Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/F0C8DB1CA54E11EF8592FD66C4F9AE02.roa
File: F0C8DB1CA54E11EF8592FD66C4F9AE02.roa (raw, json)
Hash identifier: N51VbptkWVgsgU5QWmECxTG7x4Sh2baOj7rAhNlJuzU=
Subject key identifier: A1:81:7F:33:87:8A:48:76:72:8E:99:05:0C:76:E9:11:08:E1:40:36
Certificate issuer: /CN=A911D848/serialNumber=1DD1B8687886924C4613116050EE90E9D494269E
Certificate serial: 0139
Authority key identifier: 1D:D1:B8:68:78:86:92:4C:46:13:11:60:50:EE:90:E9:D4:94:26:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/F0C8DB1CA54E11EF8592FD66C4F9AE02.roa
Signing time: Tue 05 May 2026 06:38:06 +0000
ROA not before: Tue 05 May 2026 06:38:06 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 9266
IP address blocks: 103.36.152.0/22 maxlen: 22
103.65.216.0/22 maxlen: 22
103.225.108.0/22 maxlen: 22
202.1.116.0/22 maxlen: 22
202.1.116.0/24 maxlen: 24
202.1.117.0/24 maxlen: 24
202.1.118.0/24 maxlen: 24
202.1.119.0/24 maxlen: 24
203.5.244.0/24 maxlen: 24
203.10.124.0/24 maxlen: 24
203.12.116.0/24 maxlen: 24
203.14.106.0/24 maxlen: 24
203.14.193.0/24 maxlen: 24
203.18.151.0/24 maxlen: 24
203.19.52.0/24 maxlen: 24
203.19.220.0/24 maxlen: 24
203.20.110.0/24 maxlen: 24
203.20.111.0/24 maxlen: 24
203.21.22.0/24 maxlen: 24
203.22.169.0/24 maxlen: 24
203.23.50.0/24 maxlen: 24
203.23.71.0/24 maxlen: 24
203.24.174.0/23 maxlen: 24
203.25.68.0/22 maxlen: 22
203.25.69.0/24 maxlen: 24
203.25.70.0/24 maxlen: 24
203.25.71.0/24 maxlen: 24
203.25.123.0/24 maxlen: 24
203.25.158.0/24 maxlen: 24
203.26.171.0/24 maxlen: 24
203.26.226.0/23 maxlen: 23
203.29.21.0/24 maxlen: 24
203.29.127.0/24 maxlen: 24
203.30.78.0/24 maxlen: 24
203.31.214.0/24 maxlen: 24
203.32.44.0/23 maxlen: 24
203.32.47.0/24 maxlen: 24
203.33.28.0/24 maxlen: 24
203.33.58.0/23 maxlen: 24
203.33.108.0/23 maxlen: 24
203.34.167.0/24 maxlen: 24
203.55.194.0/23 maxlen: 24
203.62.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.crl
rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 18 May 2026 05:51:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 313 (0x139)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D848, serialNumber=1DD1B8687886924C4613116050EE90E9D494269E
Validity
Not Before: May 5 06:38:06 2026 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=69f9904e-2b8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:28:0f:1f:3b:13:94:10:b7:3c:ad:61:b4:89:
3b:9e:bc:57:db:f4:f5:ee:cd:a0:00:66:b7:a1:b4:
a3:86:09:13:91:57:aa:49:6a:7b:30:36:f4:7a:80:
b5:9d:77:42:f6:2f:b7:52:57:37:26:a2:80:4b:e1:
89:23:c9:bd:be:92:70:54:64:07:a5:22:8e:73:9c:
7c:87:1d:12:54:18:4c:dd:c5:04:96:d4:5d:72:76:
f1:dc:1c:27:bf:8c:10:b5:ed:97:b3:ba:ff:f6:a6:
f0:65:7f:52:6c:07:07:3c:18:74:f6:4f:3a:60:0b:
e2:0e:dc:a8:8b:bc:40:44:0b:c2:03:44:c9:6b:fe:
6a:3e:80:0e:35:95:ae:3c:1b:46:31:9f:ee:e6:ac:
e2:d4:67:be:4b:f0:c9:c3:c9:6e:ff:83:7b:65:b7:
12:9d:a3:a5:74:19:13:5f:bf:5b:d6:5f:fa:ab:61:
90:9a:de:bb:32:0c:40:e6:96:f3:93:ae:c7:6d:06:
4e:2d:ed:04:fb:c4:f5:a2:d1:2a:9e:f5:c4:32:0f:
f0:b7:70:cf:1e:b1:fa:26:ef:bf:89:87:a3:02:35:
e9:19:bb:1f:3c:aa:8b:f1:1a:4f:5c:5b:de:d5:ab:
9a:d8:39:87:62:c4:43:2b:fb:ed:67:f2:ba:33:08:
8a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:81:7F:33:87:8A:48:76:72:8E:99:05:0C:76:E9:11:08:E1:40:36
X509v3 Authority Key Identifier:
keyid:1D:D1:B8:68:78:86:92:4C:46:13:11:60:50:EE:90:E9:D4:94:26:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/F0C8DB1CA54E11EF8592FD66C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.36.152.0/22
103.65.216.0/22
103.225.108.0/22
202.1.116.0/22
203.5.244.0/24
203.10.124.0/24
203.12.116.0/24
203.14.106.0/24
203.14.193.0/24
203.18.151.0/24
203.19.52.0/24
203.19.220.0/24
203.20.110.0/23
203.21.22.0/24
203.22.169.0/24
203.23.50.0/24
203.23.71.0/24
203.24.174.0/23
203.25.68.0/22
203.25.123.0/24
203.25.158.0/24
203.26.171.0/24
203.26.226.0/23
203.29.21.0/24
203.29.127.0/24
203.30.78.0/24
203.31.214.0/24
203.32.44.0/23
203.32.47.0/24
203.33.28.0/24
203.33.58.0/23
203.33.108.0/23
203.34.167.0/24
203.55.194.0/23
203.62.147.0/24
Signature Algorithm: sha256WithRSAEncryption
21:fb:64:b6:71:0f:21:54:e3:34:ff:ce:fc:a1:44:e0:f4:e6:
00:86:4d:77:00:f9:cf:7e:a2:92:5c:94:4b:91:bf:bb:54:a3:
53:21:e0:d8:d6:bc:7c:1d:3d:9a:0e:de:82:ec:10:a6:e6:54:
6d:d3:f2:c8:30:86:39:0f:7d:7a:d4:6c:a2:e7:0f:96:b1:57:
73:4b:80:0c:65:55:9f:35:3f:cf:94:01:0b:aa:c5:27:bf:de:
ff:9c:47:7c:b3:05:ce:33:b6:7d:6f:d0:f8:bf:7e:a2:74:d9:
ce:5d:b1:6c:9d:ac:08:4e:1b:c2:4d:9b:1f:66:2d:a9:93:38:
4f:9d:e3:e5:8d:d5:4a:78:c9:45:35:8b:bc:72:bd:53:a5:34:
e6:92:8d:85:68:30:fb:0e:41:f6:58:3f:6f:fe:05:6a:1e:e9:
e6:52:89:35:19:f3:66:05:43:17:8a:41:00:31:ef:6e:45:8e:
ae:be:b5:ec:e9:72:24:21:2a:74:30:06:57:6c:69:4b:e6:7b:
bf:f1:41:65:60:18:bd:a4:b3:01:3e:ec:4e:e6:91:41:69:62:
02:4c:5f:0d:03:b6:8d:30:15:5f:59:fa:14:b6:69:38:07:d2:
d4:7a:f8:cd:43:dc:a6:79:a4:49:04:93:86:98:5e:77:33:f4:
a0:a4:b7:18
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgICATkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ4NDgxMTAvBgNVBAUTKDFERDFCODY4Nzg4NjkyNEM0NjEzMTE2MDUwRUU5MEU5
RDQ5NDI2OUUwHhcNMjYwNTA1MDYzODA2WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWY5OTA0ZS0yYjhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyCgPHzsTlBC3PK1htIk7nrxX2/T17s2gAGa3obSjhgkTkVeqSWp7MDb0eoC1
nXdC9i+3Ulc3JqKAS+GJI8m9vpJwVGQHpSKOc5x8hx0SVBhM3cUEltRdcnbx3Bwn
v4wQte2Xs7r/9qbwZX9SbAcHPBh09k86YAviDtyoi7xARAvCA0TJa/5qPoAONZWu
PBtGMZ/u5qzi1Ge+S/DJw8lu/4N7ZbcSnaOldBkTX79b1l/6q2GQmt67MgxA5pbz
k67HbQZOLe0E+8T1otEqnvXEMg/wt3DPHrH6Ju+/iYejAjXpGbsfPKqL8RpPXFve
1aua2DmHYsRDK/vtZ/K6MwiKmQIDAQABo4IDMTCCAy0wHQYDVR0OBBYEFKGBfzOH
ikh2co6ZBQx26REI4UA2MB8GA1UdIwQYMBaAFB3RuGh4hpJMRhMRYFDukOnUlCae
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDg0OC9DMjUxQjVCMjlC
MTAxMUVGQTcyQkEwMjBDNEY5QUUwMi9IZEc0YUhpR2treEdFeEZnVU82UTZkU1VK
cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hkRzRhSGlHa2t4R0V4RmdVTzZRNmRTVUpwNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQ4NDgvQzI1MUI1QjI5QjEwMTFFRkE3MkJBMDIwQzRGOUFFMDIvRjBDOERCMUNB
NTRFMTFFRjg1OTJGRDY2QzRGOUFFMDIucm9hMIHvBggrBgEFBQcBBwEB/wSB3zCB
3DCB2QQCAAEwgdIDBAJnJJgDBAJnQdgDBAJn4WwDBALKAXQDBADLBfQDBADLCnwD
BADLDHQDBADLDmoDBADLDsEDBADLEpcDBADLEzQDBADLE9wDBAHLFG4DBADLFRYD
BADLFqkDBADLFzIDBADLF0cDBAHLGK4DBALLGUQDBADLGXsDBADLGZ4DBADLGqsD
BAHLGuIDBADLHRUDBADLHX8DBADLHk4DBADLH9YDBAHLICwDBADLIC8DBADLIRwD
BAHLIToDBAHLIWwDBADLIqcDBAHLN8IDBADLPpMwDQYJKoZIhvcNAQELBQADggEB
ACH7ZLZxDyFU4zT/zvyhROD05gCGTXcA+c9+opJclEuRv7tUo1Mh4NjWvHwdPZoO
3oLsEKbmVG3T8sgwhjkPfXrUbKLnD5axV3NLgAxlVZ81P8+UAQuqxSe/3v+cR3yz
Bc4ztn1v0Pi/fqJ02c5dsWydrAhOG8JNmx9mLamTOE+d4+WN1Up4yUU1i7xyvVOl
NOaSjYVoMPsOQfZYP2/+BWoe6eZSiTUZ82YFQxeKQQAx725Fjq6+tezpciQhKnQw
BldsaUvme7/xQWVgGL2kswE+7E7mkUFpYgJMXw0Dto0wFV9Z+hS2aTgH0tR6+M1D
3KZ5pEkEk4aYXncz9KCktxg=
-----END CERTIFICATE-----
Generated at Wed May 13 05:30:38 2026 by rpki-client