Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914DA2D/8383620A50D511E79ECE4013C4F9AE02/442A935E2F1F11F0A35F5757C4F9AE02.roa
File: 442A935E2F1F11F0A35F5757C4F9AE02.roa (raw, json)
Hash identifier: ep1WIPveJbhkF0Sl4UHnyTFp2JFnKNI9HU6gNgYhNKI=
Subject key identifier: C2:20:A8:A1:2A:93:8C:86:2C:EC:32:51:DB:7C:68:F2:47:8A:C9:AF
Certificate issuer: /CN=A914DA2D/serialNumber=29962325DE0BADE4DC9DDBC576AE277012BC3758
Certificate serial: 1AF4
Authority key identifier: 29:96:23:25:DE:0B:AD:E4:DC:9D:DB:C5:76:AE:27:70:12:BC:37:58
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KZYjJd4LreTcndvFdq4ncBK8N1g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914DA2D/8383620A50D511E79ECE4013C4F9AE02/442A935E2F1F11F0A35F5757C4F9AE02.roa
Signing time: Sun 01 Mar 2026 11:30:35 +0000
ROA not before: Mon 21 Jul 2025 06:38:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 17882
IP address blocks: 14.1.124.0/24 maxlen: 24
14.1.125.0/24 maxlen: 24
14.1.126.0/24 maxlen: 24
14.1.127.0/24 maxlen: 24
103.11.192.0/24 maxlen: 24
103.11.193.0/24 maxlen: 24
103.11.194.0/24 maxlen: 24
103.11.195.0/24 maxlen: 24
103.48.184.0/24 maxlen: 24
103.48.185.0/24 maxlen: 24
103.48.186.0/24 maxlen: 24
103.48.187.0/24 maxlen: 24
103.79.156.0/23 maxlen: 24
103.212.116.0/24 maxlen: 24
103.212.117.0/24 maxlen: 24
103.212.118.0/24 maxlen: 24
103.212.119.0/24 maxlen: 24
103.219.136.0/24 maxlen: 24
103.219.137.0/24 maxlen: 24
103.219.138.0/24 maxlen: 24
103.219.139.0/24 maxlen: 24
103.239.56.0/24 maxlen: 24
103.239.57.0/24 maxlen: 24
103.239.58.0/24 maxlen: 24
103.239.59.0/24 maxlen: 24
122.201.16.0/24 maxlen: 24
122.201.17.0/24 maxlen: 24
122.201.18.0/24 maxlen: 24
122.201.19.0/24 maxlen: 24
122.201.20.0/24 maxlen: 24
122.201.21.0/24 maxlen: 24
122.201.23.0/24 maxlen: 24
122.201.24.0/24 maxlen: 24
122.201.25.0/24 maxlen: 24
122.201.26.0/24 maxlen: 24
122.201.27.0/24 maxlen: 24
122.201.28.0/24 maxlen: 24
122.201.29.0/24 maxlen: 24
122.201.30.0/24 maxlen: 24
122.201.31.0/24 maxlen: 24
139.5.216.0/24 maxlen: 24
139.5.217.0/24 maxlen: 24
139.5.218.0/24 maxlen: 24
139.5.219.0/24 maxlen: 24
202.70.32.0/24 maxlen: 24
202.70.33.0/24 maxlen: 24
202.70.34.0/24 maxlen: 24
202.70.35.0/24 maxlen: 24
202.70.36.0/24 maxlen: 24
202.70.37.0/24 maxlen: 24
202.70.38.0/24 maxlen: 24
202.70.39.0/24 maxlen: 24
202.70.40.0/24 maxlen: 24
202.70.41.0/24 maxlen: 24
202.70.42.0/24 maxlen: 24
202.70.43.0/24 maxlen: 24
202.70.44.0/24 maxlen: 24
202.70.45.0/24 maxlen: 24
202.70.46.0/24 maxlen: 24
202.70.47.0/24 maxlen: 24
203.17.23.0/24 maxlen: 24
203.21.120.0/24 maxlen: 24
203.23.49.0/24 maxlen: 24
203.23.199.0/24 maxlen: 24
203.98.76.0/23 maxlen: 24
2405:5700::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914DA2D/8383620A50D511E79ECE4013C4F9AE02/KZYjJd4LreTcndvFdq4ncBK8N1g.crl
rsync://rpki.apnic.net/member_repository/A914DA2D/8383620A50D511E79ECE4013C4F9AE02/KZYjJd4LreTcndvFdq4ncBK8N1g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KZYjJd4LreTcndvFdq4ncBK8N1g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 16:14:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6900 (0x1af4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914DA2D, serialNumber=29962325DE0BADE4DC9DDBC576AE277012BC3758
Validity
Not Before: Jul 21 06:38:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a4235b-bfec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:25:b0:ea:8a:90:48:5d:2f:73:e6:66:dc:80:
b2:eb:17:de:b4:5b:88:1a:50:50:44:1f:bb:9c:01:
9f:ef:d4:3d:4e:0e:0b:74:bb:6c:86:34:74:b3:c3:
62:a8:f9:51:87:dd:f0:46:d2:6e:e3:f7:fb:c8:ab:
32:86:29:93:49:f4:03:2f:d5:c3:21:83:51:8a:a0:
49:6b:7e:0d:56:0b:8e:a2:db:0a:03:d7:9f:af:0b:
46:fc:15:94:89:75:49:b0:8c:68:8b:8b:63:60:3c:
29:f9:46:b9:89:e2:26:43:b6:55:d3:c5:69:c7:e8:
b7:14:1e:d1:8f:ad:75:52:8f:67:80:49:43:17:66:
8d:d8:7d:0b:7a:86:b8:e5:53:3e:95:06:8b:da:3c:
b5:41:ab:57:2d:87:94:db:07:37:21:ea:68:c4:ab:
ae:21:46:c6:ab:41:75:6c:7c:dd:7f:03:cd:41:60:
df:dc:02:45:8b:da:26:b8:2b:ae:d7:a2:f4:14:66:
f1:c3:a5:74:2a:1b:21:09:c0:95:77:24:57:c0:b5:
be:8f:59:db:05:c8:f3:48:b7:62:97:3a:d8:78:86:
20:ec:cb:f7:26:ad:b5:e0:92:9b:7f:11:21:e3:15:
88:1c:3c:94:b8:4d:2f:c9:91:5c:4c:48:4f:86:36:
f1:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:20:A8:A1:2A:93:8C:86:2C:EC:32:51:DB:7C:68:F2:47:8A:C9:AF
X509v3 Authority Key Identifier:
keyid:29:96:23:25:DE:0B:AD:E4:DC:9D:DB:C5:76:AE:27:70:12:BC:37:58
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914DA2D/8383620A50D511E79ECE4013C4F9AE02/KZYjJd4LreTcndvFdq4ncBK8N1g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KZYjJd4LreTcndvFdq4ncBK8N1g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914DA2D/8383620A50D511E79ECE4013C4F9AE02/442A935E2F1F11F0A35F5757C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
14.1.124.0/22
103.11.192.0/22
103.48.184.0/22
103.79.156.0/23
103.212.116.0/22
103.219.136.0/22
103.239.56.0/22
122.201.16.0-122.201.21.255
122.201.23.0-122.201.31.255
139.5.216.0/22
202.70.32.0/20
203.17.23.0/24
203.21.120.0/24
203.23.49.0/24
203.23.199.0/24
203.98.76.0/23
IPv6:
2405:5700::/32
Signature Algorithm: sha256WithRSAEncryption
81:75:1c:9b:e4:e4:f1:0a:c8:f3:78:f3:64:9c:49:38:87:a2:
fa:5c:f1:a3:ee:8a:5e:d1:42:d6:d9:ba:7a:55:85:a8:de:46:
74:16:9b:5a:8b:4f:cc:0f:ac:9f:70:36:46:ab:26:fe:0d:a4:
2b:05:34:55:0a:1d:31:c1:c6:d2:6a:4d:7b:3b:73:83:97:58:
24:48:d2:1e:01:d7:ed:ad:90:dc:5b:9f:40:18:5e:c2:8d:cd:
33:3a:1f:b8:aa:03:ec:fb:44:3c:55:33:8e:f5:6a:bb:8f:93:
85:dc:63:ae:4c:cc:d6:a2:4a:49:44:2f:fb:34:32:c7:83:70:
48:fc:37:20:46:39:55:45:2b:51:ea:4f:2c:9f:44:d7:9e:14:
c8:77:37:86:c9:c1:9d:43:75:8d:3e:b1:9a:63:e3:33:ec:69:
37:96:e3:bf:8d:29:04:f0:e2:0b:9b:42:f9:eb:e8:78:5f:34:
ad:61:38:3f:9b:94:f6:3c:83:f2:dc:67:1a:f0:d2:93:b0:cd:
57:eb:1f:5e:b0:55:1a:b4:34:ed:71:66:30:81:1d:ef:e8:b1:
95:32:3a:d0:1e:06:2f:ec:70:a3:10:ba:5d:a7:25:02:18:77:
fb:bb:2c:1e:a3:3a:d7:3c:82:60:38:7e:1c:c0:b2:dc:7f:52:
a4:7f:d9:60
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgICGvQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NERBMkQxMTAvBgNVBAUTKDI5OTYyMzI1REUwQkFERTREQzlEREJDNTc2QUUyNzcw
MTJCQzM3NTgwHhcNMjUwNzIxMDYzODA5WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0MjM1Yi1iZmVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwiWw6oqQSF0vc+Zm3ICy6xfetFuIGlBQRB+7nAGf79Q9Tg4LdLtshjR0s8Ni
qPlRh93wRtJu4/f7yKsyhimTSfQDL9XDIYNRiqBJa34NVguOotsKA9efrwtG/BWU
iXVJsIxoi4tjYDwp+Ua5ieImQ7ZV08Vpx+i3FB7Rj611Uo9ngElDF2aN2H0Leoa4
5VM+lQaL2jy1QatXLYeU2wc3IepoxKuuIUbGq0F1bHzdfwPNQWDf3AJFi9omuCuu
16L0FGbxw6V0KhshCcCVdyRXwLW+j1nbBcjzSLdilzrYeIYg7Mv3Jq214JKbfxEh
4xWIHDyUuE0vyZFcTEhPhjbxpwIDAQABo4IC3DCCAtgwHQYDVR0OBBYEFMIgqKEq
k4yGLOwyUdt8aPJHismvMB8GA1UdIwQYMBaAFCmWIyXeC63k3J3bxXauJ3ASvDdY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0REEyRC84MzgzNjIwQTUw
RDUxMUU3OUVDRTQwMTNDNEY5QUUwMi9LWllqSmQ0THJlVGNuZHZGZHE0bmNCSzhO
MWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0taWWpKZDRMcmVUY25kdkZkcTRuY0JLOE4xZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NERBMkQvODM4MzYyMEE1MEQ1MTFFNzlFQ0U0MDEzQzRGOUFFMDIvNDQyQTkzNUUy
RjFGMTFGMEEzNUY1NzU3QzRGOUFFMDIucm9hMIGaBggrBgEFBQcBBwEB/wSBijCB
hzB2BAIAATBwAwQCDgF8AwQCZwvAAwQCZzC4AwQBZ0+cAwQCZ9R0AwQCZ9uIAwQC
Z+84MAwDBAR6yRADBAF6yRQwDAMEAHrJFwMEBXrJAAMEAosF2AMEBMpGIAMEAMsR
FwMEAMsVeAMEAMsXMQMEAMsXxwMEActiTDANBAIAAjAHAwUAJAVXADANBgkqhkiG
9w0BAQsFAAOCAQEAgXUcm+Tk8QrI83jzZJxJOIei+lzxo+6KXtFC1tm6elWFqN5G
dBabWotPzA+sn3A2Rqsm/g2kKwU0VQodMcHG0mpNeztzg5dYJEjSHgHX7a2Q3Fuf
QBhewo3NMzofuKoD7PtEPFUzjvVqu4+ThdxjrkzM1qJKSUQv+zQyx4NwSPw3IEY5
VUUrUepPLJ9E154UyHc3hsnBnUN1jT6xmmPjM+xpN5bjv40pBPDiC5tC+evoeF80
rWE4P5uU9jyD8txnGvDSk7DNV+sfXrBVGrQ07XFmMIEd7+ixlTI60B4GL+xwoxC6
XaclAhh3+7ssHqM61zyCYDh+HMCy3H9SpH/ZYA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:12:38 2026 by rpki-client