Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EC3FE7221C4C11F1813792EA033D8C67.roa
File: EC3FE7221C4C11F1813792EA033D8C67.roa (raw, json)
Hash identifier: ijglQCcXqnV4WjZDsYDVt4wSb7VDGBMqEll/jEpaUas=
Subject key identifier: 41:6D:4F:35:C7:C3:B8:9F:DE:24:9C:6D:4F:88:B1:E5:83:9C:54:0B
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: DBDD
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EC3FE7221C4C11F1813792EA033D8C67.roa
Signing time: Tue 10 Mar 2026 06:46:53 +0000
ROA not before: Tue 10 Mar 2026 06:46:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58678
IP address blocks: 43.241.28.0/22 maxlen: 24
43.241.128.0/22 maxlen: 24
43.241.132.0/22 maxlen: 24
43.242.208.0/24 maxlen: 24
43.242.209.0/24 maxlen: 24
43.242.210.0/24 maxlen: 24
43.242.211.0/24 maxlen: 24
43.242.228.0/22 maxlen: 24
45.64.84.0/22 maxlen: 24
45.114.192.0/22 maxlen: 24
45.117.0.0/22 maxlen: 24
45.127.120.0/22 maxlen: 24
45.250.248.0/24 maxlen: 24
45.250.249.0/24 maxlen: 24
45.250.250.0/24 maxlen: 24
45.251.236.0/24 maxlen: 24
45.251.237.0/24 maxlen: 24
45.251.238.0/24 maxlen: 24
45.251.239.0/24 maxlen: 24
103.14.232.0/22 maxlen: 24
103.26.52.0/22 maxlen: 22
103.26.52.0/24 maxlen: 24
103.26.53.0/24 maxlen: 24
103.26.54.0/24 maxlen: 24
103.26.55.0/24 maxlen: 24
103.26.56.0/22 maxlen: 24
103.39.251.0/24 maxlen: 24
103.42.160.0/22 maxlen: 24
103.48.56.0/23 maxlen: 24
103.48.58.0/24 maxlen: 24
103.48.59.0/24 maxlen: 24
103.48.100.0/22 maxlen: 24
103.57.96.0/23 maxlen: 24
103.59.212.0/22 maxlen: 24
103.69.238.0/24 maxlen: 24
103.74.236.0/22 maxlen: 24
103.77.152.0/22 maxlen: 23
103.77.152.0/23 maxlen: 24
103.77.154.0/24 maxlen: 24
103.89.40.0/22 maxlen: 24
103.111.132.0/22 maxlen: 24
103.112.32.0/24 maxlen: 24
103.112.33.0/24 maxlen: 24
103.112.34.0/24 maxlen: 24
103.112.35.0/24 maxlen: 24
103.117.184.0/24 maxlen: 24
103.117.187.0/24 maxlen: 24
103.137.152.0/22 maxlen: 24
103.153.151.0/24 maxlen: 24
103.166.112.0/23 maxlen: 24
103.173.208.0/23 maxlen: 24
103.174.30.0/24 maxlen: 24
103.174.38.0/24 maxlen: 24
103.178.212.0/24 maxlen: 24
103.178.213.0/24 maxlen: 24
103.181.209.0/24 maxlen: 24
103.185.11.0/24 maxlen: 24
103.204.119.0/24 maxlen: 24
103.209.18.0/24 maxlen: 24
103.209.19.0/24 maxlen: 24
103.215.114.0/23 maxlen: 24
103.216.144.0/22 maxlen: 24
103.218.100.0/22 maxlen: 24
103.219.164.0/24 maxlen: 24
103.219.165.0/24 maxlen: 24
103.219.166.0/24 maxlen: 24
103.219.167.0/24 maxlen: 24
103.220.80.0/22 maxlen: 24
103.220.212.0/22 maxlen: 24
103.226.0.0/22 maxlen: 24
103.226.4.0/22 maxlen: 24
103.226.28.0/22 maxlen: 24
124.108.16.0/22 maxlen: 24
163.223.244.0/23 maxlen: 24
203.134.248.0/23 maxlen: 24
2001:df6:f180::/48 maxlen: 48
2404:bd00::/48 maxlen: 48
2404:bd00:1::/48 maxlen: 48
2404:bd00:2::/48 maxlen: 48
2404:bd00:3::/48 maxlen: 48
2404:bd00:4::/48 maxlen: 48
2404:bd00:5::/48 maxlen: 48
2404:bd00:6::/48 maxlen: 48
2404:bd00:7::/48 maxlen: 48
2404:bd00:8::/48 maxlen: 48
2404:bd00:a::/48 maxlen: 48
2404:bd00:b::/48 maxlen: 48
2404:bd00:c::/48 maxlen: 48
2404:bd00:d::/48 maxlen: 48
2404:bd00:e::/48 maxlen: 48
2404:bd00:f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 01 Apr 2026 19:04:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56285 (0xdbdd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Mar 10 06:46:53 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69afbe5d-8493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f1:5b:46:c6:62:75:57:64:f3:02:c6:2e:0d:
21:38:ac:c6:9a:25:ad:04:24:11:84:f4:e3:f1:52:
87:94:b9:df:68:c5:9c:9c:c7:cb:2a:49:79:e8:f8:
3d:82:93:9f:1e:45:f8:d7:bc:ca:db:b4:ee:5b:73:
09:b6:74:b9:a9:9c:f5:9b:17:92:b8:4a:b5:2e:c2:
49:74:f3:95:9d:ed:65:bc:00:87:9f:37:c5:cc:5c:
04:0f:aa:a0:61:cb:c8:d3:0c:52:c8:14:4d:42:0a:
cb:a1:cd:a0:c9:26:6b:9b:88:61:e3:9c:c2:7b:ab:
f0:9c:91:42:3c:f6:0e:04:07:24:bc:4a:cd:be:19:
37:5c:8e:e1:77:6f:d3:a0:cd:e6:28:04:78:5a:66:
d4:4d:ea:eb:76:68:fa:a7:d1:58:f9:7d:fe:3e:83:
d1:c7:84:20:6f:23:9e:9f:9b:27:89:1b:78:55:e5:
52:19:0c:10:96:fb:18:89:0e:b9:c2:c0:4b:57:3d:
c2:89:3a:1e:a8:71:04:9b:fc:ca:1f:3a:74:86:d1:
dd:39:1e:08:85:92:e3:79:65:8e:21:45:6c:f0:b4:
8a:4c:2f:a9:20:76:79:bd:b7:ca:a4:28:30:9d:18:
fe:31:04:10:a4:b0:22:aa:fc:ea:df:d4:a4:bc:63:
27:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:6D:4F:35:C7:C3:B8:9F:DE:24:9C:6D:4F:88:B1:E5:83:9C:54:0B
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EC3FE7221C4C11F1813792EA033D8C67.roa
sbgp-ipAddrBlock: critical
IPv4:
43.241.28.0/22
43.241.128.0/21
43.242.208.0/22
43.242.228.0/22
45.64.84.0/22
45.114.192.0/22
45.117.0.0/22
45.127.120.0/22
45.250.248.0-45.250.250.255
45.251.236.0/22
103.14.232.0/22
103.26.52.0-103.26.59.255
103.39.251.0/24
103.42.160.0/22
103.48.56.0/22
103.48.100.0/22
103.57.96.0/23
103.59.212.0/22
103.69.238.0/24
103.74.236.0/22
103.77.152.0/22
103.89.40.0/22
103.111.132.0/22
103.112.32.0/22
103.117.184.0/24
103.117.187.0/24
103.137.152.0/22
103.153.151.0/24
103.166.112.0/23
103.173.208.0/23
103.174.30.0/24
103.174.38.0/24
103.178.212.0/23
103.181.209.0/24
103.185.11.0/24
103.204.119.0/24
103.209.18.0/23
103.215.114.0/23
103.216.144.0/22
103.218.100.0/22
103.219.164.0/22
103.220.80.0/22
103.220.212.0/22
103.226.0.0/21
103.226.28.0/22
124.108.16.0/22
163.223.244.0/23
203.134.248.0/23
IPv6:
2001:df6:f180::/48
2404:bd00::-2404:bd00:8:ffff:ffff:ffff:ffff:ffff
2404:bd00:a::-2404:bd00:f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
62:1c:c6:97:12:96:d7:fb:c0:07:1b:2e:e4:b8:5c:6e:a4:cb:
c7:c0:4a:11:74:4c:18:3e:28:20:dd:08:6a:00:77:a6:2d:95:
40:ed:6b:11:72:f8:33:af:dc:e1:40:30:36:07:16:72:bd:b9:
4e:e9:84:76:55:73:26:b9:81:b7:79:6b:83:c5:3a:cb:de:f9:
e6:00:4c:3a:d1:dd:09:d1:87:56:5a:c7:38:97:b5:9e:7f:18:
d6:54:56:24:a4:ab:2a:a6:f8:37:a6:19:26:5a:51:35:b8:9a:
29:72:a2:14:f1:d1:97:51:6f:d1:70:68:7c:4b:7a:3d:54:8a:
76:1d:3b:6f:67:0b:2f:e9:bb:a4:d7:e0:15:a6:58:25:cf:f4:
a5:3c:41:dc:5e:9c:c7:3f:55:c2:bb:fc:bb:4f:56:86:84:bb:
62:fb:b0:cc:7d:d5:66:bd:89:ef:47:1e:da:de:31:44:04:2f:
e9:00:4c:3b:36:38:0e:95:13:65:da:87:be:65:e3:41:06:80:
44:6b:92:7e:2f:1a:7c:03:f2:9d:46:a5:09:4e:7c:b4:89:32:
ba:f1:21:06:e2:98:e3:2c:e1:93:2b:23:df:fc:82:13:7c:ee:
6e:a1:fc:11:1e:e9:75:4e:ac:9b:b0:e8:14:ba:72:51:44:66:
52:5b:bf:6f
-----BEGIN CERTIFICATE-----
MIIGpzCCBY+gAwIBAgIDANvdMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDMxMDA2NDY1M1oXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjlhZmJlNWQtODQ5MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMbxW0bGYnVXZPMCxi4NITisxpolrQQkEYT04/FSh5S532jFnJzHyypJeej4
PYKTnx5F+Ne8ytu07ltzCbZ0uamc9ZsXkrhKtS7CSXTzlZ3tZbwAh583xcxcBA+q
oGHLyNMMUsgUTUIKy6HNoMkma5uIYeOcwnur8JyRQjz2DgQHJLxKzb4ZN1yO4Xdv
06DN5igEeFpm1E3q63Zo+qfRWPl9/j6D0ceEIG8jnp+bJ4kbeFXlUhkMEJb7GIkO
ucLAS1c9wok6HqhxBJv8yh86dIbR3TkeCIWS43lljiFFbPC0ikwvqSB2eb23yqQo
MJ0Y/jEEEKSwIqr86t/UpLxjJzkCAwEAAaOCA8owggPGMB0GA1UdDgQWBBRBbU81
x8O4n94knG1PiLHlg5xUCzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0VDM0ZFNzIy
MUM0QzExRjE4MTM3OTJFQTAzM0Q4QzY3LnJvYTCCAYcGCCsGAQUFBwEHAQH/BIIB
djCCAXIwggE4BAIAATCCATADBAIr8RwDBAMr8YADBAIr8tADBAIr8uQDBAItQFQD
BAItcsADBAItdQADBAItf3gwDAMEAy36+AMEAC36+gMEAi377AMEAmcO6DAMAwQC
Zxo0AwQCZxo4AwQAZyf7AwQCZyqgAwQCZzA4AwQCZzBkAwQBZzlgAwQCZzvUAwQA
Z0XuAwQCZ0rsAwQCZ02YAwQCZ1koAwQCZ2+EAwQCZ3AgAwQAZ3W4AwQAZ3W7AwQC
Z4mYAwQAZ5mXAwQBZ6ZwAwQBZ63QAwQAZ64eAwQAZ64mAwQBZ7LUAwQAZ7XRAwQA
Z7kLAwQAZ8x3AwQBZ9ESAwQBZ9dyAwQCZ9iQAwQCZ9pkAwQCZ9ukAwQCZ9xQAwQC
Z9zUAwQDZ+IAAwQCZ+IcAwQCfGwQAwQBo9/0AwQBy4b4MDQEAgACMC4DBwAgAQ32
8YAwDwMEACQEvQMHACQEvQAACDASAwcBJAS9AAAKAwcEJAS9AAAAMA0GCSqGSIb3
DQEBCwUAA4IBAQBiHMaXEpbX+8AHGy7kuFxupMvHwEoRdEwYPigg3QhqAHemLZVA
7WsRcvgzr9zhQDA2BxZyvblO6YR2VXMmuYG3eWuDxTrL3vnmAEw60d0J0YdWWsc4
l7WefxjWVFYkpKsqpvg3phkmWlE1uJopcqIU8dGXUW/RcGh8S3o9VIp2HTtvZwsv
6buk1+AVplglz/SlPEHcXpzHP1XCu/y7T1aGhLti+7DMfdVmvYnvRx7a3jFEBC/p
AEw7NjgOlRNl2oe+ZeNBBoBEa5J+Lxp8A/KdRqUJTny0iTK68SEG4pjjLOGTKyPf
/IITfO5uofwRHul1TqybsOgUunJRRGZSW79v
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:21:36 2026 by rpki-client