Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/329956720BEA11F1B85EC7FC343D8C67.roa
File: 329956720BEA11F1B85EC7FC343D8C67.roa (raw, json)
Hash identifier: jN937UyX5XHOIRQS1r/AwfGQGX/x0HBf2hIlEKKpaPA=
Subject key identifier: 9F:FD:C0:0B:00:74:9B:10:CB:2D:9C:A1:46:F8:9F:C8:BC:77:A9:EE
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: DB9C
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/329956720BEA11F1B85EC7FC343D8C67.roa
Signing time: Mon 09 Mar 2026 05:59:19 +0000
ROA not before: Mon 09 Mar 2026 05:59:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132296
IP address blocks: 43.248.68.0/24 maxlen: 24
43.248.69.0/24 maxlen: 24
43.248.70.0/24 maxlen: 24
43.248.71.0/24 maxlen: 24
45.119.12.0/24 maxlen: 24
45.119.13.0/24 maxlen: 24
45.119.14.0/24 maxlen: 24
45.119.15.0/24 maxlen: 24
103.57.252.0/24 maxlen: 24
103.57.253.0/24 maxlen: 24
103.57.254.0/24 maxlen: 24
103.57.255.0/24 maxlen: 24
103.116.169.0/24 maxlen: 24
103.147.174.0/23 maxlen: 24
103.148.138.0/23 maxlen: 24
103.157.206.0/23 maxlen: 24
103.157.230.0/23 maxlen: 24
103.162.224.0/23 maxlen: 24
103.171.126.0/23 maxlen: 24
103.174.26.0/23 maxlen: 24
103.177.58.0/23 maxlen: 24
103.177.128.0/24 maxlen: 24
103.177.129.0/24 maxlen: 24
103.181.147.0/24 maxlen: 24
103.255.36.0/24 maxlen: 24
103.255.37.0/24 maxlen: 24
103.255.38.0/24 maxlen: 24
103.255.39.0/24 maxlen: 24
163.227.152.0/24 maxlen: 24
163.227.153.0/24 maxlen: 24
2402:5c80::/32 maxlen: 32
2407:6fc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 01 Apr 2026 19:04:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56220 (0xdb9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Mar 9 05:59:19 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69ae61b7-387e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:af:61:02:09:29:d4:fb:d6:f4:62:07:bd:1a:
38:7b:58:90:86:10:ad:62:6b:77:f7:db:32:51:dd:
33:4b:73:af:a4:1a:41:1c:32:b1:de:63:56:96:a0:
db:53:38:0f:d9:38:3e:d7:c4:14:3d:2b:76:81:d6:
52:d0:ad:01:2b:50:19:b0:65:49:2e:e8:94:98:a3:
82:28:d1:1b:78:cb:5b:75:9e:9c:8c:ca:91:13:0a:
54:40:d0:4f:91:45:77:16:57:6c:46:28:e4:2d:16:
ff:68:0d:fc:30:cc:e2:28:29:0a:90:e9:37:00:8f:
d2:dc:66:57:d4:cf:11:f4:e2:29:52:03:f7:1a:d8:
77:81:0e:5a:6c:ff:ee:79:a2:6f:1e:a4:50:72:2e:
9a:f3:f9:29:e6:6a:41:ab:7e:38:97:a4:fc:05:c7:
c8:24:53:40:21:14:85:66:23:bb:71:48:4f:3e:0e:
3a:46:0f:80:5a:a8:4a:72:97:74:92:dc:46:3f:bf:
8e:c5:fe:7f:13:20:92:0a:bc:b5:4a:1a:51:bd:0f:
37:e0:ba:89:4f:fa:4f:a7:4b:ea:2d:d4:73:81:df:
a8:0f:8d:e5:c1:93:23:2d:b3:7d:d7:65:dd:4b:0b:
72:66:11:a1:d5:7c:07:81:c4:3d:a9:f6:ee:23:dc:
2c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:FD:C0:0B:00:74:9B:10:CB:2D:9C:A1:46:F8:9F:C8:BC:77:A9:EE
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/329956720BEA11F1B85EC7FC343D8C67.roa
sbgp-ipAddrBlock: critical
IPv4:
43.248.68.0/22
45.119.12.0/22
103.57.252.0/22
103.116.169.0/24
103.147.174.0/23
103.148.138.0/23
103.157.206.0/23
103.157.230.0/23
103.162.224.0/23
103.171.126.0/23
103.174.26.0/23
103.177.58.0/23
103.177.128.0/23
103.181.147.0/24
103.255.36.0/22
163.227.152.0/23
IPv6:
2402:5c80::/32
2407:6fc0::/32
Signature Algorithm: sha256WithRSAEncryption
25:c8:9e:bb:bb:84:03:c3:37:49:4b:44:04:04:dd:8f:87:ea:
ca:7d:5f:33:a8:7f:1f:e0:0f:4d:f8:77:dc:3d:7e:2a:c5:ed:
80:24:f9:26:89:2c:ea:ea:97:c4:81:b9:2d:c2:62:36:1d:e7:
23:d9:26:50:90:e0:a8:da:48:6b:35:e7:fb:90:d9:05:9e:2f:
01:ef:7f:a7:ca:2f:a0:ed:ea:3a:04:bc:b4:40:20:1a:2d:80:
c4:81:66:89:fb:47:1b:88:06:35:69:96:78:e2:0f:94:b1:27:
00:95:1f:ae:5a:f1:b9:98:0b:d6:15:96:db:e3:2e:5c:0b:a4:
19:ab:6a:65:23:bc:c9:1c:74:f5:87:6c:be:a3:2e:a4:b7:2f:
94:e0:92:7d:18:ef:3f:22:d8:7f:3e:69:80:04:ec:be:27:a3:
bd:0f:56:14:3b:4b:83:2e:ea:ae:b9:37:bc:83:34:fd:05:e4:
4b:70:61:96:eb:f2:3e:72:74:29:92:b1:a8:2f:3f:46:4a:1d:
14:33:8f:87:1d:d2:25:25:ff:ad:c3:06:db:68:9e:68:81:b5:
c0:8f:8f:47:79:14:fb:9f:4e:f0:4f:a1:07:42:75:d2:20:08:
0a:80:47:76:39:37:ca:eb:84:53:7c:3e:15:8a:e2:ff:50:90:
83:ae:f8:63
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgIDANucMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDMwOTA1NTkxOVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjlhZTYxYjctMzg3ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANuvYQIJKdT71vRiB70aOHtYkIYQrWJrd/fbMlHdM0tzr6QaQRwysd5jVpag
21M4D9k4PtfEFD0rdoHWUtCtAStQGbBlSS7olJijgijRG3jLW3WenIzKkRMKVEDQ
T5FFdxZXbEYo5C0W/2gN/DDM4igpCpDpNwCP0txmV9TPEfTiKVID9xrYd4EOWmz/
7nmibx6kUHIumvP5KeZqQat+OJek/AXHyCRTQCEUhWYju3FITz4OOkYPgFqoSnKX
dJLcRj+/jsX+fxMgkgq8tUoaUb0PN+C6iU/6T6dL6i3Uc4HfqA+N5cGTIy2zfddl
3UsLcmYRodV8B4HEPan27iPcLDkCAwEAAaOCAtIwggLOMB0GA1UdDgQWBBSf/cAL
AHSbEMstnKFG+J/IvHep7jAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzMyOTk1Njcy
MEJFQTExRjFCODVFQzdGQzM0M0Q4QzY3LnJvYTCBkAYIKwYBBQUHAQcBAf8EgYAw
fjBmBAIAATBgAwQCK/hEAwQCLXcMAwQCZzn8AwQAZ3SpAwQBZ5OuAwQBZ5SKAwQB
Z53OAwQBZ53mAwQBZ6LgAwQBZ6t+AwQBZ64aAwQBZ7E6AwQBZ7GAAwQAZ7WTAwQC
Z/8kAwQBo+OYMBQEAgACMA4DBQAkAlyAAwUAJAdvwDANBgkqhkiG9w0BAQsFAAOC
AQEAJcieu7uEA8M3SUtEBATdj4fqyn1fM6h/H+APTfh33D1+KsXtgCT5Joks6uqX
xIG5LcJiNh3nI9kmUJDgqNpIazXn+5DZBZ4vAe9/p8ovoO3qOgS8tEAgGi2AxIFm
iftHG4gGNWmWeOIPlLEnAJUfrlrxuZgL1hWW2+MuXAukGatqZSO8yRx09YdsvqMu
pLcvlOCSfRjvPyLYfz5pgATsviejvQ9WFDtLgy7qrrk3vIM0/QXkS3BhluvyPnJ0
KZKxqC8/RkodFDOPhx3SJSX/rcMG22ieaIG1wI+PR3kU+59O8E+hB0J10iAICoBH
djk3yuuEU3w+FYri/1CQg674Yw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:19:42 2026 by rpki-client