Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C362/6A08F492257711EFBB0B8251C4F9AE02/6492D4985B9011EF8DB48C24C4F9AE02.roa
File: 6492D4985B9011EF8DB48C24C4F9AE02.roa (raw, json)
Hash identifier: D3M6RgEMS/cnXn4C0dQrw4CN7MjJVHae7RPRWxMOHy4=
Subject key identifier: F7:3B:08:1F:EF:46:00:44:B2:8D:BA:91:8D:24:DE:88:10:37:73:3B
Certificate issuer: /CN=A911C362/serialNumber=EA83AF4A21CBC2071F56956E5DDD584C7638FA5B
Certificate serial: 01B6
Authority key identifier: EA:83:AF:4A:21:CB:C2:07:1F:56:95:6E:5D:DD:58:4C:76:38:FA:5B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6oOvSiHLwgcfVpVuXd1YTHY4-ls.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C362/6A08F492257711EFBB0B8251C4F9AE02/6492D4985B9011EF8DB48C24C4F9AE02.roa
Signing time: Wed 18 Mar 2026 10:59:19 +0000
ROA not before: Wed 18 Mar 2026 10:59:19 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 146943
IP address blocks: 43.230.200.0/24 maxlen: 24
43.230.201.0/24 maxlen: 24
43.230.202.0/24 maxlen: 24
43.230.203.0/24 maxlen: 24
45.64.107.0/24 maxlen: 24
45.113.224.0/24 maxlen: 24
45.113.225.0/24 maxlen: 24
45.113.226.0/24 maxlen: 24
45.113.227.0/24 maxlen: 24
45.120.137.0/24 maxlen: 24
45.120.138.0/24 maxlen: 24
103.13.112.0/24 maxlen: 24
103.13.113.0/24 maxlen: 24
103.13.114.0/24 maxlen: 24
103.13.115.0/24 maxlen: 24
103.26.205.0/24 maxlen: 24
103.26.207.0/24 maxlen: 24
103.250.186.0/24 maxlen: 24
157.119.40.0/24 maxlen: 24
157.119.41.0/24 maxlen: 24
157.119.42.0/24 maxlen: 24
157.119.43.0/24 maxlen: 24
2405:7140:1::/48 maxlen: 48
2405:7140:2::/48 maxlen: 48
2405:7140:4::/48 maxlen: 48
2405:7140:5::/48 maxlen: 48
2405:7140:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911C362/6A08F492257711EFBB0B8251C4F9AE02/6oOvSiHLwgcfVpVuXd1YTHY4-ls.crl
rsync://rpki.apnic.net/member_repository/A911C362/6A08F492257711EFBB0B8251C4F9AE02/6oOvSiHLwgcfVpVuXd1YTHY4-ls.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6oOvSiHLwgcfVpVuXd1YTHY4-ls.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 01 Apr 2026 04:20:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 438 (0x1b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C362, serialNumber=EA83AF4A21CBC2071F56956E5DDD584C7638FA5B
Validity
Not Before: Mar 18 10:59:19 2026 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=69ba8587-0be6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d8:23:31:1f:32:03:c6:ab:62:7d:1e:54:0d:
d0:95:87:0b:eb:92:cf:95:2d:0c:7b:af:b3:db:62:
6c:e8:93:d4:5a:7e:e6:bd:d0:86:87:9b:38:60:bb:
68:00:14:b1:bf:25:7f:0c:8a:ac:70:36:53:1e:b9:
74:be:be:6d:f4:9f:34:e4:01:9e:a4:20:70:15:1d:
2a:e5:77:82:70:e4:ca:cb:33:8f:08:5c:9d:7b:ce:
4a:c4:aa:65:21:08:c4:9b:ce:c5:34:3c:d5:e1:83:
68:e9:46:98:e9:f7:f3:99:37:28:1f:36:ad:3c:97:
87:a8:e9:93:39:e1:6a:42:0d:72:2a:38:a1:8c:fe:
07:bf:d3:92:ad:af:91:5a:93:60:4c:cd:82:cf:a7:
cc:68:2d:92:cf:88:39:b0:b6:a1:ab:11:2c:a7:63:
6d:13:d9:0e:10:82:3b:5f:58:d1:6f:df:20:61:77:
70:cf:77:0e:b2:fe:a3:4a:83:fe:03:f3:0e:3f:c6:
98:cc:14:d6:7d:3f:0a:e8:d4:15:b9:5a:10:bf:f2:
3d:91:10:d9:90:33:26:b2:df:b9:33:85:ac:30:42:
d2:93:72:17:75:7b:82:58:1f:fa:aa:43:54:47:6c:
22:2a:79:e5:66:77:b3:fb:19:01:06:56:db:3b:b5:
25:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:3B:08:1F:EF:46:00:44:B2:8D:BA:91:8D:24:DE:88:10:37:73:3B
X509v3 Authority Key Identifier:
keyid:EA:83:AF:4A:21:CB:C2:07:1F:56:95:6E:5D:DD:58:4C:76:38:FA:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C362/6A08F492257711EFBB0B8251C4F9AE02/6oOvSiHLwgcfVpVuXd1YTHY4-ls.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6oOvSiHLwgcfVpVuXd1YTHY4-ls.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C362/6A08F492257711EFBB0B8251C4F9AE02/6492D4985B9011EF8DB48C24C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.230.200.0/22
45.64.107.0/24
45.113.224.0/22
45.120.137.0-45.120.138.255
103.13.112.0/22
103.26.205.0/24
103.26.207.0/24
103.250.186.0/24
157.119.40.0/22
IPv6:
2405:7140:1::-2405:7140:2:ffff:ffff:ffff:ffff:ffff
2405:7140:4::-2405:7140:6:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2c:61:b3:b7:cc:fa:52:e5:2a:7a:12:42:7e:01:4c:d8:a8:61:
ee:b4:0c:de:42:a0:0a:97:eb:ca:5e:84:39:85:b2:b2:98:8a:
a3:bb:8c:67:e6:cc:40:1c:35:64:d6:e6:e0:8d:99:79:51:b5:
3b:c0:cb:f1:98:a4:a4:f4:f2:d5:d5:ba:58:d9:04:b0:d6:80:
28:02:72:73:24:41:0b:46:12:d5:8c:57:8b:76:19:73:a9:8a:
bd:f0:1e:79:68:99:33:f9:e2:4a:89:0c:43:b4:9d:0f:73:b5:
b4:48:bb:c5:a5:11:6d:7a:e1:d0:cc:0c:2c:57:40:6e:18:dc:
d6:98:32:29:db:5e:83:d6:5b:3f:ed:c7:0b:2e:c3:33:97:e6:
6a:23:f3:94:8f:3f:02:12:63:f1:e2:7f:08:8d:46:d3:b1:8c:
a2:54:7a:ba:73:69:64:1b:c5:87:e5:02:e4:13:e1:9e:c6:17:
51:2c:b9:33:c4:32:12:d4:49:cd:2d:4c:7f:c3:37:f1:dc:52:
2b:66:dc:50:1a:38:73:20:6a:44:e6:96:0e:76:d3:6b:a3:3a:
0f:18:78:f1:55:0f:78:cf:2c:92:ba:81:7e:31:d2:43:ad:61:
1d:6f:91:d7:13:a5:77:6e:cb:2f:b5:a2:75:ba:6a:0b:a6:9b:
ce:3f:8b:1e
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgICAbYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUMzNjIxMTAvBgNVBAUTKEVBODNBRjRBMjFDQkMyMDcxRjU2OTU2RTVEREQ1ODRD
NzYzOEZBNUIwHhcNMjYwMzE4MTA1OTE5WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWJhODU4Ny0wYmU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtdgjMR8yA8arYn0eVA3QlYcL65LPlS0Me6+z22Js6JPUWn7mvdCGh5s4YLto
ABSxvyV/DIqscDZTHrl0vr5t9J805AGepCBwFR0q5XeCcOTKyzOPCFyde85KxKpl
IQjEm87FNDzV4YNo6UaY6ffzmTcoHzatPJeHqOmTOeFqQg1yKjihjP4Hv9OSra+R
WpNgTM2Cz6fMaC2Sz4g5sLahqxEsp2NtE9kOEII7X1jRb98gYXdwz3cOsv6jSoP+
A/MOP8aYzBTWfT8K6NQVuVoQv/I9kRDZkDMmst+5M4WsMELSk3IXdXuCWB/6qkNU
R2wiKnnlZnez+xkBBlbbO7UlcwIDAQABo4ICyTCCAsUwHQYDVR0OBBYEFPc7CB/v
RgBEso26kY0k3ogQN3M7MB8GA1UdIwQYMBaAFOqDr0ohy8IHH1aVbl3dWEx2OPpb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzM2Mi82QTA4RjQ5MjI1
NzcxMUVGQkIwQjgyNTFDNEY5QUUwMi82b092U2lITHdnY2ZWcFZ1WGQxWVRIWTQt
bHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZvT3ZTaUhMd2djZlZwVnVYZDFZVEhZNC1scy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUMzNjIvNkEwOEY0OTIyNTc3MTFFRkJCMEI4MjUxQzRGOUFFMDIvNjQ5MkQ0OTg1
QjkwMTFFRjhEQjQ4QzI0QzRGOUFFMDIucm9hMIGHBggrBgEFBQcBBwEB/wR4MHYw
RAQCAAEwPgMEAivmyAMEAC1AawMEAi1x4DAMAwQALXiJAwQALXiKAwQCZw1wAwQA
ZxrNAwQAZxrPAwQAZ/q6AwQCnXcoMC4EAgACMCgwEgMHACQFcUAAAQMHACQFcUAA
AjASAwcCJAVxQAAEAwcAJAVxQAAGMA0GCSqGSIb3DQEBCwUAA4IBAQAsYbO3zPpS
5Sp6EkJ+AUzYqGHutAzeQqAKl+vKXoQ5hbKymIqju4xn5sxAHDVk1ubgjZl5UbU7
wMvxmKSk9PLV1bpY2QSw1oAoAnJzJEELRhLVjFeLdhlzqYq98B55aJkz+eJKiQxD
tJ0Pc7W0SLvFpRFteuHQzAwsV0BuGNzWmDIp216D1ls/7ccLLsMzl+ZqI/OUjz8C
EmPx4n8IjUbTsYyiVHq6c2lkG8WH5QLkE+GexhdRLLkzxDIS1EnNLUx/wzfx3FIr
ZtxQGjhzIGpE5pYOdtNrozoPGHjxVQ94zyySuoF+MdJDrWEdb5HXE6V3bssvtaJ1
umoLppvOP4se
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:29:41 2026 by rpki-client