Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919D530/5E55F656406411EFA3C5B827C4F9AE02/A48F17F6406411EF96445E28C4F9AE02.roa
File: A48F17F6406411EF96445E28C4F9AE02.roa (raw, json)
Hash identifier: CdkT5dlRZ/vvpFzjTXgJOX0HQjCKf6pR+uaWpjhgh5k=
Subject key identifier: 38:F5:77:09:E7:80:47:79:85:68:DA:C2:36:B0:9D:51:84:7A:67:83
Certificate issuer: /CN=A919D530/serialNumber=82E42386CD01F88680DD300DFBFFA2B6D2E7E4E6
Certificate serial: 0173
Authority key identifier: 82:E4:23:86:CD:01:F8:86:80:DD:30:0D:FB:FF:A2:B6:D2:E7:E4:E6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/guQjhs0B-IaA3TAN-_-ittLn5OY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919D530/5E55F656406411EFA3C5B827C4F9AE02/A48F17F6406411EF96445E28C4F9AE02.roa
Signing time: Wed 17 Jun 2026 15:44:31 +0000
ROA not before: Wed 17 Jun 2026 15:44:31 +0000
ROA not after: Fri 28 May 2027 00:00:00 +0000
asID: 56067
IP address blocks: 103.30.124.0/22 maxlen: 22
103.30.124.0/24 maxlen: 24
103.30.125.0/24 maxlen: 24
103.30.126.0/24 maxlen: 24
103.30.127.0/24 maxlen: 24
119.59.96.0/19 maxlen: 19
119.59.96.0/24 maxlen: 24
119.59.97.0/24 maxlen: 24
119.59.98.0/24 maxlen: 24
119.59.99.0/24 maxlen: 24
119.59.100.0/24 maxlen: 24
119.59.101.0/24 maxlen: 24
119.59.102.0/24 maxlen: 24
119.59.103.0/24 maxlen: 24
119.59.104.0/24 maxlen: 24
119.59.105.0/24 maxlen: 24
119.59.106.0/24 maxlen: 24
119.59.107.0/24 maxlen: 24
119.59.108.0/24 maxlen: 24
119.59.109.0/24 maxlen: 24
119.59.110.0/24 maxlen: 24
119.59.111.0/24 maxlen: 24
119.59.112.0/24 maxlen: 24
119.59.113.0/24 maxlen: 24
119.59.114.0/24 maxlen: 24
119.59.115.0/24 maxlen: 24
119.59.116.0/24 maxlen: 24
119.59.117.0/24 maxlen: 24
119.59.118.0/24 maxlen: 24
119.59.119.0/24 maxlen: 24
119.59.120.0/24 maxlen: 24
119.59.121.0/24 maxlen: 24
119.59.122.0/24 maxlen: 24
119.59.123.0/24 maxlen: 24
119.59.124.0/24 maxlen: 24
119.59.125.0/24 maxlen: 24
119.59.126.0/24 maxlen: 24
119.59.127.0/24 maxlen: 24
2404:8240::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919D530/5E55F656406411EFA3C5B827C4F9AE02/guQjhs0B-IaA3TAN-_-ittLn5OY.crl
rsync://rpki.apnic.net/member_repository/A919D530/5E55F656406411EFA3C5B827C4F9AE02/guQjhs0B-IaA3TAN-_-ittLn5OY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/guQjhs0B-IaA3TAN-_-ittLn5OY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 30 Jun 2026 04:58:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 371 (0x173)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919D530, serialNumber=82E42386CD01F88680DD300DFBFFA2B6D2E7E4E6
Validity
Not Before: Jun 17 15:44:31 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=6a32c0df-62ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:af:31:61:e4:76:e8:17:56:26:54:11:a5:fc:
06:a2:85:2b:9d:c1:f0:10:7c:e9:8c:50:e6:47:35:
1e:04:a8:7d:5f:23:b4:be:cd:0f:c9:43:6c:0d:7a:
d6:06:dd:d1:bd:b7:56:57:d9:f9:27:2a:55:f4:93:
f4:06:21:b4:47:19:95:f0:4e:0b:23:d1:e5:8a:dd:
6a:64:5a:3e:de:75:13:12:20:a5:59:97:00:30:30:
ab:61:91:02:50:f5:cd:69:ac:7e:9b:02:be:64:0f:
29:68:31:61:e0:2d:77:78:55:da:20:6d:4b:83:a8:
75:c6:4b:29:bf:3c:ac:2b:7d:99:b9:8c:91:f1:ca:
13:b6:01:a6:e1:4c:c5:e2:fc:ce:fa:35:2e:39:47:
c7:ed:13:50:c7:66:17:6a:b0:c3:c7:10:dc:39:93:
fc:59:25:9f:df:32:8a:16:73:d6:1d:4e:59:a0:77:
a4:2b:93:36:67:a9:d0:a2:76:2c:1c:f5:be:44:b6:
5f:6a:dd:1e:df:a3:5e:3e:af:6b:81:42:3e:2c:49:
ef:ee:de:9f:9b:79:1a:8a:a8:5c:82:6f:f7:33:78:
ad:b4:9f:c8:86:dc:c1:5f:a1:d3:99:f3:de:67:15:
c5:1e:01:99:17:f2:64:6f:30:2b:ed:e6:f6:3e:32:
da:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:F5:77:09:E7:80:47:79:85:68:DA:C2:36:B0:9D:51:84:7A:67:83
X509v3 Authority Key Identifier:
keyid:82:E4:23:86:CD:01:F8:86:80:DD:30:0D:FB:FF:A2:B6:D2:E7:E4:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919D530/5E55F656406411EFA3C5B827C4F9AE02/guQjhs0B-IaA3TAN-_-ittLn5OY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/guQjhs0B-IaA3TAN-_-ittLn5OY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919D530/5E55F656406411EFA3C5B827C4F9AE02/A48F17F6406411EF96445E28C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.30.124.0/22
119.59.96.0/19
IPv6:
2404:8240::/32
Signature Algorithm: sha256WithRSAEncryption
92:96:a1:47:45:b4:26:08:67:00:e4:5c:b4:5d:07:ab:ba:c2:
23:12:2e:17:c4:61:3c:56:ef:17:da:47:e6:4d:91:ce:63:6e:
0d:90:d4:7e:11:36:63:33:35:3d:68:f1:9a:66:14:0b:56:6c:
2d:c2:92:e6:99:28:99:51:27:8a:ab:8a:dc:7a:1b:51:e2:13:
de:8d:70:21:12:76:3d:58:12:74:9e:2a:40:71:85:77:32:94:
38:82:da:52:f2:e1:60:25:ba:cd:c4:92:25:ba:1b:67:df:e2:
f4:a5:f0:53:87:18:56:bb:56:db:cf:39:dc:17:6c:a8:f0:8d:
68:01:a9:07:1f:92:86:82:79:af:e8:43:ca:b4:7e:44:68:b9:
f2:8e:b0:98:6a:a9:ae:c9:dc:ba:9b:f8:f1:4f:fb:ad:ed:bd:
00:ab:6b:24:5b:0d:a5:a2:c3:97:1f:c3:b7:3a:84:ef:58:96:
2d:ec:7b:74:a5:0c:2d:cb:a4:78:65:20:ea:2e:93:d5:40:ce:
73:43:48:b9:17:85:96:9b:43:a2:67:5c:5d:af:00:e8:a5:34:
a2:5d:94:5e:ef:49:26:b3:3c:6b:ac:7e:8d:00:39:33:80:06:
b7:58:6a:f5:81:a1:8e:b8:4d:ae:ec:6e:9e:28:b9:c7:39:8c:
6e:e5:b1:c4
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgICAXMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUQ1MzAxMTAvBgNVBAUTKDgyRTQyMzg2Q0QwMUY4ODY4MEREMzAwREZCRkZBMkI2
RDJFN0U0RTYwHhcNMjYwNjE3MTU0NDMxWhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02YTMyYzBkZi02MmVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvq8xYeR26BdWJlQRpfwGooUrncHwEHzpjFDmRzUeBKh9XyO0vs0PyUNsDXrW
Bt3RvbdWV9n5JypV9JP0BiG0RxmV8E4LI9Hlit1qZFo+3nUTEiClWZcAMDCrYZEC
UPXNaax+mwK+ZA8paDFh4C13eFXaIG1Lg6h1xkspvzysK32ZuYyR8coTtgGm4UzF
4vzO+jUuOUfH7RNQx2YXarDDxxDcOZP8WSWf3zKKFnPWHU5ZoHekK5M2Z6nQonYs
HPW+RLZfat0e36NePq9rgUI+LEnv7t6fm3kaiqhcgm/3M3ittJ/IhtzBX6HTmfPe
ZxXFHgGZF/JkbzAr7eb2PjLaTwIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFDj1dwnn
gEd5hWjawjawnVGEemeDMB8GA1UdIwQYMBaAFILkI4bNAfiGgN0wDfv/orbS5+Tm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RDUzMC81RTU1RjY1NjQw
NjQxMUVGQTNDNUI4MjdDNEY5QUUwMi9ndVFqaHMwQi1JYUEzVEFOLV8taXR0TG41
T1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d1UWpoczBCLUlhQTNUQU4tXy1pdHRMbjVPWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUQ1MzAvNUU1NUY2NTY0MDY0MTFFRkEzQzVCODI3QzRGOUFFMDIvQTQ4RjE3RjY0
MDY0MTFFRjk2NDQ1RTI4QzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS
BAIAATAMAwQCZx58AwQFdztgMA0EAgACMAcDBQAkBIJAMA0GCSqGSIb3DQEBCwUA
A4IBAQCSlqFHRbQmCGcA5Fy0XQerusIjEi4XxGE8Vu8X2kfmTZHOY24NkNR+ETZj
MzU9aPGaZhQLVmwtwpLmmSiZUSeKq4rcehtR4hPejXAhEnY9WBJ0nipAcYV3MpQ4
gtpS8uFgJbrNxJIluhtn3+L0pfBThxhWu1bbzzncF2yo8I1oAakHH5KGgnmv6EPK
tH5EaLnyjrCYaqmuydy6m/jxT/ut7b0Aq2skWw2losOXH8O3OoTvWJYt7Ht0pQwt
y6R4ZSDqLpPVQM5zQ0i5F4WWm0OiZ1xdrwDopTSiXZRe70kmszxrrH6NADkzgAa3
WGr1gaGOuE2u7G6eKLnHOYxu5bHE
-----END CERTIFICATE-----
Generated at Wed Jun 24 12:37:45 2026 by rpki-client