Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9132EC7/2934726AFA7811E79CB6087DC4F9AE02/0D4F5906FA7911E7B85F4E7EC4F9AE02.roa
File: 0D4F5906FA7911E7B85F4E7EC4F9AE02.roa (raw, json)
Hash identifier: Fg8/Dw7mAMJse8JvCxq2d50l5CfSCBU4vZ7nmbzgYwg=
Subject key identifier: 63:31:63:7A:5A:D4:24:E5:25:7F:03:C4:AC:B2:8D:2C:B9:07:6C:9A
Certificate issuer: /CN=A9132EC7/serialNumber=010B407B75F6E338F3AFB59A8D62715C3C02ECF4
Certificate serial: 1786
Authority key identifier: 01:0B:40:7B:75:F6:E3:38:F3:AF:B5:9A:8D:62:71:5C:3C:02:EC:F4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AQtAe3X24zjzr7WajWJxXDwC7PQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9132EC7/2934726AFA7811E79CB6087DC4F9AE02/0D4F5906FA7911E7B85F4E7EC4F9AE02.roa
Signing time: Thu 23 Apr 2026 12:35:16 +0000
ROA not before: Thu 23 Apr 2026 12:35:16 +0000
ROA not after: Sat 01 May 2027 00:00:00 +0000
asID: 137403
IP address blocks: 103.107.160.0/22 maxlen: 22
103.107.160.0/23 maxlen: 23
103.107.160.0/24 maxlen: 24
103.107.161.0/24 maxlen: 24
103.107.162.0/23 maxlen: 23
103.107.162.0/24 maxlen: 24
103.107.163.0/24 maxlen: 24
2402:5840::/32 maxlen: 32
2402:5840::/48 maxlen: 48
2402:5840::/64 maxlen: 64
2402:5840:0:1::/64 maxlen: 64
2402:5840:0:2::/64 maxlen: 64
2402:5840:1::/48 maxlen: 48
2402:5840:2::/48 maxlen: 48
2402:5840:3::/48 maxlen: 48
2402:5840:4::/48 maxlen: 48
2402:5840:5::/48 maxlen: 48
2402:5840:6::/48 maxlen: 48
2402:5840:7::/48 maxlen: 48
2402:5840:8::/48 maxlen: 48
2402:5840:9::/48 maxlen: 48
2402:5840:a::/48 maxlen: 48
2402:5840:10::/48 maxlen: 48
2402:5840:11::/48 maxlen: 48
2402:5840:12::/48 maxlen: 48
2402:5840:13::/48 maxlen: 48
2402:5840:14::/48 maxlen: 48
2402:5840:15::/48 maxlen: 48
2402:5840:16::/48 maxlen: 48
2402:5840:17::/48 maxlen: 48
2402:5840:18::/48 maxlen: 48
2402:5840:19::/48 maxlen: 48
2402:5840:20::/48 maxlen: 48
2402:5840:21::/48 maxlen: 48
2402:5840:22::/48 maxlen: 48
2402:5840:23::/48 maxlen: 48
2402:5840:24::/48 maxlen: 48
2402:5840:25::/48 maxlen: 48
2402:5840:26::/48 maxlen: 48
2402:5840:27::/48 maxlen: 48
2402:5840:28::/48 maxlen: 48
2402:5840:29::/48 maxlen: 48
2402:5840:30::/48 maxlen: 48
2402:5840:31::/48 maxlen: 48
2402:5840:32::/48 maxlen: 48
2402:5840:33::/48 maxlen: 48
2402:5840:34::/48 maxlen: 48
2402:5840:70::/48 maxlen: 48
2402:5840:71::/48 maxlen: 48
2402:5840:72::/48 maxlen: 48
2402:5840:73::/48 maxlen: 48
2402:5840:100::/48 maxlen: 48
2402:5840:2001::/48 maxlen: 48
2402:5840:2002::/48 maxlen: 48
2402:5840:2003::/48 maxlen: 48
2402:5840:2004::/48 maxlen: 48
2402:5840:5840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9132EC7/2934726AFA7811E79CB6087DC4F9AE02/AQtAe3X24zjzr7WajWJxXDwC7PQ.crl
rsync://rpki.apnic.net/member_repository/A9132EC7/2934726AFA7811E79CB6087DC4F9AE02/AQtAe3X24zjzr7WajWJxXDwC7PQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AQtAe3X24zjzr7WajWJxXDwC7PQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 16:36:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6022 (0x1786)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9132EC7, serialNumber=010B407B75F6E338F3AFB59A8D62715C3C02ECF4
Validity
Not Before: Apr 23 12:35:16 2026 GMT
Not After : May 1 00:00:00 2027 GMT
Subject: CN=69ea1204-07bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:64:c4:41:78:4f:e1:32:27:15:6a:85:94:2a:
c3:6d:75:67:dc:5e:47:24:c4:cb:f9:ef:52:5a:e3:
98:86:c8:f6:58:42:d7:e1:f3:a6:db:51:16:85:ff:
d3:82:02:b8:61:97:fa:67:d0:3a:96:88:d5:d2:88:
31:b5:d6:fa:09:6f:20:25:64:99:c9:9f:95:c3:0c:
aa:55:d0:57:c3:01:c9:c3:ab:34:d2:8a:7e:16:12:
f8:2f:e1:f4:63:82:3a:cb:e9:4e:5c:3d:12:05:b1:
93:e6:37:58:55:0e:0e:b3:fc:86:b9:01:37:c4:e8:
14:66:8c:8f:c7:96:05:7c:07:ce:fb:94:e0:aa:48:
32:d8:2d:14:80:80:c8:72:94:84:49:b6:09:c6:99:
ab:de:37:e4:f9:55:4b:0f:2f:da:ac:70:cd:e5:79:
98:67:b7:bd:c1:b5:65:6e:a4:14:4a:d2:a9:c6:87:
f9:06:78:51:bb:e0:43:0c:ec:fe:85:04:1a:0c:db:
e7:8c:4e:db:38:b2:7b:3a:78:7e:07:05:76:aa:77:
2c:82:85:f7:98:a8:8e:17:f4:64:5f:a2:76:d6:e3:
ef:b4:43:da:f6:fd:c3:54:6a:b9:82:f5:3e:74:8e:
8c:4e:77:95:ac:4b:b0:db:31:20:4a:e8:b6:b9:97:
ff:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:31:63:7A:5A:D4:24:E5:25:7F:03:C4:AC:B2:8D:2C:B9:07:6C:9A
X509v3 Authority Key Identifier:
keyid:01:0B:40:7B:75:F6:E3:38:F3:AF:B5:9A:8D:62:71:5C:3C:02:EC:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9132EC7/2934726AFA7811E79CB6087DC4F9AE02/AQtAe3X24zjzr7WajWJxXDwC7PQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AQtAe3X24zjzr7WajWJxXDwC7PQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132EC7/2934726AFA7811E79CB6087DC4F9AE02/0D4F5906FA7911E7B85F4E7EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.107.160.0/22
IPv6:
2402:5840::/32
Signature Algorithm: sha256WithRSAEncryption
91:ea:35:63:94:10:1c:7c:99:e8:b9:0a:7f:2f:2c:ed:3e:e4:
10:5d:b4:81:b3:ef:c2:90:5f:df:70:c2:b5:bb:87:18:6d:cc:
95:d1:31:2a:1b:dc:a4:64:8e:b4:32:58:86:9e:73:80:b8:59:
b5:25:42:25:b2:e1:6b:8e:ab:29:43:5a:86:49:28:db:de:dc:
d6:77:8a:86:4c:a0:8a:c9:41:41:a7:2e:72:b5:a6:a8:bc:c7:
ae:7e:a0:ea:61:d4:bb:cb:2e:ca:fd:d1:e3:b0:2a:cc:6e:3a:
08:f0:17:2f:a3:ff:e6:d4:1f:d7:83:f3:1d:af:05:29:f7:e8:
67:3a:77:1a:ae:c4:a5:a9:33:74:36:14:af:79:1e:e6:b6:02:
49:79:52:24:a7:5d:18:f1:92:70:50:2a:b8:e5:cd:57:f0:67:
f4:24:59:e8:22:1e:a6:84:c2:af:6e:00:42:f8:84:40:37:67:
5a:63:4d:63:03:59:10:e1:39:06:04:23:8b:41:0e:99:b7:16:
72:78:2e:a3:2c:72:4d:a3:6b:40:c4:54:de:c0:1f:2e:5d:a8:
07:70:02:bc:33:5f:b0:a4:49:91:0a:8d:08:da:d7:15:8c:24:
27:08:81:9c:fe:ea:22:43:30:66:34:c6:4e:86:32:f2:97:d6:
93:5c:51:26
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgICF4YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzJFQzcxMTAvBgNVBAUTKDAxMEI0MDdCNzVGNkUzMzhGM0FGQjU5QThENjI3MTVD
M0MwMkVDRjQwHhcNMjYwNDIzMTIzNTE2WhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWVhMTIwNC0wN2JkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzmTEQXhP4TInFWqFlCrDbXVn3F5HJMTL+e9SWuOYhsj2WELX4fOm21EWhf/T
ggK4YZf6Z9A6lojV0ogxtdb6CW8gJWSZyZ+VwwyqVdBXwwHJw6s00op+FhL4L+H0
Y4I6y+lOXD0SBbGT5jdYVQ4Os/yGuQE3xOgUZoyPx5YFfAfO+5Tgqkgy2C0UgIDI
cpSESbYJxpmr3jfk+VVLDy/arHDN5XmYZ7e9wbVlbqQUStKpxof5BnhRu+BDDOz+
hQQaDNvnjE7bOLJ7Onh+BwV2qncsgoX3mKiOF/RkX6J21uPvtEPa9v3DVGq5gvU+
dI6MTneVrEuw2zEgSui2uZf/vQIDAQABo4ICbzCCAmswHQYDVR0OBBYEFGMxY3pa
1CTlJX8DxKyyjSy5B2yaMB8GA1UdIwQYMBaAFAELQHt19uM486+1mo1icVw8Auz0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkVDNy8yOTM0NzI2QUZB
NzgxMUU3OUNCNjA4N0RDNEY5QUUwMi9BUXRBZTNYMjR6anpyN1dhaldKeFhEd0M3
UFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FRdEFlM1gyNHpqenI3V2FqV0p4WER3QzdQUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzJFQzcvMjkzNDcyNkFGQTc4MTFFNzlDQjYwODdEQzRGOUFFMDIvMEQ0RjU5MDZG
QTc5MTFFN0I4NUY0RTdFQzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCZ2ugMA0EAgACMAcDBQAkAlhAMA0GCSqGSIb3DQEBCwUAA4IBAQCR
6jVjlBAcfJnouQp/LyztPuQQXbSBs+/CkF/fcMK1u4cYbcyV0TEqG9ykZI60MliG
nnOAuFm1JUIlsuFrjqspQ1qGSSjb3tzWd4qGTKCKyUFBpy5ytaaovMeufqDqYdS7
yy7K/dHjsCrMbjoI8Bcvo//m1B/Xg/MdrwUp9+hnOncarsSlqTN0NhSveR7mtgJJ
eVIkp10Y8ZJwUCq45c1X8Gf0JFnoIh6mhMKvbgBC+IRAN2daY01jA1kQ4TkGBCOL
QQ6ZtxZyeC6jLHJNo2tAxFTewB8uXagHcAK8M1+wpEmRCo0I2tcVjCQnCIGc/uoi
QzBmNMZOhjLyl9aTXFEm
-----END CERTIFICATE-----
Generated at Wed May 13 04:50:00 2026 by rpki-client