Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/CF3CF4A2DECD11EFA34A7C66C4F9AE02.roa
File: CF3CF4A2DECD11EFA34A7C66C4F9AE02.roa (raw, json)
Hash identifier: fs8vNdHPTeEjIkaHFCo8i9QI5xttWL2wCiA1UOJja1k=
Subject key identifier: 13:72:9C:4C:9B:83:E8:73:E7:17:5F:D9:B0:EE:FD:92:3D:A4:8C:B5
Certificate issuer: /CN=A918DB4E/serialNumber=42758DE0CC0CF62C2AEEE93E0EEE67903A502CCC
Certificate serial: 0D02
Authority key identifier: 42:75:8D:E0:CC:0C:F6:2C:2A:EE:E9:3E:0E:EE:67:90:3A:50:2C:CC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QnWN4MwM9iwq7uk-Du5nkDpQLMw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/CF3CF4A2DECD11EFA34A7C66C4F9AE02.roa
Signing time: Sun 01 Mar 2026 12:18:59 +0000
ROA not before: Thu 28 Aug 2025 19:09:51 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 137883
IP address blocks: 2402:f840::/32 maxlen: 32
2402:f840::/48 maxlen: 48
2402:f840:1::/48 maxlen: 48
2402:f840:2::/48 maxlen: 48
2402:f840:3::/48 maxlen: 48
2402:f840:4::/48 maxlen: 48
2402:f840:5::/48 maxlen: 48
2402:f840:6::/48 maxlen: 48
2402:f840:7::/48 maxlen: 48
2402:f840:8::/48 maxlen: 48
2402:f840:9::/48 maxlen: 48
2402:f840:a::/48 maxlen: 48
2402:f840:b::/48 maxlen: 48
2402:f840:c::/48 maxlen: 48
2402:f840:d::/48 maxlen: 48
2402:f840:e::/48 maxlen: 48
2402:f840:f::/48 maxlen: 48
2402:f840:10::/48 maxlen: 48
2402:f840:11::/48 maxlen: 48
2402:f840:12::/48 maxlen: 48
2402:f840:13::/48 maxlen: 48
2402:f840:14::/48 maxlen: 48
2402:f840:15::/48 maxlen: 48
2402:f840:16::/48 maxlen: 48
2402:f840:17::/48 maxlen: 48
2402:f840:18::/48 maxlen: 48
2402:f840:19::/48 maxlen: 48
2402:f840:1a::/48 maxlen: 48
2402:f840:1b::/48 maxlen: 48
2402:f840:1c::/48 maxlen: 48
2402:f840:1d::/48 maxlen: 48
2402:f840:1e::/48 maxlen: 48
2402:f840:1f::/48 maxlen: 48
2402:f840:20::/48 maxlen: 48
2402:f840:21::/48 maxlen: 48
2402:f840:22::/48 maxlen: 48
2402:f840:23::/48 maxlen: 48
2402:f840:24::/48 maxlen: 48
2402:f840:25::/48 maxlen: 48
2402:f840:26::/48 maxlen: 48
2402:f840:27::/48 maxlen: 48
2402:f840:28::/48 maxlen: 48
2402:f840:29::/48 maxlen: 48
2402:f840:2a::/48 maxlen: 48
2402:f840:2b::/48 maxlen: 48
2402:f840:2c::/48 maxlen: 48
2402:f840:2d::/48 maxlen: 48
2402:f840:2e::/48 maxlen: 48
2402:f840:2f::/48 maxlen: 48
2402:f840:30::/48 maxlen: 48
2402:f840:31::/48 maxlen: 48
2402:f840:32::/48 maxlen: 48
2402:f840:33::/48 maxlen: 48
2402:f840:34::/48 maxlen: 48
2402:f840:35::/48 maxlen: 48
2402:f840:36::/48 maxlen: 48
2402:f840:37::/48 maxlen: 48
2402:f840:38::/48 maxlen: 48
2402:f840:39::/48 maxlen: 48
2402:f840:3a::/48 maxlen: 48
2402:f840:3b::/48 maxlen: 48
2402:f840:3c::/48 maxlen: 48
2402:f840:3d::/48 maxlen: 48
2402:f840:3e::/48 maxlen: 48
2402:f840:3f::/48 maxlen: 48
2402:f840:40::/48 maxlen: 48
2402:f840:41::/48 maxlen: 48
2402:f840:42::/48 maxlen: 48
2402:f840:43::/48 maxlen: 48
2402:f840:44::/48 maxlen: 48
2402:f840:45::/48 maxlen: 48
2402:f840:46::/48 maxlen: 48
2402:f840:47::/48 maxlen: 48
2402:f840:48::/48 maxlen: 48
2402:f840:49::/48 maxlen: 48
2402:f840:4a::/48 maxlen: 48
2402:f840:4b::/48 maxlen: 48
2402:f840:4c::/48 maxlen: 48
2402:f840:4d::/48 maxlen: 48
2402:f840:4e::/48 maxlen: 48
2402:f840:4f::/48 maxlen: 48
2402:f840:50::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/QnWN4MwM9iwq7uk-Du5nkDpQLMw.crl
rsync://rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/QnWN4MwM9iwq7uk-Du5nkDpQLMw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QnWN4MwM9iwq7uk-Du5nkDpQLMw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 18:17:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3330 (0xd02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918DB4E, serialNumber=42758DE0CC0CF62C2AEEE93E0EEE67903A502CCC
Validity
Not Before: Aug 28 19:09:51 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=69a42eb2-8398
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:54:6e:3e:ef:66:6b:f6:e9:79:75:c1:ec:f1:
6f:0e:31:24:b0:aa:23:3e:82:5e:e0:ba:64:e7:69:
d9:7f:ab:a4:1e:b0:ea:38:2d:85:75:7e:fb:e0:25:
e9:36:80:84:69:53:fd:02:37:d9:8b:51:12:23:3c:
c5:d2:98:a9:0c:82:6c:d9:09:59:d7:a0:d0:0d:19:
6e:7f:d9:a2:dd:35:f8:36:8f:76:13:2d:69:7d:d8:
ab:9a:19:16:99:34:a2:80:28:52:65:93:ac:29:24:
7d:fe:ff:90:45:b4:b8:9f:64:3d:66:68:11:31:48:
cc:b8:05:7b:dc:63:1a:c2:38:67:58:2c:5e:52:90:
25:e0:a4:07:c4:5b:75:71:ca:8f:07:eb:ca:5d:08:
a6:84:3e:da:12:46:ef:60:6a:f6:b8:bf:6f:12:c0:
47:9b:f5:be:e6:ec:2b:a1:51:71:77:2d:29:9b:93:
3f:d2:36:16:71:a0:d7:fb:56:01:b1:15:7e:be:af:
8e:ec:f1:69:66:27:db:b6:0c:e2:f8:a0:bc:17:bb:
2a:10:99:a3:18:94:bf:18:4f:15:41:aa:d1:1f:05:
52:58:32:6d:dc:14:25:d5:25:00:50:da:19:4e:95:
42:44:de:82:ba:47:57:c5:f2:92:5a:bf:d3:dc:56:
60:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:72:9C:4C:9B:83:E8:73:E7:17:5F:D9:B0:EE:FD:92:3D:A4:8C:B5
X509v3 Authority Key Identifier:
keyid:42:75:8D:E0:CC:0C:F6:2C:2A:EE:E9:3E:0E:EE:67:90:3A:50:2C:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/QnWN4MwM9iwq7uk-Du5nkDpQLMw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QnWN4MwM9iwq7uk-Du5nkDpQLMw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/CF3CF4A2DECD11EFA34A7C66C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv6:
2402:f840::/32
Signature Algorithm: sha256WithRSAEncryption
01:3b:17:64:ba:e3:9f:38:db:33:9a:4f:eb:88:73:31:99:c1:
22:59:e3:52:a5:3e:d5:da:5e:1f:2e:ae:9a:ae:f3:f8:e8:0f:
97:28:a7:95:a6:95:f5:25:b0:27:7e:89:bc:98:6f:4a:d9:79:
94:f1:df:2b:7f:26:ac:fa:01:9d:1f:ad:60:ad:e4:f3:ef:66:
59:63:ac:1a:d4:3d:60:c2:d4:63:fa:2e:d3:f5:e2:ab:b5:80:
a3:03:76:e7:40:3f:38:8d:d1:29:00:81:fc:e7:7e:d1:68:39:
d1:96:17:e4:c4:19:10:87:c8:f1:25:c8:6a:45:46:7b:87:94:
37:ef:14:eb:8b:5e:b1:7b:6f:5f:ee:2f:4d:2f:89:86:b1:86:
bf:38:d6:ee:b2:10:54:e4:ff:7e:f2:75:0d:45:24:06:86:45:
f4:da:2d:90:ee:da:67:61:be:59:6a:3c:ff:a1:e4:13:b0:bb:
db:71:b8:e5:15:ea:51:14:15:68:a4:36:a7:6c:2b:2f:e7:9d:
b6:a8:7f:da:6f:69:68:9a:fa:e3:76:ee:a0:e3:fe:f1:f5:fb:
79:07:92:8a:78:db:e3:e7:b9:a5:18:4a:7d:8b:f5:f4:3c:bb:
13:68:9b:78:04:f8:f7:3b:cd:97:86:c2:17:e8:04:53:b8:81:
a9:05:6d:c3
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgICDQIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OERCNEUxMTAvBgNVBAUTKDQyNzU4REUwQ0MwQ0Y2MkMyQUVFRTkzRTBFRUU2Nzkw
M0E1MDJDQ0MwHhcNMjUwODI4MTkwOTUxWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0MmViMi04Mzk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtVRuPu9ma/bpeXXB7PFvDjEksKojPoJe4Lpk52nZf6ukHrDqOC2FdX774CXp
NoCEaVP9AjfZi1ESIzzF0pipDIJs2QlZ16DQDRluf9mi3TX4No92Ey1pfdirmhkW
mTSigChSZZOsKSR9/v+QRbS4n2Q9ZmgRMUjMuAV73GMawjhnWCxeUpAl4KQHxFt1
ccqPB+vKXQimhD7aEkbvYGr2uL9vEsBHm/W+5uwroVFxdy0pm5M/0jYWcaDX+1YB
sRV+vq+O7PFpZifbtgzi+KC8F7sqEJmjGJS/GE8VQarRHwVSWDJt3BQl1SUAUNoZ
TpVCRN6CukdXxfKSWr/T3FZgdwIDAQABo4ICYTCCAl0wHQYDVR0OBBYEFBNynEyb
g+hz5xdf2bDu/ZI9pIy1MB8GA1UdIwQYMBaAFEJ1jeDMDPYsKu7pPg7uZ5A6UCzM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4REI0RS83N0U3RjlBMDBD
RTUxMUVBQTIwREREODJDNEY5QUUwMi9RbldONE13TTlpd3E3dWstRHU1bmtEcFFM
TXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FuV040TXdNOWl3cTd1ay1EdTVua0RwUUxNdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OERCNEUvNzdFN0Y5QTAwQ0U1MTFFQUEyMERERDgyQzRGOUFFMDIvQ0YzQ0Y0QTJE
RUNEMTFFRkEzNEE3QzY2QzRGOUFFMDIucm9hMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJAL4QDANBgkqhkiG9w0BAQsFAAOCAQEAATsXZLrjnzjbM5pP64hz
MZnBIlnjUqU+1dpeHy6umq7z+OgPlyinlaaV9SWwJ36JvJhvStl5lPHfK38mrPoB
nR+tYK3k8+9mWWOsGtQ9YMLUY/ou0/Xiq7WAowN250A/OI3RKQCB/Od+0Wg50ZYX
5MQZEIfI8SXIakVGe4eUN+8U64tesXtvX+4vTS+JhrGGvzjW7rIQVOT/fvJ1DUUk
BoZF9NotkO7aZ2G+WWo8/6HkE7C723G45RXqURQVaKQ2p2wrL+edtqh/2m9paJr6
43buoOP+8fX7eQeSinjb4+e5pRhKfYv19Dy7E2ibeAT49zvNl4bCF+gEU7iBqQVt
ww==
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:04:01 2026 by rpki-client