Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/346F90C45F7A11EFB8032057C4F9AE02.roa
File: 346F90C45F7A11EFB8032057C4F9AE02.roa (raw, json)
Hash identifier: daU2MAUHCibS79aCCFzcImbEyUeSVPbp+HF3eh2ZmT4=
Subject key identifier: 5D:81:9B:EB:5B:54:40:0B:41:73:71:2E:71:6F:78:DC:10:92:08:45
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: DFE4
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/346F90C45F7A11EFB8032057C4F9AE02.roa
Signing time: Wed 06 May 2026 08:41:40 +0000
ROA not before: Wed 06 May 2026 08:41:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 17625
IP address blocks: 36.255.8.0/22 maxlen: 24
43.251.80.0/22 maxlen: 24
43.252.192.0/22 maxlen: 24
45.64.196.0/22 maxlen: 24
45.64.204.0/22 maxlen: 24
45.114.56.0/22 maxlen: 24
45.114.64.0/22 maxlen: 24
45.114.212.0/22 maxlen: 24
45.114.216.0/22 maxlen: 24
45.115.8.0/22 maxlen: 24
45.116.56.0/24 maxlen: 24
45.116.57.0/24 maxlen: 24
45.116.58.0/24 maxlen: 24
45.116.59.0/24 maxlen: 24
103.19.196.0/22 maxlen: 24
103.54.12.0/22 maxlen: 24
103.54.20.0/22 maxlen: 24
103.54.188.0/22 maxlen: 24
103.54.196.0/22 maxlen: 24
103.54.244.0/22 maxlen: 24
103.56.88.0/22 maxlen: 24
103.91.132.0/22 maxlen: 24
103.173.122.0/23 maxlen: 24
103.206.56.0/22 maxlen: 24
103.208.224.0/22 maxlen: 24
103.254.32.0/22 maxlen: 24
103.254.128.0/22 maxlen: 24
103.254.244.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 20 May 2026 05:22:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57316 (0xdfe4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 6 08:41:40 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69fafec4-bc4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1d:34:15:da:5b:f8:59:a7:7a:26:ca:eb:4f:
dc:c2:16:9a:29:6e:e1:32:a3:1e:fb:dc:72:66:2f:
84:1b:23:00:3a:e6:fb:c6:ff:be:24:94:b8:b5:9a:
89:3b:44:60:12:f7:1d:f5:87:d4:ce:52:75:d0:25:
6c:89:90:fe:2c:97:1e:f1:da:0c:e3:94:79:03:fc:
fa:7d:69:32:d9:91:06:7b:a9:c2:65:96:23:d0:75:
23:95:e7:1e:cd:cd:68:b1:20:78:b5:d9:fb:b3:bf:
33:dc:c2:d3:b0:69:f4:13:7b:00:7c:4f:6f:bb:cf:
02:a8:ff:88:18:67:67:68:35:d9:70:73:e7:c3:cd:
3c:36:20:71:db:0f:2a:f0:81:26:c2:e1:9e:fe:d4:
a9:b2:d7:7c:6c:f8:e7:9c:3a:7c:ca:62:96:9e:81:
95:ce:19:10:7d:1d:26:58:7c:b2:b7:28:84:d8:86:
70:52:98:44:2a:60:2f:29:02:71:cd:53:6b:bf:e8:
fb:ac:aa:95:4f:40:c5:b5:9c:3c:e8:45:29:c5:40:
ca:42:af:39:88:47:9b:7a:fe:d1:b2:0f:3d:e0:11:
19:1b:cd:fc:b1:19:ce:e9:0e:59:c9:e7:4e:b6:b3:
e9:5d:ca:84:eb:fe:24:e9:a5:f3:a4:0b:90:e3:f1:
00:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:81:9B:EB:5B:54:40:0B:41:73:71:2E:71:6F:78:DC:10:92:08:45
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/346F90C45F7A11EFB8032057C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
36.255.8.0/22
43.251.80.0/22
43.252.192.0/22
45.64.196.0/22
45.64.204.0/22
45.114.56.0/22
45.114.64.0/22
45.114.212.0-45.114.219.255
45.115.8.0/22
45.116.56.0/22
103.19.196.0/22
103.54.12.0/22
103.54.20.0/22
103.54.188.0/22
103.54.196.0/22
103.54.244.0/22
103.56.88.0/22
103.91.132.0/22
103.173.122.0/23
103.206.56.0/22
103.208.224.0/22
103.254.32.0/22
103.254.128.0/22
103.254.244.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:2b:28:40:a2:86:14:7e:09:88:ab:17:8c:6e:8d:33:79:de:
42:d9:5a:52:a7:8a:42:56:de:31:52:01:4d:20:a7:fc:e6:c0:
27:19:ac:95:08:87:7e:5c:cf:b2:dd:6a:3e:dc:33:bd:8c:41:
53:d2:5c:9a:60:0d:3d:d9:04:5f:c9:36:6d:64:19:60:24:7c:
82:e8:f5:73:90:3a:a0:7d:51:ed:ab:97:3c:09:a3:22:60:c8:
56:95:60:01:a9:6b:43:dd:a6:b5:db:36:86:6b:09:6b:cd:06:
2d:ab:87:cf:d0:e8:d4:3f:2a:77:71:33:8a:f1:c0:13:1d:3d:
33:8b:9c:4c:dd:f5:e4:a5:40:e7:03:ed:9b:aa:1d:34:25:dd:
df:f1:2e:b0:99:e4:72:e5:2f:60:ce:e4:08:d8:4d:22:1b:fe:
f4:cc:19:0a:92:cf:35:d0:79:8d:cc:63:bc:9f:f2:9f:4d:d4:
c1:72:5b:9b:fe:e8:ba:03:bb:6e:b3:c1:b5:ee:ff:b6:08:74:
0e:0c:41:fe:9f:b4:90:47:fd:b7:a8:a0:fd:97:b6:19:86:2b:
25:36:e0:cf:10:eb:15:be:53:e3:ce:3f:7f:09:ec:2c:e8:7b:
85:af:c9:15:3c:99:c4:bb:6b:b4:94:f5:d7:2c:ea:75:1d:a8:
53:e7:16:92
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgIDAN/kMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDUwNjA4NDE0MFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjlmYWZlYzQtYmM0ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0dNBXaW/hZp3omyutP3MIWmilu4TKjHvvccmYvhBsjADrm+8b/viSUuLWa
iTtEYBL3HfWH1M5SddAlbImQ/iyXHvHaDOOUeQP8+n1pMtmRBnupwmWWI9B1I5Xn
Hs3NaLEgeLXZ+7O/M9zC07Bp9BN7AHxPb7vPAqj/iBhnZ2g12XBz58PNPDYgcdsP
KvCBJsLhnv7UqbLXfGz455w6fMpilp6Blc4ZEH0dJlh8srcohNiGcFKYRCpgLykC
cc1Ta7/o+6yqlU9AxbWcPOhFKcVAykKvOYhHm3r+0bIPPeARGRvN/LEZzukOWcnn
Traz6V3KhOv+JOml86QLkOPxAGsCAwEAAaOCAvcwggLzMB0GA1UdDgQWBBRdgZvr
W1RAC0FzcS5xb3jcEJIIRTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzM0NkY5MEM0
NUY3QTExRUZCODAzMjA1N0M0RjlBRTAyLnJvYTCBtQYIKwYBBQUHAQcBAf8EgaUw
gaIwgZ8EAgABMIGYAwQCJP8IAwQCK/tQAwQCK/zAAwQCLUDEAwQCLUDMAwQCLXI4
AwQCLXJAMAwDBAItctQDBAItctgDBAItcwgDBAItdDgDBAJnE8QDBAJnNgwDBAJn
NhQDBAJnNrwDBAJnNsQDBAJnNvQDBAJnOFgDBAJnW4QDBAFnrXoDBAJnzjgDBAJn
0OADBAJn/iADBAJn/oADBAJn/vQwDQYJKoZIhvcNAQELBQADggEBAK4rKECihhR+
CYirF4xujTN53kLZWlKnikJW3jFSAU0gp/zmwCcZrJUIh35cz7Ldaj7cM72MQVPS
XJpgDT3ZBF/JNm1kGWAkfILo9XOQOqB9Ue2rlzwJoyJgyFaVYAGpa0PdprXbNoZr
CWvNBi2rh8/Q6NQ/KndxM4rxwBMdPTOLnEzd9eSlQOcD7ZuqHTQl3d/xLrCZ5HLl
L2DO5AjYTSIb/vTMGQqSzzXQeY3MY7yf8p9N1MFyW5v+6LoDu26zwbXu/7YIdA4M
Qf6ftJBH/beooP2XthmGKyU24M8Q6xW+U+POP38J7Czoe4WvyRU8mcS7a7SU9dcs
6nUdqFPnFpI=
-----END CERTIFICATE-----
Generated at Wed May 13 08:41:24 2026 by rpki-client