Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9132EC7/2934726AFA7811E79CB6087DC4F9AE02/0D4F5906FA7911E7B85F4E7EC4F9AE02.roa
File: 0D4F5906FA7911E7B85F4E7EC4F9AE02.roa (raw, json)
Hash identifier: AiYRW8mdMjJMqLWYsa9g8EWEojUvhBuGHCSk9XUHpuY=
Subject key identifier: B1:40:CD:22:BB:D9:92:0F:A6:D5:DC:3D:E2:C7:50:EC:E3:E5:D8:11
Certificate issuer: /CN=A9132EC7/serialNumber=010B407B75F6E338F3AFB59A8D62715C3C02ECF4
Certificate serial: 1768
Authority key identifier: 01:0B:40:7B:75:F6:E3:38:F3:AF:B5:9A:8D:62:71:5C:3C:02:EC:F4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AQtAe3X24zjzr7WajWJxXDwC7PQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9132EC7/2934726AFA7811E79CB6087DC4F9AE02/0D4F5906FA7911E7B85F4E7EC4F9AE02.roa
Signing time: Fri 06 Mar 2026 17:21:22 +0000
ROA not before: Fri 06 Mar 2026 17:21:22 +0000
ROA not after: Sat 01 May 2027 00:00:00 +0000
asID: 137403
IP address blocks: 103.107.160.0/22 maxlen: 22
103.107.160.0/23 maxlen: 23
103.107.160.0/24 maxlen: 24
103.107.161.0/24 maxlen: 24
103.107.162.0/23 maxlen: 23
103.107.162.0/24 maxlen: 24
103.107.163.0/24 maxlen: 24
2402:5840::/32 maxlen: 32
2402:5840::/48 maxlen: 48
2402:5840::/64 maxlen: 64
2402:5840:0:1::/64 maxlen: 64
2402:5840:0:2::/64 maxlen: 64
2402:5840:1::/48 maxlen: 48
2402:5840:2::/48 maxlen: 48
2402:5840:3::/48 maxlen: 48
2402:5840:4::/48 maxlen: 48
2402:5840:5::/48 maxlen: 48
2402:5840:6::/48 maxlen: 48
2402:5840:7::/48 maxlen: 48
2402:5840:8::/48 maxlen: 48
2402:5840:9::/48 maxlen: 48
2402:5840:a::/48 maxlen: 48
2402:5840:70::/48 maxlen: 48
2402:5840:71::/48 maxlen: 48
2402:5840:72::/48 maxlen: 48
2402:5840:73::/48 maxlen: 48
2402:5840:100::/48 maxlen: 48
2402:5840:2001::/48 maxlen: 48
2402:5840:2002::/48 maxlen: 48
2402:5840:2003::/48 maxlen: 48
2402:5840:2004::/48 maxlen: 48
2402:5840:5840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9132EC7/2934726AFA7811E79CB6087DC4F9AE02/AQtAe3X24zjzr7WajWJxXDwC7PQ.crl
rsync://rpki.apnic.net/member_repository/A9132EC7/2934726AFA7811E79CB6087DC4F9AE02/AQtAe3X24zjzr7WajWJxXDwC7PQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AQtAe3X24zjzr7WajWJxXDwC7PQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 Apr 2026 16:34:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5992 (0x1768)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9132EC7, serialNumber=010B407B75F6E338F3AFB59A8D62715C3C02ECF4
Validity
Not Before: Mar 6 17:21:22 2026 GMT
Not After : May 1 00:00:00 2027 GMT
Subject: CN=69ab0d12-c2fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a2:0d:04:af:12:0f:c7:15:ef:03:51:a5:0d:
34:8e:d3:39:57:49:f7:59:c3:6f:b4:ea:7a:fa:35:
0b:5c:65:90:7f:b8:8c:dc:2e:79:8d:14:8b:46:72:
76:05:a3:85:da:0e:23:d1:fb:23:1b:21:1b:07:8a:
2c:09:1a:ed:8c:2c:f0:aa:ab:4a:fe:69:06:d6:38:
85:c0:41:f5:55:83:6e:ee:48:3d:47:48:f2:31:7c:
79:4e:f7:09:f7:4a:e4:73:99:0d:24:3e:3a:16:e4:
7e:dc:01:a4:eb:ab:06:4a:c9:4f:c5:a8:54:21:5d:
90:89:74:9b:2d:0b:07:01:73:2b:84:99:21:36:02:
2b:8b:ab:70:fc:bd:a3:c6:be:13:4c:45:d0:5d:f6:
90:47:e3:7b:56:90:36:40:21:59:d5:72:16:06:bf:
84:7d:d5:1b:67:eb:32:ed:fa:01:67:43:5f:e2:e4:
f4:e6:4f:46:a2:fd:04:a4:16:f1:fd:72:e5:4d:4d:
7b:a0:7f:24:c8:7f:69:1e:ec:9d:55:00:98:d7:7f:
72:bf:11:2e:d7:db:64:8b:88:ac:fe:93:13:61:58:
cd:7f:69:4b:28:66:40:82:47:53:53:0a:4d:85:96:
7c:90:8a:4c:da:aa:41:75:83:9f:39:ee:5d:b7:2d:
10:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:40:CD:22:BB:D9:92:0F:A6:D5:DC:3D:E2:C7:50:EC:E3:E5:D8:11
X509v3 Authority Key Identifier:
keyid:01:0B:40:7B:75:F6:E3:38:F3:AF:B5:9A:8D:62:71:5C:3C:02:EC:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9132EC7/2934726AFA7811E79CB6087DC4F9AE02/AQtAe3X24zjzr7WajWJxXDwC7PQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AQtAe3X24zjzr7WajWJxXDwC7PQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132EC7/2934726AFA7811E79CB6087DC4F9AE02/0D4F5906FA7911E7B85F4E7EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.107.160.0/22
IPv6:
2402:5840::/32
Signature Algorithm: sha256WithRSAEncryption
3a:e3:81:37:34:4b:b3:31:b0:9c:86:ed:5a:28:08:e1:dc:70:
79:76:0a:95:d0:04:33:cf:2f:64:9e:7d:33:0f:d6:fc:78:a7:
42:8b:f4:7d:ad:6d:23:d1:c8:5a:5b:e6:16:c2:b0:12:80:ad:
e4:92:99:a5:2c:f5:24:ea:9b:bc:a7:41:bc:35:36:ae:55:14:
fc:a1:ae:d5:ca:94:42:b2:37:aa:c4:ec:70:49:ce:13:fd:43:
0f:7b:9e:67:7d:fd:5c:88:76:c6:f1:5a:0b:93:23:4b:5b:24:
56:73:79:64:40:e2:a5:23:85:6f:b2:30:b2:81:66:31:b1:93:
02:e0:a7:63:b2:3c:7a:d8:97:de:63:77:3d:58:2b:ae:ce:59:
56:9a:6d:d0:0c:7e:1d:d7:c9:61:67:70:a7:4b:f7:84:e8:38:
d5:1e:49:97:7e:88:02:3c:96:7a:34:ea:3c:26:09:03:a2:2a:
78:7c:f4:b5:b1:4c:d1:ac:92:51:a6:d2:20:81:04:ab:1e:62:
e0:e7:7f:40:23:32:f6:4f:7f:44:32:f6:6f:f0:83:d3:58:c2:
e2:ed:bd:14:a4:ce:88:e2:6e:15:bf:3b:f4:bd:c6:41:72:ac:
21:a8:82:53:b6:7c:13:44:27:d8:ac:d4:d0:dc:e9:2b:aa:4f:
78:db:da:90
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgICF2gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzJFQzcxMTAvBgNVBAUTKDAxMEI0MDdCNzVGNkUzMzhGM0FGQjU5QThENjI3MTVD
M0MwMkVDRjQwHhcNMjYwMzA2MTcyMTIyWhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWFiMGQxMi1jMmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApqINBK8SD8cV7wNRpQ00jtM5V0n3WcNvtOp6+jULXGWQf7iM3C55jRSLRnJ2
BaOF2g4j0fsjGyEbB4osCRrtjCzwqqtK/mkG1jiFwEH1VYNu7kg9R0jyMXx5TvcJ
90rkc5kNJD46FuR+3AGk66sGSslPxahUIV2QiXSbLQsHAXMrhJkhNgIri6tw/L2j
xr4TTEXQXfaQR+N7VpA2QCFZ1XIWBr+EfdUbZ+sy7foBZ0Nf4uT05k9Gov0EpBbx
/XLlTU17oH8kyH9pHuydVQCY139yvxEu19tki4is/pMTYVjNf2lLKGZAgkdTUwpN
hZZ8kIpM2qpBdYOfOe5dty0QGwIDAQABo4ICbzCCAmswHQYDVR0OBBYEFLFAzSK7
2ZIPptXcPeLHUOzj5dgRMB8GA1UdIwQYMBaAFAELQHt19uM486+1mo1icVw8Auz0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkVDNy8yOTM0NzI2QUZB
NzgxMUU3OUNCNjA4N0RDNEY5QUUwMi9BUXRBZTNYMjR6anpyN1dhaldKeFhEd0M3
UFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FRdEFlM1gyNHpqenI3V2FqV0p4WER3QzdQUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzJFQzcvMjkzNDcyNkFGQTc4MTFFNzlDQjYwODdEQzRGOUFFMDIvMEQ0RjU5MDZG
QTc5MTFFN0I4NUY0RTdFQzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCZ2ugMA0EAgACMAcDBQAkAlhAMA0GCSqGSIb3DQEBCwUAA4IBAQA6
44E3NEuzMbCchu1aKAjh3HB5dgqV0AQzzy9knn0zD9b8eKdCi/R9rW0j0chaW+YW
wrASgK3kkpmlLPUk6pu8p0G8NTauVRT8oa7VypRCsjeqxOxwSc4T/UMPe55nff1c
iHbG8VoLkyNLWyRWc3lkQOKlI4VvsjCygWYxsZMC4Kdjsjx62JfeY3c9WCuuzllW
mm3QDH4d18lhZ3CnS/eE6DjVHkmXfogCPJZ6NOo8JgkDoip4fPS1sUzRrJJRptIg
gQSrHmLg539AIzL2T39EMvZv8IPTWMLi7b0UpM6I4m4Vvzv0vcZBcqwhqIJTtnwT
RCfYrNTQ3Okrqk9429qQ
-----END CERTIFICATE-----
Generated at Fri Mar 27 03:59:08 2026 by rpki-client