Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/4BDAE70EB7A911EF9D4E880CC4F9AE02.roa
File: 4BDAE70EB7A911EF9D4E880CC4F9AE02.roa (raw, json)
Hash identifier: QJ2Et41ySjmnzE4MdkYD7xXGqC9BJjzlZL6AqK+pncY=
Subject key identifier: 59:B9:7F:54:94:71:81:64:BE:17:DE:A0:3E:19:4E:78:5A:82:0D:11
Certificate issuer: /CN=A911ABDD/serialNumber=4287B3332176DB486A2CBC425402FA9C86B6DC48
Certificate serial: 1ECA
Authority key identifier: 42:87:B3:33:21:76:DB:48:6A:2C:BC:42:54:02:FA:9C:86:B6:DC:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QoezMyF220hqLLxCVAL6nIa23Eg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/4BDAE70EB7A911EF9D4E880CC4F9AE02.roa
Signing time: Sun 01 Mar 2026 15:53:23 +0000
ROA not before: Fri 08 Aug 2025 15:52:59 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 23932
IP address blocks: 180.128.0.0/24 maxlen: 24
180.128.1.0/24 maxlen: 24
180.128.2.0/24 maxlen: 24
180.128.3.0/24 maxlen: 24
180.128.4.0/24 maxlen: 24
180.128.5.0/24 maxlen: 24
180.128.6.0/24 maxlen: 24
180.128.7.0/24 maxlen: 24
180.128.8.0/24 maxlen: 24
180.128.9.0/24 maxlen: 24
180.128.10.0/24 maxlen: 24
180.128.11.0/24 maxlen: 24
180.128.12.0/24 maxlen: 24
180.128.13.0/24 maxlen: 24
180.128.14.0/24 maxlen: 24
180.128.15.0/24 maxlen: 24
180.128.16.0/24 maxlen: 24
180.128.17.0/24 maxlen: 24
180.128.18.0/24 maxlen: 24
180.128.19.0/24 maxlen: 24
180.128.20.0/24 maxlen: 24
180.128.21.0/24 maxlen: 24
180.128.22.0/24 maxlen: 24
180.128.23.0/24 maxlen: 24
180.128.24.0/24 maxlen: 24
180.128.25.0/24 maxlen: 24
180.128.26.0/24 maxlen: 24
180.128.27.0/24 maxlen: 24
180.128.28.0/24 maxlen: 24
180.128.29.0/24 maxlen: 24
180.128.30.0/24 maxlen: 24
180.128.31.0/24 maxlen: 24
180.128.240.0/24 maxlen: 24
180.128.241.0/24 maxlen: 24
180.128.242.0/24 maxlen: 24
180.128.243.0/24 maxlen: 24
180.128.244.0/24 maxlen: 24
180.128.245.0/24 maxlen: 24
180.128.246.0/24 maxlen: 24
180.128.247.0/24 maxlen: 24
202.44.52.0/24 maxlen: 24
202.44.53.0/24 maxlen: 24
202.44.54.0/24 maxlen: 24
202.44.55.0/24 maxlen: 24
202.52.4.0/24 maxlen: 24
202.52.5.0/24 maxlen: 24
202.52.6.0/24 maxlen: 24
202.52.7.0/24 maxlen: 24
203.145.112.0/24 maxlen: 24
203.145.113.0/24 maxlen: 24
203.145.114.0/24 maxlen: 24
203.145.115.0/24 maxlen: 24
203.145.116.0/24 maxlen: 24
203.145.117.0/24 maxlen: 24
203.145.118.0/24 maxlen: 24
203.145.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/QoezMyF220hqLLxCVAL6nIa23Eg.crl
rsync://rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/QoezMyF220hqLLxCVAL6nIa23Eg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QoezMyF220hqLLxCVAL6nIa23Eg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 02:36:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7882 (0x1eca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911ABDD, serialNumber=4287B3332176DB486A2CBC425402FA9C86B6DC48
Validity
Not Before: Aug 8 15:52:59 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a460f3-c314
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c6:ed:c7:8a:d2:e9:b8:73:13:2e:ab:44:7e:
8c:e6:76:3a:e9:1c:86:ba:f4:b6:80:f0:b5:54:8d:
91:65:87:cf:76:5f:80:f9:60:3e:5c:91:21:1a:e3:
81:5a:32:59:6d:85:f4:15:6b:91:f3:9d:fb:9e:d7:
05:2c:ba:26:ac:8b:08:6b:8f:31:4b:b5:ba:69:38:
e9:e4:7e:58:96:7b:37:64:8a:97:f7:3c:dc:bc:91:
85:38:fd:92:93:5d:fc:41:93:21:2c:2d:94:14:44:
d5:9d:87:94:20:f2:69:50:ea:44:be:bf:7b:c3:c9:
a0:42:7b:9c:28:db:f5:44:e9:32:32:c2:d1:ca:12:
d8:27:4c:b5:d9:ca:07:a0:36:3b:81:90:c6:f9:37:
eb:24:34:8d:22:b1:6f:e5:40:e8:b4:3c:0b:f5:ca:
c7:3c:67:e4:71:5c:91:dc:73:96:a4:17:3f:6a:a6:
9e:29:36:fe:94:0c:8f:e8:03:e7:3c:10:12:b6:bb:
5f:19:56:43:bf:e5:4b:e3:30:e8:41:5d:61:df:b7:
b3:e3:bd:19:49:0d:ad:18:9f:9e:b1:29:77:00:fc:
68:11:a4:47:3e:27:36:1b:c9:3e:eb:ef:92:94:9a:
40:5c:ae:a6:a1:35:c9:cf:99:b3:34:21:eb:9a:a0:
3f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:B9:7F:54:94:71:81:64:BE:17:DE:A0:3E:19:4E:78:5A:82:0D:11
X509v3 Authority Key Identifier:
keyid:42:87:B3:33:21:76:DB:48:6A:2C:BC:42:54:02:FA:9C:86:B6:DC:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/QoezMyF220hqLLxCVAL6nIa23Eg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QoezMyF220hqLLxCVAL6nIa23Eg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/4BDAE70EB7A911EF9D4E880CC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
180.128.0.0/19
180.128.240.0/21
202.44.52.0/22
202.52.4.0/22
203.145.112.0/21
Signature Algorithm: sha256WithRSAEncryption
d0:1a:fc:fc:56:26:ac:2d:ad:e0:56:d9:93:c0:17:53:c3:13:
32:33:13:62:e4:05:ca:c6:3a:71:07:8e:0c:03:42:ff:fa:63:
ac:61:12:d4:a0:cf:bf:b1:b1:55:33:be:76:de:87:80:e8:96:
9c:9d:03:d5:a7:85:da:a1:11:0a:7f:57:bc:9e:57:f0:5b:e2:
2f:e7:93:2a:b9:ac:78:c2:f5:bb:7d:7e:a0:ce:f8:4a:06:d9:
5e:35:67:3f:9b:62:85:c7:32:e7:e1:00:3b:f0:92:f1:86:81:
ab:69:c2:9a:f7:b0:f9:7a:7e:bc:f2:ef:6d:c4:36:7e:e8:15:
10:b3:c7:e8:4e:22:00:e7:76:bd:2a:88:5c:e0:64:1b:83:c9:
bd:68:95:ad:ae:ef:cf:81:d1:0e:c5:0b:4d:7f:d0:eb:9c:15:
1a:1a:4a:b4:22:8a:10:48:84:7d:fa:5c:df:35:25:2c:26:b5:
63:8b:3e:ef:0a:04:7a:ad:88:05:24:e4:d0:dc:76:76:70:6e:
70:86:fb:61:e4:1c:4b:de:17:4d:87:80:0c:4f:c3:d6:cb:1c:
a2:c5:43:06:32:14:2d:57:30:9d:5b:b2:42:ab:21:0d:6f:03:
e6:41:8f:da:31:4a:c9:e6:64:45:e5:8e:8f:f4:a3:3c:13:e5:
dc:0b:52:0e
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgICHsowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUFCREQxMTAvBgNVBAUTKDQyODdCMzMzMjE3NkRCNDg2QTJDQkM0MjU0MDJGQTlD
ODZCNkRDNDgwHhcNMjUwODA4MTU1MjU5WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NjBmMy1jMzE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApcbtx4rS6bhzEy6rRH6M5nY66RyGuvS2gPC1VI2RZYfPdl+A+WA+XJEhGuOB
WjJZbYX0FWuR8537ntcFLLomrIsIa48xS7W6aTjp5H5Ylns3ZIqX9zzcvJGFOP2S
k138QZMhLC2UFETVnYeUIPJpUOpEvr97w8mgQnucKNv1ROkyMsLRyhLYJ0y12coH
oDY7gZDG+TfrJDSNIrFv5UDotDwL9crHPGfkcVyR3HOWpBc/aqaeKTb+lAyP6APn
PBAStrtfGVZDv+VL4zDoQV1h37ez470ZSQ2tGJ+esSl3APxoEaRHPic2G8k+6++S
lJpAXK6moTXJz5mzNCHrmqA/WwIDAQABo4ICeDCCAnQwHQYDVR0OBBYEFFm5f1SU
cYFkvhfeoD4ZTnhagg0RMB8GA1UdIwQYMBaAFEKHszMhdttIaiy8QlQC+pyGttxI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQUJERC8zQUUwMDRCNEQ3
NzgxMUU0QjM3NzhCNzJDNEY5QUUwMi9Rb2V6TXlGMjIwaHFMTHhDVkFMNm5JYTIz
RWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FvZXpNeUYyMjBocUxMeENWQUw2bklhMjNFZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUFCREQvM0FFMDA0QjRENzc4MTFFNEIzNzc4QjcyQzRGOUFFMDIvNEJEQUU3MEVC
N0E5MTFFRjlENEU4ODBDQzRGOUFFMDIucm9hMDcGCCsGAQUFBwEHAQH/BCgwJjAk
BAIAATAeAwQFtIAAAwQDtIDwAwQCyiw0AwQCyjQEAwQDy5FwMA0GCSqGSIb3DQEB
CwUAA4IBAQDQGvz8ViasLa3gVtmTwBdTwxMyMxNi5AXKxjpxB44MA0L/+mOsYRLU
oM+/sbFVM7523oeA6JacnQPVp4XaoREKf1e8nlfwW+Iv55Mquax4wvW7fX6gzvhK
BtleNWc/m2KFxzLn4QA78JLxhoGracKa97D5en688u9txDZ+6BUQs8foTiIA53a9
Kohc4GQbg8m9aJWtru/PgdEOxQtNf9DrnBUaGkq0IooQSIR9+lzfNSUsJrVjiz7v
CgR6rYgFJOTQ3HZ2cG5whvth5BxL3hdNh4AMT8PWyxyixUMGMhQtVzCdW7JCqyEN
bwPmQY/aMUrJ5mRF5Y6P9KM8E+XcC1IO
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:28:08 2026 by rpki-client