Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/329956720BEA11F1B85EC7FC343D8C67.roa
File: 329956720BEA11F1B85EC7FC343D8C67.roa (raw, json)
Hash identifier: WDv6ChcGjiHqqZbW2wCcEWMdEGSYVr0Q0ctCLD58BXQ=
Subject key identifier: 84:82:7D:38:C2:25:E7:55:92:74:FC:07:C2:82:38:69:21:F2:15:F5
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: E054
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/329956720BEA11F1B85EC7FC343D8C67.roa
Signing time: Tue 12 May 2026 08:43:36 +0000
ROA not before: Tue 12 May 2026 08:43:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132296
IP address blocks: 43.248.68.0/24 maxlen: 24
43.248.69.0/24 maxlen: 24
43.248.70.0/24 maxlen: 24
43.248.71.0/24 maxlen: 24
45.119.12.0/24 maxlen: 24
45.119.13.0/24 maxlen: 24
45.119.14.0/24 maxlen: 24
45.119.15.0/24 maxlen: 24
49.213.39.0/24 maxlen: 24
103.57.252.0/24 maxlen: 24
103.57.253.0/24 maxlen: 24
103.57.254.0/24 maxlen: 24
103.57.255.0/24 maxlen: 24
103.116.169.0/24 maxlen: 24
103.147.174.0/23 maxlen: 24
103.148.138.0/23 maxlen: 24
103.157.206.0/23 maxlen: 24
103.157.230.0/23 maxlen: 24
103.162.224.0/23 maxlen: 24
103.171.126.0/23 maxlen: 24
103.174.26.0/23 maxlen: 24
103.177.58.0/23 maxlen: 24
103.177.128.0/24 maxlen: 24
103.177.129.0/24 maxlen: 24
103.181.147.0/24 maxlen: 24
103.255.36.0/24 maxlen: 24
103.255.37.0/24 maxlen: 24
103.255.38.0/24 maxlen: 24
103.255.39.0/24 maxlen: 24
163.128.91.0/24 maxlen: 24
163.227.152.0/24 maxlen: 24
163.227.153.0/24 maxlen: 24
2402:5c80::/32 maxlen: 32
2407:6fc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 20 May 2026 06:38:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57428 (0xe054)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 12 08:43:36 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a02e837-dba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:7c:c0:82:f2:72:fc:34:58:42:4a:6b:f3:b6:
d8:15:ca:c1:e9:cd:a1:62:5d:00:cc:d6:06:aa:92:
d8:a5:41:02:de:8b:42:59:af:ea:11:c3:4e:66:44:
25:f7:a6:ba:fb:ba:41:b5:f2:2e:91:78:a2:7b:3b:
94:f8:47:30:ca:fd:22:bb:ad:5c:94:74:18:4e:df:
ba:28:8d:3e:4a:1d:e4:bb:7c:e6:da:e0:dc:38:f4:
f1:0d:b2:4b:d3:4e:94:f1:4a:43:9d:b9:1f:9e:d9:
ce:d3:0d:2d:6c:02:29:09:f9:41:55:54:f9:2c:9b:
70:c1:9d:de:5f:19:22:c1:61:72:94:49:b5:1e:47:
e8:58:a2:89:4a:0b:e7:a0:a4:c7:cc:a5:0d:8a:46:
89:16:51:7b:66:d6:ca:96:d8:18:bd:31:22:37:dc:
19:f9:9e:99:cb:37:62:e7:0e:e0:92:6b:a1:ad:73:
94:15:0f:4d:9e:2c:9d:52:09:4c:48:0f:84:ea:37:
e0:82:ed:07:70:db:f4:ae:0b:e9:f7:d0:8a:8f:10:
17:13:5b:cd:05:ab:24:06:c0:2c:fd:3c:e5:3a:bd:
a6:4c:ea:fc:f9:8f:47:fe:17:d2:96:75:c8:a1:c4:
ce:51:a2:14:73:b6:ec:27:62:4b:31:0d:13:f4:2c:
3a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:82:7D:38:C2:25:E7:55:92:74:FC:07:C2:82:38:69:21:F2:15:F5
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/329956720BEA11F1B85EC7FC343D8C67.roa
sbgp-ipAddrBlock: critical
IPv4:
43.248.68.0/22
45.119.12.0/22
49.213.39.0/24
103.57.252.0/22
103.116.169.0/24
103.147.174.0/23
103.148.138.0/23
103.157.206.0/23
103.157.230.0/23
103.162.224.0/23
103.171.126.0/23
103.174.26.0/23
103.177.58.0/23
103.177.128.0/23
103.181.147.0/24
103.255.36.0/22
163.128.91.0/24
163.227.152.0/23
IPv6:
2402:5c80::/32
2407:6fc0::/32
Signature Algorithm: sha256WithRSAEncryption
77:57:f8:32:f8:ff:6e:95:bc:b6:ba:ed:dc:02:39:fd:95:48:
35:15:23:b2:6b:d7:ca:0f:9b:89:2d:72:aa:14:ed:e8:ae:e5:
47:3f:ff:8e:82:52:a7:76:66:d1:8c:80:a6:3f:96:a3:67:b0:
98:75:8e:61:eb:02:4c:b0:bb:9e:51:d6:05:ca:c8:3d:74:71:
c0:88:57:46:47:25:a8:7e:a6:78:f5:09:ef:dd:cc:4d:0a:54:
10:80:46:b8:e3:65:98:8b:24:20:14:15:a3:0b:b1:b2:a7:9a:
9e:f3:e5:fe:4f:af:1d:0a:da:48:51:03:b7:72:0e:1f:5f:b7:
d9:80:09:3f:db:8b:bf:b4:0f:32:5c:be:41:2f:50:8e:77:d2:
70:68:46:ae:99:16:30:b6:93:c3:78:1a:36:e2:ca:78:e9:1d:
bd:fe:8a:fb:71:1a:03:62:7a:64:67:38:45:40:39:51:77:eb:
52:55:51:94:a4:02:37:9f:c6:8d:c5:66:92:6f:85:3e:c9:55:
2b:70:8f:0d:50:95:7e:79:95:24:fe:6a:98:a3:66:12:6d:23:
fb:e3:65:8e:f9:1c:d7:fd:7b:da:6e:6c:43:eb:3d:77:6f:2c:
66:4a:41:02:41:f3:ca:f7:eb:d7:33:d8:cd:9d:65:70:73:8a:
97:2e:62:bd
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIDAOBUMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDUxMjA4NDMzNloXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNmEwMmU4MzctZGJhMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANN8wILycvw0WEJKa/O22BXKwenNoWJdAMzWBqqS2KVBAt6LQlmv6hHDTmZE
Jfemuvu6QbXyLpF4ons7lPhHMMr9IrutXJR0GE7fuiiNPkod5Lt85trg3Dj08Q2y
S9NOlPFKQ525H57ZztMNLWwCKQn5QVVU+SybcMGd3l8ZIsFhcpRJtR5H6FiiiUoL
56Ckx8ylDYpGiRZRe2bWypbYGL0xIjfcGfmemcs3YucO4JJroa1zlBUPTZ4snVIJ
TEgPhOo34ILtB3Db9K4L6ffQio8QFxNbzQWrJAbALP085Tq9pkzq/PmPR/4X0pZ1
yKHEzlGiFHO27CdiSzENE/QsOgUCAwEAAaOCAt8wggLbMB0GA1UdDgQWBBSEgn04
wiXnVZJ0/AfCgjhpIfIV9TAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzMyOTk1Njcy
MEJFQTExRjFCODVFQzdGQzM0M0Q4QzY3LnJvYTCBnQYIKwYBBQUHAQcBAf8EgY0w
gYowcgQCAAEwbAMEAiv4RAMEAi13DAMEADHVJwMEAmc5/AMEAGd0qQMEAWeTrgME
AWeUigMEAWedzgMEAWed5gMEAWei4AMEAWerfgMEAWeuGgMEAWexOgMEAWexgAME
AGe1kwMEAmf/JAMEAKOAWwMEAaPjmDAUBAIAAjAOAwUAJAJcgAMFACQHb8AwDQYJ
KoZIhvcNAQELBQADggEBAHdX+DL4/26VvLa67dwCOf2VSDUVI7Jr18oPm4ktcqoU
7eiu5Uc//46CUqd2ZtGMgKY/lqNnsJh1jmHrAkywu55R1gXKyD10ccCIV0ZHJah+
pnj1Ce/dzE0KVBCARrjjZZiLJCAUFaMLsbKnmp7z5f5Prx0K2khRA7dyDh9ft9mA
CT/bi7+0DzJcvkEvUI530nBoRq6ZFjC2k8N4GjbiynjpHb3+ivtxGgNiemRnOEVA
OVF361JVUZSkAjefxo3FZpJvhT7JVStwjw1QlX55lST+apijZhJtI/vjZY75HNf9
e9pubEPrPXdvLGZKQQJB88r369cz2M2dZXBzipcuYr0=
-----END CERTIFICATE-----
Generated at Wed May 13 10:33:34 2026 by rpki-client