Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
File: 844EFBDA766C11EF8CE33A86C4F9AE02.roa (raw, json)
Hash identifier: rG8LFpWn8e5WNkUz41in8DUocZDaO5hxFfUN/rqb2XU=
Subject key identifier: 0A:09:71:C8:68:D7:F4:E7:C8:6C:EE:C4:26:D6:2F:14:D0:20:1B:AD
Certificate issuer: /CN=A9162EE1/serialNumber=6076BD0BA4DB797A72A68FEFF9BFB558C44398B2
Certificate serial: 04BD
Authority key identifier: 60:76:BD:0B:A4:DB:79:7A:72:A6:8F:EF:F9:BF:B5:58:C4:43:98:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
Signing time: Wed 18 Mar 2026 14:06:10 +0000
ROA not before: Wed 18 Mar 2026 14:06:10 +0000
ROA not after: Wed 30 Dec 2026 00:00:00 +0000
asID: 147049
IP address blocks: 103.173.150.0/23 maxlen: 23
103.173.150.0/24 maxlen: 24
103.173.151.0/24 maxlen: 24
116.204.193.0/24 maxlen: 24
116.204.194.0/24 maxlen: 24
116.204.195.0/24 maxlen: 24
2407:e8c0::/48 maxlen: 48
2407:e8c0:1::/48 maxlen: 48
2407:e8c0:2::/48 maxlen: 48
2407:e8c0:3::/48 maxlen: 48
2407:e8c0:4::/48 maxlen: 48
2407:e8c0:5::/48 maxlen: 48
2407:e8c0:6::/48 maxlen: 48
2407:e8c0:7::/48 maxlen: 48
2407:e8c0:8::/48 maxlen: 48
2407:e8c0:9::/48 maxlen: 48
2407:e8c0:a::/48 maxlen: 48
2407:e8c0:b::/48 maxlen: 48
2407:e8c0:c::/48 maxlen: 48
2407:e8c0:d::/48 maxlen: 48
2407:e8c0:e::/48 maxlen: 48
2407:e8c0:f::/48 maxlen: 48
2407:e8c0:11::/48 maxlen: 48
2407:e8c0:12::/48 maxlen: 48
2407:e8c0:13::/48 maxlen: 48
2407:e8c0:1f::/48 maxlen: 48
2407:e8c0:20::/48 maxlen: 48
2407:e8c0:21::/48 maxlen: 48
2407:e8c0:22::/48 maxlen: 48
2407:e8c0:23::/48 maxlen: 48
2407:e8c0:24::/48 maxlen: 48
2407:e8c0:4a00::/40 maxlen: 40
2407:e8c0:4b00::/40 maxlen: 40
2407:e8c0:4c00::/40 maxlen: 40
2407:e8c0:4d00::/40 maxlen: 40
2407:e8c0:4e00::/40 maxlen: 40
2407:e8c0:4f00::/40 maxlen: 40
2407:e8c0:5000::/40 maxlen: 40
2407:e8c0:5100::/40 maxlen: 40
2407:e8c0:5200::/40 maxlen: 40
2407:e8c0:5300::/40 maxlen: 40
2407:e8c0:5400::/40 maxlen: 40
2407:e8c0:5500::/40 maxlen: 40
2407:e8c0:5600::/40 maxlen: 40
2407:e8c0:5700::/40 maxlen: 40
2407:e8c0:5800::/40 maxlen: 40
2407:e8c0:5a00::/40 maxlen: 40
2407:e8c0:5b00::/40 maxlen: 40
2407:e8c0:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.crl
rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 23:52:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1213 (0x4bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162EE1, serialNumber=6076BD0BA4DB797A72A68FEFF9BFB558C44398B2
Validity
Not Before: Mar 18 14:06:10 2026 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=69bab152-b1cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:10:3d:07:06:a1:fb:b8:d4:4f:76:42:a9:7b:
30:60:13:e8:42:cc:ee:dc:65:1d:3b:d0:4f:42:75:
62:ec:d0:86:4e:47:2e:fc:02:bc:55:9a:05:4a:c7:
2c:a4:f3:59:18:e1:60:dc:df:87:9e:a3:c7:18:6a:
91:2c:91:5f:2a:ce:4e:53:a9:9c:cc:f1:11:a4:30:
f9:99:15:3f:39:d8:d6:0a:eb:33:56:3a:5e:2e:fe:
44:ba:6e:87:3b:b2:15:0b:54:ba:15:79:a2:14:d4:
3c:fc:b5:1a:18:6f:a1:a5:27:2e:29:db:79:ae:cb:
94:29:e4:50:42:5f:31:9e:fa:f1:a3:d2:ed:1d:d5:
c3:d5:2c:37:c1:9e:9f:60:54:18:3d:8b:04:fc:ca:
54:92:bf:70:b2:f2:b5:55:4f:d5:7b:b7:c7:b3:16:
c3:e0:e5:e2:ae:56:cf:26:7c:f7:76:66:90:0d:de:
a0:49:36:75:75:00:4e:2e:b3:c3:3d:73:48:f2:97:
da:60:8e:8f:48:36:13:4c:d1:9b:34:39:64:14:42:
54:4c:22:85:6c:3a:bd:0f:73:50:d1:ff:43:3d:d3:
dd:93:dc:00:b6:6d:55:c0:32:1b:a3:54:ab:e3:9d:
8c:d9:67:40:cd:8d:57:6b:d0:69:a7:fb:e3:da:01:
63:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:09:71:C8:68:D7:F4:E7:C8:6C:EE:C4:26:D6:2F:14:D0:20:1B:AD
X509v3 Authority Key Identifier:
keyid:60:76:BD:0B:A4:DB:79:7A:72:A6:8F:EF:F9:BF:B5:58:C4:43:98:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.173.150.0/23
116.204.193.0-116.204.195.255
IPv6:
2407:e8c0::/44
2407:e8c0:11::-2407:e8c0:13:ffff:ffff:ffff:ffff:ffff
2407:e8c0:1f::-2407:e8c0:24:ffff:ffff:ffff:ffff:ffff
2407:e8c0:4a00::-2407:e8c0:58ff:ffff:ffff:ffff:ffff:ffff
2407:e8c0:5a00::/39
2407:e8c0:6000::/40
Signature Algorithm: sha256WithRSAEncryption
88:06:ac:7b:b1:87:56:c7:75:9a:15:72:a0:a2:da:95:85:86:
01:ac:2c:05:d2:75:86:89:b7:90:ff:b4:4a:99:5a:56:29:dc:
ea:32:45:68:2d:fb:2e:4d:e1:4f:fb:87:a8:8c:1a:d6:40:64:
5d:2f:d4:c3:05:17:69:f2:4e:15:22:97:2a:b4:91:99:e5:f1:
44:10:26:7d:c1:0f:0e:17:08:85:4e:73:7f:38:9d:35:45:20:
98:35:d2:24:ff:4d:6d:75:e7:57:4f:99:d2:57:e7:b8:83:68:
f3:80:68:bb:66:2f:c0:22:a3:ff:d1:50:7f:72:19:e0:7f:8c:
c0:9f:d6:aa:03:8b:cd:0f:34:7a:67:ea:80:25:83:85:4d:94:
38:59:fc:20:35:d7:1c:fd:eb:08:bb:25:cc:81:ff:ef:b8:cb:
e9:83:7f:46:a8:56:34:45:19:25:31:f9:78:1a:22:00:56:0c:
5e:64:b5:a2:27:bc:99:fd:56:4c:75:e0:55:9b:81:07:dd:ea:
7a:2e:39:e6:39:9c:48:54:12:9a:37:cd:4a:29:12:76:f9:88:
6b:e1:9d:da:70:39:3c:bf:ff:ed:a2:e9:dc:13:b6:49:bb:d7:
c3:cf:c8:0a:d4:41:2f:ef:02:35:b9:a0:42:f3:1a:cd:92:63:
2c:84:8f:b8
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgICBL0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjJFRTExMTAvBgNVBAUTKDYwNzZCRDBCQTREQjc5N0E3MkE2OEZFRkY5QkZCNTU4
QzQ0Mzk4QjIwHhcNMjYwMzE4MTQwNjEwWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWJhYjE1Mi1iMWNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArRA9Bwah+7jUT3ZCqXswYBPoQszu3GUdO9BPQnVi7NCGTkcu/AK8VZoFSscs
pPNZGOFg3N+HnqPHGGqRLJFfKs5OU6mczPERpDD5mRU/OdjWCuszVjpeLv5Eum6H
O7IVC1S6FXmiFNQ8/LUaGG+hpScuKdt5rsuUKeRQQl8xnvrxo9LtHdXD1Sw3wZ6f
YFQYPYsE/MpUkr9wsvK1VU/Ve7fHsxbD4OXirlbPJnz3dmaQDd6gSTZ1dQBOLrPD
PXNI8pfaYI6PSDYTTNGbNDlkFEJUTCKFbDq9D3NQ0f9DPdPdk9wAtm1VwDIbo1Sr
452M2WdAzY1Xa9Bpp/vj2gFj/QIDAQABo4ICyjCCAsYwHQYDVR0OBBYEFAoJccho
1/TnyGzuxCbWLxTQIButMB8GA1UdIwQYMBaAFGB2vQuk23l6cqaP7/m/tVjEQ5iy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MkVFMS83NTJENDJFODhG
RDIxMUVDOTQ4QTkzN0VDNEY5QUUwMi9ZSGE5QzZUYmVYcHlwb192LWItMVdNUkRt
TEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lIYTlDNlRiZVhweXBvX3YtYi0xV01SRG1MSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjJFRTEvNzUyRDQyRTg4RkQyMTFFQzk0OEE5MzdFQzRGOUFFMDIvODQ0RUZCREE3
NjZDMTFFRjhDRTMzQTg2QzRGOUFFMDIucm9hMIGIBggrBgEFBQcBBwEB/wR5MHcw
GgQCAAEwFAMEAWetljAMAwQAdMzBAwQCdMzAMFkEAgACMFMDBwQkB+jAAAAwEgMH
ACQH6MAAEQMHAiQH6MAAEDASAwcAJAfowAAfAwcAJAfowAAkMBADBgEkB+jASgMG
ACQH6MBYAwYBJAfowFoDBgAkB+jAYDANBgkqhkiG9w0BAQsFAAOCAQEAiAase7GH
Vsd1mhVyoKLalYWGAawsBdJ1hom3kP+0SplaVinc6jJFaC37Lk3hT/uHqIwa1kBk
XS/UwwUXafJOFSKXKrSRmeXxRBAmfcEPDhcIhU5zfzidNUUgmDXSJP9NbXXnV0+Z
0lfnuINo84Bou2YvwCKj/9FQf3IZ4H+MwJ/WqgOLzQ80emfqgCWDhU2UOFn8IDXX
HP3rCLslzIH/77jL6YN/RqhWNEUZJTH5eBoiAFYMXmS1oie8mf1WTHXgVZuBB93q
ei455jmcSFQSmjfNSikSdvmIa+Gd2nA5PL//7aLp3BO2SbvXw8/ICtRBL+8CNbmg
QvMazZJjLISPuA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:53:24 2026 by rpki-client