Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8EE6DC4C282D11F1BA507DBBC6833773.roa
File: 8EE6DC4C282D11F1BA507DBBC6833773.roa (raw, json)
Hash identifier: 8NC7IiZHrUvN3gPWPgWFwCj5sJJNqTlPhcn9nTXyrMo=
Subject key identifier: A0:99:C6:F6:C6:45:EA:CA:74:8B:92:B4:8F:D7:78:95:AF:D0:86:C1
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: DC9D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8EE6DC4C282D11F1BA507DBBC6833773.roa
Signing time: Wed 25 Mar 2026 09:41:07 +0000
ROA not before: Wed 25 Mar 2026 09:41:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 138754
IP address blocks: 43.229.88.0/22 maxlen: 24
45.116.252.0/22 maxlen: 24
103.42.196.0/22 maxlen: 24
103.65.250.0/23 maxlen: 24
103.70.36.0/23 maxlen: 24
103.70.196.0/22 maxlen: 24
103.76.162.0/23 maxlen: 24
103.99.144.0/23 maxlen: 24
103.99.204.0/22 maxlen: 24
103.114.252.0/23 maxlen: 24
103.118.150.0/23 maxlen: 24
103.131.128.0/23 maxlen: 24
103.132.24.0/22 maxlen: 24
103.135.52.0/22 maxlen: 24
103.139.64.0/23 maxlen: 24
103.140.16.0/23 maxlen: 24
103.145.172.0/23 maxlen: 24
103.146.174.0/23 maxlen: 24
103.147.208.0/23 maxlen: 24
103.148.20.0/23 maxlen: 24
103.149.158.0/23 maxlen: 24
103.151.188.0/23 maxlen: 24
103.153.92.0/23 maxlen: 24
103.153.104.0/23 maxlen: 24
103.154.36.0/24 maxlen: 24
103.154.37.0/24 maxlen: 24
103.154.54.0/23 maxlen: 24
103.155.222.0/23 maxlen: 24
103.157.104.0/23 maxlen: 24
103.158.240.0/23 maxlen: 24
103.160.194.0/23 maxlen: 24
103.160.232.0/23 maxlen: 24
103.161.54.0/23 maxlen: 24
103.161.144.0/23 maxlen: 24
103.165.166.0/23 maxlen: 24
103.166.244.0/23 maxlen: 24
103.168.200.0/23 maxlen: 24
103.169.214.0/23 maxlen: 24
103.170.54.0/23 maxlen: 24
103.171.224.0/23 maxlen: 24
103.175.2.0/23 maxlen: 24
103.175.88.0/23 maxlen: 24
103.175.136.0/23 maxlen: 24
103.176.184.0/23 maxlen: 24
103.177.26.0/23 maxlen: 24
103.177.252.0/23 maxlen: 24
103.178.204.0/23 maxlen: 24
103.179.196.0/23 maxlen: 24
103.179.230.0/23 maxlen: 24
103.181.40.0/23 maxlen: 24
103.182.166.0/23 maxlen: 24
103.183.82.0/23 maxlen: 24
103.184.238.0/23 maxlen: 24
103.189.142.0/23 maxlen: 24
103.189.214.0/23 maxlen: 24
103.190.2.0/23 maxlen: 24
103.190.194.0/23 maxlen: 24
103.191.172.0/23 maxlen: 24
103.191.186.0/23 maxlen: 24
103.194.152.0/22 maxlen: 24
103.199.160.0/22 maxlen: 24
103.209.132.0/23 maxlen: 24
103.209.220.0/22 maxlen: 24
103.227.36.0/22 maxlen: 24
137.59.84.0/22 maxlen: 24
2001:df0:b240::/48 maxlen: 48
2001:df0:c640::/48 maxlen: 48
2001:df5:2380::/48 maxlen: 48
2001:df5:d380::/48 maxlen: 48
2001:df7:480::/48 maxlen: 48
2001:df7:d80::/48 maxlen: 48
2001:df7:1380::/48 maxlen: 48
2001:df7:4b80::/48 maxlen: 48
2001:df7:4d80::/48 maxlen: 48
2001:df7:4e80::/48 maxlen: 48
2001:df7:4f80::/48 maxlen: 48
2001:df7:5280::/48 maxlen: 48
2001:df7:6980::/48 maxlen: 48
2403:a080::/32 maxlen: 38
2405:f140::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 01 Apr 2026 19:04:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56477 (0xdc9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Mar 25 09:41:07 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69c3adb3-e0c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:88:ff:7e:05:2d:c5:c1:8b:c8:0d:fb:bc:ad:
40:e5:e2:7a:2d:73:a3:77:cf:b7:36:e0:e6:57:96:
c1:d0:de:fb:3c:d0:b0:67:62:8f:97:b2:11:71:4d:
49:f7:ed:27:57:17:20:fd:b6:d7:67:f0:ac:61:63:
b3:0f:c3:44:ca:ea:3f:65:e9:04:3a:2a:8e:da:04:
38:10:4f:4c:eb:1d:9f:bc:5e:c8:75:39:c0:84:09:
57:4f:5f:e5:79:07:88:aa:f2:5d:21:9b:e2:01:54:
21:11:0c:51:38:37:5b:4c:71:93:e7:49:61:14:8a:
05:28:89:33:a9:90:8f:02:51:6a:40:e5:26:1b:3e:
89:21:7d:fa:e5:90:4b:69:26:35:49:37:35:cd:d6:
d0:e3:a6:d4:bc:00:9d:cb:3c:7e:ff:de:d0:9b:d8:
67:9f:87:76:21:c1:29:18:c5:0d:da:67:ac:71:0f:
32:e4:ac:53:e9:b8:a9:d7:15:c5:e1:79:61:48:89:
c9:f8:74:97:3a:4a:57:48:21:b1:11:95:bd:79:9d:
42:1e:78:54:7d:25:02:42:b9:64:8c:83:95:67:d5:
12:fc:2d:31:3f:b7:cb:23:5e:50:a1:34:aa:ee:8a:
ee:43:2d:74:25:3a:b1:60:35:98:09:a4:15:dc:5c:
1b:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:99:C6:F6:C6:45:EA:CA:74:8B:92:B4:8F:D7:78:95:AF:D0:86:C1
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8EE6DC4C282D11F1BA507DBBC6833773.roa
sbgp-ipAddrBlock: critical
IPv4:
43.229.88.0/22
45.116.252.0/22
103.42.196.0/22
103.65.250.0/23
103.70.36.0/23
103.70.196.0/22
103.76.162.0/23
103.99.144.0/23
103.99.204.0/22
103.114.252.0/23
103.118.150.0/23
103.131.128.0/23
103.132.24.0/22
103.135.52.0/22
103.139.64.0/23
103.140.16.0/23
103.145.172.0/23
103.146.174.0/23
103.147.208.0/23
103.148.20.0/23
103.149.158.0/23
103.151.188.0/23
103.153.92.0/23
103.153.104.0/23
103.154.36.0/23
103.154.54.0/23
103.155.222.0/23
103.157.104.0/23
103.158.240.0/23
103.160.194.0/23
103.160.232.0/23
103.161.54.0/23
103.161.144.0/23
103.165.166.0/23
103.166.244.0/23
103.168.200.0/23
103.169.214.0/23
103.170.54.0/23
103.171.224.0/23
103.175.2.0/23
103.175.88.0/23
103.175.136.0/23
103.176.184.0/23
103.177.26.0/23
103.177.252.0/23
103.178.204.0/23
103.179.196.0/23
103.179.230.0/23
103.181.40.0/23
103.182.166.0/23
103.183.82.0/23
103.184.238.0/23
103.189.142.0/23
103.189.214.0/23
103.190.2.0/23
103.190.194.0/23
103.191.172.0/23
103.191.186.0/23
103.194.152.0/22
103.199.160.0/22
103.209.132.0/23
103.209.220.0/22
103.227.36.0/22
137.59.84.0/22
IPv6:
2001:df0:b240::/48
2001:df0:c640::/48
2001:df5:2380::/48
2001:df5:d380::/48
2001:df7:480::/48
2001:df7:d80::/48
2001:df7:1380::/48
2001:df7:4b80::/48
2001:df7:4d80::/48
2001:df7:4e80::/48
2001:df7:4f80::/48
2001:df7:5280::/48
2001:df7:6980::/48
2403:a080::/32
2405:f140::/32
Signature Algorithm: sha256WithRSAEncryption
03:77:51:db:61:4d:0e:30:c3:68:9e:84:22:4f:c9:ee:f1:2d:
61:34:01:43:f0:ce:8c:fe:4f:50:b5:89:e2:bb:10:f8:db:d9:
92:4b:e4:ca:17:2d:23:56:0b:3a:fe:4d:06:10:a7:6f:e9:5a:
a2:76:b3:d4:df:a7:7f:0b:cc:b8:da:23:97:06:12:5f:6b:c2:
f8:fb:18:7e:83:0e:78:2f:26:8e:b1:43:81:a4:fd:e1:db:fd:
69:7b:ab:ef:a3:ab:c9:44:d5:1f:18:5e:82:70:6e:43:82:38:
6c:d4:31:28:2d:83:7b:16:a0:3b:bf:37:ca:bd:b8:63:33:20:
3b:29:cf:4a:ba:fb:c6:e5:3a:98:6b:c6:f7:10:58:11:dd:4b:
6b:5c:55:40:0c:87:ac:09:e9:23:0a:9b:96:35:a6:2d:8f:0e:
aa:d4:f1:e8:90:8d:16:d6:52:e4:a9:3d:e2:85:e0:fb:21:a8:
c9:bc:5f:96:11:21:08:b0:bf:d7:6b:21:e9:7d:21:9b:45:6e:
4c:6c:c0:e9:61:aa:4e:ec:db:ac:ff:48:91:61:46:43:2c:d3:
8a:5f:22:4f:d9:f1:9b:72:0b:24:e8:20:b4:c5:58:9f:fd:ca:
ad:45:c0:61:98:34:21:8a:2c:26:86:db:50:e2:1a:8e:42:fd:
18:a8:18:17
-----BEGIN CERTIFICATE-----
MIIHTjCCBjagAwIBAgIDANydMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDMyNTA5NDEwN1oXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjljM2FkYjMtZTBjMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKaI/34FLcXBi8gN+7ytQOXiei1zo3fPtzbg5leWwdDe+zzQsGdij5eyEXFN
SfftJ1cXIP2212fwrGFjsw/DRMrqP2XpBDoqjtoEOBBPTOsdn7xeyHU5wIQJV09f
5XkHiKryXSGb4gFUIREMUTg3W0xxk+dJYRSKBSiJM6mQjwJRakDlJhs+iSF9+uWQ
S2kmNUk3Nc3W0OOm1LwAncs8fv/e0JvYZ5+HdiHBKRjFDdpnrHEPMuSsU+m4qdcV
xeF5YUiJyfh0lzpKV0ghsRGVvXmdQh54VH0lAkK5ZIyDlWfVEvwtMT+3yyNeUKE0
qu6K7kMtdCU6sWA1mAmkFdxcGwECAwEAAaOCBHEwggRtMB0GA1UdDgQWBBSgmcb2
xkXqynSLkrSP13iVr9CGwTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzhFRTZEQzRD
MjgyRDExRjFCQTUwN0RCQkM2ODMzNzczLnJvYTCCAi4GCCsGAQUFBwEHAQH/BIIC
HTCCAhkwggGIBAIAATCCAYADBAIr5VgDBAItdPwDBAJnKsQDBAFnQfoDBAFnRiQD
BAJnRsQDBAFnTKIDBAFnY5ADBAJnY8wDBAFncvwDBAFndpYDBAFng4ADBAJnhBgD
BAJnhzQDBAFni0ADBAFnjBADBAFnkawDBAFnkq4DBAFnk9ADBAFnlBQDBAFnlZ4D
BAFnl7wDBAFnmVwDBAFnmWgDBAFnmiQDBAFnmjYDBAFnm94DBAFnnWgDBAFnnvAD
BAFnoMIDBAFnoOgDBAFnoTYDBAFnoZADBAFnpaYDBAFnpvQDBAFnqMgDBAFnqdYD
BAFnqjYDBAFnq+ADBAFnrwIDBAFnr1gDBAFnr4gDBAFnsLgDBAFnsRoDBAFnsfwD
BAFnsswDBAFns8QDBAFns+YDBAFntSgDBAFntqYDBAFnt1IDBAFnuO4DBAFnvY4D
BAFnvdYDBAFnvgIDBAFnvsIDBAFnv6wDBAFnv7oDBAJnwpgDBAJnx6ADBAFn0YQD
BAJn0dwDBAJn4yQDBAKJO1QwgYoEAgACMIGDAwcAIAEN8LJAAwcAIAEN8MZAAwcA
IAEN9SOAAwcAIAEN9dOAAwcAIAEN9wSAAwcAIAEN9w2AAwcAIAEN9xOAAwcAIAEN
90uAAwcAIAEN902AAwcAIAEN906AAwcAIAEN90+AAwcAIAEN91KAAwcAIAEN92mA
AwUAJAOggAMFACQF8UAwDQYJKoZIhvcNAQELBQADggEBAAN3UdthTQ4ww2iehCJP
ye7xLWE0AUPwzoz+T1C1ieK7EPjb2ZJL5MoXLSNWCzr+TQYQp2/pWqJ2s9Tfp38L
zLjaI5cGEl9rwvj7GH6DDngvJo6xQ4Gk/eHb/Wl7q++jq8lE1R8YXoJwbkOCOGzU
MSgtg3sWoDu/N8q9uGMzIDspz0q6+8blOphrxvcQWBHdS2tcVUAMh6wJ6SMKm5Y1
pi2PDqrU8eiQjRbWUuSpPeKF4PshqMm8X5YRIQiwv9drIel9IZtFbkxswOlhqk7s
26z/SJFhRkMs04pfIk/Z8ZtyCyToILTFWJ/9yq1FwGGYNCGKLCaG21DiGo5C/Rio
GBc=
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:55:44 2026 by rpki-client