Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/A2120E06FD7F11EFA8C89755C4F9AE02.roa
File: A2120E06FD7F11EFA8C89755C4F9AE02.roa (raw, json)
Hash identifier: aRixXq7ui35CkBZ1WtgzAKTz2bGqo7mI3c5dVkJhwD8=
Subject key identifier: 10:04:27:0A:BD:94:87:92:DE:07:EF:B1:21:88:9F:39:1E:81:22:15
Certificate issuer: /CN=A9146944/serialNumber=ED1F958CB604B576E82214B4CF3CC0FE620EF9F4
Certificate serial: 0A9B
Authority key identifier: ED:1F:95:8C:B6:04:B5:76:E8:22:14:B4:CF:3C:C0:FE:62:0E:F9:F4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7R-VjLYEtXboIhS0zzzA_mIO-fQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/A2120E06FD7F11EFA8C89755C4F9AE02.roa
Signing time: Sun 01 Mar 2026 16:05:52 +0000
ROA not before: Mon 30 Jun 2025 20:35:53 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 134180
IP address blocks: 45.250.228.0/24 maxlen: 24
45.250.229.0/24 maxlen: 24
45.250.230.0/24 maxlen: 24
45.250.231.0/24 maxlen: 24
103.202.220.0/22 maxlen: 22
103.202.220.0/24 maxlen: 24
103.202.221.0/24 maxlen: 24
103.202.222.0/23 maxlen: 23
103.202.223.0/24 maxlen: 24
103.209.196.0/24 maxlen: 24
103.209.197.0/24 maxlen: 24
103.209.199.0/24 maxlen: 24
2403:6940::/32 maxlen: 32
2403:6940::/36 maxlen: 36
2403:6940:f::/48 maxlen: 48
2403:6940:1000::/36 maxlen: 36
2403:6940:1000::/48 maxlen: 48
2403:6940:1001::/48 maxlen: 48
2403:6940:1002::/48 maxlen: 48
2403:6940:1003::/48 maxlen: 48
2403:6940:1004::/48 maxlen: 48
2403:6940:1005::/48 maxlen: 48
2403:6940:1006::/48 maxlen: 48
2403:6940:1007::/48 maxlen: 48
2403:6940:1008::/48 maxlen: 48
2403:6940:1009::/48 maxlen: 48
2403:6940:100a::/48 maxlen: 48
2403:6940:100b::/48 maxlen: 48
2403:6940:100c::/48 maxlen: 48
2403:6940:2000::/36 maxlen: 36
2403:6940:2000::/48 maxlen: 48
2403:6940:2001::/48 maxlen: 48
2403:6940:2002::/48 maxlen: 48
2403:6940:2003::/48 maxlen: 48
2403:6940:2004::/48 maxlen: 48
2403:6940:2005::/48 maxlen: 48
2403:6940:2006::/48 maxlen: 48
2403:6940:2007::/48 maxlen: 48
2403:6940:3000::/36 maxlen: 36
2403:6940:4000::/36 maxlen: 36
2403:6940:5000::/36 maxlen: 36
2403:6940:6000::/36 maxlen: 36
2403:6940:7000::/36 maxlen: 36
2403:6940:8000::/36 maxlen: 36
2403:6940:9000::/36 maxlen: 36
2403:6940:a000::/36 maxlen: 36
2403:6940:b000::/36 maxlen: 36
2403:6940:c000::/36 maxlen: 36
2403:6940:d000::/36 maxlen: 36
2403:6940:e000::/36 maxlen: 36
2403:6940:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/7R-VjLYEtXboIhS0zzzA_mIO-fQ.crl
rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/7R-VjLYEtXboIhS0zzzA_mIO-fQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7R-VjLYEtXboIhS0zzzA_mIO-fQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 19:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2715 (0xa9b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9146944, serialNumber=ED1F958CB604B576E82214B4CF3CC0FE620EF9F4
Validity
Not Before: Jun 30 20:35:53 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=69a463e0-91ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:fa:a2:db:72:7c:bc:1a:e4:51:a1:5b:dc:72:
6f:bf:eb:36:57:51:69:7c:46:b4:94:38:d2:31:55:
2b:4c:23:8e:fc:aa:38:56:8d:e5:2d:6e:c1:1b:b0:
a3:4e:76:38:3e:15:71:4b:03:57:f6:55:93:2e:b6:
84:61:f0:be:2e:f8:29:60:b5:21:0a:db:8e:30:0a:
54:2d:a5:29:87:ae:cb:56:61:9a:9d:48:5b:d5:2f:
78:5b:66:12:98:d1:5e:f5:80:16:23:9b:19:de:c5:
87:96:dc:da:56:27:9b:35:3d:61:6e:65:df:da:56:
10:86:5e:49:79:84:d1:6d:dc:87:e7:19:4f:7f:b1:
65:8b:19:d8:05:54:e9:7d:39:9e:a5:ae:1a:42:67:
69:fa:db:43:60:d6:ff:90:c8:5c:f9:c3:9a:ec:c5:
af:06:8b:12:a9:ee:9b:5e:79:44:06:bc:a6:6d:ae:
69:b2:dd:71:8f:69:74:0f:66:3e:68:26:bc:56:e5:
e5:7a:d6:eb:c7:ad:db:62:05:f4:b7:78:78:b1:5c:
73:1f:71:0f:48:c9:34:b3:bb:8a:06:91:22:a8:40:
f7:b3:18:6f:ff:ab:cf:a1:26:13:ba:73:a7:c6:93:
14:47:7a:50:e3:90:c0:34:46:52:c1:a8:c0:fb:29:
c5:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:04:27:0A:BD:94:87:92:DE:07:EF:B1:21:88:9F:39:1E:81:22:15
X509v3 Authority Key Identifier:
keyid:ED:1F:95:8C:B6:04:B5:76:E8:22:14:B4:CF:3C:C0:FE:62:0E:F9:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/7R-VjLYEtXboIhS0zzzA_mIO-fQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7R-VjLYEtXboIhS0zzzA_mIO-fQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/A2120E06FD7F11EFA8C89755C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.250.228.0/22
103.202.220.0/22
103.209.196.0/23
103.209.199.0/24
IPv6:
2403:6940::/32
Signature Algorithm: sha256WithRSAEncryption
07:0f:50:95:c0:e8:69:2f:62:af:3c:86:a8:0e:88:ee:d1:27:
51:58:44:be:f7:1b:e7:98:bf:ec:08:04:0a:44:f1:01:f5:4d:
65:9a:6c:cc:51:e5:12:6f:a6:32:d0:c2:ec:f8:54:45:82:d8:
fb:e4:36:17:3d:77:15:12:0c:12:fa:2b:10:8e:19:f4:3b:1a:
76:68:c8:f9:06:0e:74:b0:3c:89:22:72:74:6b:a3:ec:cf:a5:
23:24:dc:13:b4:71:87:f4:c6:14:aa:e4:0d:29:e2:56:01:f5:
8a:e8:45:19:0d:be:53:15:3c:7e:0e:ca:6d:c4:5a:f6:b2:8a:
6a:ea:cf:8a:cd:b9:89:27:9c:d6:4d:77:28:c9:70:27:f5:9c:
e9:0a:94:7c:86:89:b4:51:47:65:a0:83:30:41:43:c1:3f:da:
64:94:a6:8a:7b:57:4a:90:85:c3:4b:a5:f4:ed:85:e1:34:d0:
d9:1b:c8:b9:8f:b2:3d:a4:ed:34:74:47:95:c6:a6:48:81:08:
91:82:b5:48:05:35:3e:3a:78:ae:8b:b1:3d:6e:ee:b4:34:43:
bf:b9:b3:67:7e:ad:2e:47:cb:15:d9:2c:72:c4:24:aa:1b:04:
78:e5:f7:01:2e:54:f6:15:d5:02:86:df:9c:75:6c:60:af:37:
53:1c:f2:60
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgICCpswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDY5NDQxMTAvBgNVBAUTKEVEMUY5NThDQjYwNEI1NzZFODIyMTRCNENGM0NDMEZF
NjIwRUY5RjQwHhcNMjUwNjMwMjAzNTUzWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NjNlMC05MWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy/qi23J8vBrkUaFb3HJvv+s2V1FpfEa0lDjSMVUrTCOO/Ko4Vo3lLW7BG7Cj
TnY4PhVxSwNX9lWTLraEYfC+LvgpYLUhCtuOMApULaUph67LVmGanUhb1S94W2YS
mNFe9YAWI5sZ3sWHltzaViebNT1hbmXf2lYQhl5JeYTRbdyH5xlPf7FlixnYBVTp
fTmepa4aQmdp+ttDYNb/kMhc+cOa7MWvBosSqe6bXnlEBrymba5pst1xj2l0D2Y+
aCa8VuXletbrx63bYgX0t3h4sVxzH3EPSMk0s7uKBpEiqED3sxhv/6vPoSYTunOn
xpMUR3pQ45DANEZSwajA+ynF0QIDAQABo4ICgTCCAn0wHQYDVR0OBBYEFBAEJwq9
lIeS3gfvsSGInzkegSIVMB8GA1UdIwQYMBaAFO0flYy2BLV26CIUtM88wP5iDvn0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Njk0NC80M0JEMUM2RThF
OTUxMUVBQTlENzNBMkVDNEY5QUUwMi83Ui1WakxZRXRYYm9JaFMwenp6QV9tSU8t
ZlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdSLVZqTFlFdFhib0loUzB6enpBX21JTy1mUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDY5NDQvNDNCRDFDNkU4RTk1MTFFQUE5RDczQTJFQzRGOUFFMDIvQTIxMjBFMDZG
RDdGMTFFRkE4Qzg5NzU1QzRGOUFFMDIucm9hMEAGCCsGAQUFBwEHAQH/BDEwLzAe
BAIAATAYAwQCLfrkAwQCZ8rcAwQBZ9HEAwQAZ9HHMA0EAgACMAcDBQAkA2lAMA0G
CSqGSIb3DQEBCwUAA4IBAQAHD1CVwOhpL2KvPIaoDoju0SdRWES+9xvnmL/sCAQK
RPEB9U1lmmzMUeUSb6Yy0MLs+FRFgtj75DYXPXcVEgwS+isQjhn0Oxp2aMj5Bg50
sDyJInJ0a6Psz6UjJNwTtHGH9MYUquQNKeJWAfWK6EUZDb5TFTx+DsptxFr2sopq
6s+KzbmJJ5zWTXcoyXAn9ZzpCpR8hom0UUdloIMwQUPBP9pklKaKe1dKkIXDS6X0
7YXhNNDZG8i5j7I9pO00dEeVxqZIgQiRgrVIBTU+Oniui7E9bu60NEO/ubNnfq0u
R8sV2SxyxCSqGwR45fcBLlT2FdUCht+cdWxgrzdTHPJg
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:32:25 2026 by rpki-client