Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/05646F7C268211F19B4B306BB2833773.roa
File: 05646F7C268211F19B4B306BB2833773.roa (raw, json)
Hash identifier: HZzicft3bos6w7OuWhMV24pkNyMhlarAtyII9OEKTS0=
Subject key identifier: 12:DE:C8:8A:9C:7B:C9:5E:B2:8B:8B:4C:E3:53:46:E8:02:F4:9A:24
Certificate issuer: /CN=A914CCD1/serialNumber=A3D5CF43DE5B3D8B9C343ED449C1690EBE34170E
Certificate serial: 06AA
Authority key identifier: A3:D5:CF:43:DE:5B:3D:8B:9C:34:3E:D4:49:C1:69:0E:BE:34:17:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9XPQ95bPYucND7UScFpDr40Fw4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/05646F7C268211F19B4B306BB2833773.roa
Signing time: Mon 23 Mar 2026 06:32:11 +0000
ROA not before: Mon 23 Mar 2026 06:32:11 +0000
ROA not after: Wed 31 Mar 2027 00:00:00 +0000
asID: 139922
IP address blocks: 103.147.62.0/23 maxlen: 24
2405:acc0::/32 maxlen: 32
2405:acc0::/48 maxlen: 48
2405:acc0:1::/48 maxlen: 48
2405:acc0:4::/48 maxlen: 48
2405:acc0:6::/48 maxlen: 48
2405:acc0:7::/48 maxlen: 48
2405:acc0:8::/48 maxlen: 48
2405:acc0:9::/48 maxlen: 48
2405:acc0:a::/48 maxlen: 48
2405:acc0:b::/48 maxlen: 48
2405:acc0:c::/48 maxlen: 48
2405:acc0:169::/48 maxlen: 48
2405:acc0:1000::/40 maxlen: 40
2405:acc0:1100::/40 maxlen: 40
2405:acc0:1200::/48 maxlen: 48
2405:acc0:1204::/48 maxlen: 48
2405:acc0:1205::/48 maxlen: 48
2405:acc0:1206::/48 maxlen: 48
2405:acc0:1207::/48 maxlen: 48
2405:acc0:1210::/48 maxlen: 48
2405:acc0:1300::/48 maxlen: 48
2405:acc0:1304::/48 maxlen: 48
2405:acc0:1305::/48 maxlen: 48
2405:acc0:1306::/48 maxlen: 48
2405:acc0:1307::/48 maxlen: 48
2405:acc0:1310::/48 maxlen: 48
2405:acc0:1400::/48 maxlen: 48
2405:acc0:1410::/48 maxlen: 48
2405:acc0:1504::/48 maxlen: 48
2405:acc0:1505::/48 maxlen: 48
2405:acc0:1510::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/o9XPQ95bPYucND7UScFpDr40Fw4.crl
rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/o9XPQ95bPYucND7UScFpDr40Fw4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9XPQ95bPYucND7UScFpDr40Fw4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 22:25:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1706 (0x6aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914CCD1, serialNumber=A3D5CF43DE5B3D8B9C343ED449C1690EBE34170E
Validity
Not Before: Mar 23 06:32:11 2026 GMT
Not After : Mar 31 00:00:00 2027 GMT
Subject: CN=69c0de6b-586b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:db:be:9c:f1:eb:de:4c:fd:f9:89:f2:6f:24:
33:bf:75:d4:c8:31:7d:0c:e2:0f:b3:4d:aa:3e:23:
42:d9:e2:79:16:0d:6a:9f:6d:f9:b4:ff:9d:5b:66:
13:63:25:8b:e3:68:bb:5c:86:8a:e4:21:33:06:95:
be:91:33:ef:38:11:0b:9b:79:94:e6:e1:1d:f1:11:
3e:b1:b9:ce:0b:89:23:c1:4e:7f:49:9e:d1:db:eb:
51:42:3b:ed:82:18:35:9f:91:ce:e6:c6:9b:4d:07:
13:9f:a0:f2:78:9b:32:7a:90:77:09:6e:50:86:0d:
da:2a:c8:9b:ed:3b:37:10:72:a1:fd:d9:70:86:ef:
b8:c8:03:55:2e:f8:95:cd:cb:f6:b0:3a:ed:c1:13:
2d:47:c3:78:50:4d:ad:69:1f:f3:f0:c7:ea:c4:6c:
41:51:f7:7e:f1:9c:12:92:e4:4f:a1:84:a1:9f:91:
8e:f8:00:62:f9:d8:6c:e9:a3:f3:2b:d4:de:5b:b4:
14:48:ee:ba:24:a4:da:01:d2:68:c5:2b:57:37:1a:
e5:e8:b5:02:77:5b:b5:f6:3c:e5:b2:84:a6:e4:03:
0e:57:02:2c:cb:50:2b:4c:d4:20:d0:8a:8c:14:99:
b6:d6:c9:ad:04:44:62:86:93:a1:b3:cb:9b:6d:91:
05:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:DE:C8:8A:9C:7B:C9:5E:B2:8B:8B:4C:E3:53:46:E8:02:F4:9A:24
X509v3 Authority Key Identifier:
keyid:A3:D5:CF:43:DE:5B:3D:8B:9C:34:3E:D4:49:C1:69:0E:BE:34:17:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/o9XPQ95bPYucND7UScFpDr40Fw4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9XPQ95bPYucND7UScFpDr40Fw4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/05646F7C268211F19B4B306BB2833773.roa
sbgp-ipAddrBlock: critical
IPv4:
103.147.62.0/23
IPv6:
2405:acc0::/32
Signature Algorithm: sha256WithRSAEncryption
b3:77:6d:f9:56:4b:f1:53:75:51:eb:64:92:ea:c0:92:0d:ab:
56:44:e6:e0:b7:8d:d1:59:ca:20:b8:49:09:58:99:c2:36:3e:
02:19:72:98:6a:a2:d6:d2:f3:62:f0:c4:c9:9a:fb:7e:3f:80:
f6:81:08:ed:b4:68:67:5d:61:83:06:f2:0c:b4:99:c6:00:a1:
82:a0:55:c0:3b:b9:7a:04:ce:39:17:c3:31:75:37:9a:d3:46:
7d:bc:a6:ee:d3:29:44:7b:25:6f:7e:3d:03:4a:a9:15:59:ce:
a0:5d:27:9d:c6:a0:c0:52:c8:57:ad:7a:5c:74:ec:f5:76:3a:
b4:40:0e:0e:50:b8:19:32:d2:5f:39:0d:72:61:18:73:38:da:
56:c9:76:52:5a:0d:dc:97:2d:a5:f1:dc:c3:78:f3:27:5e:59:
bb:e2:e7:17:d0:85:91:2f:e4:67:1e:ff:d3:97:d0:9a:c4:5a:
0f:00:0f:b6:bc:c1:72:91:47:82:f1:2d:2d:c7:5e:9f:78:a0:
f9:d4:35:53:05:14:79:e2:f4:10:bb:14:0a:66:f9:18:31:ae:
8e:d7:0d:39:ad:85:ff:0b:25:dc:c3:56:9d:4d:ee:82:b9:62:
fe:03:08:5b:3e:57:c1:a6:17:b1:21:09:b2:af:c0:c9:ce:53:
ed:49:c7:47
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgICBqowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NENDRDExMTAvBgNVBAUTKEEzRDVDRjQzREU1QjNEOEI5QzM0M0VENDQ5QzE2OTBF
QkUzNDE3MEUwHhcNMjYwMzIzMDYzMjExWhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWMwZGU2Yi01ODZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAkNu+nPHr3kz9+YnybyQzv3XUyDF9DOIPs02qPiNC2eJ5Fg1qn235tP+dW2YT
YyWL42i7XIaK5CEzBpW+kTPvOBELm3mU5uEd8RE+sbnOC4kjwU5/SZ7R2+tRQjvt
ghg1n5HO5sabTQcTn6DyeJsyepB3CW5Qhg3aKsib7Ts3EHKh/dlwhu+4yANVLviV
zcv2sDrtwRMtR8N4UE2taR/z8MfqxGxBUfd+8ZwSkuRPoYShn5GO+ABi+dhs6aPz
K9TeW7QUSO66JKTaAdJoxStXNxrl6LUCd1u19jzlsoSm5AMOVwIsy1ArTNQg0IqM
FJm21smtBERihpOhs8ubbZEFhwIDAQABo4ICbzCCAmswHQYDVR0OBBYEFBLeyIqc
e8lesouLTONTRugC9JokMB8GA1UdIwQYMBaAFKPVz0PeWz2LnDQ+1EnBaQ6+NBcO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Q0NEMS9BRDdGNDVBNENE
QzQxMUVCQjVGNDgzNTVDNEY5QUUwMi9vOVhQUTk1YlBZdWNORDdVU2NGcERyNDBG
dzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL285WFBROTViUFl1Y05EN1VTY0ZwRHI0MEZ3NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NENDRDEvQUQ3RjQ1QTRDREM0MTFFQkI1RjQ4MzU1QzRGOUFFMDIvMDU2NDZGN0My
NjgyMTFGMTlCNEIzMDZCQjI4MzM3NzMucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQBZ5M+MA0EAgACMAcDBQAkBazAMA0GCSqGSIb3DQEBCwUAA4IBAQCz
d235VkvxU3VR62SS6sCSDatWRObgt43RWcoguEkJWJnCNj4CGXKYaqLW0vNi8MTJ
mvt+P4D2gQjttGhnXWGDBvIMtJnGAKGCoFXAO7l6BM45F8MxdTea00Z9vKbu0ylE
eyVvfj0DSqkVWc6gXSedxqDAUshXrXpcdOz1djq0QA4OULgZMtJfOQ1yYRhzONpW
yXZSWg3cly2l8dzDePMnXlm74ucX0IWRL+RnHv/Tl9CaxFoPAA+2vMFykUeC8S0t
x16feKD51DVTBRR54vQQuxQKZvkYMa6O1w05rYX/CyXcw1adTe6CuWL+AwhbPlfB
phexIQmyr8DJzlPtScdH
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:49:30 2026 by rpki-client