Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FA175C6222BF11F19CD94C8FBF833773.roa
File: FA175C6222BF11F19CD94C8FBF833773.roa (raw, json)
Hash identifier: s/kMvt1HfQ+SNI8/DQHJJpv+3jvAaNRn8V33ixyt7TU=
Subject key identifier: 63:D3:4A:54:B3:F1:45:73:7F:05:B5:6F:3D:3A:FC:69:C1:C8:CD:F5
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: E22F
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FA175C6222BF11F19CD94C8FBF833773.roa
Signing time: Sun 31 May 2026 16:35:10 +0000
ROA not before: Sun 31 May 2026 16:35:10 +0000
ROA not after: Thu 01 Oct 2026 00:00:00 +0000
asID: 133001
IP address blocks: 43.225.160.0/22 maxlen: 24
43.251.216.0/22 maxlen: 24
45.117.220.0/22 maxlen: 24
45.119.44.0/22 maxlen: 22
45.119.44.0/24 maxlen: 24
45.119.45.0/24 maxlen: 24
45.119.46.0/24 maxlen: 24
45.119.47.0/24 maxlen: 24
103.38.36.0/22 maxlen: 24
103.42.166.0/23 maxlen: 24
103.51.132.0/24 maxlen: 24
103.51.133.0/24 maxlen: 24
103.51.134.0/24 maxlen: 24
103.51.135.0/24 maxlen: 24
103.54.76.0/24 maxlen: 24
103.54.77.0/24 maxlen: 24
103.56.227.0/24 maxlen: 24
103.110.102.0/24 maxlen: 24
103.114.0.0/22 maxlen: 23
103.114.2.0/23 maxlen: 24
103.116.147.0/24 maxlen: 24
103.116.238.0/24 maxlen: 24
103.116.239.0/24 maxlen: 24
103.140.26.0/24 maxlen: 24
103.140.27.0/24 maxlen: 24
103.148.207.0/24 maxlen: 24
103.156.98.0/24 maxlen: 24
103.156.99.0/24 maxlen: 24
103.171.7.0/24 maxlen: 24
103.176.6.0/23 maxlen: 24
103.176.211.0/24 maxlen: 24
103.196.76.0/22 maxlen: 24
103.201.148.0/22 maxlen: 24
111.125.225.0/24 maxlen: 24
183.87.251.0/24 maxlen: 24
183.87.252.0/22 maxlen: 24
202.94.160.0/22 maxlen: 24
2401:b240::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Jun 2026 06:09:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57903 (0xe22f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 31 16:35:10 2026 GMT
Not After : Oct 1 00:00:00 2026 GMT
Subject: CN=6a1c633d-2472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:52:f2:92:42:d0:b3:d8:36:26:25:37:b7:47:
6b:b7:4c:f7:42:92:5d:e0:9f:23:0d:74:7a:b9:8f:
30:22:2e:90:72:76:72:1a:dc:d6:2f:b8:f4:30:ee:
e7:85:ed:a2:8c:44:d6:07:2d:93:a8:6b:14:de:a3:
f1:4b:d0:a0:c4:64:db:21:86:4a:f8:99:73:d2:c2:
6f:a4:fa:bf:75:62:18:94:a9:d3:09:f3:f8:b0:5b:
2f:11:37:ff:14:be:9c:18:71:28:13:78:a5:44:f9:
1d:c9:d1:6a:0b:35:1a:d4:52:1e:0c:91:d3:e4:a8:
7b:f9:00:48:c8:39:09:41:11:8f:fd:cb:b3:63:f5:
11:5b:a7:84:6e:fc:06:54:0b:38:30:3c:46:cc:80:
b3:02:88:df:c3:77:46:08:59:ae:8b:22:62:79:a6:
f5:e0:4f:71:3e:a8:e7:c4:2f:5f:5f:64:c3:c6:18:
14:5c:c9:97:e6:b5:01:de:71:b3:ff:3c:30:a4:36:
8d:f9:24:74:4d:1a:aa:b9:89:55:24:d3:1d:2d:25:
b5:9d:5c:5e:d3:2d:f7:60:36:29:d4:67:77:f9:7b:
3c:62:ba:de:4c:c4:2b:e5:53:3e:84:4c:1d:88:74:
35:de:c7:10:de:9b:a8:83:14:23:6a:5c:a3:14:30:
11:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:D3:4A:54:B3:F1:45:73:7F:05:B5:6F:3D:3A:FC:69:C1:C8:CD:F5
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FA175C6222BF11F19CD94C8FBF833773.roa
sbgp-ipAddrBlock: critical
IPv4:
43.225.160.0/22
43.251.216.0/22
45.117.220.0/22
45.119.44.0/22
103.38.36.0/22
103.42.166.0/23
103.51.132.0/22
103.54.76.0/23
103.56.227.0/24
103.110.102.0/24
103.114.0.0/22
103.116.147.0/24
103.116.238.0/23
103.140.26.0/23
103.148.207.0/24
103.156.98.0/23
103.171.7.0/24
103.176.6.0/23
103.176.211.0/24
103.196.76.0/22
103.201.148.0/22
111.125.225.0/24
183.87.251.0-183.87.255.255
202.94.160.0/22
IPv6:
2401:b240::/32
Signature Algorithm: sha256WithRSAEncryption
99:8d:dc:73:af:91:d2:ab:60:35:af:6f:71:83:b1:06:f8:93:
af:39:46:8e:77:51:96:f3:89:75:f6:aa:8a:1e:c1:fc:44:88:
04:a7:b4:58:d7:0c:fd:a6:6c:5c:ef:39:7d:6e:aa:7d:96:75:
05:53:dd:77:30:c2:57:28:15:06:8e:5d:fc:18:69:cd:52:4d:
5d:96:ea:40:97:cd:9b:e3:26:28:cd:35:f2:70:2e:bd:bc:3f:
e4:9e:7d:a6:27:60:9f:68:57:04:f2:45:bd:6d:af:5d:32:64:
b0:43:ab:a3:b6:b5:68:79:19:18:94:5e:9e:c8:be:c5:8e:2e:
74:df:f4:9a:f2:7b:98:09:2e:6e:d5:74:5c:8c:32:98:38:ad:
bb:d8:f4:6f:06:a1:9a:64:71:d5:a7:dc:74:5b:ef:50:17:52:
da:0a:c0:ed:c6:68:38:9b:37:8c:47:64:2b:db:b6:42:ed:56:
fc:a3:a6:68:14:84:a5:f3:7a:fd:b6:cb:07:2b:3e:26:0b:64:
5b:08:65:bc:f5:e2:06:eb:a0:cf:21:09:ec:d2:0a:f7:e5:aa:
bf:4b:9d:12:6e:cf:a3:cb:e2:53:dd:83:35:d3:e3:7c:fa:b8:
56:3d:27:14:86:1a:1b:c3:f7:ae:04:05:bd:1c:6d:56:0d:8b:
6d:e3:77:ea
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgIDAOIvMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDUzMTE2MzUxMFoXDTI2MTAwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNmExYzYzM2QtMjQ3MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFS8pJC0LPYNiYlN7dHa7dM90KSXeCfIw10ermPMCIukHJ2chrc1i+49DDu
54XtooxE1gctk6hrFN6j8UvQoMRk2yGGSviZc9LCb6T6v3ViGJSp0wnz+LBbLxE3
/xS+nBhxKBN4pUT5HcnRags1GtRSHgyR0+Soe/kASMg5CUERj/3Ls2P1EVunhG78
BlQLODA8RsyAswKI38N3RghZrosiYnmm9eBPcT6o58QvX19kw8YYFFzJl+a1Ad5x
s/88MKQ2jfkkdE0aqrmJVSTTHS0ltZ1cXtMt92A2KdRnd/l7PGK63kzEK+VTPoRM
HYh0Nd7HEN6bqIMUI2pcoxQwETMCAwEAAaOCAwUwggMBMB0GA1UdDgQWBBRj00pU
s/FFc38FtW89OvxpwcjN9TAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0ZBMTc1QzYy
MjJCRjExRjE5Q0Q5NEM4RkJGODMzNzczLnJvYTCBwwYIKwYBBQUHAQcBAf8EgbMw
gbAwgZ4EAgABMIGXAwQCK+GgAwQCK/vYAwQCLXXcAwQCLXcsAwQCZyYkAwQBZyqm
AwQCZzOEAwQBZzZMAwQAZzjjAwQAZ25mAwQCZ3IAAwQAZ3STAwQBZ3TuAwQBZ4wa
AwQAZ5TPAwQBZ5xiAwQAZ6sHAwQBZ7AGAwQAZ7DTAwQCZ8RMAwQCZ8mUAwQAb33h
MAsDBAC3V/sDAwO3UAMEAspeoDANBAIAAjAHAwUAJAGyQDANBgkqhkiG9w0BAQsF
AAOCAQEAmY3cc6+R0qtgNa9vcYOxBviTrzlGjndRlvOJdfaqih7B/ESIBKe0WNcM
/aZsXO85fW6qfZZ1BVPddzDCVygVBo5d/BhpzVJNXZbqQJfNm+MmKM018nAuvbw/
5J59pidgn2hXBPJFvW2vXTJksEOro7a1aHkZGJRensi+xY4udN/0mvJ7mAkubtV0
XIwymDitu9j0bwahmmRx1afcdFvvUBdS2grA7cZoOJs3jEdkK9u2Qu1W/KOmaBSE
pfN6/bbLBys+JgtkWwhlvPXiBuugzyEJ7NIK9+Wqv0udEm7Po8viU92DNdPjfPq4
Vj0nFIYaG8P3rgQFvRxtVg2LbeN36g==
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:05:48 2026 by rpki-client