Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/036356DC573611F08FD0E718C4F9AE02.roa
File: 036356DC573611F08FD0E718C4F9AE02.roa (raw, json)
Hash identifier: DJhnBtV4qr/FDZCjaH9Lkrqqu0NQBCA+NO7bEbg3nAY=
Subject key identifier: 92:67:E3:E0:A3:10:7D:10:90:BD:74:34:B7:10:48:C8:13:54:4E:43
Certificate issuer: /CN=A917B9CB/serialNumber=33A7AEAFA5526DCDC56CF0876BBD41133E3D2479
Certificate serial: 3553
Authority key identifier: 33:A7:AE:AF:A5:52:6D:CD:C5:6C:F0:87:6B:BD:41:13:3E:3D:24:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M6eur6VSbc3FbPCHa71BEz49JHk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/036356DC573611F08FD0E718C4F9AE02.roa
Signing time: Mon 02 Mar 2026 05:15:55 +0000
ROA not before: Tue 26 Aug 2025 08:29:59 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 132789
IP address blocks: 203.105.192.0/24 maxlen: 24
203.105.193.0/24 maxlen: 24
203.105.194.0/24 maxlen: 24
203.105.195.0/24 maxlen: 24
203.105.196.0/24 maxlen: 24
203.105.197.0/24 maxlen: 24
203.105.198.0/24 maxlen: 24
203.105.199.0/24 maxlen: 24
203.105.201.0/24 maxlen: 24
203.105.202.0/24 maxlen: 24
203.105.205.0/24 maxlen: 24
203.105.206.0/24 maxlen: 24
203.105.207.0/24 maxlen: 24
203.105.208.0/24 maxlen: 24
203.105.209.0/24 maxlen: 24
203.105.212.0/24 maxlen: 24
203.105.213.0/24 maxlen: 24
203.105.214.0/24 maxlen: 24
203.105.215.0/24 maxlen: 24
203.105.216.0/24 maxlen: 24
203.105.217.0/24 maxlen: 24
203.105.218.0/24 maxlen: 24
203.105.219.0/24 maxlen: 24
203.105.220.0/24 maxlen: 24
203.105.221.0/24 maxlen: 24
203.105.222.0/24 maxlen: 24
203.105.223.0/24 maxlen: 24
2402:3780::/48 maxlen: 48
2402:3780:2::/48 maxlen: 48
2402:3780:1000::/48 maxlen: 48
2402:3780:f001::/48 maxlen: 48
2402:3780:f002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/M6eur6VSbc3FbPCHa71BEz49JHk.crl
rsync://rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/M6eur6VSbc3FbPCHa71BEz49JHk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M6eur6VSbc3FbPCHa71BEz49JHk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 14:38:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13651 (0x3553)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917B9CB, serialNumber=33A7AEAFA5526DCDC56CF0876BBD41133E3D2479
Validity
Not Before: Aug 26 08:29:59 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=69a51d0b-f4dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ac:6f:00:86:d9:1b:65:f2:ca:18:f3:6f:4f:
64:37:aa:bb:49:96:3c:1a:2a:6e:81:83:5f:ef:61:
b5:6e:b2:9e:9e:8a:e7:77:4a:41:39:f3:07:54:92:
41:07:1a:9d:fb:53:de:8b:b9:f3:57:6e:2d:b4:7b:
9a:1c:1a:40:7f:d4:79:cd:31:5b:6b:2e:04:fb:9c:
64:ff:24:0f:f1:e4:51:85:17:20:de:18:3d:69:1f:
5a:ac:7c:2d:f9:b8:df:f7:f5:d3:af:8c:57:a4:e5:
50:14:a5:f6:f9:17:69:52:8b:04:cb:72:d2:07:6b:
f6:04:d8:b6:5d:02:1a:49:d2:61:8f:0a:f3:ae:be:
4c:71:aa:83:11:8a:96:54:91:bf:fc:8a:67:92:c7:
d5:44:a1:86:b9:55:5f:26:ba:04:94:f6:79:f7:81:
90:e5:b2:ee:99:e2:18:69:70:8e:f9:40:29:46:bb:
7f:6c:68:8c:d6:8d:cf:43:ad:27:bb:56:c7:62:d6:
b1:e6:07:6a:24:d8:2d:ee:e3:8a:cc:c7:ea:45:c6:
9c:03:d0:bf:f0:69:cf:1b:29:87:6d:d0:80:75:f1:
54:e0:1c:eb:dc:94:4a:b8:9d:3f:f5:22:4a:8c:e3:
1d:3c:2d:b4:c4:a7:88:26:77:98:d4:d2:82:d8:c8:
c7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:67:E3:E0:A3:10:7D:10:90:BD:74:34:B7:10:48:C8:13:54:4E:43
X509v3 Authority Key Identifier:
keyid:33:A7:AE:AF:A5:52:6D:CD:C5:6C:F0:87:6B:BD:41:13:3E:3D:24:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/M6eur6VSbc3FbPCHa71BEz49JHk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M6eur6VSbc3FbPCHa71BEz49JHk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/036356DC573611F08FD0E718C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
203.105.192.0/21
203.105.201.0-203.105.202.255
203.105.205.0-203.105.209.255
203.105.212.0-203.105.223.255
IPv6:
2402:3780::/48
2402:3780:2::/48
2402:3780:1000::/48
2402:3780:f001::-2402:3780:f002:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ae:a5:ff:53:4c:21:31:51:0f:9d:64:6f:67:c5:49:0b:a3:47:
59:32:c2:d4:13:04:c9:ca:41:aa:85:57:29:2a:02:96:d9:aa:
ba:c8:f2:08:3f:4c:1e:c4:48:68:c4:75:23:a7:48:04:ed:6a:
39:fb:77:67:33:bd:73:ec:38:42:6e:25:4f:9e:1e:97:d3:93:
b7:b1:55:c8:35:b1:84:60:fd:ee:ed:fb:82:8f:06:f8:4d:48:
64:03:7f:3b:da:d7:00:a6:53:5f:16:96:7e:ee:47:3b:d4:e9:
ab:75:88:5d:8e:59:af:23:17:2c:77:bf:e8:32:70:6a:7c:0d:
09:93:93:26:cd:23:51:58:95:48:2b:e7:61:af:81:30:f4:d6:
63:be:84:a0:b1:3c:0d:a3:05:be:12:09:6a:ff:cb:cd:5e:7e:
64:2a:7d:d9:3f:18:94:bc:fa:42:5a:ba:2a:1a:e2:83:69:1e:
fd:90:22:84:d2:45:45:b2:03:66:81:16:f4:8f:b5:de:c4:e4:
a2:8c:15:ae:79:45:a4:12:f2:ed:f3:c9:bb:d4:b7:0e:e0:33:
dc:92:c0:61:77:8c:4b:7f:c6:41:c7:32:58:c6:22:7b:1b:c4:
c9:78:a6:6d:77:9e:af:c2:05:a7:37:52:c5:1e:93:c4:81:31:
b0:4f:2f:e8
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICNVMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0I5Q0IxMTAvBgNVBAUTKDMzQTdBRUFGQTU1MjZEQ0RDNTZDRjA4NzZCQkQ0MTEz
M0UzRDI0NzkwHhcNMjUwODI2MDgyOTU5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE1MWQwYi1mNGRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7KxvAIbZG2Xyyhjzb09kN6q7SZY8GipugYNf72G1brKenornd0pBOfMHVJJB
Bxqd+1Pei7nzV24ttHuaHBpAf9R5zTFbay4E+5xk/yQP8eRRhRcg3hg9aR9arHwt
+bjf9/XTr4xXpOVQFKX2+RdpUosEy3LSB2v2BNi2XQIaSdJhjwrzrr5McaqDEYqW
VJG//IpnksfVRKGGuVVfJroElPZ594GQ5bLumeIYaXCO+UApRrt/bGiM1o3PQ60n
u1bHYtax5gdqJNgt7uOKzMfqRcacA9C/8GnPGymHbdCAdfFU4Bzr3JRKuJ0/9SJK
jOMdPC20xKeIJneY1NKC2MjHaQIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFJJn4+Cj
EH0QkL10NLcQSMgTVE5DMB8GA1UdIwQYMBaAFDOnrq+lUm3NxWzwh2u9QRM+PSR5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjlDQi82RjZFREM2MDFE
OEUxMUUyODg1Q0RGRUMwOEIwMkNEMi9NNmV1cjZWU2JjM0ZiUENIYTcxQkV6NDlK
SGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL002ZXVyNlZTYmMzRmJQQ0hhNzFCRXo0OUpIay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0I5Q0IvNkY2RURDNjAxRDhFMTFFMjg4NUNERkVDMDhCMDJDRDIvMDM2MzU2REM1
NzM2MTFGMDhGRDBFNzE4QzRGOUFFMDIucm9hMIGABggrBgEFBQcBBwEB/wRxMG8w
NgQCAAEwMAMEA8tpwDAMAwQAy2nJAwQAy2nKMAwDBADLac0DBAHLadAwDAMEAstp
1AMEBctpwDA1BAIAAjAvAwcAJAI3gAAAAwcAJAI3gAACAwcAJAI3gBAAMBIDBwAk
AjeA8AEDBwAkAjeA8AIwDQYJKoZIhvcNAQELBQADggEBAK6l/1NMITFRD51kb2fF
SQujR1kywtQTBMnKQaqFVykqApbZqrrI8gg/TB7ESGjEdSOnSATtajn7d2czvXPs
OEJuJU+eHpfTk7exVcg1sYRg/e7t+4KPBvhNSGQDfzva1wCmU18Wln7uRzvU6at1
iF2OWa8jFyx3v+gycGp8DQmTkybNI1FYlUgr52GvgTD01mO+hKCxPA2jBb4SCWr/
y81efmQqfdk/GJS8+kJauioa4oNpHv2QIoTSRUWyA2aBFvSPtd7E5KKMFa55RaQS
8u3zybvUtw7gM9ySwGF3jEt/xkHHMljGInsbxMl4pm13nq/CBac3UsUek8SBMbBP
L+g=
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:47:03 2026 by rpki-client