Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9116BB8/39DCF75442F011EB8A09C75AC4F9AE02/490CDADA42F211EBB34A1A60C4F9AE02.roa
File: 490CDADA42F211EBB34A1A60C4F9AE02.roa (raw, json)
Hash identifier: Se/FydpBawCgxqmDdxPeEx3HviegkPK2hAJPQuttyZw=
Subject key identifier: 63:75:2F:05:78:6E:67:85:9A:C4:40:7D:B8:35:0B:B0:A1:8A:A2:3A
Certificate issuer: /CN=A9116BB8/serialNumber=8AE9CDE10BE0B77F091B0D38EBC1967C8BC0919E
Certificate serial: 07DF
Authority key identifier: 8A:E9:CD:E1:0B:E0:B7:7F:09:1B:0D:38:EB:C1:96:7C:8B:C0:91:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iunN4Qvgt38JGw0468GWfIvAkZ4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9116BB8/39DCF75442F011EB8A09C75AC4F9AE02/490CDADA42F211EBB34A1A60C4F9AE02.roa
Signing time: Thu 09 Apr 2026 07:12:03 +0000
ROA not before: Thu 09 Apr 2026 07:12:03 +0000
ROA not after: Wed 30 Dec 2026 00:00:00 +0000
asID: 138995
IP address blocks: 45.125.216.0/24 maxlen: 24
45.125.217.0/24 maxlen: 24
45.125.218.0/24 maxlen: 24
45.125.219.0/24 maxlen: 24
103.86.64.0/24 maxlen: 24
103.86.65.0/24 maxlen: 24
103.86.66.0/24 maxlen: 24
103.86.67.0/24 maxlen: 24
103.93.46.0/24 maxlen: 24
103.98.112.0/24 maxlen: 24
103.98.114.0/24 maxlen: 24
103.98.115.0/24 maxlen: 24
103.108.185.0/24 maxlen: 24
103.116.132.0/24 maxlen: 24
103.116.133.0/24 maxlen: 24
103.142.244.0/24 maxlen: 24
103.142.245.0/24 maxlen: 24
103.194.104.0/24 maxlen: 24
103.194.105.0/24 maxlen: 24
103.194.106.0/24 maxlen: 24
103.194.107.0/24 maxlen: 24
116.204.176.0/24 maxlen: 24
116.204.177.0/24 maxlen: 24
116.204.178.0/24 maxlen: 24
116.204.179.0/24 maxlen: 24
2001:df1:5f80::/48 maxlen: 48
2001:dff::/32 maxlen: 32
2001:dff:aa00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9116BB8/39DCF75442F011EB8A09C75AC4F9AE02/iunN4Qvgt38JGw0468GWfIvAkZ4.crl
rsync://rpki.apnic.net/member_repository/A9116BB8/39DCF75442F011EB8A09C75AC4F9AE02/iunN4Qvgt38JGw0468GWfIvAkZ4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iunN4Qvgt38JGw0468GWfIvAkZ4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Apr 2026 21:22:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2015 (0x7df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9116BB8, serialNumber=8AE9CDE10BE0B77F091B0D38EBC1967C8BC0919E
Validity
Not Before: Apr 9 07:12:03 2026 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=69d75143-5864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2e:2d:38:ce:69:16:67:68:94:16:aa:73:30:
95:44:a4:28:1c:3e:6c:42:38:d2:9c:58:e2:29:98:
56:5e:c8:cf:9a:a4:ef:81:e5:ae:d7:20:60:42:55:
74:09:61:f9:19:f7:eb:22:4c:c5:8f:82:61:0b:11:
f3:60:7b:48:17:c3:39:59:fa:1a:fb:3f:19:ea:e0:
1d:27:9b:71:e1:e0:dd:20:5b:8e:df:b6:c9:28:5a:
78:c3:47:b2:c7:6f:c6:d5:2f:43:fa:c1:f4:69:e2:
8d:ce:50:1e:bc:fd:56:9d:e2:40:15:b3:4d:a1:6b:
18:86:2f:d5:f4:c7:1c:3c:40:4b:a7:1f:a7:a6:fe:
2d:97:7b:05:9c:5d:3c:67:a1:06:34:a9:c7:d8:6a:
b7:76:cc:04:02:64:0c:54:6d:a4:60:e6:72:62:25:
9f:85:6b:7e:1f:0c:95:f7:b8:0d:9b:00:de:5b:06:
c5:e4:d3:9c:ba:f8:27:50:94:e7:62:c5:b5:1c:a9:
77:89:57:de:c8:d9:64:5e:e1:5d:62:57:19:5e:6c:
b1:33:ef:b7:33:25:da:65:2d:f4:bf:1c:cf:2a:13:
3a:62:90:17:69:cb:c6:3d:0d:65:cb:77:2e:1f:e2:
e5:fa:1e:16:88:85:95:9e:90:da:78:1b:8f:96:27:
aa:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:75:2F:05:78:6E:67:85:9A:C4:40:7D:B8:35:0B:B0:A1:8A:A2:3A
X509v3 Authority Key Identifier:
keyid:8A:E9:CD:E1:0B:E0:B7:7F:09:1B:0D:38:EB:C1:96:7C:8B:C0:91:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9116BB8/39DCF75442F011EB8A09C75AC4F9AE02/iunN4Qvgt38JGw0468GWfIvAkZ4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iunN4Qvgt38JGw0468GWfIvAkZ4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9116BB8/39DCF75442F011EB8A09C75AC4F9AE02/490CDADA42F211EBB34A1A60C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.125.216.0/22
103.86.64.0/22
103.93.46.0/24
103.98.112.0/24
103.98.114.0/23
103.108.185.0/24
103.116.132.0/23
103.142.244.0/23
103.194.104.0/22
116.204.176.0/22
IPv6:
2001:df1:5f80::/48
2001:dff::/32
Signature Algorithm: sha256WithRSAEncryption
85:75:2b:47:2e:68:41:8c:65:04:24:4f:cf:e8:32:42:c2:e4:
af:1e:d0:d8:43:bd:fb:70:7b:a7:cb:b8:73:d5:2e:ff:61:80:
c0:58:ad:d6:a4:7e:35:90:ff:c9:12:b8:cc:13:3f:cb:3c:c6:
a4:f3:89:1d:28:d3:32:50:b3:03:d4:f2:f7:40:f9:cb:71:f6:
05:ad:d0:e5:41:9a:65:87:82:6a:f0:22:2f:ba:ea:d0:dd:69:
04:a4:73:a3:ca:69:3b:7b:97:5d:2a:c2:01:eb:2b:79:fc:97:
c9:13:4a:ad:38:97:af:f4:84:5f:bc:4e:39:ca:41:8e:34:99:
94:6e:6a:e3:9d:72:99:2a:43:00:47:43:61:d5:a2:ca:ba:df:
67:84:22:dd:5a:37:79:a5:43:99:77:49:ff:92:71:1c:95:4e:
30:ec:96:5a:70:a7:13:04:57:1f:ae:69:46:f8:a7:f3:ad:53:
60:fc:99:1d:01:78:90:43:1f:fb:cb:48:88:b0:b6:02:ff:e9:
89:62:c8:04:eb:a3:1f:dd:bb:67:9f:57:6d:e3:7b:72:61:c6:
e0:32:d5:f9:75:b4:7f:f4:41:91:8d:78:ee:40:eb:55:c9:ce:
29:eb:51:45:02:66:86:c8:21:c7:f9:ed:45:a7:5d:e8:45:47:
45:66:df:9d
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgICB98wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTZCQjgxMTAvBgNVBAUTKDhBRTlDREUxMEJFMEI3N0YwOTFCMEQzOEVCQzE5NjdD
OEJDMDkxOUUwHhcNMjYwNDA5MDcxMjAzWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWQ3NTE0My01ODY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzi4tOM5pFmdolBaqczCVRKQoHD5sQjjSnFjiKZhWXsjPmqTvgeWu1yBgQlV0
CWH5GffrIkzFj4JhCxHzYHtIF8M5Wfoa+z8Z6uAdJ5tx4eDdIFuO37bJKFp4w0ey
x2/G1S9D+sH0aeKNzlAevP1WneJAFbNNoWsYhi/V9MccPEBLpx+npv4tl3sFnF08
Z6EGNKnH2Gq3dswEAmQMVG2kYOZyYiWfhWt+HwyV97gNmwDeWwbF5NOcuvgnUJTn
YsW1HKl3iVfeyNlkXuFdYlcZXmyxM++3MyXaZS30vxzPKhM6YpAXacvGPQ1ly3cu
H+Ll+h4WiIWVnpDaeBuPlieqUQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFGN1LwV4
bmeFmsRAfbg1C7ChiqI6MB8GA1UdIwQYMBaAFIrpzeEL4Ld/CRsNOOvBlnyLwJGe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNkJCOC8zOURDRjc1NDQy
RjAxMUVCOEEwOUM3NUFDNEY5QUUwMi9pdW5ONFF2Z3QzOEpHdzA0NjhHV2ZJdkFr
WjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2l1bk40UXZndDM4Skd3MDQ2OEdXZkl2QWtaNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTZCQjgvMzlEQ0Y3NTQ0MkYwMTFFQjhBMDlDNzVBQzRGOUFFMDIvNDkwQ0RBREE0
MkYyMTFFQkIzNEExQTYwQzRGOUFFMDIucm9hMG0GCCsGAQUFBwEHAQH/BF4wXDBC
BAIAATA8AwQCLX3YAwQCZ1ZAAwQAZ10uAwQAZ2JwAwQBZ2JyAwQAZ2y5AwQBZ3SE
AwQBZ470AwQCZ8JoAwQCdMywMBYEAgACMBADBwAgAQ3xX4ADBQAgAQ3/MA0GCSqG
SIb3DQEBCwUAA4IBAQCFdStHLmhBjGUEJE/P6DJCwuSvHtDYQ737cHuny7hz1S7/
YYDAWK3WpH41kP/JErjMEz/LPMak84kdKNMyULMD1PL3QPnLcfYFrdDlQZplh4Jq
8CIvuurQ3WkEpHOjymk7e5ddKsIB6yt5/JfJE0qtOJev9IRfvE45ykGONJmUbmrj
nXKZKkMAR0Nh1aLKut9nhCLdWjd5pUOZd0n/knEclU4w7JZacKcTBFcfrmlG+Kfz
rVNg/JkdAXiQQx/7y0iIsLYC/+mJYsgE66Mf3btnn1dt43tyYcbgMtX5dbR/9EGR
jXjuQOtVyc4p61FFAmaGyCHH+e1Fp13oRUdFZt+d
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:28:16 2026 by rpki-client