Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D4EFCD26AC3D11ED80AECB5EC4F9AE02.roa
File: D4EFCD26AC3D11ED80AECB5EC4F9AE02.roa (raw, json)
Hash identifier: KcyO807BHQgn3+iiQ7W4flzyEoXaTle5jW8vj0GCe1M=
Subject key identifier: 48:AD:87:DF:81:36:46:E3:42:83:5E:81:13:4C:E8:D1:BE:21:76:A7
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: DCD4
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D4EFCD26AC3D11ED80AECB5EC4F9AE02.roa
Signing time: Wed 25 Mar 2026 19:04:52 +0000
ROA not before: Wed 25 Mar 2026 19:04:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136308
IP address blocks: 43.240.232.0/24 maxlen: 24
43.240.233.0/24 maxlen: 24
103.62.150.0/23 maxlen: 24
103.89.232.0/22 maxlen: 24
103.141.112.0/23 maxlen: 24
103.167.210.0/23 maxlen: 24
103.188.18.0/23 maxlen: 24
103.189.56.0/23 maxlen: 24
2001:df5:f0c0::/48 maxlen: 48
2401:ea20::/32 maxlen: 32
2403:7340::/32 maxlen: 32
2403:7340::/48 maxlen: 48
2403:7340:1::/48 maxlen: 48
2403:7340:2::/48 maxlen: 48
2403:7340:3::/48 maxlen: 48
2403:7340:4::/48 maxlen: 48
2403:7340:5::/48 maxlen: 48
2403:7340:6::/48 maxlen: 48
2403:7340:7::/48 maxlen: 48
2403:7340:8::/48 maxlen: 48
2403:7340:9::/48 maxlen: 48
2403:7340:a::/48 maxlen: 48
2403:7340:b::/48 maxlen: 48
2403:7340:c::/48 maxlen: 48
2403:7340:d::/48 maxlen: 48
2403:7340:e::/48 maxlen: 48
2403:7340:f::/48 maxlen: 48
2403:7340:10::/48 maxlen: 48
2403:7340:11::/48 maxlen: 48
2403:7340:12::/48 maxlen: 48
2403:7340:13::/48 maxlen: 48
2403:7340:14::/48 maxlen: 48
2403:7340:7340::/48 maxlen: 48
2403:7340:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 Apr 2026 10:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56532 (0xdcd4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Mar 25 19:04:52 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69c431d3-e6c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:26:3b:0c:ac:3c:c2:3e:b9:6e:70:89:a1:f6:
2d:23:a4:05:a4:b0:34:64:7b:ef:41:2b:3e:4d:5f:
3f:6e:95:a5:79:14:3f:10:02:7c:1a:85:eb:fe:ef:
61:27:b2:c7:72:b1:ee:a7:69:e3:61:83:50:6b:46:
ef:ce:80:08:95:a6:4d:87:6b:e8:75:ae:cb:1a:e1:
d7:6d:89:5d:0d:14:d1:56:83:af:fc:11:e7:bd:2e:
3f:33:53:62:16:c6:a0:26:07:ca:1d:91:48:36:4a:
84:81:ef:01:a2:42:4f:b8:35:e2:89:f7:1d:f5:a7:
36:66:26:e2:8f:5f:79:2c:c1:9d:f0:88:2c:9b:9d:
dc:49:c6:af:c5:41:48:0f:cc:1b:f4:19:ee:93:a1:
c7:e3:d3:52:be:68:b7:61:52:cc:74:b7:f3:cb:51:
1b:50:29:3b:b8:dd:e1:c4:5f:fe:5e:ab:04:e3:c1:
2e:50:28:08:69:b5:8d:5c:37:07:dc:17:93:49:cf:
57:24:7b:41:18:cf:a8:62:50:1e:6f:f2:85:6c:6b:
9f:b2:bf:f0:eb:ab:40:0e:66:9a:51:77:ef:00:d3:
c5:2c:ef:d9:be:dd:7e:30:c5:2a:5a:9d:4b:af:8a:
ee:6e:b4:ca:5d:37:72:21:cd:3b:c7:93:36:af:57:
d4:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:AD:87:DF:81:36:46:E3:42:83:5E:81:13:4C:E8:D1:BE:21:76:A7
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D4EFCD26AC3D11ED80AECB5EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.240.232.0/23
103.62.150.0/23
103.89.232.0/22
103.141.112.0/23
103.167.210.0/23
103.188.18.0/23
103.189.56.0/23
IPv6:
2001:df5:f0c0::/48
2401:ea20::/32
2403:7340::/32
Signature Algorithm: sha256WithRSAEncryption
5c:ca:88:0c:4f:43:ee:0b:d6:4d:68:55:26:d2:d3:74:d0:1d:
bb:9c:16:03:d9:7d:78:fc:fd:c0:0f:bf:9f:2a:1d:5b:6f:8b:
d4:61:30:a3:a7:cd:b8:96:58:06:62:ed:58:be:58:85:ef:76:
d6:b7:7a:c9:50:8d:82:8b:84:18:72:b1:c5:e9:f2:b6:0a:ed:
eb:97:c8:91:31:d0:ca:f7:c8:07:fb:3c:3d:60:e5:02:4d:4b:
07:c4:a7:9d:fc:f0:58:36:8d:cf:ff:05:ff:b5:a1:9c:9c:02:
63:c7:6e:29:63:67:84:24:d2:ad:a5:09:e6:e0:08:a1:10:1b:
cb:d6:c7:72:94:5d:4b:41:e4:72:41:97:2b:70:3b:33:2a:2b:
56:7c:dc:58:1a:47:4d:ce:80:ac:77:7e:1b:cd:12:f4:19:be:
70:8a:99:a9:4b:d8:a9:70:6b:85:a9:74:8a:16:50:fd:68:be:
80:62:f9:8f:4d:42:51:42:c9:fe:28:0f:6f:72:57:f5:cd:51:
6e:22:95:22:66:d2:29:59:6d:a5:3b:07:07:83:4d:e4:03:90:
bd:6c:e0:a1:a1:83:0a:f4:4a:90:32:7f:73:00:07:93:64:3b:
86:37:41:7b:87:7d:5a:e4:61:af:1e:55:1a:59:3f:80:79:dd:
c6:7e:ab:6e
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIDANzUMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDMyNTE5MDQ1MloXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjljNDMxZDMtZTZjMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0mOwysPMI+uW5wiaH2LSOkBaSwNGR770ErPk1fP26VpXkUPxACfBqF6/7v
YSeyx3Kx7qdp42GDUGtG786ACJWmTYdr6HWuyxrh122JXQ0U0VaDr/wR570uPzNT
YhbGoCYHyh2RSDZKhIHvAaJCT7g14on3HfWnNmYm4o9feSzBnfCILJud3EnGr8VB
SA/MG/QZ7pOhx+PTUr5ot2FSzHS388tRG1ApO7jd4cRf/l6rBOPBLlAoCGm1jVw3
B9wXk0nPVyR7QRjPqGJQHm/yhWxrn7K/8OurQA5mmlF37wDTxSzv2b7dfjDFKlqd
S6+K7m60yl03ciHNO8eTNq9X1IkCAwEAAaOCAqMwggKfMB0GA1UdDgQWBBRIrYff
gTZG40KDXoETTOjRviF2pzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0Q0RUZDRDI2
QUMzRDExRUQ4MEFFQ0I1RUM0RjlBRTAyLnJvYTBiBggrBgEFBQcBBwEB/wRTMFEw
MAQCAAEwKgMEASvw6AMEAWc+lgMEAmdZ6AMEAWeNcAMEAWen0gMEAWe8EgMEAWe9
ODAdBAIAAjAXAwcAIAEN9fDAAwUAJAHqIAMFACQDc0AwDQYJKoZIhvcNAQELBQAD
ggEBAFzKiAxPQ+4L1k1oVSbS03TQHbucFgPZfXj8/cAPv58qHVtvi9RhMKOnzbiW
WAZi7Vi+WIXvdta3eslQjYKLhBhyscXp8rYK7euXyJEx0Mr3yAf7PD1g5QJNSwfE
p5388Fg2jc//Bf+1oZycAmPHbiljZ4Qk0q2lCebgCKEQG8vWx3KUXUtB5HJBlytw
OzMqK1Z83FgaR03OgKx3fhvNEvQZvnCKmalL2Klwa4WpdIoWUP1ovoBi+Y9NQlFC
yf4oD29yV/XNUW4ilSJm0ilZbaU7BweDTeQDkL1s4KGhgwr0SpAyf3MAB5NkO4Y3
QXuHfVrkYa8eVRpZP4B53cZ+q24=
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:25:41 2026 by rpki-client