Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9167D07/D74AE2741BA911E8A8F57865C4F9AE02/EFE8CDF6C8D111EE95249F25C4F9AE02.roa
File: EFE8CDF6C8D111EE95249F25C4F9AE02.roa (raw, json)
Hash identifier: vxWTeDCOHWuEhOaJAF4VGFM0DqtGWr26nr5q8brIPcM=
Subject key identifier: 99:C6:52:F5:A1:70:E9:8F:AB:27:60:85:E2:DC:B6:2D:81:40:53:CA
Certificate issuer: /CN=A9167D07/serialNumber=037B8F05F4902D9DA8B424C39340865F3DAC9B26
Certificate serial: 16BE
Authority key identifier: 03:7B:8F:05:F4:90:2D:9D:A8:B4:24:C3:93:40:86:5F:3D:AC:9B:26
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A3uPBfSQLZ2otCTDk0CGXz2smyY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9167D07/D74AE2741BA911E8A8F57865C4F9AE02/EFE8CDF6C8D111EE95249F25C4F9AE02.roa
Signing time: Sun 01 Mar 2026 13:44:57 +0000
ROA not before: Sat 28 Feb 2026 17:14:36 +0000
ROA not after: Sat 01 May 2027 00:00:00 +0000
asID: 55427
IP address blocks: 43.245.92.0/22 maxlen: 22
43.245.92.0/23 maxlen: 23
43.245.92.0/24 maxlen: 24
43.245.93.0/24 maxlen: 24
43.245.94.0/23 maxlen: 23
43.245.94.0/24 maxlen: 24
43.245.95.0/24 maxlen: 24
103.232.228.0/22 maxlen: 22
103.232.228.0/23 maxlen: 23
103.232.228.0/24 maxlen: 24
103.232.229.0/24 maxlen: 24
103.232.230.0/23 maxlen: 23
103.232.230.0/24 maxlen: 24
103.232.231.0/24 maxlen: 24
182.50.64.0/22 maxlen: 24
2402:a300::/32 maxlen: 32
2402:a300:3e6::/48 maxlen: 48
2402:a300:3e7::/48 maxlen: 48
2402:a300:3e8::/48 maxlen: 48
2402:a300:13e6::/48 maxlen: 48
2402:a300:13e7::/48 maxlen: 48
2402:a300:13e8::/48 maxlen: 48
2402:a300:23e8::/48 maxlen: 48
2402:a300:4000::/36 maxlen: 36
2402:a300:4005::/48 maxlen: 48
2402:a300:8000::/36 maxlen: 36
2402:a300:8005::/48 maxlen: 48
2402:a300:800a::/48 maxlen: 48
2402:a300:c000::/36 maxlen: 36
2402:a300:c005::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9167D07/D74AE2741BA911E8A8F57865C4F9AE02/A3uPBfSQLZ2otCTDk0CGXz2smyY.crl
rsync://rpki.apnic.net/member_repository/A9167D07/D74AE2741BA911E8A8F57865C4F9AE02/A3uPBfSQLZ2otCTDk0CGXz2smyY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A3uPBfSQLZ2otCTDk0CGXz2smyY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 16:36:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5822 (0x16be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9167D07, serialNumber=037B8F05F4902D9DA8B424C39340865F3DAC9B26
Validity
Not Before: Feb 28 17:14:36 2026 GMT
Not After : May 1 00:00:00 2027 GMT
Subject: CN=69a442d9-e2ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:94:c7:5f:c7:bd:ad:2c:41:c9:a4:83:ef:08:
a2:a6:fe:6a:ff:20:74:26:5d:b7:d0:06:67:89:bd:
77:82:81:0f:87:41:f1:86:53:18:63:42:3d:46:a6:
7d:4b:dc:d7:72:85:2c:ff:24:15:9a:6f:ea:fe:2f:
aa:df:41:45:2f:20:c8:c2:61:b5:64:6d:96:ed:cc:
2a:0d:ba:5d:26:f7:8c:3e:69:d0:83:12:dc:cf:cc:
23:49:77:ad:60:f7:4f:8d:3d:96:9a:ab:11:ac:30:
a8:b4:bc:d1:bc:3a:c0:b8:dc:d1:92:fe:9c:8e:6b:
3f:28:51:07:9a:c2:24:f8:86:a6:89:79:a3:58:92:
80:6a:20:8b:4a:bf:14:24:e0:a3:17:3f:4d:53:ba:
65:74:01:33:b5:e1:27:c0:b2:17:5a:00:d5:ff:3d:
2b:96:f6:d6:19:6c:14:3f:8c:36:05:1b:fa:50:5b:
e0:eb:77:38:e9:dd:15:83:f1:85:0a:18:73:1f:5c:
e6:8e:48:43:10:d2:74:30:a3:e7:a9:da:76:0a:44:
6e:af:63:b7:10:e2:18:19:a4:3e:33:9b:8d:70:06:
76:7b:9b:e5:26:34:ae:ab:d5:8d:75:4a:f7:e7:8c:
f2:0a:e0:2c:ab:98:48:cd:42:ce:aa:ff:de:4c:f8:
2b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:C6:52:F5:A1:70:E9:8F:AB:27:60:85:E2:DC:B6:2D:81:40:53:CA
X509v3 Authority Key Identifier:
keyid:03:7B:8F:05:F4:90:2D:9D:A8:B4:24:C3:93:40:86:5F:3D:AC:9B:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9167D07/D74AE2741BA911E8A8F57865C4F9AE02/A3uPBfSQLZ2otCTDk0CGXz2smyY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A3uPBfSQLZ2otCTDk0CGXz2smyY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167D07/D74AE2741BA911E8A8F57865C4F9AE02/EFE8CDF6C8D111EE95249F25C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.245.92.0/22
103.232.228.0/22
182.50.64.0/22
IPv6:
2402:a300::/32
Signature Algorithm: sha256WithRSAEncryption
a4:e5:80:25:f7:25:16:8f:27:b1:ba:10:84:83:c0:bd:22:2c:
78:98:51:cb:a8:8c:59:3a:f1:2d:5c:c1:3b:45:33:b1:6b:6c:
8b:06:f0:24:25:4d:87:17:f2:75:ad:9e:d8:57:03:4c:9b:78:
c9:29:d7:e2:5b:73:fc:6d:19:80:15:2c:0c:f8:6d:af:5a:e8:
83:52:47:58:fb:38:0b:96:da:97:f1:74:7c:16:85:7c:97:e4:
b3:f8:c0:bf:fb:a8:0c:51:71:80:fd:a5:ef:14:51:47:c6:90:
89:6f:98:4e:bf:9f:aa:d9:a8:74:cc:c9:fa:f4:b3:0f:ba:69:
df:c2:26:2d:2c:d6:74:04:51:2e:20:2d:6b:1e:a6:50:20:51:
3f:a0:9d:25:a8:8f:4a:a5:09:7f:9f:55:10:c5:1e:b0:98:06:
54:ff:6f:bb:87:c8:05:f0:fc:bd:6a:d5:65:ca:eb:6d:a3:6d:
b0:cb:5a:b3:a4:e0:c2:97:a1:a9:0a:a5:12:38:a5:44:de:0e:
dc:c0:db:31:d9:b1:02:ba:72:85:31:a5:ae:07:d4:3c:08:4c:
92:38:01:5e:b3:52:f0:e5:50:3d:65:c2:ff:99:7e:71:d2:44:
42:a1:bf:bd:a6:14:31:56:40:9d:77:3c:9d:b2:6c:1e:49:2b:
9f:c9:d4:09
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgICFr4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjdEMDcxMTAvBgNVBAUTKDAzN0I4RjA1RjQ5MDJEOURBOEI0MjRDMzkzNDA4NjVG
M0RBQzlCMjYwHhcNMjYwMjI4MTcxNDM2WhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NDJkOS1lMmJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnpTHX8e9rSxByaSD7wiipv5q/yB0Jl230AZnib13goEPh0HxhlMYY0I9RqZ9
S9zXcoUs/yQVmm/q/i+q30FFLyDIwmG1ZG2W7cwqDbpdJveMPmnQgxLcz8wjSXet
YPdPjT2WmqsRrDCotLzRvDrAuNzRkv6cjms/KFEHmsIk+IamiXmjWJKAaiCLSr8U
JOCjFz9NU7pldAEzteEnwLIXWgDV/z0rlvbWGWwUP4w2BRv6UFvg63c46d0Vg/GF
ChhzH1zmjkhDENJ0MKPnqdp2CkRur2O3EOIYGaQ+M5uNcAZ2e5vlJjSuq9WNdUr3
54zyCuAsq5hIzULOqv/eTPgrlQIDAQABo4ICezCCAncwHQYDVR0OBBYEFJnGUvWh
cOmPqydgheLcti2BQFPKMB8GA1UdIwQYMBaAFAN7jwX0kC2dqLQkw5NAhl89rJsm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0QwNy9ENzRBRTI3NDFC
QTkxMUU4QThGNTc4NjVDNEY5QUUwMi9BM3VQQmZTUUxaMm90Q1REazBDR1h6MnNt
eVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0EzdVBCZlNRTFoyb3RDVERrMENHWHoyc215WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjdEMDcvRDc0QUUyNzQxQkE5MTFFOEE4RjU3ODY1QzRGOUFFMDIvRUZFOENERjZD
OEQxMTFFRTk1MjQ5RjI1QzRGOUFFMDIucm9hMDoGCCsGAQUFBwEHAQH/BCswKTAY
BAIAATASAwQCK/VcAwQCZ+jkAwQCtjJAMA0EAgACMAcDBQAkAqMAMA0GCSqGSIb3
DQEBCwUAA4IBAQCk5YAl9yUWjyexuhCEg8C9Iix4mFHLqIxZOvEtXME7RTOxa2yL
BvAkJU2HF/J1rZ7YVwNMm3jJKdfiW3P8bRmAFSwM+G2vWuiDUkdY+zgLltqX8XR8
FoV8l+Sz+MC/+6gMUXGA/aXvFFFHxpCJb5hOv5+q2ah0zMn69LMPumnfwiYtLNZ0
BFEuIC1rHqZQIFE/oJ0lqI9KpQl/n1UQxR6wmAZU/2+7h8gF8Py9atVlyutto22w
y1qzpODCl6GpCqUSOKVE3g7cwNsx2bECunKFMaWuB9Q8CEySOAFes1Lw5VA9ZcL/
mX5x0kRCob+9phQxVkCddzydsmweSSufydQJ
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:15:06 2026 by rpki-client