Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9116907/B56A7CB07AB711ED9B953569C4F9AE02/EF9D5BBCE94211F08F77753A3C6F56BC.roa
File: EF9D5BBCE94211F08F77753A3C6F56BC.roa (raw, json)
Hash identifier: dSdyOI3NKroBXRPK4g3/VXBd5t/AgAoW4VERy4gWDHo=
Subject key identifier: 33:A2:54:58:02:46:6D:D0:54:FA:AB:BC:56:1C:A4:65:74:E4:F4:64
Certificate issuer: /CN=A9116907/serialNumber=CA0070AC5201D6F6A775AA525D53D8E330E32096
Certificate serial: 026F
Authority key identifier: CA:00:70:AC:52:01:D6:F6:A7:75:AA:52:5D:53:D8:E3:30:E3:20:96
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ygBwrFIB1vandapSXVPY4zDjIJY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9116907/B56A7CB07AB711ED9B953569C4F9AE02/EF9D5BBCE94211F08F77753A3C6F56BC.roa
Signing time: Sun 01 Mar 2026 16:11:28 +0000
ROA not before: Sun 04 Jan 2026 07:56:54 +0000
ROA not after: Sun 31 Jan 2027 00:00:00 +0000
asID: 150681
IP address blocks: 103.53.160.0/24 maxlen: 24
2400:cae0::/32 maxlen: 32
2400:cae0::/36 maxlen: 36
2400:cae0::/48 maxlen: 48
2400:cae0:1::/48 maxlen: 48
2400:cae0:2::/48 maxlen: 48
2400:cae0:3::/48 maxlen: 48
2400:cae0:4::/48 maxlen: 48
2400:cae0:5::/48 maxlen: 48
2400:cae0:6::/48 maxlen: 48
2400:cae0:7::/48 maxlen: 48
2400:cae0:8::/48 maxlen: 48
2400:cae0:9::/48 maxlen: 48
2400:cae0:a::/48 maxlen: 48
2400:cae0:b::/48 maxlen: 48
2400:cae0:c::/48 maxlen: 48
2400:cae0:d::/48 maxlen: 48
2400:cae0:e::/48 maxlen: 48
2400:cae0:f::/48 maxlen: 48
2400:cae0:1000::/36 maxlen: 36
2400:cae0:2000::/36 maxlen: 36
2400:cae0:3000::/36 maxlen: 36
2400:cae0:4000::/36 maxlen: 36
2400:cae0:5000::/36 maxlen: 36
2400:cae0:6000::/36 maxlen: 36
2400:cae0:7000::/36 maxlen: 36
2400:cae0:8000::/36 maxlen: 36
2400:cae0:9000::/36 maxlen: 36
2400:cae0:a000::/36 maxlen: 36
2400:cae0:b000::/36 maxlen: 36
2400:cae0:c000::/34 maxlen: 34
2400:cae0:c000::/36 maxlen: 36
2400:cae0:d000::/36 maxlen: 36
2400:cae0:e000::/36 maxlen: 36
2400:cae0:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9116907/B56A7CB07AB711ED9B953569C4F9AE02/ygBwrFIB1vandapSXVPY4zDjIJY.crl
rsync://rpki.apnic.net/member_repository/A9116907/B56A7CB07AB711ED9B953569C4F9AE02/ygBwrFIB1vandapSXVPY4zDjIJY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ygBwrFIB1vandapSXVPY4zDjIJY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 23:36:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 623 (0x26f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9116907, serialNumber=CA0070AC5201D6F6A775AA525D53D8E330E32096
Validity
Not Before: Jan 4 07:56:54 2026 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=69a46530-2660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:74:12:8b:4a:2d:18:b4:ff:9f:23:f7:ba:91:
1f:e9:86:dd:b4:6b:c4:3f:1c:8b:fb:92:39:7b:0b:
1b:98:22:ea:d5:a7:b6:46:73:32:68:e3:f8:98:c6:
56:3c:27:9b:a8:c6:1b:e5:42:2a:30:83:34:4c:f4:
5c:c0:d5:6c:79:d2:42:2c:0e:97:98:8a:1f:55:ba:
bb:f8:0f:cc:04:6c:4b:b3:74:53:ed:7c:c3:5d:62:
eb:4a:a7:de:42:76:f6:34:03:ed:59:9f:bb:ab:d2:
8d:72:3f:99:6c:b7:56:95:fa:97:ee:25:fd:45:45:
4c:5d:64:ac:60:b9:fb:1d:cb:5e:ad:f1:0b:22:20:
dc:b6:c3:68:4c:1d:b3:4a:3e:67:69:c8:81:db:9c:
76:c4:d1:a4:ec:6e:33:ec:1f:7c:4b:7d:39:95:35:
e7:59:a3:9d:49:53:60:7e:25:c7:e4:29:af:03:58:
85:22:c8:e8:4a:e5:47:ce:2b:b6:ea:53:7e:5f:bf:
22:7a:e6:a8:79:93:34:ee:f8:85:3e:a9:50:2c:67:
c2:05:e0:42:dc:ef:f9:47:8e:9c:5e:b8:76:c8:74:
06:fc:58:22:08:2c:70:17:c1:00:82:4a:07:42:0c:
ce:ca:50:2d:3f:e7:10:6d:c3:0e:dc:09:79:01:b9:
6f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:A2:54:58:02:46:6D:D0:54:FA:AB:BC:56:1C:A4:65:74:E4:F4:64
X509v3 Authority Key Identifier:
keyid:CA:00:70:AC:52:01:D6:F6:A7:75:AA:52:5D:53:D8:E3:30:E3:20:96
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9116907/B56A7CB07AB711ED9B953569C4F9AE02/ygBwrFIB1vandapSXVPY4zDjIJY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ygBwrFIB1vandapSXVPY4zDjIJY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9116907/B56A7CB07AB711ED9B953569C4F9AE02/EF9D5BBCE94211F08F77753A3C6F56BC.roa
sbgp-ipAddrBlock: critical
IPv4:
103.53.160.0/24
IPv6:
2400:cae0::/32
Signature Algorithm: sha256WithRSAEncryption
4c:f7:14:2c:76:b1:77:aa:55:88:50:0c:65:61:84:91:00:37:
1e:09:15:19:ee:cf:a8:b7:48:54:9e:0f:a3:c5:e2:3c:1f:32:
32:5b:e6:9a:5a:e2:1a:7b:a9:f5:a4:b5:66:6a:8a:a7:25:11:
9d:a6:8b:b9:12:38:b8:02:7c:68:20:06:f5:6e:1d:74:47:b6:
65:ae:5d:24:ce:6d:fc:ed:96:46:39:11:1f:03:dd:70:f9:37:
a4:c4:64:28:be:ad:43:fa:9c:07:72:ed:62:d9:bc:32:44:28:
68:67:c6:75:d1:40:62:9b:ee:be:bb:99:0b:e2:f4:4e:a3:26:
51:3b:2d:c5:2c:76:22:9c:42:e6:23:95:8d:fc:1a:1a:51:70:
c4:9b:1d:94:38:46:b4:d8:0a:ff:10:75:55:21:51:23:05:7a:
b2:a7:5a:8f:17:1a:60:f0:ed:f8:df:eb:e0:f9:3b:44:4c:de:
50:54:ce:b1:4a:45:a0:93:34:bb:6f:b3:40:45:60:c8:82:62:
34:c1:16:59:28:c7:24:ee:3d:51:5f:fc:e6:fc:41:2e:6c:d8:
51:c2:5f:0c:8b:c9:c8:66:b9:07:99:0f:f1:a4:d4:03:26:09:
0e:2d:58:29:ea:60:f1:ab:4c:41:c3:43:67:b2:4c:8e:6c:2b:
fd:70:de:32
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgICAm8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTY5MDcxMTAvBgNVBAUTKENBMDA3MEFDNTIwMUQ2RjZBNzc1QUE1MjVENTNEOEUz
MzBFMzIwOTYwHhcNMjYwMTA0MDc1NjU0WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NjUzMC0yNjYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmXQSi0otGLT/nyP3upEf6YbdtGvEPxyL+5I5ewsbmCLq1ae2RnMyaOP4mMZW
PCebqMYb5UIqMIM0TPRcwNVsedJCLA6XmIofVbq7+A/MBGxLs3RT7XzDXWLrSqfe
Qnb2NAPtWZ+7q9KNcj+ZbLdWlfqX7iX9RUVMXWSsYLn7HcterfELIiDctsNoTB2z
Sj5naciB25x2xNGk7G4z7B98S305lTXnWaOdSVNgfiXH5CmvA1iFIsjoSuVHziu2
6lN+X78ieuaoeZM07viFPqlQLGfCBeBC3O/5R46cXrh2yHQG/FgiCCxwF8EAgkoH
QgzOylAtP+cQbcMO3Al5AblvNQIDAQABo4ICbzCCAmswHQYDVR0OBBYEFDOiVFgC
Rm3QVPqrvFYcpGV05PRkMB8GA1UdIwQYMBaAFMoAcKxSAdb2p3WqUl1T2OMw4yCW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjkwNy9CNTZBN0NCMDdB
QjcxMUVEOUI5NTM1NjlDNEY5QUUwMi95Z0J3ckZJQjF2YW5kYXBTWFZQWTR6RGpJ
SlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lnQndyRklCMXZhbmRhcFNYVlBZNHpEaklKWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTY5MDcvQjU2QTdDQjA3QUI3MTFFRDlCOTUzNTY5QzRGOUFFMDIvRUY5RDVCQkNF
OTQyMTFGMDhGNzc3NTNBM0M2RjU2QkMucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQAZzWgMA0EAgACMAcDBQAkAMrgMA0GCSqGSIb3DQEBCwUAA4IBAQBM
9xQsdrF3qlWIUAxlYYSRADceCRUZ7s+ot0hUng+jxeI8HzIyW+aaWuIae6n1pLVm
aoqnJRGdpou5Eji4AnxoIAb1bh10R7Zlrl0kzm387ZZGOREfA91w+TekxGQovq1D
+pwHcu1i2bwyRChoZ8Z10UBim+6+u5kL4vROoyZROy3FLHYinELmI5WN/BoaUXDE
mx2UOEa02Ar/EHVVIVEjBXqyp1qPFxpg8O343+vg+TtETN5QVM6xSkWgkzS7b7NA
RWDIgmI0wRZZKMck7j1RX/zm/EEubNhRwl8Mi8nIZrkHmQ/xpNQDJgkOLVgp6mDx
q0xBw0NnskyObCv9cN4y
-----END CERTIFICATE-----
Generated at Mon Mar 2 20:51:49 2026 by rpki-client