Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/5AE16D9A386F11EFABF4E132C4F9AE02.roa
File: 5AE16D9A386F11EFABF4E132C4F9AE02.roa (raw, json)
Hash identifier: P48zRebozZVnn5ektjM30mXC7Go7YuGAk5mbHX9ouVo=
Subject key identifier: A3:04:C5:5E:9A:80:14:84:D5:17:F7:B4:4E:E0:47:1D:81:E4:EC:A0
Certificate issuer: /CN=A919DAF2/serialNumber=139CC1DB6B9D24B93B14928A7518D04EB3B26A3A
Certificate serial: 229B
Authority key identifier: 13:9C:C1:DB:6B:9D:24:B9:3B:14:92:8A:75:18:D0:4E:B3:B2:6A:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E5zB22udJLk7FJKKdRjQTrOyajo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/5AE16D9A386F11EFABF4E132C4F9AE02.roa
Signing time: Sun 01 Mar 2026 13:39:40 +0000
ROA not before: Tue 06 May 2025 16:23:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 18196
IP address blocks: 45.117.128.0/22 maxlen: 22
45.117.128.0/24 maxlen: 24
45.117.129.0/24 maxlen: 24
45.117.130.0/24 maxlen: 24
45.117.131.0/24 maxlen: 24
103.255.112.0/24 maxlen: 24
103.255.113.0/24 maxlen: 24
103.255.114.0/24 maxlen: 24
202.134.154.0/24 maxlen: 24
202.134.155.0/24 maxlen: 24
202.134.156.0/24 maxlen: 24
202.134.160.0/24 maxlen: 24
202.134.161.0/24 maxlen: 24
202.134.162.0/24 maxlen: 24
202.134.163.0/24 maxlen: 24
202.134.164.0/24 maxlen: 24
202.134.165.0/24 maxlen: 24
202.134.166.0/24 maxlen: 24
202.134.167.0/24 maxlen: 24
202.134.169.0/24 maxlen: 24
202.134.170.0/24 maxlen: 24
202.134.171.0/24 maxlen: 24
202.134.172.0/24 maxlen: 24
202.134.173.0/24 maxlen: 24
202.134.174.0/24 maxlen: 24
202.134.175.0/24 maxlen: 24
202.134.184.0/24 maxlen: 24
202.134.185.0/24 maxlen: 24
202.134.186.0/24 maxlen: 24
202.134.187.0/24 maxlen: 24
202.134.189.0/24 maxlen: 24
202.134.190.0/24 maxlen: 24
202.134.191.0/24 maxlen: 24
2402:f200::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/E5zB22udJLk7FJKKdRjQTrOyajo.crl
rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/E5zB22udJLk7FJKKdRjQTrOyajo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E5zB22udJLk7FJKKdRjQTrOyajo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 15:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8859 (0x229b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919DAF2, serialNumber=139CC1DB6B9D24B93B14928A7518D04EB3B26A3A
Validity
Not Before: May 6 16:23:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a4419c-7330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5b:d3:3e:ae:26:87:28:7b:c6:bd:4a:4f:07:
25:ee:78:41:7b:e5:df:c8:d9:b7:4a:cb:cd:64:55:
85:2b:64:d9:d4:07:d1:13:e7:59:f9:2a:d5:4a:e4:
7f:d5:58:09:8e:a8:04:c6:d0:14:4f:b0:b4:6e:4f:
fe:bc:58:a3:0c:76:24:8e:47:0f:a9:ea:69:fd:ee:
5a:3b:5d:55:16:6c:53:93:cb:fa:85:a1:24:01:48:
8a:86:51:e4:28:03:ab:aa:51:cf:8a:cb:a4:33:a7:
57:34:d4:c2:55:ef:ac:8b:f7:28:e1:fb:26:e4:79:
c8:8d:f9:35:ca:58:6e:2a:5d:9b:4c:ca:ab:a0:6f:
fc:9b:49:0e:65:7a:40:c5:fa:82:2e:86:f5:5e:3e:
0e:04:f8:15:54:44:0e:27:35:c6:13:d3:d7:e0:9d:
db:33:05:f2:b1:64:56:98:62:fe:40:20:0c:4b:31:
91:d9:15:eb:dd:f4:36:ab:6e:35:e9:bf:c2:80:87:
55:58:30:5e:3a:15:00:c9:be:41:21:a7:db:52:80:
81:62:63:80:b9:cc:aa:f1:31:5e:78:b7:fd:ce:c5:
ae:f9:f5:8b:82:43:60:9f:73:5e:40:e8:12:26:26:
64:98:59:80:8c:52:52:b8:ae:8a:e3:d4:5b:b6:fb:
e0:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:04:C5:5E:9A:80:14:84:D5:17:F7:B4:4E:E0:47:1D:81:E4:EC:A0
X509v3 Authority Key Identifier:
keyid:13:9C:C1:DB:6B:9D:24:B9:3B:14:92:8A:75:18:D0:4E:B3:B2:6A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/E5zB22udJLk7FJKKdRjQTrOyajo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E5zB22udJLk7FJKKdRjQTrOyajo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/5AE16D9A386F11EFABF4E132C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.117.128.0/22
103.255.112.0-103.255.114.255
202.134.154.0-202.134.156.255
202.134.160.0/21
202.134.169.0-202.134.175.255
202.134.184.0/22
202.134.189.0-202.134.191.255
IPv6:
2402:f200::/32
Signature Algorithm: sha256WithRSAEncryption
a7:05:e6:33:35:c2:e9:73:7c:f8:32:df:8c:83:36:74:26:73:
1e:c8:10:ce:b1:f7:45:ec:e9:46:2d:7c:25:40:14:0f:2f:47:
0d:56:8f:bd:01:e8:d6:40:4d:10:95:67:4c:5c:c0:35:e4:16:
c3:85:1b:e3:6c:74:0b:1b:81:a4:95:71:1e:25:1c:0d:0e:64:
7e:dd:28:f8:85:c5:8d:d9:eb:03:0c:92:69:a0:6b:4c:48:8e:
ff:82:6f:33:90:45:a2:08:35:30:7b:25:08:46:c4:0a:1f:78:
99:e2:d4:bf:cc:e7:86:8e:16:17:42:ae:5e:7b:1a:5a:bd:89:
cd:5b:dc:63:85:58:1d:df:5f:67:8b:df:51:3e:8a:9c:b9:68:
54:74:40:de:87:97:06:8f:49:e7:7a:80:33:05:53:0d:b7:70:
57:41:67:a8:ad:57:a1:67:2e:0e:aa:89:ce:69:87:0e:79:a4:
66:15:61:65:55:de:f9:54:a1:28:d6:9d:c8:76:0a:12:ba:97:
f0:97:7b:e4:ad:f0:ae:f8:9a:2d:76:9b:20:8d:8d:e5:0f:40:
96:2b:25:d0:f1:4b:ac:d5:37:02:03:74:59:92:ee:f1:45:50:
ed:25:a7:ba:26:11:83:a9:e7:12:44:8f:71:b3:53:e8:75:c4:
f8:6d:13:3c
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICIpswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OURBRjIxMTAvBgNVBAUTKDEzOUNDMURCNkI5RDI0QjkzQjE0OTI4QTc1MThEMDRF
QjNCMjZBM0EwHhcNMjUwNTA2MTYyMzM3WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NDE5Yy03MzMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAklvTPq4mhyh7xr1KTwcl7nhBe+XfyNm3SsvNZFWFK2TZ1AfRE+dZ+SrVSuR/
1VgJjqgExtAUT7C0bk/+vFijDHYkjkcPqepp/e5aO11VFmxTk8v6haEkAUiKhlHk
KAOrqlHPisukM6dXNNTCVe+si/co4fsm5HnIjfk1ylhuKl2bTMqroG/8m0kOZXpA
xfqCLob1Xj4OBPgVVEQOJzXGE9PX4J3bMwXysWRWmGL+QCAMSzGR2RXr3fQ2q241
6b/CgIdVWDBeOhUAyb5BIafbUoCBYmOAucyq8TFeeLf9zsWu+fWLgkNgn3NeQOgS
JiZkmFmAjFJSuK6K49Rbtvvg7QIDAQABo4ICszCCAq8wHQYDVR0OBBYEFKMExV6a
gBSE1Rf3tE7gRx2B5OygMB8GA1UdIwQYMBaAFBOcwdtrnSS5OxSSinUY0E6zsmo6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5REFGMi8yNkVDNkREQUQz
REExMUU1OEM1Q0Q0MEZDNEY5QUUwMi9FNXpCMjJ1ZEpMazdGSktLZFJqUVRyT3lh
am8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0U1ekIyMnVkSkxrN0ZKS0tkUmpRVHJPeWFqby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OURBRjIvMjZFQzZEREFEM0RBMTFFNThDNUNENDBGQzRGOUFFMDIvNUFFMTZEOUEz
ODZGMTFFRkFCRjRFMTMyQzRGOUFFMDIucm9hMHIGCCsGAQUFBwEHAQH/BGMwYTBQ
BAIAATBKAwQCLXWAMAwDBARn/3ADBABn/3IwDAMEAcqGmgMEAMqGnAMEA8qGoDAM
AwQAyoapAwQEyoagAwQCyoa4MAwDBADKhr0DBAbKhoAwDQQCAAIwBwMFACQC8gAw
DQYJKoZIhvcNAQELBQADggEBAKcF5jM1wulzfPgy34yDNnQmcx7IEM6x90Xs6UYt
fCVAFA8vRw1Wj70B6NZATRCVZ0xcwDXkFsOFG+NsdAsbgaSVcR4lHA0OZH7dKPiF
xY3Z6wMMkmmga0xIjv+CbzOQRaIINTB7JQhGxAofeJni1L/M54aOFhdCrl57Glq9
ic1b3GOFWB3fX2eL31E+ipy5aFR0QN6HlwaPSed6gDMFUw23cFdBZ6itV6FnLg6q
ic5phw55pGYVYWVV3vlUoSjWnch2ChK6l/CXe+St8K74mi12myCNjeUPQJYrJdDx
S6zVNwIDdFmS7vFFUO0lp7omEYOp5xJEj3GzU+h1xPhtEzw=
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:07:27 2026 by rpki-client