Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/93E4B52CE43E11EF91571D16C4F9AE02.roa
File: 93E4B52CE43E11EF91571D16C4F9AE02.roa (raw, json)
Hash identifier: 3k/MD9slc9k5QTtKaX1WS6uhMpxTNBjACucfwOuP+Og=
Subject key identifier: 55:62:89:28:BD:04:32:9D:62:29:10:0C:8D:3C:ED:09:C8:14:DE:03
Certificate issuer: /CN=A918F1C9/serialNumber=DE4CE960A3930AB4C227FCE8F857C084197F08D0
Certificate serial: CE
Authority key identifier: DE:4C:E9:60:A3:93:0A:B4:C2:27:FC:E8:F8:57:C0:84:19:7F:08:D0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/93E4B52CE43E11EF91571D16C4F9AE02.roa
Signing time: Sun 01 Mar 2026 19:03:04 +0000
ROA not before: Thu 18 Sep 2025 20:31:01 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 138167
IP address blocks: 103.121.224.0/24 maxlen: 24
103.121.225.0/24 maxlen: 24
103.121.226.0/24 maxlen: 24
103.121.227.0/24 maxlen: 24
2403:72c0:a100::/40 maxlen: 40
2403:72c0:a200::/40 maxlen: 40
2403:72c0:a300::/40 maxlen: 40
2403:72c0:a400::/40 maxlen: 40
2403:72c0:a500::/40 maxlen: 40
2403:72c0:a600::/40 maxlen: 40
2403:72c0:a700::/40 maxlen: 40
2403:72c0:a800::/40 maxlen: 40
2403:72c0:a900::/40 maxlen: 40
2403:72c0:aa00::/40 maxlen: 40
2403:72c0:ab00::/40 maxlen: 40
2403:72c0:ac00::/40 maxlen: 40
2403:72c0:ad00::/40 maxlen: 40
2403:72c0:ae00::/40 maxlen: 40
2403:72c0:af00::/40 maxlen: 40
2403:72c0:b100::/40 maxlen: 40
2403:72c0:b200::/40 maxlen: 40
2403:72c0:b300::/40 maxlen: 40
2403:72c0:b400::/40 maxlen: 40
2403:72c0:b500::/40 maxlen: 40
2403:72c0:b600::/40 maxlen: 40
2403:72c0:b700::/40 maxlen: 40
2403:72c0:b800::/40 maxlen: 40
2403:72c0:b900::/40 maxlen: 40
2403:72c0:ba00::/40 maxlen: 40
2403:72c0:bb00::/40 maxlen: 40
2403:72c0:bc00::/40 maxlen: 40
2403:72c0:bd00::/40 maxlen: 40
2403:72c0:be00::/40 maxlen: 40
2403:72c0:bf00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.crl
rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 Apr 2026 19:30:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 206 (0xce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918F1C9, serialNumber=DE4CE960A3930AB4C227FCE8F857C084197F08D0
Validity
Not Before: Sep 18 20:31:01 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=69a48d68-1891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:61:e8:39:d3:ff:e5:e3:53:35:08:d0:02:5d:
8b:75:ed:3a:0e:ab:12:de:4f:24:74:36:7e:d7:c7:
ff:3c:f5:4a:68:2d:68:96:81:12:be:ac:d0:5b:62:
3a:1c:70:23:5b:62:19:68:2a:f2:1e:98:79:14:ac:
14:c6:59:ad:8e:29:18:49:69:6a:41:30:fa:b6:2f:
78:48:f9:37:18:65:0a:78:54:a7:76:50:6a:96:88:
a2:ef:83:5f:77:ec:47:58:0c:47:f7:10:8f:8d:d9:
d7:33:16:12:34:15:29:db:61:09:88:59:d5:f9:09:
b3:8a:c8:87:2a:08:9a:83:1e:1d:5e:eb:ab:40:00:
94:de:c4:b9:22:98:b5:4d:c6:66:e4:da:27:13:d1:
59:f0:da:d6:db:04:af:d4:bc:2c:52:1b:e0:48:e6:
43:14:93:62:2d:a3:ac:09:f6:a4:08:7c:4c:47:88:
c5:89:ca:8e:fc:3b:4a:19:45:9c:bf:c3:d2:07:bf:
34:09:7d:87:b6:54:b2:c9:61:7e:7a:0d:81:be:c7:
0f:18:b4:6b:e4:2e:2a:10:88:9e:50:55:35:ec:5c:
1e:ed:35:12:94:b8:3d:a0:62:0f:e1:eb:12:5e:b2:
6e:70:4d:17:c4:24:12:9b:9b:b5:3c:93:29:1c:b5:
1e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:62:89:28:BD:04:32:9D:62:29:10:0C:8D:3C:ED:09:C8:14:DE:03
X509v3 Authority Key Identifier:
keyid:DE:4C:E9:60:A3:93:0A:B4:C2:27:FC:E8:F8:57:C0:84:19:7F:08:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/93E4B52CE43E11EF91571D16C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.121.224.0/22
IPv6:
2403:72c0:a100::-2403:72c0:afff:ffff:ffff:ffff:ffff:ffff
2403:72c0:b100::-2403:72c0:bfff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
66:d1:98:99:41:7c:ae:81:01:a0:1b:c1:4a:a1:32:51:64:5d:
5f:71:f6:94:b8:54:39:f0:62:64:de:42:0e:05:46:fe:68:68:
35:a5:ce:22:d0:13:4f:9a:65:20:72:de:e4:46:33:78:d0:70:
7f:20:4f:4a:46:d0:b2:ad:d3:88:81:00:a4:97:1f:93:7d:4f:
2a:b6:91:50:8d:29:77:c2:1b:e2:4f:4d:16:f8:7e:bf:41:6e:
63:15:55:7d:4b:99:52:58:70:09:9f:9e:20:72:98:c0:98:10:
9f:fb:92:ae:01:1a:2c:60:f9:af:a6:7d:43:18:cd:19:ad:68:
59:ad:64:63:de:70:73:7c:ac:27:f4:dd:f7:84:19:cd:90:b2:
c1:02:2f:c8:a3:18:8b:f1:0c:3f:20:74:2b:0f:07:15:d6:cb:
29:fb:ce:fe:68:74:cf:9b:2f:6e:a1:b5:1c:62:2a:e3:72:a6:
06:df:69:b8:77:73:7a:be:7e:21:28:1c:7a:3f:73:9f:46:33:
92:5d:6b:3c:04:b9:f5:a7:81:33:fb:92:3f:45:54:18:51:ca:
3e:ef:3d:5a:6d:6d:8e:b1:5c:e8:6f:96:d1:0b:21:bc:93:85:
06:e5:06:f0:78:e3:bc:c3:bd:35:3c:b9:4c:71:63:17:a4:55:
30:e9:ee:29
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgICAM4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEYxQzkxMTAvBgNVBAUTKERFNENFOTYwQTM5MzBBQjRDMjI3RkNFOEY4NTdDMDg0
MTk3RjA4RDAwHhcNMjUwOTE4MjAzMTAxWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0OGQ2OC0xODkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0WHoOdP/5eNTNQjQAl2Lde06DqsS3k8kdDZ+18f/PPVKaC1oloESvqzQW2I6
HHAjW2IZaCryHph5FKwUxlmtjikYSWlqQTD6ti94SPk3GGUKeFSndlBqloii74Nf
d+xHWAxH9xCPjdnXMxYSNBUp22EJiFnV+QmzisiHKgiagx4dXuurQACU3sS5Ipi1
TcZm5NonE9FZ8NrW2wSv1LwsUhvgSOZDFJNiLaOsCfakCHxMR4jFicqO/DtKGUWc
v8PSB780CX2HtlSyyWF+eg2BvscPGLRr5C4qEIieUFU17Fwe7TUSlLg9oGIP4esS
XrJucE0XxCQSm5u1PJMpHLUeewIDAQABo4ICjDCCAogwHQYDVR0OBBYEFFViiSi9
BDKdYikQDI087QnIFN4DMB8GA1UdIwQYMBaAFN5M6WCjkwq0wif86PhXwIQZfwjQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjFDOS82QTU3QUI4QzdG
OTUxMUVBQjBFRDg1MzdDNEY5QUUwMi8za3pwWUtPVENyVENKX3pvLUZmQWhCbF9D
TkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNrenBZS09UQ3JUQ0pfem8tRmZBaEJsX0NOQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEYxQzkvNkE1N0FCOEM3Rjk1MTFFQUIwRUQ4NTM3QzRGOUFFMDIvOTNFNEI1MkNF
NDNFMTFFRjkxNTcxRDE2QzRGOUFFMDIucm9hMEsGCCsGAQUFBwEHAQH/BDwwOjAM
BAIAATAGAwQCZ3ngMCoEAgACMCQwEAMGACQDcsChAwYEJANywKAwEAMGACQDcsCx
AwYGJANywIAwDQYJKoZIhvcNAQELBQADggEBAGbRmJlBfK6BAaAbwUqhMlFkXV9x
9pS4VDnwYmTeQg4FRv5oaDWlziLQE0+aZSBy3uRGM3jQcH8gT0pG0LKt04iBAKSX
H5N9Tyq2kVCNKXfCG+JPTRb4fr9BbmMVVX1LmVJYcAmfniBymMCYEJ/7kq4BGixg
+a+mfUMYzRmtaFmtZGPecHN8rCf03feEGc2QssECL8ijGIvxDD8gdCsPBxXWyyn7
zv5odM+bL26htRxiKuNypgbfabh3c3q+fiEoHHo/c59GM5JdazwEufWngTP7kj9F
VBhRyj7vPVptbY6xXOhvltELIbyThQblBvB447zDvTU8uUxxYxekVTDp7ik=
-----END CERTIFICATE-----
Generated at Sat Mar 28 13:41:04 2026 by rpki-client