Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914C725/31844C36809F11E7BD6A6B2EC4F9AE02/B4DF66BA809F11E7B741FD2EC4F9AE02.roa
File: B4DF66BA809F11E7B741FD2EC4F9AE02.roa (raw, json)
Hash identifier: t4qQEhXVur27eUnpFLqlgSPz5OkbpRB/VWbuAT/SIEc=
Subject key identifier: 01:C0:DC:E9:EC:FE:1C:64:61:5D:F7:32:E1:2E:F7:99:AD:59:1F:5B
Certificate issuer: /CN=A914C725/serialNumber=ED17D1BE3D5711C6C98C8CCC59AAF737E865C384
Certificate serial: 19DF
Authority key identifier: ED:17:D1:BE:3D:57:11:C6:C9:8C:8C:CC:59:AA:F7:37:E8:65:C3:84
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7RfRvj1XEcbJjIzMWar3N-hlw4Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914C725/31844C36809F11E7BD6A6B2EC4F9AE02/B4DF66BA809F11E7B741FD2EC4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:08:35 +0000
ROA not before: Tue 20 Jan 2026 00:47:09 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 56286
IP address blocks: 103.29.56.0/22 maxlen: 22
103.29.56.0/24 maxlen: 24
103.29.57.0/24 maxlen: 24
103.29.58.0/24 maxlen: 24
103.29.59.0/24 maxlen: 24
103.106.166.0/23 maxlen: 23
103.106.166.0/24 maxlen: 24
103.106.167.0/24 maxlen: 24
203.25.78.0/24 maxlen: 24
2403:1300::/32 maxlen: 32
2403:1300::/36 maxlen: 36
2403:1300:100::/40 maxlen: 40
2403:1300:100::/48 maxlen: 48
2403:1300:101::/48 maxlen: 48
2403:1300:102::/48 maxlen: 48
2403:1300:111::/48 maxlen: 48
2403:1300:113::/48 maxlen: 48
2403:1300:121::/48 maxlen: 48
2403:1300:122::/48 maxlen: 48
2403:1300:123::/48 maxlen: 48
2403:1300:131::/48 maxlen: 48
2403:1300:200::/40 maxlen: 40
2403:1300:201::/48 maxlen: 48
2403:1300:202::/48 maxlen: 48
2403:1300:211::/48 maxlen: 48
2403:1300:221::/48 maxlen: 48
2403:1300:222::/48 maxlen: 48
2403:1300:223::/48 maxlen: 48
2403:1300:231::/48 maxlen: 48
2403:1300:300::/40 maxlen: 40
2403:1300:301::/48 maxlen: 48
2403:1300:302::/48 maxlen: 48
2403:1300:311::/48 maxlen: 48
2403:1300:312::/48 maxlen: 48
2403:1300:321::/48 maxlen: 48
2403:1300:331::/48 maxlen: 48
2403:1300:1000::/36 maxlen: 36
2403:1300:2000::/36 maxlen: 36
2403:1300:3000::/36 maxlen: 36
2403:1300:8000::/36 maxlen: 36
2403:1300:8000::/40 maxlen: 40
2403:1300:8001::/48 maxlen: 48
2403:1300:8002::/48 maxlen: 48
2403:1300:beef::/48 maxlen: 48
2403:1300:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914C725/31844C36809F11E7BD6A6B2EC4F9AE02/7RfRvj1XEcbJjIzMWar3N-hlw4Q.crl
rsync://rpki.apnic.net/member_repository/A914C725/31844C36809F11E7BD6A6B2EC4F9AE02/7RfRvj1XEcbJjIzMWar3N-hlw4Q.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7RfRvj1XEcbJjIzMWar3N-hlw4Q.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 16:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6623 (0x19df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914C725, serialNumber=ED17D1BE3D5711C6C98C8CCC59AAF737E865C384
Validity
Not Before: Jan 20 00:47:09 2026 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=69a47292-d5f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:5c:3f:b5:34:e7:a8:ed:b5:a1:ca:d4:7e:c0:
ff:20:45:12:19:91:32:90:9b:d3:35:12:9c:26:58:
b3:c2:9f:9d:79:7f:4c:e4:d2:ac:34:79:8e:a6:5f:
3f:5e:24:c8:e0:69:b3:10:45:0e:02:58:b3:52:5b:
83:fc:ac:6d:e3:9d:8d:9d:32:7d:26:9b:0a:5c:67:
22:69:7a:08:9e:6c:e7:c6:57:20:40:7a:96:e6:1b:
a8:c0:b4:ff:91:75:6b:40:69:2f:c8:a1:b4:95:16:
2d:5c:92:56:8a:53:ad:aa:55:b7:b2:bf:f1:32:45:
27:6a:21:7e:5a:46:89:5d:8e:57:0c:6b:e3:0b:1f:
15:f2:80:e0:71:9d:78:2c:f0:8e:58:48:d9:73:39:
93:f7:e5:e8:d9:5d:35:aa:74:90:a6:7d:fa:53:1d:
e3:8c:76:08:e9:98:fb:2e:67:77:c6:71:ba:23:3a:
7b:eb:a4:19:ca:21:91:45:bc:c1:58:7f:7d:fb:25:
59:9e:00:30:c2:fb:ed:d3:12:41:94:97:57:58:e3:
1c:36:f4:16:e8:4b:1d:41:76:29:03:71:cf:ba:b4:
6c:e8:85:0b:29:4d:2d:bf:c5:24:a2:24:85:73:54:
2f:e7:eb:88:a9:47:ec:9a:4a:27:9b:d3:a3:f8:84:
69:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:C0:DC:E9:EC:FE:1C:64:61:5D:F7:32:E1:2E:F7:99:AD:59:1F:5B
X509v3 Authority Key Identifier:
keyid:ED:17:D1:BE:3D:57:11:C6:C9:8C:8C:CC:59:AA:F7:37:E8:65:C3:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914C725/31844C36809F11E7BD6A6B2EC4F9AE02/7RfRvj1XEcbJjIzMWar3N-hlw4Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7RfRvj1XEcbJjIzMWar3N-hlw4Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C725/31844C36809F11E7BD6A6B2EC4F9AE02/B4DF66BA809F11E7B741FD2EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.29.56.0/22
103.106.166.0/23
203.25.78.0/24
IPv6:
2403:1300::/32
Signature Algorithm: sha256WithRSAEncryption
3f:3e:1c:1c:fd:8e:41:a9:45:12:fa:89:fd:fd:b4:58:aa:2e:
d5:7d:c7:a3:40:53:b4:e4:6a:04:35:b3:f1:93:ca:13:2e:00:
f5:5a:26:85:3d:62:f5:c9:9a:69:25:dc:40:27:3f:31:ea:e6:
1f:02:c6:91:90:ce:e8:31:0d:6d:05:65:aa:6c:5d:72:f3:9b:
21:50:73:34:29:e1:9f:6e:09:b8:b3:5f:59:b0:a2:39:e9:62:
c9:49:b7:e6:0f:a8:e3:ff:81:03:59:5e:1a:e7:ab:35:e9:be:
07:d2:da:82:fb:2d:bc:a3:35:19:1e:97:0d:77:ab:7a:32:4f:
18:9d:9b:2a:a2:46:5e:cd:89:56:5a:8a:8d:1d:6b:5f:31:09:
69:f6:d7:53:2e:af:20:25:78:40:54:53:cf:32:ec:05:1d:05:
10:d9:74:ae:59:6c:1a:7b:9e:41:22:1e:65:eb:18:df:ab:11:
95:da:72:2a:af:ff:1b:36:7d:7b:31:3a:9a:a9:76:ec:98:d9:
0e:96:96:a9:65:e3:10:d9:ee:1b:48:29:36:74:15:6a:3c:de:
e1:ac:1b:c8:5b:83:06:f3:f6:a0:ea:e2:36:3c:b5:1f:56:12:
0e:25:24:de:e6:1f:10:ac:5b:24:e6:90:2b:1c:3f:7f:a3:d1:
c2:f8:63:69
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgICGd8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEM3MjUxMTAvBgNVBAUTKEVEMTdEMUJFM0Q1NzExQzZDOThDOENDQzU5QUFGNzM3
RTg2NUMzODQwHhcNMjYwMTIwMDA0NzA5WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzI5Mi1kNWYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6Fw/tTTnqO21ocrUfsD/IEUSGZEykJvTNRKcJlizwp+deX9M5NKsNHmOpl8/
XiTI4GmzEEUOAlizUluD/Kxt452NnTJ9JpsKXGciaXoInmznxlcgQHqW5huowLT/
kXVrQGkvyKG0lRYtXJJWilOtqlW3sr/xMkUnaiF+WkaJXY5XDGvjCx8V8oDgcZ14
LPCOWEjZczmT9+Xo2V01qnSQpn36Ux3jjHYI6Zj7Lmd3xnG6Izp766QZyiGRRbzB
WH99+yVZngAwwvvt0xJBlJdXWOMcNvQW6EsdQXYpA3HPurRs6IULKU0tv8UkoiSF
c1Qv5+uIqUfsmkonm9Oj+IRppwIDAQABo4ICezCCAncwHQYDVR0OBBYEFAHA3Ons
/hxkYV33MuEu95mtWR9bMB8GA1UdIwQYMBaAFO0X0b49VxHGyYyMzFmq9zfoZcOE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QzcyNS8zMTg0NEMzNjgw
OUYxMUU3QkQ2QTZCMkVDNEY5QUUwMi83UmZSdmoxWEVjYkpqSXpNV2FyM04taGx3
NFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdSZlJ2ajFYRWNiSmpJek1XYXIzTi1obHc0US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEM3MjUvMzE4NDRDMzY4MDlGMTFFN0JENkE2QjJFQzRGOUFFMDIvQjRERjY2QkE4
MDlGMTFFN0I3NDFGRDJFQzRGOUFFMDIucm9hMDoGCCsGAQUFBwEHAQH/BCswKTAY
BAIAATASAwQCZx04AwQBZ2qmAwQAyxlOMA0EAgACMAcDBQAkAxMAMA0GCSqGSIb3
DQEBCwUAA4IBAQA/Phwc/Y5BqUUS+on9/bRYqi7VfcejQFO05GoENbPxk8oTLgD1
WiaFPWL1yZppJdxAJz8x6uYfAsaRkM7oMQ1tBWWqbF1y85shUHM0KeGfbgm4s19Z
sKI56WLJSbfmD6jj/4EDWV4a56s16b4H0tqC+y28ozUZHpcNd6t6Mk8YnZsqokZe
zYlWWoqNHWtfMQlp9tdTLq8gJXhAVFPPMuwFHQUQ2XSuWWwae55BIh5l6xjfqxGV
2nIqr/8bNn17MTqaqXbsmNkOlpapZeMQ2e4bSCk2dBVqPN7hrBvIW4MG8/ag6uI2
PLUfVhIOJSTe5h8QrFsk5pArHD9/o9HC+GNp
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:03:56 2026 by rpki-client