Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9116907/B56A7CB07AB711ED9B953569C4F9AE02/EF9D5BBCE94211F08F77753A3C6F56BC.roa
File: EF9D5BBCE94211F08F77753A3C6F56BC.roa (raw, json)
Hash identifier: Q1RfYknRnpFb4jNQ61WjgyCjXaW4u7sCYH8KXBu1k40=
Subject key identifier: C4:35:87:68:06:4B:33:76:CF:60:4F:30:88:60:6E:D2:DB:64:5E:E0
Certificate issuer: /CN=A9116907/serialNumber=CA0070AC5201D6F6A775AA525D53D8E330E32096
Certificate serial: 02A1
Authority key identifier: CA:00:70:AC:52:01:D6:F6:A7:75:AA:52:5D:53:D8:E3:30:E3:20:96
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ygBwrFIB1vandapSXVPY4zDjIJY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9116907/B56A7CB07AB711ED9B953569C4F9AE02/EF9D5BBCE94211F08F77753A3C6F56BC.roa
Signing time: Wed 03 Jun 2026 11:57:20 +0000
ROA not before: Wed 03 Jun 2026 11:57:20 +0000
ROA not after: Sun 31 Jan 2027 00:00:00 +0000
asID: 150681
IP address blocks: 103.53.160.0/24 maxlen: 24
103.53.161.0/24 maxlen: 24
2400:cae0::/32 maxlen: 32
2400:cae0::/36 maxlen: 36
2400:cae0::/48 maxlen: 48
2400:cae0:1::/48 maxlen: 48
2400:cae0:2::/48 maxlen: 48
2400:cae0:3::/48 maxlen: 48
2400:cae0:4::/48 maxlen: 48
2400:cae0:5::/48 maxlen: 48
2400:cae0:6::/48 maxlen: 48
2400:cae0:7::/48 maxlen: 48
2400:cae0:8::/48 maxlen: 48
2400:cae0:9::/48 maxlen: 48
2400:cae0:a::/48 maxlen: 48
2400:cae0:b::/48 maxlen: 48
2400:cae0:c::/48 maxlen: 48
2400:cae0:d::/48 maxlen: 48
2400:cae0:e::/48 maxlen: 48
2400:cae0:f::/48 maxlen: 48
2400:cae0:1000::/36 maxlen: 36
2400:cae0:2000::/36 maxlen: 36
2400:cae0:3000::/36 maxlen: 36
2400:cae0:4000::/36 maxlen: 36
2400:cae0:5000::/36 maxlen: 36
2400:cae0:6000::/36 maxlen: 36
2400:cae0:7000::/36 maxlen: 36
2400:cae0:8000::/36 maxlen: 36
2400:cae0:9000::/36 maxlen: 36
2400:cae0:a000::/36 maxlen: 36
2400:cae0:b000::/36 maxlen: 36
2400:cae0:c000::/34 maxlen: 34
2400:cae0:c000::/36 maxlen: 36
2400:cae0:d000::/36 maxlen: 36
2400:cae0:e000::/36 maxlen: 36
2400:cae0:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9116907/B56A7CB07AB711ED9B953569C4F9AE02/ygBwrFIB1vandapSXVPY4zDjIJY.crl
rsync://rpki.apnic.net/member_repository/A9116907/B56A7CB07AB711ED9B953569C4F9AE02/ygBwrFIB1vandapSXVPY4zDjIJY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ygBwrFIB1vandapSXVPY4zDjIJY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 20 Jun 2026 01:46:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 673 (0x2a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9116907, serialNumber=CA0070AC5201D6F6A775AA525D53D8E330E32096
Validity
Not Before: Jun 3 11:57:20 2026 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=6a20169f-c296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5c:45:73:82:17:23:b4:f5:02:53:07:67:5f:
9f:f6:4d:4c:27:b8:c7:6f:0c:9c:da:55:85:e1:78:
68:e3:ea:d2:e4:79:50:73:5a:8b:2a:83:4e:4f:a3:
b1:4b:f8:cd:23:f0:27:4c:86:d1:c3:36:e7:84:a6:
82:5b:d9:ca:7e:5b:62:03:53:4a:e5:72:3f:83:30:
a1:38:c4:e4:79:0e:8e:9a:12:0a:1c:32:4d:fd:a6:
49:67:dd:08:30:2a:91:3e:37:25:80:b8:55:bc:c9:
64:40:4f:9e:9c:72:b7:e5:4f:09:17:b6:9f:9e:39:
92:8f:12:e0:d0:bb:3b:e8:e2:30:3b:e9:93:99:35:
cc:71:80:6a:0b:4c:8b:f4:88:00:98:81:18:b0:98:
31:16:56:78:b2:63:b0:63:ac:b7:69:61:8a:bc:8a:
7e:51:9a:df:8e:e5:3f:a3:7e:02:28:b8:b4:eb:b6:
75:05:35:37:58:64:39:6c:38:dc:10:1e:e0:3e:69:
2e:e1:1e:f4:7f:bf:a1:18:75:9b:24:4c:9e:a8:4a:
c9:c8:5e:2a:fb:6f:dd:c4:b7:81:9e:24:20:11:eb:
35:2c:a7:36:4b:9b:bd:ec:44:fd:73:01:7b:14:5e:
7f:c7:0a:17:f5:ee:33:6b:3f:ce:af:11:a3:12:ac:
ed:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:35:87:68:06:4B:33:76:CF:60:4F:30:88:60:6E:D2:DB:64:5E:E0
X509v3 Authority Key Identifier:
keyid:CA:00:70:AC:52:01:D6:F6:A7:75:AA:52:5D:53:D8:E3:30:E3:20:96
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9116907/B56A7CB07AB711ED9B953569C4F9AE02/ygBwrFIB1vandapSXVPY4zDjIJY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ygBwrFIB1vandapSXVPY4zDjIJY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9116907/B56A7CB07AB711ED9B953569C4F9AE02/EF9D5BBCE94211F08F77753A3C6F56BC.roa
sbgp-ipAddrBlock: critical
IPv4:
103.53.160.0/23
IPv6:
2400:cae0::/32
Signature Algorithm: sha256WithRSAEncryption
81:37:3a:54:17:10:9d:09:41:72:6f:e1:67:97:d1:c1:47:33:
c9:f8:3a:d3:f2:a8:ed:f8:6b:f0:b0:12:de:f9:01:0f:c6:92:
95:c6:76:7a:54:1c:b5:eb:1a:79:37:31:86:12:cc:e7:7f:bc:
c4:41:ef:99:fd:46:81:f0:f7:1f:48:42:eb:90:11:f3:6a:04:
e4:6a:d7:33:05:a0:d0:51:55:5b:22:57:1d:f4:0c:5d:55:ef:
cd:0f:cc:d5:6d:a2:3c:cd:4a:35:50:3e:e0:17:86:1b:c3:b9:
aa:09:4f:80:7c:aa:a4:8e:f7:78:f9:3b:d5:93:00:cc:73:47:
d7:f8:b4:b3:24:67:83:4c:ce:12:e7:f1:a6:7d:1d:3e:ff:9e:
64:94:fa:5b:cd:fa:24:76:3a:e0:3d:af:56:5c:e6:f3:14:1c:
fa:d1:d9:32:98:69:13:bb:91:6c:66:66:f5:f5:a8:c4:9c:4a:
20:24:d1:23:96:c6:a7:c7:67:6c:b0:45:f6:db:5e:58:42:cc:
15:87:80:f7:93:62:a3:fb:74:f5:cf:3d:20:f0:99:ba:c6:46:
1f:85:c5:1b:dc:5b:51:26:98:a8:dd:8f:51:93:a6:7f:05:e7:
92:50:a3:a3:82:0e:56:a6:b8:be:11:77:b9:94:a2:c4:2b:91:
5b:f4:96:0e
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgICAqEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTY5MDcxMTAvBgNVBAUTKENBMDA3MEFDNTIwMUQ2RjZBNzc1QUE1MjVENTNEOEUz
MzBFMzIwOTYwHhcNMjYwNjAzMTE1NzIwWhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTIwMTY5Zi1jMjk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzFxFc4IXI7T1AlMHZ1+f9k1MJ7jHbwyc2lWF4Xho4+rS5HlQc1qLKoNOT6Ox
S/jNI/AnTIbRwzbnhKaCW9nKfltiA1NK5XI/gzChOMTkeQ6OmhIKHDJN/aZJZ90I
MCqRPjclgLhVvMlkQE+enHK35U8JF7afnjmSjxLg0Ls76OIwO+mTmTXMcYBqC0yL
9IgAmIEYsJgxFlZ4smOwY6y3aWGKvIp+UZrfjuU/o34CKLi067Z1BTU3WGQ5bDjc
EB7gPmku4R70f7+hGHWbJEyeqErJyF4q+2/dxLeBniQgEes1LKc2S5u97ET9cwF7
FF5/xwoX9e4zaz/OrxGjEqztHwIDAQABo4ICbzCCAmswHQYDVR0OBBYEFMQ1h2gG
SzN2z2BPMIhgbtLbZF7gMB8GA1UdIwQYMBaAFMoAcKxSAdb2p3WqUl1T2OMw4yCW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjkwNy9CNTZBN0NCMDdB
QjcxMUVEOUI5NTM1NjlDNEY5QUUwMi95Z0J3ckZJQjF2YW5kYXBTWFZQWTR6RGpJ
SlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lnQndyRklCMXZhbmRhcFNYVlBZNHpEaklKWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTY5MDcvQjU2QTdDQjA3QUI3MTFFRDlCOTUzNTY5QzRGOUFFMDIvRUY5RDVCQkNF
OTQyMTFGMDhGNzc3NTNBM0M2RjU2QkMucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQBZzWgMA0EAgACMAcDBQAkAMrgMA0GCSqGSIb3DQEBCwUAA4IBAQCB
NzpUFxCdCUFyb+Fnl9HBRzPJ+DrT8qjt+GvwsBLe+QEPxpKVxnZ6VBy16xp5NzGG
Esznf7zEQe+Z/UaB8PcfSELrkBHzagTkatczBaDQUVVbIlcd9AxdVe/ND8zVbaI8
zUo1UD7gF4Ybw7mqCU+AfKqkjvd4+TvVkwDMc0fX+LSzJGeDTM4S5/GmfR0+/55k
lPpbzfokdjrgPa9WXObzFBz60dkymGkTu5FsZmb19ajEnEogJNEjlsanx2dssEX2
215YQswVh4D3k2Kj+3T1zz0g8Jm6xkYfhcUb3FtRJpio3Y9Rk6Z/BeeSUKOjgg5W
pri+EXe5lKLEK5Fb9JYO
-----END CERTIFICATE-----
Generated at Sat Jun 13 22:10:37 2026 by rpki-client