Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/346F90C45F7A11EFB8032057C4F9AE02.roa
File: 346F90C45F7A11EFB8032057C4F9AE02.roa (raw, json)
Hash identifier: VQqqVgyGpAJeHlUnAlFM2kbBJDcyr4/s5mkEQ7/Rhdc=
Subject key identifier: 12:C6:BE:27:CE:DD:7F:08:15:95:AC:E3:70:FA:4F:88:03:BB:1F:AE
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: DBC1
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/346F90C45F7A11EFB8032057C4F9AE02.roa
Signing time: Mon 09 Mar 2026 11:22:55 +0000
ROA not before: Mon 09 Mar 2026 11:22:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 17625
IP address blocks: 36.255.8.0/22 maxlen: 24
43.252.192.0/22 maxlen: 24
45.64.196.0/22 maxlen: 24
45.64.204.0/22 maxlen: 24
45.114.56.0/22 maxlen: 24
45.114.64.0/22 maxlen: 24
45.114.212.0/22 maxlen: 24
45.114.216.0/22 maxlen: 24
45.115.8.0/22 maxlen: 24
45.116.56.0/24 maxlen: 24
45.116.57.0/24 maxlen: 24
45.116.58.0/24 maxlen: 24
45.116.59.0/24 maxlen: 24
103.19.196.0/22 maxlen: 24
103.54.12.0/22 maxlen: 24
103.54.20.0/22 maxlen: 24
103.54.188.0/22 maxlen: 24
103.54.196.0/22 maxlen: 24
103.54.244.0/22 maxlen: 24
103.56.88.0/22 maxlen: 24
103.91.132.0/22 maxlen: 24
103.173.122.0/23 maxlen: 24
103.206.56.0/22 maxlen: 24
103.208.224.0/22 maxlen: 24
103.254.32.0/22 maxlen: 24
103.254.244.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 Apr 2026 05:36:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56257 (0xdbc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Mar 9 11:22:55 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69aead8f-0ba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:46:86:db:11:1f:ed:00:8e:0f:ca:24:44:26:
7d:f7:dc:dd:60:4a:92:95:64:3a:e4:18:07:b0:54:
66:af:bd:62:1c:c7:9d:74:fb:94:23:4c:df:70:bd:
52:19:2f:c5:c0:44:66:3a:a3:9d:f9:82:be:7a:e1:
48:c6:39:93:e5:2e:0d:ef:7f:b8:ad:a0:1d:f4:f1:
51:08:21:f0:b7:dd:c5:c5:f0:8b:ec:de:14:56:d4:
cf:33:c2:dc:10:40:b1:57:9a:da:d9:dc:4b:07:96:
df:9d:d4:14:39:bb:e9:8b:27:99:1a:cf:51:ef:5e:
04:84:e8:90:90:8d:8d:bc:25:08:a7:4d:d7:0a:95:
74:cb:3c:da:e6:d5:f4:0c:97:31:88:1d:e6:22:48:
02:19:18:de:df:b3:ee:44:6a:d8:47:0e:2c:13:86:
ab:ec:90:56:69:0c:50:ea:99:8d:17:75:02:75:40:
29:06:f5:84:ce:ba:40:1d:b8:7d:b5:fe:2a:c7:5b:
21:5f:83:4c:82:21:e3:6b:e9:8b:a1:1a:83:13:4a:
4b:cd:47:1d:b3:95:f1:4f:bb:dd:3f:12:3b:8d:5e:
1e:f3:ce:6a:fe:db:26:47:96:f3:27:0a:8e:ac:8e:
33:3f:8c:73:bc:de:f3:f1:dc:3b:4c:1c:34:90:cd:
2d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:C6:BE:27:CE:DD:7F:08:15:95:AC:E3:70:FA:4F:88:03:BB:1F:AE
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/346F90C45F7A11EFB8032057C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
36.255.8.0/22
43.252.192.0/22
45.64.196.0/22
45.64.204.0/22
45.114.56.0/22
45.114.64.0/22
45.114.212.0-45.114.219.255
45.115.8.0/22
45.116.56.0/22
103.19.196.0/22
103.54.12.0/22
103.54.20.0/22
103.54.188.0/22
103.54.196.0/22
103.54.244.0/22
103.56.88.0/22
103.91.132.0/22
103.173.122.0/23
103.206.56.0/22
103.208.224.0/22
103.254.32.0/22
103.254.244.0/22
Signature Algorithm: sha256WithRSAEncryption
59:f9:3d:67:48:83:9e:43:f8:74:df:b2:be:f7:ea:25:b4:42:
bd:a4:c8:30:77:81:c0:d3:50:c1:24:5b:12:cd:e7:68:e3:fb:
3d:e6:92:e4:47:2f:66:c4:60:5c:b9:4c:9b:7f:26:6d:06:72:
7e:7d:b1:56:16:7f:f4:57:bc:31:f7:b4:45:24:cb:06:82:d6:
54:d2:d5:11:d9:6c:fd:4b:31:c3:3c:12:aa:16:c2:5d:59:d0:
eb:a7:93:30:0d:07:d4:b9:0e:56:40:53:74:1a:d0:36:95:02:
f5:b5:fd:61:58:82:75:8d:54:43:2e:c7:2f:35:3a:b0:49:65:
f5:73:b8:bb:ad:93:13:ce:70:3b:67:4d:49:69:1e:c9:8a:8d:
4c:a4:af:e4:1c:e6:6d:18:1d:49:a9:67:a3:dc:f4:13:cc:8f:
22:13:88:2d:27:06:8e:52:d9:4c:27:48:29:55:21:8d:6b:0d:
d3:e9:2c:0b:0f:6c:eb:cf:5c:51:70:52:f9:1a:ff:fa:5b:c8:
15:e8:84:03:32:0e:54:91:3d:68:d8:bd:22:af:ed:58:f5:3b:
d7:c3:75:bb:95:f5:4e:42:50:81:e6:11:7d:ba:dc:cc:79:30:
68:b5:3c:b0:c2:82:d5:2a:1c:1a:76:9e:61:62:32:57:32:35:
5f:68:2e:83
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgIDANvBMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDMwOTExMjI1NVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjlhZWFkOGYtMGJhNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM5GhtsRH+0Ajg/KJEQmfffc3WBKkpVkOuQYB7BUZq+9YhzHnXT7lCNM33C9
UhkvxcBEZjqjnfmCvnrhSMY5k+UuDe9/uK2gHfTxUQgh8LfdxcXwi+zeFFbUzzPC
3BBAsVea2tncSweW353UFDm76YsnmRrPUe9eBITokJCNjbwlCKdN1wqVdMs82ubV
9AyXMYgd5iJIAhkY3t+z7kRq2EcOLBOGq+yQVmkMUOqZjRd1AnVAKQb1hM66QB24
fbX+KsdbIV+DTIIh42vpi6EagxNKS81HHbOV8U+73T8SO41eHvPOav7bJkeW8ycK
jqyOMz+Mc7ze8/HcO0wcNJDNLa8CAwEAAaOCAuswggLnMB0GA1UdDgQWBBQSxr4n
zt1/CBWVrONw+k+IA7sfrjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzM0NkY5MEM0
NUY3QTExRUZCODAzMjA1N0M0RjlBRTAyLnJvYTCBqQYIKwYBBQUHAQcBAf8EgZkw
gZYwgZMEAgABMIGMAwQCJP8IAwQCK/zAAwQCLUDEAwQCLUDMAwQCLXI4AwQCLXJA
MAwDBAItctQDBAItctgDBAItcwgDBAItdDgDBAJnE8QDBAJnNgwDBAJnNhQDBAJn
NrwDBAJnNsQDBAJnNvQDBAJnOFgDBAJnW4QDBAFnrXoDBAJnzjgDBAJn0OADBAJn
/iADBAJn/vQwDQYJKoZIhvcNAQELBQADggEBAFn5PWdIg55D+HTfsr736iW0Qr2k
yDB3gcDTUMEkWxLN52jj+z3mkuRHL2bEYFy5TJt/Jm0Gcn59sVYWf/RXvDH3tEUk
ywaC1lTS1RHZbP1LMcM8EqoWwl1Z0OunkzANB9S5DlZAU3Qa0DaVAvW1/WFYgnWN
VEMuxy81OrBJZfVzuLutkxPOcDtnTUlpHsmKjUykr+Qc5m0YHUmpZ6Pc9BPMjyIT
iC0nBo5S2UwnSClVIY1rDdPpLAsPbOvPXFFwUvka//pbyBXohAMyDlSRPWjYvSKv
7Vj1O9fDdbuV9U5CUIHmEX263Mx5MGi1PLDCgtUqHBp2nmFiMlcyNV9oLoM=
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:28:14 2026 by rpki-client