Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/524FB774F2E311F0ACABC44A426F56BC.roa
File: 524FB774F2E311F0ACABC44A426F56BC.roa (raw, json)
Hash identifier: Nb3E/xGrkGU8yuw5BTU2LJ6sAzTIJOyhZnzwT+hdshE=
Subject key identifier: 7F:2F:F2:8E:B3:FF:87:F7:EE:E8:FD:FE:9E:1D:13:F5:96:D6:E6:6C
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: DB73
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/524FB774F2E311F0ACABC44A426F56BC.roa
Signing time: Fri 06 Mar 2026 07:31:05 +0000
ROA not before: Fri 06 Mar 2026 07:31:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133275
IP address blocks: 43.228.220.0/22 maxlen: 24
43.248.236.0/22 maxlen: 24
43.249.52.0/22 maxlen: 24
45.115.4.0/22 maxlen: 24
45.119.136.0/22 maxlen: 24
45.119.140.0/22 maxlen: 24
45.125.60.0/22 maxlen: 24
103.36.124.0/22 maxlen: 24
103.46.192.0/23 maxlen: 24
103.46.194.0/23 maxlen: 24
103.47.168.0/22 maxlen: 24
103.47.236.0/22 maxlen: 24
103.59.192.0/22 maxlen: 24
103.59.196.0/22 maxlen: 24
103.86.40.0/22 maxlen: 24
103.95.120.0/22 maxlen: 24
103.124.12.0/22 maxlen: 24
103.146.32.0/23 maxlen: 24
103.148.119.0/24 maxlen: 24
103.152.22.0/24 maxlen: 24
103.153.180.0/23 maxlen: 24
103.173.201.0/24 maxlen: 24
103.176.162.0/23 maxlen: 24
103.182.154.0/23 maxlen: 24
103.193.196.0/22 maxlen: 24
103.196.52.0/22 maxlen: 24
103.197.116.0/22 maxlen: 24
103.207.172.0/22 maxlen: 24
103.208.200.0/22 maxlen: 24
103.215.248.0/22 maxlen: 24
103.216.88.0/22 maxlen: 24
103.243.4.0/24 maxlen: 24
103.248.116.0/22 maxlen: 24
116.204.188.0/22 maxlen: 24
137.59.240.0/22 maxlen: 24
157.119.124.0/22 maxlen: 24
157.119.216.0/24 maxlen: 24
157.119.217.0/24 maxlen: 24
157.119.218.0/24 maxlen: 24
157.119.219.0/24 maxlen: 24
175.111.132.0/22 maxlen: 24
210.16.80.0/22 maxlen: 24
220.158.160.0/22 maxlen: 24
2404:4340::/32 maxlen: 32
2404:4340::/33 maxlen: 33
2404:4340::/48 maxlen: 48
2404:4340:1::/48 maxlen: 48
2404:4340:2::/48 maxlen: 48
2404:4340:3::/48 maxlen: 48
2404:4340:4::/48 maxlen: 48
2404:4340:5::/48 maxlen: 48
2404:4340:6::/48 maxlen: 48
2404:4340:7::/48 maxlen: 48
2404:4340:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 Apr 2026 05:36:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56179 (0xdb73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Mar 6 07:31:05 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69aa82b9-e92c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:bd:01:13:04:7b:5f:9b:7f:0a:76:0f:b4:15:
22:2d:15:0f:32:cf:e4:d2:fd:3b:c9:33:63:11:82:
84:42:4b:a4:80:d6:59:72:4f:58:6a:c7:f1:46:2b:
b4:f9:8b:71:b2:43:aa:aa:e0:d6:e8:19:4d:63:64:
d9:3a:15:88:51:09:94:5d:d3:1b:19:bf:e7:a3:12:
ff:44:23:9e:2b:22:3c:35:d3:7b:7f:2f:b2:b5:d4:
9f:2e:0d:6a:f2:34:f5:3f:03:79:b3:61:fa:a5:8f:
18:b4:6e:21:97:c5:4f:46:e4:de:65:31:06:67:06:
44:93:b0:97:31:7f:3d:57:74:67:d5:60:81:3f:62:
a6:00:a2:c1:9a:6b:46:21:15:af:d6:ad:fa:22:e6:
b9:53:0b:c2:f2:43:3a:ce:31:0c:6a:a3:03:38:72:
5b:cb:f8:03:39:48:b9:4a:f9:db:e4:a8:cc:30:c7:
66:a9:bf:a6:54:50:a2:ff:cb:54:15:d0:2f:78:73:
bb:3a:72:eb:9e:d1:53:28:0b:77:e8:71:e8:b3:7d:
d1:e5:74:a5:0b:3e:5f:6a:5d:0a:e3:58:3c:3f:12:
a3:7c:00:c1:70:5e:dc:63:ac:85:0a:21:72:2f:2c:
67:2e:8a:b6:3f:1a:fe:fd:9f:36:e0:c2:dd:e7:08:
86:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:2F:F2:8E:B3:FF:87:F7:EE:E8:FD:FE:9E:1D:13:F5:96:D6:E6:6C
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/524FB774F2E311F0ACABC44A426F56BC.roa
sbgp-ipAddrBlock: critical
IPv4:
43.228.220.0/22
43.248.236.0/22
43.249.52.0/22
45.115.4.0/22
45.119.136.0/21
45.125.60.0/22
103.36.124.0/22
103.46.192.0/22
103.47.168.0/22
103.47.236.0/22
103.59.192.0/21
103.86.40.0/22
103.95.120.0/22
103.124.12.0/22
103.146.32.0/23
103.148.119.0/24
103.152.22.0/24
103.153.180.0/23
103.173.201.0/24
103.176.162.0/23
103.182.154.0/23
103.193.196.0/22
103.196.52.0/22
103.197.116.0/22
103.207.172.0/22
103.208.200.0/22
103.215.248.0/22
103.216.88.0/22
103.243.4.0/24
103.248.116.0/22
116.204.188.0/22
137.59.240.0/22
157.119.124.0/22
157.119.216.0/22
175.111.132.0/22
210.16.80.0/22
220.158.160.0/22
IPv6:
2404:4340::/32
Signature Algorithm: sha256WithRSAEncryption
0c:ae:20:00:5f:9f:29:b5:6e:22:9e:80:e4:99:b3:42:15:15:
64:71:4b:e6:ef:25:a5:28:e1:ff:47:ca:b0:a7:0a:6c:91:e7:
d3:5c:ab:15:cc:ce:31:6f:be:68:c9:ab:b9:91:d4:01:17:1e:
d8:1c:9b:b2:58:82:37:af:54:96:2e:63:0c:12:63:53:f5:f1:
a0:50:fc:77:d0:e5:72:17:10:e0:15:5c:d1:d1:9d:3e:f9:5d:
20:85:2f:69:f2:7b:44:34:ef:75:da:2e:b3:f6:b2:11:7b:78:
b4:5d:c7:5e:54:20:76:e8:9d:44:21:fe:60:67:81:30:94:d0:
c5:d3:a4:79:50:28:c7:8b:2d:81:47:ac:a6:76:00:f2:d0:4b:
3c:cd:af:76:46:99:d1:f3:a1:dc:d4:ba:29:e8:61:1b:71:46:
b9:0b:30:a9:f2:9c:69:e9:7b:c2:a5:e7:d6:4c:ef:59:b5:14:
05:02:43:8c:df:96:e9:30:ca:58:67:e7:59:0e:3a:82:39:fc:
2c:be:19:42:7e:9d:26:4e:1f:3e:62:b6:8b:99:5d:7b:04:69:
ea:3d:fa:1b:b4:fc:b0:7e:2a:de:9f:93:99:9d:c0:47:9c:74:
12:9f:e5:88:77:d2:2d:50:d7:e3:d7:de:05:14:67:b0:23:b3:
ea:d3:29:1f
-----BEGIN CERTIFICATE-----
MIIGKjCCBRKgAwIBAgIDANtzMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDMwNjA3MzEwNVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjlhYTgyYjktZTkyYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANG9ARMEe1+bfwp2D7QVIi0VDzLP5NL9O8kzYxGChEJLpIDWWXJPWGrH8UYr
tPmLcbJDqqrg1ugZTWNk2ToViFEJlF3TGxm/56MS/0QjnisiPDXTe38vsrXUny4N
avI09T8DebNh+qWPGLRuIZfFT0bk3mUxBmcGRJOwlzF/PVd0Z9VggT9ipgCiwZpr
RiEVr9at+iLmuVMLwvJDOs4xDGqjAzhyW8v4AzlIuUr52+SozDDHZqm/plRQov/L
VBXQL3hzuzpy657RUygLd+hx6LN90eV0pQs+X2pdCuNYPD8So3wAwXBe3GOshQoh
ci8sZy6Ktj8a/v2fNuDC3ecIht8CAwEAAaOCA00wggNJMB0GA1UdDgQWBBR/L/KO
s/+H9+7o/f6eHRP1ltbmbDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzUyNEZCNzc0
RjJFMzExRjBBQ0FCQzQ0QTQyNkY1NkJDLnJvYTCCAQoGCCsGAQUFBwEHAQH/BIH6
MIH3MIHlBAIAATCB3gMEAivk3AMEAiv47AMEAiv5NAMEAi1zBAMEAy13iAMEAi19
PAMEAmckfAMEAmcuwAMEAmcvqAMEAmcv7AMEA2c7wAMEAmdWKAMEAmdfeAMEAmd8
DAMEAWeSIAMEAGeUdwMEAGeYFgMEAWeZtAMEAGetyQMEAWewogMEAWe2mgMEAmfB
xAMEAmfENAMEAmfFdAMEAmfPrAMEAmfQyAMEAmfX+AMEAmfYWAMEAGfzBAMEAmf4
dAMEAnTMvAMEAok78AMEAp13fAMEAp132AMEAq9vhAMEAtIQUAMEAtyeoDANBAIA
AjAHAwUAJARDQDANBgkqhkiG9w0BAQsFAAOCAQEADK4gAF+fKbVuIp6A5JmzQhUV
ZHFL5u8lpSjh/0fKsKcKbJHn01yrFczOMW++aMmruZHUARce2BybsliCN69Uli5j
DBJjU/XxoFD8d9DlchcQ4BVc0dGdPvldIIUvafJ7RDTvddous/ayEXt4tF3HXlQg
duidRCH+YGeBMJTQxdOkeVAox4stgUespnYA8tBLPM2vdkaZ0fOh3NS6KehhG3FG
uQswqfKcael7wqXn1kzvWbUUBQJDjN+W6TDKWGfnWQ46gjn8LL4ZQn6dJk4fPmK2
i5ldewRp6j36G7T8sH4q3p+TmZ3AR5x0Ep/liHfSLVDX49feBRRnsCOz6tMpHw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:55:55 2026 by rpki-client