Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/5F5A375CFF0C11F0AEE33AB880EE528E.roa
File: 5F5A375CFF0C11F0AEE33AB880EE528E.roa (raw, json)
Hash identifier: uNnYabDdr+X3Z2RvWPceJhaH0aT0V7q+W0VcLO4pYtY=
Subject key identifier: 81:82:2B:06:45:4C:7E:0C:9F:8A:7C:F7:79:AE:54:56:E4:CB:38:DF
Certificate issuer: /CN=A9124679/serialNumber=0A480517741076FE763E4E9E32F35BD459893292
Certificate serial: 029D
Authority key identifier: 0A:48:05:17:74:10:76:FE:76:3E:4E:9E:32:F3:5B:D4:59:89:32:92
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkgFF3QQdv52Pk6eMvNb1FmJMpI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/5F5A375CFF0C11F0AEE33AB880EE528E.roa
Signing time: Thu 05 Mar 2026 01:35:05 +0000
ROA not before: Thu 05 Mar 2026 01:35:05 +0000
ROA not after: Tue 02 Mar 2027 00:00:00 +0000
asID: 134840
IP address blocks: 103.57.204.0/24 maxlen: 24
103.57.205.0/24 maxlen: 24
103.57.206.0/24 maxlen: 24
103.57.207.0/24 maxlen: 24
103.203.132.0/24 maxlen: 24
103.203.133.0/24 maxlen: 24
103.203.134.0/24 maxlen: 24
103.203.135.0/24 maxlen: 24
103.237.112.0/24 maxlen: 24
103.237.113.0/24 maxlen: 24
103.237.114.0/24 maxlen: 24
103.237.115.0/24 maxlen: 24
116.206.192.0/24 maxlen: 24
116.206.193.0/24 maxlen: 24
116.206.194.0/24 maxlen: 24
116.206.195.0/24 maxlen: 24
121.46.71.0/24 maxlen: 24
180.235.116.0/24 maxlen: 24
180.235.117.0/24 maxlen: 24
180.235.118.0/24 maxlen: 24
180.235.119.0/24 maxlen: 24
2403:c280::/32 maxlen: 32
2403:c280::/48 maxlen: 48
2403:c280:1::/48 maxlen: 48
2403:c280:2::/48 maxlen: 48
2403:c280:3::/48 maxlen: 48
2403:c280:4::/48 maxlen: 48
2403:c280:5::/48 maxlen: 48
2403:c280:6::/48 maxlen: 48
2403:c280:7::/48 maxlen: 48
2403:c280:8::/48 maxlen: 48
2403:c280:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/CkgFF3QQdv52Pk6eMvNb1FmJMpI.crl
rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/CkgFF3QQdv52Pk6eMvNb1FmJMpI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkgFF3QQdv52Pk6eMvNb1FmJMpI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 03 Apr 2026 01:26:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 669 (0x29d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9124679, serialNumber=0A480517741076FE763E4E9E32F35BD459893292
Validity
Not Before: Mar 5 01:35:05 2026 GMT
Not After : Mar 2 00:00:00 2027 GMT
Subject: CN=69a8ddc9-92e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:8e:eb:f7:1c:75:5e:c7:9c:1e:3e:85:a9:74:
fb:1e:aa:b9:be:d0:83:cf:d8:29:a3:3a:71:bf:6b:
36:71:78:16:e8:bd:82:f9:e0:a9:e5:a6:70:79:bc:
f1:ff:0d:cd:46:94:df:e1:8f:58:56:97:79:18:93:
00:68:4c:1f:93:14:0e:7b:b8:a6:c6:15:21:71:a3:
7b:25:8d:12:82:32:3a:0d:e5:49:0c:60:84:d3:fd:
ba:4c:b3:ed:7a:5c:b9:b7:06:66:ab:ce:c6:1d:6b:
92:45:f3:92:ff:a9:cd:69:45:63:2c:3f:15:25:94:
fb:9c:d7:8b:9b:e9:35:3f:ce:0d:2f:90:9a:e1:eb:
08:67:38:d1:c0:56:32:45:f1:2a:a9:a8:4c:51:f3:
43:11:9a:89:d6:9e:6a:eb:cd:95:bd:76:4c:bd:6f:
1c:af:1c:2b:5e:5e:7d:01:66:a5:93:46:d3:7a:3f:
60:60:70:f7:96:63:e0:f4:4b:c9:c1:95:85:ca:7a:
e0:22:2b:fa:51:37:b2:70:d2:58:ef:9d:2d:de:e8:
c1:cd:7e:8f:9b:31:82:82:fb:ce:e7:eb:e4:16:f6:
b9:7e:ac:22:fb:1c:4a:74:d3:9b:27:d7:a1:56:ff:
83:dd:1c:7c:f8:d2:db:47:e2:a9:d4:91:4c:35:92:
40:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:82:2B:06:45:4C:7E:0C:9F:8A:7C:F7:79:AE:54:56:E4:CB:38:DF
X509v3 Authority Key Identifier:
keyid:0A:48:05:17:74:10:76:FE:76:3E:4E:9E:32:F3:5B:D4:59:89:32:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/CkgFF3QQdv52Pk6eMvNb1FmJMpI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkgFF3QQdv52Pk6eMvNb1FmJMpI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/5F5A375CFF0C11F0AEE33AB880EE528E.roa
sbgp-ipAddrBlock: critical
IPv4:
103.57.204.0/22
103.203.132.0/22
103.237.112.0/22
116.206.192.0/22
121.46.71.0/24
180.235.116.0/22
IPv6:
2403:c280::/32
Signature Algorithm: sha256WithRSAEncryption
cf:c2:8f:16:7b:06:a4:e5:46:ff:b9:4c:dd:2f:a7:57:17:29:
01:b5:00:c2:33:f7:ac:4b:ee:33:47:35:49:2b:1d:5e:5f:28:
1f:63:87:51:7d:ed:20:ba:69:2f:e7:12:cd:0c:24:fc:43:2d:
12:4d:69:9e:cd:22:17:c2:64:98:8e:16:45:ab:bd:88:1b:92:
0b:ae:f7:e5:f1:fe:e4:42:04:1b:f3:7d:bc:21:d3:53:7f:59:
cd:1c:5a:01:4d:b3:03:19:a2:4b:a2:da:5c:01:12:9a:c4:1a:
8d:07:50:80:f3:a5:25:1a:18:5b:ef:28:cb:3e:e8:f0:95:62:
6a:fb:ab:80:52:5f:a1:a6:d7:1a:68:5c:bc:f0:54:73:17:f1:
9a:fd:86:15:44:83:63:b2:86:23:60:6a:76:55:74:76:d0:a2:
35:b6:76:79:c6:77:74:63:3b:97:0c:e3:31:70:16:1a:e0:1f:
7d:ae:fa:7e:da:66:89:60:00:9d:36:cd:a4:a5:1b:a3:1d:9e:
f3:39:87:d7:89:ce:2e:33:22:df:d0:d9:37:20:03:3d:a2:0f:
49:ae:c4:ee:1b:d6:72:12:df:25:c8:83:24:88:c4:29:53:06:
81:cb:c5:de:1e:c3:94:2c:6e:2e:42:46:3e:1e:db:c0:94:1f:
67:7a:4c:e1
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgICAp0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjQ2NzkxMTAvBgNVBAUTKDBBNDgwNTE3NzQxMDc2RkU3NjNFNEU5RTMyRjM1QkQ0
NTk4OTMyOTIwHhcNMjYwMzA1MDEzNTA1WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE4ZGRjOS05MmU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzI7r9xx1XsecHj6FqXT7Hqq5vtCDz9gpozpxv2s2cXgW6L2C+eCp5aZwebzx
/w3NRpTf4Y9YVpd5GJMAaEwfkxQOe7imxhUhcaN7JY0SgjI6DeVJDGCE0/26TLPt
ely5twZmq87GHWuSRfOS/6nNaUVjLD8VJZT7nNeLm+k1P84NL5Ca4esIZzjRwFYy
RfEqqahMUfNDEZqJ1p5q682VvXZMvW8crxwrXl59AWalk0bTej9gYHD3lmPg9EvJ
wZWFynrgIiv6UTeycNJY750t3ujBzX6PmzGCgvvO5+vkFva5fqwi+xxKdNObJ9eh
Vv+D3Rx8+NLbR+Kp1JFMNZJAkQIDAQABo4ICjTCCAokwHQYDVR0OBBYEFIGCKwZF
TH4Mn4p893muVFbkyzjfMB8GA1UdIwQYMBaAFApIBRd0EHb+dj5OnjLzW9RZiTKS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDY3OS9GNUI3OEE4ODYx
OTQxMUVEOENEQkEyM0VDNEY5QUUwMi9Da2dGRjNRUWR2NTJQazZlTXZOYjFGbUpN
cEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NrZ0ZGM1FRZHY1MlBrNmVNdk5iMUZtSk1wSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjQ2NzkvRjVCNzhBODg2MTk0MTFFRDhDREJBMjNFQzRGOUFFMDIvNUY1QTM3NUNG
RjBDMTFGMEFFRTMzQUI4ODBFRTUyOEUucm9hMEwGCCsGAQUFBwEHAQH/BD0wOzAq
BAIAATAkAwQCZznMAwQCZ8uEAwQCZ+1wAwQCdM7AAwQAeS5HAwQCtOt0MA0EAgAC
MAcDBQAkA8KAMA0GCSqGSIb3DQEBCwUAA4IBAQDPwo8Wewak5Ub/uUzdL6dXFykB
tQDCM/esS+4zRzVJKx1eXygfY4dRfe0gumkv5xLNDCT8Qy0STWmezSIXwmSYjhZF
q72IG5ILrvfl8f7kQgQb8328IdNTf1nNHFoBTbMDGaJLotpcARKaxBqNB1CA86Ul
Ghhb7yjLPujwlWJq+6uAUl+hptcaaFy88FRzF/Ga/YYVRINjsoYjYGp2VXR20KI1
tnZ5xnd0YzuXDOMxcBYa4B99rvp+2maJYACdNs2kpRujHZ7zOYfXic4uMyLf0Nk3
IAM9og9JrsTuG9ZyEt8lyIMkiMQpUwaBy8XeHsOULG4uQkY+HtvAlB9nekzh
-----END CERTIFICATE-----
Generated at Sat Mar 28 13:38:00 2026 by rpki-client