Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/5AE16D9A386F11EFABF4E132C4F9AE02.roa
File: 5AE16D9A386F11EFABF4E132C4F9AE02.roa (raw, json)
Hash identifier: X++G4W4xVTOlRaDR1fv18JyctaLbbXwbI4BhZbctNFo=
Subject key identifier: 15:3B:3A:8D:E4:ED:2F:84:7B:8D:E9:C3:2C:47:FA:D5:D4:F7:EE:3F
Certificate issuer: /CN=A919DAF2/serialNumber=139CC1DB6B9D24B93B14928A7518D04EB3B26A3A
Certificate serial: 22C1
Authority key identifier: 13:9C:C1:DB:6B:9D:24:B9:3B:14:92:8A:75:18:D0:4E:B3:B2:6A:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E5zB22udJLk7FJKKdRjQTrOyajo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/5AE16D9A386F11EFABF4E132C4F9AE02.roa
Signing time: Thu 30 Apr 2026 16:18:48 +0000
ROA not before: Thu 30 Apr 2026 16:18:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 18196
IP address blocks: 45.117.128.0/22 maxlen: 22
45.117.128.0/24 maxlen: 24
45.117.129.0/24 maxlen: 24
45.117.130.0/24 maxlen: 24
45.117.131.0/24 maxlen: 24
103.255.112.0/24 maxlen: 24
103.255.113.0/24 maxlen: 24
103.255.114.0/24 maxlen: 24
202.134.154.0/24 maxlen: 24
202.134.155.0/24 maxlen: 24
202.134.156.0/24 maxlen: 24
202.134.160.0/24 maxlen: 24
202.134.161.0/24 maxlen: 24
202.134.162.0/24 maxlen: 24
202.134.163.0/24 maxlen: 24
202.134.164.0/24 maxlen: 24
202.134.165.0/24 maxlen: 24
202.134.166.0/24 maxlen: 24
202.134.167.0/24 maxlen: 24
202.134.169.0/24 maxlen: 24
202.134.170.0/24 maxlen: 24
202.134.171.0/24 maxlen: 24
202.134.172.0/24 maxlen: 24
202.134.173.0/24 maxlen: 24
202.134.174.0/24 maxlen: 24
202.134.175.0/24 maxlen: 24
202.134.184.0/24 maxlen: 24
202.134.185.0/24 maxlen: 24
202.134.186.0/24 maxlen: 24
202.134.187.0/24 maxlen: 24
202.134.189.0/24 maxlen: 24
202.134.190.0/24 maxlen: 24
202.134.191.0/24 maxlen: 24
2402:f200::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/E5zB22udJLk7FJKKdRjQTrOyajo.crl
rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/E5zB22udJLk7FJKKdRjQTrOyajo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E5zB22udJLk7FJKKdRjQTrOyajo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 15:51:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8897 (0x22c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919DAF2, serialNumber=139CC1DB6B9D24B93B14928A7518D04EB3B26A3A
Validity
Not Before: Apr 30 16:18:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=69f380e7-7368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:ae:b7:26:b6:05:d5:2b:04:50:28:c0:59:ba:
1c:c8:13:ab:df:f5:24:4d:d1:df:ba:ea:7e:38:b0:
d8:2a:77:3d:4c:33:ee:e0:31:88:d7:3c:71:d9:37:
e1:74:15:ff:94:52:6a:0d:21:6b:a2:1a:ed:2f:43:
c7:86:d6:f9:d8:fe:87:85:50:f5:b0:40:2b:60:18:
20:1a:e2:7d:3f:7d:5f:ef:b6:ad:5c:e6:21:a9:bb:
c3:bc:f0:38:b9:7b:bd:1c:9d:48:4e:d3:d3:97:e4:
8e:a7:9d:49:57:63:94:05:93:8c:f4:16:b0:b0:55:
e3:fa:a4:b6:33:3a:ff:83:a6:0d:ab:9b:7a:e6:c2:
a7:65:86:da:aa:ed:bf:79:6a:35:3b:64:57:86:bb:
c1:2d:6b:fa:3f:81:d3:29:36:f6:42:29:4d:04:e8:
44:30:b5:b6:e6:cb:7b:79:8b:9d:3b:4e:72:51:f2:
b4:5d:eb:51:01:a8:71:74:de:2f:02:9e:3b:46:8b:
ca:f6:a5:5a:c7:dc:43:a7:ad:56:05:04:22:5c:20:
82:5f:bc:25:14:60:98:83:e7:f3:e7:f8:57:c0:83:
b1:c2:39:7f:33:91:ee:a2:19:ce:cf:fb:4e:ef:a1:
47:7f:d3:85:4d:c5:4b:14:70:5e:08:28:66:83:23:
76:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:3B:3A:8D:E4:ED:2F:84:7B:8D:E9:C3:2C:47:FA:D5:D4:F7:EE:3F
X509v3 Authority Key Identifier:
keyid:13:9C:C1:DB:6B:9D:24:B9:3B:14:92:8A:75:18:D0:4E:B3:B2:6A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/E5zB22udJLk7FJKKdRjQTrOyajo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E5zB22udJLk7FJKKdRjQTrOyajo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/5AE16D9A386F11EFABF4E132C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.117.128.0/22
103.255.112.0-103.255.114.255
202.134.154.0-202.134.156.255
202.134.160.0/21
202.134.169.0-202.134.175.255
202.134.184.0/22
202.134.189.0-202.134.191.255
IPv6:
2402:f200::/32
Signature Algorithm: sha256WithRSAEncryption
28:27:3a:cf:4e:3b:6f:a7:b2:66:6a:4d:9e:7d:27:9e:24:a9:
4b:a4:68:b3:e2:d7:a6:47:ce:3d:ea:17:f9:9a:ee:fd:1f:1b:
72:7b:2f:cf:01:8e:8d:23:32:e2:13:fc:07:10:a7:78:dc:a6:
54:dc:ba:99:e7:30:e9:0d:72:71:3c:1e:ba:d5:31:f0:f6:93:
ab:b6:ac:c8:b5:55:99:bb:4b:3e:21:97:93:59:41:2f:e0:98:
98:22:7f:30:41:1c:8b:e3:f8:56:5c:8d:41:3c:34:6d:9d:af:
d9:b5:9a:37:a1:a8:c4:dd:10:92:b2:b9:c4:f8:78:94:93:a7:
40:7e:11:57:73:8e:a0:f7:63:28:0d:ab:0e:62:92:f5:ca:ab:
12:61:ce:20:b3:ad:7f:cc:10:e9:eb:8f:04:41:31:54:f0:2b:
11:1e:7c:d1:ae:ad:5d:7d:18:2d:d7:dd:dd:aa:64:8c:d4:f7:
7a:7d:eb:38:4a:f1:e6:2d:80:c4:04:a9:9c:34:6a:5c:55:21:
23:ee:29:0f:55:15:71:5c:f2:f5:8c:19:a1:3f:9e:79:30:95:
f1:f4:20:70:d0:cf:d9:d7:71:f4:b8:b1:f3:76:d0:a3:93:e5:
0e:ef:56:cd:6f:7d:46:b9:86:70:35:0a:01:76:b0:f4:e4:9c:
74:7f:a2:a5
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICIsEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OURBRjIxMTAvBgNVBAUTKDEzOUNDMURCNkI5RDI0QjkzQjE0OTI4QTc1MThEMDRF
QjNCMjZBM0EwHhcNMjYwNDMwMTYxODQ4WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWYzODBlNy03MzY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5q63JrYF1SsEUCjAWbocyBOr3/UkTdHfuup+OLDYKnc9TDPu4DGI1zxx2Tfh
dBX/lFJqDSFrohrtL0PHhtb52P6HhVD1sEArYBggGuJ9P31f77atXOYhqbvDvPA4
uXu9HJ1ITtPTl+SOp51JV2OUBZOM9BawsFXj+qS2Mzr/g6YNq5t65sKnZYbaqu2/
eWo1O2RXhrvBLWv6P4HTKTb2QilNBOhEMLW25st7eYudO05yUfK0XetRAahxdN4v
Ap47RovK9qVax9xDp61WBQQiXCCCX7wlFGCYg+fz5/hXwIOxwjl/M5HuohnOz/tO
76FHf9OFTcVLFHBeCChmgyN2HQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFBU7Oo3k
7S+Ee43pwyxH+tXU9+4/MB8GA1UdIwQYMBaAFBOcwdtrnSS5OxSSinUY0E6zsmo6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5REFGMi8yNkVDNkREQUQz
REExMUU1OEM1Q0Q0MEZDNEY5QUUwMi9FNXpCMjJ1ZEpMazdGSktLZFJqUVRyT3lh
am8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0U1ekIyMnVkSkxrN0ZKS0tkUmpRVHJPeWFqby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OURBRjIvMjZFQzZEREFEM0RBMTFFNThDNUNENDBGQzRGOUFFMDIvNUFFMTZEOUEz
ODZGMTFFRkFCRjRFMTMyQzRGOUFFMDIucm9hMHIGCCsGAQUFBwEHAQH/BGMwYTBQ
BAIAATBKAwQCLXWAMAwDBARn/3ADBABn/3IwDAMEAcqGmgMEAMqGnAMEA8qGoDAM
AwQAyoapAwQEyoagAwQCyoa4MAwDBADKhr0DBAbKhoAwDQQCAAIwBwMFACQC8gAw
DQYJKoZIhvcNAQELBQADggEBACgnOs9OO2+nsmZqTZ59J54kqUukaLPi16ZHzj3q
F/ma7v0fG3J7L88Bjo0jMuIT/AcQp3jcplTcupnnMOkNcnE8HrrVMfD2k6u2rMi1
VZm7Sz4hl5NZQS/gmJgifzBBHIvj+FZcjUE8NG2dr9m1mjehqMTdEJKyucT4eJST
p0B+EVdzjqD3YygNqw5ikvXKqxJhziCzrX/MEOnrjwRBMVTwKxEefNGurV19GC3X
3d2qZIzU93p96zhK8eYtgMQEqZw0alxVISPuKQ9VFXFc8vWMGaE/nnkwlfH0IHDQ
z9nXcfS4sfN20KOT5Q7vVs1vfUa5hnA1CgF2sPTknHR/oqU=
-----END CERTIFICATE-----
Generated at Wed May 13 07:50:28 2026 by rpki-client