Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/F0C8DB1CA54E11EF8592FD66C4F9AE02.roa
File: F0C8DB1CA54E11EF8592FD66C4F9AE02.roa (raw, json)
Hash identifier: Fu99K4NOtn2+BNW4pRMbgb3TXtpkuT6kgxDZJ7yt25U=
Subject key identifier: 28:81:09:3C:48:A4:3B:8B:92:E9:C0:28:BE:53:71:5E:D3:F4:FC:31
Certificate issuer: /CN=A911D848/serialNumber=1DD1B8687886924C4613116050EE90E9D494269E
Certificate serial: 0115
Authority key identifier: 1D:D1:B8:68:78:86:92:4C:46:13:11:60:50:EE:90:E9:D4:94:26:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/F0C8DB1CA54E11EF8592FD66C4F9AE02.roa
Signing time: Mon 02 Mar 2026 12:36:37 +0000
ROA not before: Tue 03 Feb 2026 05:25:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9266
IP address blocks: 103.36.152.0/22 maxlen: 22
103.65.216.0/22 maxlen: 22
103.225.108.0/22 maxlen: 22
202.1.116.0/22 maxlen: 22
202.1.116.0/24 maxlen: 24
202.1.117.0/24 maxlen: 24
202.1.118.0/24 maxlen: 24
202.1.119.0/24 maxlen: 24
203.5.244.0/24 maxlen: 24
203.10.124.0/24 maxlen: 24
203.12.116.0/24 maxlen: 24
203.14.106.0/24 maxlen: 24
203.14.193.0/24 maxlen: 24
203.18.151.0/24 maxlen: 24
203.19.52.0/24 maxlen: 24
203.19.220.0/24 maxlen: 24
203.20.110.0/24 maxlen: 24
203.20.111.0/24 maxlen: 24
203.21.22.0/24 maxlen: 24
203.22.169.0/24 maxlen: 24
203.23.50.0/24 maxlen: 24
203.23.71.0/24 maxlen: 24
203.24.174.0/23 maxlen: 24
203.25.68.0/22 maxlen: 22
203.25.69.0/24 maxlen: 24
203.25.70.0/24 maxlen: 24
203.25.71.0/24 maxlen: 24
203.25.123.0/24 maxlen: 24
203.25.158.0/24 maxlen: 24
203.26.171.0/24 maxlen: 24
203.26.226.0/23 maxlen: 23
203.29.21.0/24 maxlen: 24
203.29.127.0/24 maxlen: 24
203.30.78.0/24 maxlen: 24
203.31.214.0/24 maxlen: 24
203.32.44.0/23 maxlen: 24
203.32.47.0/24 maxlen: 24
203.33.28.0/24 maxlen: 24
203.33.58.0/23 maxlen: 24
203.33.108.0/23 maxlen: 24
203.34.167.0/24 maxlen: 24
203.55.194.0/23 maxlen: 24
203.62.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.crl
rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 03 Apr 2026 05:34:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 277 (0x115)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D848, serialNumber=1DD1B8687886924C4613116050EE90E9D494269E
Validity
Not Before: Feb 3 05:25:14 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a58455-4147
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:cc:50:24:44:52:eb:c8:e6:b8:ff:51:ba:3f:
5c:1f:7e:7d:03:ef:58:13:75:a4:75:83:24:a1:97:
6f:34:4e:48:af:83:ea:89:92:44:f7:bb:96:4f:c4:
72:53:41:b6:ee:4a:24:7f:8e:aa:af:ba:d2:43:cf:
6d:3b:07:a3:c5:58:4c:5c:01:78:35:c5:8f:c3:b2:
37:b0:8c:32:96:a0:c1:1c:af:94:5e:2c:9d:2d:ef:
ae:28:ea:f8:86:49:fa:16:96:3d:08:eb:c4:df:29:
46:6d:01:ce:d0:ea:e3:34:71:86:27:f3:ac:b5:cf:
96:ab:be:0a:0e:4f:18:9f:72:b8:60:b9:63:21:a0:
c9:ab:cc:11:32:11:5b:ff:0a:56:c2:8a:8b:0c:ca:
ee:1e:f5:ff:2f:6b:55:80:bc:3c:5e:30:9c:0d:83:
5b:c0:10:1a:13:f9:e2:c3:94:24:58:a4:cb:6f:95:
31:c8:16:f0:36:d7:81:f2:74:6b:ff:8b:29:a7:ad:
c8:30:d2:19:74:ca:05:f3:34:c6:51:9b:f0:b3:65:
b4:c3:89:ad:b8:78:7d:1a:f2:3f:87:7d:70:a4:a6:
3f:f4:74:0d:49:7a:bb:e6:24:66:35:6a:b6:74:05:
51:91:72:e5:a5:89:07:91:d8:71:4d:ab:07:2c:9c:
0f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:81:09:3C:48:A4:3B:8B:92:E9:C0:28:BE:53:71:5E:D3:F4:FC:31
X509v3 Authority Key Identifier:
keyid:1D:D1:B8:68:78:86:92:4C:46:13:11:60:50:EE:90:E9:D4:94:26:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/F0C8DB1CA54E11EF8592FD66C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.36.152.0/22
103.65.216.0/22
103.225.108.0/22
202.1.116.0/22
203.5.244.0/24
203.10.124.0/24
203.12.116.0/24
203.14.106.0/24
203.14.193.0/24
203.18.151.0/24
203.19.52.0/24
203.19.220.0/24
203.20.110.0/23
203.21.22.0/24
203.22.169.0/24
203.23.50.0/24
203.23.71.0/24
203.24.174.0/23
203.25.68.0/22
203.25.123.0/24
203.25.158.0/24
203.26.171.0/24
203.26.226.0/23
203.29.21.0/24
203.29.127.0/24
203.30.78.0/24
203.31.214.0/24
203.32.44.0/23
203.32.47.0/24
203.33.28.0/24
203.33.58.0/23
203.33.108.0/23
203.34.167.0/24
203.55.194.0/23
203.62.147.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:38:93:10:81:13:26:9c:4e:7b:9e:5f:28:3e:05:87:c8:41:
d4:fa:e5:57:e0:fe:6e:25:a1:32:74:35:0c:cf:96:ef:ed:19:
f8:3c:b7:4f:36:64:1c:a8:7d:fa:7d:d6:57:22:a4:6d:e8:5c:
77:18:d4:65:5b:61:04:b1:2a:86:f6:11:08:51:38:ac:eb:a2:
31:d1:fd:e7:27:37:20:cc:5f:a7:f9:68:39:6f:da:d2:7c:3e:
9d:cd:06:9a:ed:22:99:8f:cc:82:4e:59:d3:7a:18:12:3a:be:
e7:a7:ff:4d:ef:c9:60:c1:bc:a1:32:9d:e4:67:45:fa:9d:22:
6c:b7:8c:c0:59:6b:e5:38:35:c6:86:47:0c:3d:15:bc:08:57:
f6:c7:bc:bc:10:6c:69:c5:8f:94:54:e8:9b:8c:99:18:bf:7d:
fc:96:9b:13:a1:35:cf:7e:61:c3:4a:bd:8d:1a:9c:98:78:d4:
7c:0f:5b:ce:7b:af:b3:dd:2a:d9:0d:51:bf:b2:f1:30:34:af:
b4:fe:77:ea:1d:2e:3d:f9:55:d2:26:e3:66:de:65:65:c2:64:
24:8a:3e:4b:8f:9f:02:08:20:4d:08:db:94:90:cd:05:8b:b5:
3b:d1:a3:53:40:75:8c:25:95:30:8b:fd:a4:e6:bd:5f:fe:3d:
26:a0:de:43
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgICARUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ4NDgxMTAvBgNVBAUTKDFERDFCODY4Nzg4NjkyNEM0NjEzMTE2MDUwRUU5MEU5
RDQ5NDI2OUUwHhcNMjYwMjAzMDUyNTE0WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE1ODQ1NS00MTQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvMxQJERS68jmuP9Ruj9cH359A+9YE3WkdYMkoZdvNE5Ir4PqiZJE97uWT8Ry
U0G27kokf46qr7rSQ89tOwejxVhMXAF4NcWPw7I3sIwylqDBHK+UXiydLe+uKOr4
hkn6FpY9COvE3ylGbQHO0OrjNHGGJ/Ostc+Wq74KDk8Yn3K4YLljIaDJq8wRMhFb
/wpWwoqLDMruHvX/L2tVgLw8XjCcDYNbwBAaE/niw5QkWKTLb5UxyBbwNteB8nRr
/4spp63IMNIZdMoF8zTGUZvws2W0w4mtuHh9GvI/h31wpKY/9HQNSXq75iRmNWq2
dAVRkXLlpYkHkdhxTasHLJwPfwIDAQABo4IDMTCCAy0wHQYDVR0OBBYEFCiBCTxI
pDuLkunAKL5TcV7T9PwxMB8GA1UdIwQYMBaAFB3RuGh4hpJMRhMRYFDukOnUlCae
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDg0OC9DMjUxQjVCMjlC
MTAxMUVGQTcyQkEwMjBDNEY5QUUwMi9IZEc0YUhpR2treEdFeEZnVU82UTZkU1VK
cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hkRzRhSGlHa2t4R0V4RmdVTzZRNmRTVUpwNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQ4NDgvQzI1MUI1QjI5QjEwMTFFRkE3MkJBMDIwQzRGOUFFMDIvRjBDOERCMUNB
NTRFMTFFRjg1OTJGRDY2QzRGOUFFMDIucm9hMIHvBggrBgEFBQcBBwEB/wSB3zCB
3DCB2QQCAAEwgdIDBAJnJJgDBAJnQdgDBAJn4WwDBALKAXQDBADLBfQDBADLCnwD
BADLDHQDBADLDmoDBADLDsEDBADLEpcDBADLEzQDBADLE9wDBAHLFG4DBADLFRYD
BADLFqkDBADLFzIDBADLF0cDBAHLGK4DBALLGUQDBADLGXsDBADLGZ4DBADLGqsD
BAHLGuIDBADLHRUDBADLHX8DBADLHk4DBADLH9YDBAHLICwDBADLIC8DBADLIRwD
BAHLIToDBAHLIWwDBADLIqcDBAHLN8IDBADLPpMwDQYJKoZIhvcNAQELBQADggEB
AEo4kxCBEyacTnueXyg+BYfIQdT65Vfg/m4loTJ0NQzPlu/tGfg8t082ZByoffp9
1lcipG3oXHcY1GVbYQSxKob2EQhROKzrojHR/ecnNyDMX6f5aDlv2tJ8Pp3NBprt
IpmPzIJOWdN6GBI6vuen/03vyWDBvKEyneRnRfqdImy3jMBZa+U4NcaGRww9FbwI
V/bHvLwQbGnFj5RU6JuMmRi/ffyWmxOhNc9+YcNKvY0anJh41HwPW857r7PdKtkN
Ub+y8TA0r7T+d+odLj35VdIm42beZWXCZCSKPkuPnwIIIE0I25SQzQWLtTvRo1NA
dYwllTCL/aTmvV/+PSag3kM=
-----END CERTIFICATE-----
Generated at Sat Mar 28 14:51:08 2026 by rpki-client