Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E9DBE7221E8411F0A85F5565C4F9AE02.roa
File: E9DBE7221E8411F0A85F5565C4F9AE02.roa (raw, json)
Hash identifier: UnLgh3lPO4vUY4av+ib9DqaFlFGJsM3wtSD5wL8gAcI=
Subject key identifier: 9B:2F:D3:A8:13:8A:76:72:E5:07:C3:F4:09:53:27:04:AB:DB:86:30
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: E1F7
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E9DBE7221E8411F0A85F5565C4F9AE02.roa
Signing time: Sun 31 May 2026 16:33:19 +0000
ROA not before: Sun 31 May 2026 16:33:19 +0000
ROA not after: Thu 01 Oct 2026 00:00:00 +0000
asID: 132770
IP address blocks: 43.227.20.0/22 maxlen: 24
43.228.72.0/22 maxlen: 24
43.241.24.0/22 maxlen: 24
45.119.57.0/24 maxlen: 24
45.119.58.0/24 maxlen: 24
45.119.59.0/24 maxlen: 24
45.252.72.0/22 maxlen: 24
103.59.104.0/24 maxlen: 24
103.81.36.0/22 maxlen: 24
103.93.240.0/24 maxlen: 24
103.93.241.0/24 maxlen: 24
103.93.242.0/24 maxlen: 24
103.93.243.0/24 maxlen: 24
103.94.56.0/22 maxlen: 23
103.94.57.0/24 maxlen: 24
103.94.59.0/24 maxlen: 24
103.125.72.0/23 maxlen: 24
103.126.68.0/22 maxlen: 24
103.148.121.0/24 maxlen: 24
103.178.206.0/23 maxlen: 24
103.184.86.0/24 maxlen: 24
103.184.87.0/24 maxlen: 24
103.204.36.0/22 maxlen: 24
103.211.60.0/24 maxlen: 24
103.211.61.0/24 maxlen: 24
103.211.62.0/24 maxlen: 24
103.211.63.0/24 maxlen: 24
103.221.72.0/22 maxlen: 24
103.239.84.0/22 maxlen: 24
103.241.80.0/22 maxlen: 24
103.243.112.0/22 maxlen: 24
103.249.240.0/22 maxlen: 24
103.251.208.0/22 maxlen: 24
103.254.52.0/22 maxlen: 24
150.129.128.0/22 maxlen: 24
150.129.156.0/22 maxlen: 24
163.53.200.0/22 maxlen: 24
202.136.68.0/22 maxlen: 24
2401:73e0::/32 maxlen: 32
2404:4980::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Jun 2026 06:09:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57847 (0xe1f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 31 16:33:19 2026 GMT
Not After : Oct 1 00:00:00 2026 GMT
Subject: CN=6a1c62cf-fcdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:45:78:02:b8:62:05:f5:3f:c3:5e:4e:98:35:
73:b2:1a:ed:8a:a7:55:61:18:ea:8d:db:84:76:67:
8a:95:0d:df:e8:1b:cb:f0:60:76:f4:dc:1a:c5:be:
e5:04:86:31:c0:ca:9d:c1:07:63:47:14:37:30:af:
e9:ea:3e:92:a7:e6:e8:8c:c3:af:1f:20:29:c3:7a:
e0:5f:8b:5e:cf:c3:40:c1:10:64:a5:53:6c:77:26:
a4:ad:f7:8b:22:5d:9a:30:e5:57:89:f5:79:99:00:
33:db:0b:d8:81:27:d9:8c:24:11:4e:89:f2:bc:92:
41:3c:d4:ae:4a:4d:a5:2a:b4:48:ec:35:93:91:87:
aa:88:0d:01:14:d4:24:09:1a:88:e7:f7:a6:78:6b:
60:5e:54:5c:f7:9f:0e:cf:fd:b2:a0:b6:bd:df:26:
ba:86:27:9c:f2:92:c7:2d:37:75:6e:8d:0b:03:9d:
24:e2:f1:c7:2b:b7:2b:98:88:4b:9f:99:9c:a1:6b:
29:8b:4d:8e:bf:2e:62:8e:8e:0e:c7:d1:54:c9:f1:
82:a8:89:ac:12:f4:e1:d5:68:09:a8:b7:21:9a:16:
be:82:9e:44:b9:f4:d7:dd:a1:f8:55:cb:7e:dd:04:
83:29:6e:3f:a6:be:85:10:3f:ff:3f:ad:d3:1d:31:
6e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:2F:D3:A8:13:8A:76:72:E5:07:C3:F4:09:53:27:04:AB:DB:86:30
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E9DBE7221E8411F0A85F5565C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.227.20.0/22
43.228.72.0/22
43.241.24.0/22
45.119.57.0-45.119.59.255
45.252.72.0/22
103.59.104.0/24
103.81.36.0/22
103.93.240.0/22
103.94.56.0/22
103.125.72.0/23
103.126.68.0/22
103.148.121.0/24
103.178.206.0/23
103.184.86.0/23
103.204.36.0/22
103.211.60.0/22
103.221.72.0/22
103.239.84.0/22
103.241.80.0/22
103.243.112.0/22
103.249.240.0/22
103.251.208.0/22
103.254.52.0/22
150.129.128.0/22
150.129.156.0/22
163.53.200.0/22
202.136.68.0/22
IPv6:
2401:73e0::/32
2404:4980::/32
Signature Algorithm: sha256WithRSAEncryption
64:f8:27:42:51:35:4d:5f:af:87:35:42:f0:45:af:28:71:44:
cb:88:ad:a4:f9:1f:9f:4f:d1:f2:dd:cc:45:13:c7:19:0a:cb:
d1:71:55:6f:0b:a5:18:65:f4:91:94:9d:e8:ad:dd:97:64:35:
89:5b:c6:67:99:7f:7b:19:f3:57:41:21:c4:9a:8d:94:38:a7:
c7:2d:28:88:fa:78:a6:df:50:7d:4f:b2:fc:7d:bb:18:b7:a2:
a8:14:73:86:d9:77:a0:56:0a:9f:ec:dd:46:6f:e8:b1:f9:60:
42:87:4f:33:fe:21:a8:7a:f2:68:8b:5f:5e:de:6f:43:9d:c0:
8a:91:90:99:9b:fe:6e:f4:00:b1:26:09:e1:64:9e:aa:f5:2e:
de:58:47:13:25:92:82:53:c3:a5:a1:b7:c9:4d:a3:a3:0c:21:
23:3c:0c:52:c1:98:d2:49:d9:5a:b2:fd:1d:cc:ed:0a:af:e8:
24:65:2c:8d:6c:37:94:2d:f8:81:16:5e:2f:0f:51:ee:56:bb:
3f:0e:96:37:7b:a8:fd:fd:7f:93:85:2d:4b:26:44:db:e1:75:
8b:7d:56:fc:af:78:e2:07:4c:27:b3:0f:16:5c:28:7e:e6:ba:
11:81:52:3a:50:a8:b4:5e:23:6e:9d:58:fb:d6:f6:d4:7c:12:
54:31:2e:58
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgIDAOH3MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDUzMTE2MzMxOVoXDTI2MTAwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNmExYzYyY2YtZmNkYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJpFeAK4YgX1P8NeTpg1c7Ia7YqnVWEY6o3bhHZnipUN3+gby/BgdvTcGsW+
5QSGMcDKncEHY0cUNzCv6eo+kqfm6IzDrx8gKcN64F+LXs/DQMEQZKVTbHcmpK33
iyJdmjDlV4n1eZkAM9sL2IEn2YwkEU6J8rySQTzUrkpNpSq0SOw1k5GHqogNARTU
JAkaiOf3pnhrYF5UXPefDs/9sqC2vd8muoYnnPKSxy03dW6NCwOdJOLxxyu3K5iI
S5+ZnKFrKYtNjr8uYo6ODsfRVMnxgqiJrBL04dVoCai3IZoWvoKeRLn0192h+FXL
ft0EgyluP6a+hRA//z+t0x0xbvcCAwEAAaOCAx8wggMbMB0GA1UdDgQWBBSbL9Oo
E4p2cuUHw/QJUycEq9uGMDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0U5REJFNzIy
MUU4NDExRjBBODVGNTU2NUM0RjlBRTAyLnJvYTCB3QYIKwYBBQUHAQcBAf8Egc0w
gcowgbEEAgABMIGqAwQCK+MUAwQCK+RIAwQCK/EYMAwDBAAtdzkDBAItdzgDBAIt
/EgDBABnO2gDBAJnUSQDBAJnXfADBAJnXjgDBAFnfUgDBAJnfkQDBABnlHkDBAFn
ss4DBAFnuFYDBAJnzCQDBAJn0zwDBAJn3UgDBAJn71QDBAJn8VADBAJn83ADBAJn
+fADBAJn+9ADBAJn/jQDBAKWgYADBAKWgZwDBAKjNcgDBALKiEQwFAQCAAIwDgMF
ACQBc+ADBQAkBEmAMA0GCSqGSIb3DQEBCwUAA4IBAQBk+CdCUTVNX6+HNULwRa8o
cUTLiK2k+R+fT9Hy3cxFE8cZCsvRcVVvC6UYZfSRlJ3ord2XZDWJW8ZnmX97GfNX
QSHEmo2UOKfHLSiI+nim31B9T7L8fbsYt6KoFHOG2XegVgqf7N1Gb+ix+WBCh08z
/iGoevJoi19e3m9DncCKkZCZm/5u9ACxJgnhZJ6q9S7eWEcTJZKCU8OlobfJTaOj
DCEjPAxSwZjSSdlasv0dzO0Kr+gkZSyNbDeULfiBFl4vD1HuVrs/DpY3e6j9/X+T
hS1LJkTb4XWLfVb8r3jiB0wnsw8WXCh+5roRgVI6UKi0XiNunVj71vbUfBJUMS5Y
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:05:06 2026 by rpki-client