt9/tCRN/666W1erJqI4vTYDVJw2PtdLaa0BwGk=
Subject key identifier: 0C:CC:64:E7:21:19:3A:F2:31:66:46:22:73:A0:14:88:4E:CC:A4:C4
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: EC2C
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E8C8C2CC60BB11F1973C9C268047A888.roa
Signing time: Fri 05 Jun 2026 08:52:41 +0000
ROA not before: Fri 05 Jun 2026 08:52:41 +0000
ROA not after: Thu 01 Oct 2026 00:00:00 +0000
asID: 17439
IP address blocks: 43.225.0.0/22 maxlen: 24
45.64.12.0/24 maxlen: 24
45.251.76.0/22 maxlen: 24
49.213.48.0/23 maxlen: 24
103.19.52.0/22 maxlen: 24
103.55.244.0/22 maxlen: 24
103.70.160.0/22 maxlen: 24
103.83.220.0/22 maxlen: 24
103.96.95.0/24 maxlen: 24
103.100.80.0/22 maxlen: 24
103.115.194.0/24 maxlen: 24
103.116.60.0/22 maxlen: 24
103.138.136.0/22 maxlen: 24
103.143.38.0/24 maxlen: 24
103.170.114.0/24 maxlen: 24
103.171.44.0/23 maxlen: 24
103.174.54.0/23 maxlen: 23
103.175.22.0/24 maxlen: 24
103.175.23.0/24 maxlen: 24
103.175.163.0/24 maxlen: 24
103.181.20.0/23 maxlen: 24
103.214.114.0/24 maxlen: 24
103.214.115.0/24 maxlen: 24
103.214.122.0/23 maxlen: 24
103.225.99.0/24 maxlen: 24
103.226.224.0/24 maxlen: 24
103.228.103.0/24 maxlen: 24
103.235.104.0/22 maxlen: 22
103.239.136.0/22 maxlen: 24
103.247.97.0/24 maxlen: 24
103.247.98.0/24 maxlen: 24
137.59.204.0/22 maxlen: 24
203.112.136.0/21 maxlen: 24
203.112.144.0/21 maxlen: 24
2001:df0:3a00::/48 maxlen: 48
2001:df2:f980::/48 maxlen: 48
2400:11e0:1::/48 maxlen: 48
2407:e9c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Jun 2026 09:04:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60460 (0xec2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jun 5 08:52:41 2026 GMT
Not After : Oct 1 00:00:00 2026 GMT
Subject: CN=6a228e59-2173
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:bb:19:e7:21:18:c4:29:c2:a0:9c:19:35:36:
ad:0d:a6:c6:b4:cf:bb:03:cf:87:a6:69:c9:63:e8:
3b:bd:de:4b:71:f8:95:d0:94:27:33:e8:4c:ba:04:
f2:45:ed:35:4e:6b:62:f1:7f:c8:0b:2a:02:a5:a0:
2a:8e:e1:00:dc:27:78:b2:33:f9:18:04:c1:27:ac:
11:cf:90:36:ab:4d:02:a4:21:84:9c:2c:0d:52:bf:
d3:ed:f6:6e:6d:68:a6:72:ae:92:d9:c4:11:2a:bf:
6a:40:7c:7b:c2:16:08:71:33:5c:52:25:ff:36:01:
a6:1d:7b:24:08:6f:a6:1f:98:4b:35:85:f1:f7:71:
6c:98:5a:5e:6d:92:3b:ae:9b:0a:37:8c:1c:50:4e:
c0:59:9c:a1:b0:05:37:7f:be:c5:3b:90:59:dc:81:
9a:b3:15:ac:c4:8f:eb:40:e7:74:5f:02:da:2f:ee:
eb:45:29:2e:a6:62:6d:72:81:93:2b:12:d2:9e:b6:
c1:e8:2c:9c:2c:d6:fa:63:38:ce:b8:eb:77:df:b3:
b5:42:92:62:63:4b:5e:3e:66:32:49:ed:15:33:45:
13:36:50:e3:4f:5e:da:e9:fa:2c:ae:d7:7f:2d:5d:
6d:5b:c8:ab:a9:22:ff:66:b3:69:81:96:63:8d:ac:
c0:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:CC:64:E7:21:19:3A:F2:31:66:46:22:73:A0:14:88:4E:CC:A4:C4
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E8C8C2CC60BB11F1973C9C268047A888.roa
sbgp-ipAddrBlock: critical
IPv4:
43.225.0.0/22
45.64.12.0/24
45.251.76.0/22
49.213.48.0/23
103.19.52.0/22
103.55.244.0/22
103.70.160.0/22
103.83.220.0/22
103.96.95.0/24
103.100.80.0/22
103.115.194.0/24
103.116.60.0/22
103.138.136.0/22
103.143.38.0/24
103.170.114.0/24
103.171.44.0/23
103.174.54.0/23
103.175.22.0/23
103.175.163.0/24
103.181.20.0/23
103.214.114.0/23
103.214.122.0/23
103.225.99.0/24
103.226.224.0/24
103.228.103.0/24
103.235.104.0/22
103.239.136.0/22
103.247.97.0-103.247.98.255
137.59.204.0/22
203.112.136.0-203.112.151.255
IPv6:
2001:df0:3a00::/48
2001:df2:f980::/48
2400:11e0:1::/48
2407:e9c0::/48
Signature Algorithm: sha256WithRSAEncryption
91:bb:76:bf:b3:5f:3c:5a:ef:a4:20:c5:41:94:36:79:1b:b0:
35:51:d5:db:fe:79:df:79:0b:b0:77:39:51:9e:3b:d7:b4:63:
38:57:70:b3:e7:ca:dc:b8:ea:c6:14:6b:b2:ff:37:fa:38:b1:
2d:38:09:78:7f:5d:5b:3f:fc:b8:f1:87:a2:62:8a:b5:f0:37:
82:84:9c:32:b7:7c:5d:d8:5c:a9:76:02:a9:b3:a4:c7:bb:fe:
94:c3:56:aa:9a:da:9b:1d:8b:bc:a8:8a:88:43:6f:5a:39:81:
39:aa:48:66:00:74:a4:59:52:77:95:98:27:a8:1b:37:da:bf:
76:d4:8d:1e:7f:28:76:28:c3:6e:3d:f5:82:36:6d:11:5b:99:
76:44:4d:de:69:96:2a:c6:d3:9e:b9:bd:b0:d3:f7:c2:12:b5:
9e:b2:91:4f:ed:36:14:3b:dc:2f:72:81:58:87:ff:fb:a0:4d:
ee:6d:12:a3:d2:d8:89:75:bd:d8:c6:21:dc:dc:f9:54:af:cb:
1a:8b:58:a6:f4:5b:0c:b0:d3:7d:fc:13:f1:01:d1:e3:d5:b7:
0e:bf:56:dd:67:02:af:58:7c:69:ee:5a:51:43:0a:31:4d:d2:
c6:ad:a0:9f:82:50:46:71:66:d7:ac:f9:3b:3d:f0:e2:d5:01:
8c:03:39:bf
-----BEGIN CERTIFICATE-----
MIIGLTCCBRWgAwIBAgIDAOwsMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDYwNTA4NTI0MVoXDTI2MTAwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNmEyMjhlNTktMjE3MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALu7GechGMQpwqCcGTU2rQ2mxrTPuwPPh6ZpyWPoO73eS3H4ldCUJzPoTLoE
8kXtNU5rYvF/yAsqAqWgKo7hANwneLIz+RgEwSesEc+QNqtNAqQhhJwsDVK/0+32
bm1opnKuktnEESq/akB8e8IWCHEzXFIl/zYBph17JAhvph+YSzWF8fdxbJhaXm2S
O66bCjeMHFBOwFmcobAFN3++xTuQWdyBmrMVrMSP60DndF8C2i/u60UpLqZibXKB
kysS0p62wegsnCzW+mM4zrjrd9+ztUKSYmNLXj5mMkntFTNFEzZQ409e2un6LK7X
fy1dbVvIq6ki/2azaYGWY42swLcCAwEAAaOCA1AwggNMMB0GA1UdDgQWBBQMzGTn
IRk68jFmRiJzoBSITsykxDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0U4QzhDMkND
NjBCQjExRjE5NzNDOUMyNjgwNDdBODg4LnJvYTCCAQ0GCCsGAQUFBwEHAQH/BIH9
MIH6MIHLBAIAATCBxAMEAivhAAMEAC1ADAMEAi37TAMEATHVMAMEAmcTNAMEAmc3
9AMEAmdGoAMEAmdT3AMEAGdgXwMEAmdkUAMEAGdzwgMEAmd0PAMEAmeKiAMEAGeP
JgMEAGeqcgMEAWerLAMEAWeuNgMEAWevFgMEAGevowMEAWe1FAMEAWfWcgMEAWfW
egMEAGfhYwMEAGfi4AMEAGfkZwMEAmfraAMEAmfviDAMAwQAZ/dhAwQAZ/diAwQC
iTvMMAwDBAPLcIgDBAPLcJAwKgQCAAIwJAMHACABDfA6AAMHACABDfL5gAMHACQA
EeAAAQMHACQH6cAAADANBgkqhkiG9w0BAQsFAAOCAQEAkbt2v7NfPFrvpCDFQZQ2
eRuwNVHV2/5533kLsHc5UZ4717RjOFdws+fK3LjqxhRrsv83+jixLTgJeH9dWz/8
uPGHomKKtfA3goScMrd8XdhcqXYCqbOkx7v+lMNWqpramx2LvKiKiENvWjmBOapI
ZgB0pFlSd5WYJ6gbN9q/dtSNHn8odijDbj31gjZtEVuZdkRN3mmWKsbTnrm9sNP3
whK1nrKRT+02FDvcL3KBWIf/+6BN7m0So9LYiXW92MYh3Nz5VK/LGotYpvRbDLDT
ffwT8QHR49W3Dr9W3WcCr1h8ae5aUUMKMU3Sxq2gn4JQRnFm16z5Oz3w4tUBjAM5
vw==
-----END CERTIFICATE-----
Generated at Sat Jun 6 12:06:15 2026 by rpki-client