Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/CB304C36307111EDB0CBD946C4F9AE02.roa
File: CB304C36307111EDB0CBD946C4F9AE02.roa (raw, json)
Hash identifier: ODIX3oDpfnNWOwtgKPini7l1bVtlb/9n+o+dXisnTbg=
Subject key identifier: 7A:B8:F7:DC:4A:5F:DC:9F:55:28:F5:85:36:B2:0B:5F:45:27:C4:04
Certificate issuer: /CN=A911CA82/serialNumber=D2A0871BCD8376C11A8F049A39855AFCDB183064
Certificate serial: 06B9
Authority key identifier: D2:A0:87:1B:CD:83:76:C1:1A:8F:04:9A:39:85:5A:FC:DB:18:30:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0qCHG82DdsEajwSaOYVa_NsYMGQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/CB304C36307111EDB0CBD946C4F9AE02.roa
Signing time: Sun 01 Mar 2026 16:36:11 +0000
ROA not before: Wed 17 Dec 2025 09:05:19 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 139628
IP address blocks: 43.255.114.0/23 maxlen: 24
45.120.132.0/22 maxlen: 22
45.120.132.0/24 maxlen: 24
45.120.133.0/24 maxlen: 24
45.120.134.0/24 maxlen: 24
45.120.135.0/24 maxlen: 24
103.20.80.0/22 maxlen: 22
103.20.80.0/24 maxlen: 24
103.20.81.0/24 maxlen: 24
103.20.82.0/24 maxlen: 24
103.20.83.0/24 maxlen: 24
103.106.204.0/22 maxlen: 22
103.106.204.0/24 maxlen: 24
103.106.205.0/24 maxlen: 24
103.106.206.0/24 maxlen: 24
103.106.207.0/24 maxlen: 24
103.119.96.0/22 maxlen: 22
103.119.96.0/24 maxlen: 24
103.119.97.0/24 maxlen: 24
103.119.98.0/24 maxlen: 24
103.119.99.0/24 maxlen: 24
103.136.176.0/22 maxlen: 22
103.136.176.0/24 maxlen: 24
103.136.177.0/24 maxlen: 24
103.136.178.0/24 maxlen: 24
103.136.179.0/24 maxlen: 24
103.142.208.0/23 maxlen: 23
103.142.208.0/24 maxlen: 24
103.142.209.0/24 maxlen: 24
103.147.234.0/23 maxlen: 24
103.152.194.0/23 maxlen: 24
111.67.96.0/22 maxlen: 22
111.67.96.0/24 maxlen: 24
111.67.97.0/24 maxlen: 24
111.67.98.0/24 maxlen: 24
111.67.99.0/24 maxlen: 24
111.67.100.0/22 maxlen: 22
111.67.100.0/24 maxlen: 24
111.67.101.0/24 maxlen: 24
111.67.102.0/24 maxlen: 24
111.67.103.0/24 maxlen: 24
115.178.24.0/23 maxlen: 23
115.178.24.0/24 maxlen: 24
115.178.25.0/24 maxlen: 24
124.108.4.0/22 maxlen: 22
124.108.4.0/24 maxlen: 24
124.108.5.0/24 maxlen: 24
124.108.6.0/24 maxlen: 24
124.108.7.0/24 maxlen: 24
150.129.20.0/22 maxlen: 22
150.129.20.0/24 maxlen: 24
150.129.21.0/24 maxlen: 24
150.129.22.0/24 maxlen: 24
150.129.23.0/24 maxlen: 24
202.58.16.0/23 maxlen: 23
202.58.16.0/24 maxlen: 24
202.58.17.0/24 maxlen: 24
202.58.18.0/23 maxlen: 23
202.58.18.0/24 maxlen: 24
202.58.19.0/24 maxlen: 24
203.80.170.0/23 maxlen: 23
203.80.170.0/24 maxlen: 24
203.80.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/0qCHG82DdsEajwSaOYVa_NsYMGQ.crl
rsync://rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/0qCHG82DdsEajwSaOYVa_NsYMGQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0qCHG82DdsEajwSaOYVa_NsYMGQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 23:24:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1721 (0x6b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911CA82, serialNumber=D2A0871BCD8376C11A8F049A39855AFCDB183064
Validity
Not Before: Dec 17 09:05:19 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=69a46afb-9ec1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d3:cf:48:a9:a6:9f:86:6c:60:fb:cb:3a:63:
8d:a6:44:bb:11:b0:36:9a:24:2e:18:b0:ef:9a:d9:
da:0e:52:94:0c:a8:d5:39:34:b2:76:71:de:1f:9b:
1e:39:98:d8:4f:53:06:88:cf:ff:39:b5:6c:95:a1:
e0:f8:33:ae:e4:10:54:de:23:26:3a:fe:c8:93:2e:
12:4a:21:df:35:1d:0d:e7:c6:ab:d2:59:77:35:ef:
f1:a7:79:e7:db:b1:e4:78:92:1f:de:a6:b3:6a:9f:
64:a3:a1:e0:97:a1:c2:e4:4d:8a:1f:a5:58:91:c9:
a2:ce:67:31:52:87:b5:43:3f:56:e8:c2:07:0c:62:
9f:89:f7:86:6a:9d:5c:e3:6a:86:f3:70:cc:a4:9e:
6a:bc:28:1a:21:d0:58:8b:55:9a:82:8e:61:c4:5f:
a3:26:bd:af:d1:99:14:89:12:6d:52:c0:db:95:2b:
ee:aa:3e:7b:60:88:7f:05:c7:17:c9:f4:63:38:27:
51:09:7d:a8:28:5a:4e:fa:d5:3a:48:57:8b:02:3d:
9d:8e:37:6d:42:db:47:03:40:80:69:dd:51:5f:55:
63:05:d4:de:0b:3d:d5:f2:75:a6:ec:98:33:9b:74:
98:91:43:a1:bf:46:35:00:84:9c:98:b3:0f:d7:3d:
f8:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:B8:F7:DC:4A:5F:DC:9F:55:28:F5:85:36:B2:0B:5F:45:27:C4:04
X509v3 Authority Key Identifier:
keyid:D2:A0:87:1B:CD:83:76:C1:1A:8F:04:9A:39:85:5A:FC:DB:18:30:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/0qCHG82DdsEajwSaOYVa_NsYMGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0qCHG82DdsEajwSaOYVa_NsYMGQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/CB304C36307111EDB0CBD946C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.255.114.0/23
45.120.132.0/22
103.20.80.0/22
103.106.204.0/22
103.119.96.0/22
103.136.176.0/22
103.142.208.0/23
103.147.234.0/23
103.152.194.0/23
111.67.96.0/21
115.178.24.0/23
124.108.4.0/22
150.129.20.0/22
202.58.16.0/22
203.80.170.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:8a:a5:4b:e1:7c:21:76:ea:cc:a9:cf:2a:ae:7b:2e:21:2f:
db:25:17:ec:ec:a2:a6:4e:32:76:07:99:1e:1f:17:db:e8:d6:
8b:c3:51:0b:bb:0a:f5:94:db:d3:bb:fd:99:31:b2:52:a2:7e:
fa:e9:83:16:92:65:4e:0e:ef:1a:bd:3b:b2:4d:00:5b:bc:88:
5d:cb:eb:be:b4:d6:78:37:3f:32:74:e0:25:53:4f:c0:d7:10:
ba:a7:ed:d4:25:85:80:e4:90:c9:52:a7:2b:db:35:e5:a8:7e:
33:77:6c:8d:d5:81:78:c2:9a:55:1e:cd:e6:64:40:2f:ba:d6:
6f:66:ef:85:be:0d:88:ca:44:7e:c9:ac:d3:39:72:f7:60:de:
c4:31:94:c7:17:d7:3c:84:25:04:4e:36:8c:4d:2b:45:30:a3:
8e:dd:bd:22:b4:f7:56:ea:db:ab:38:ff:43:14:75:fe:b5:40:
03:33:64:e5:92:eb:f7:02:33:d7:26:31:c8:6c:c0:13:41:2d:
c3:e8:6c:5e:41:75:7f:3b:57:58:35:74:96:7d:a9:c3:9c:1e:
ca:6d:36:28:eb:c6:c7:1d:b7:58:dc:0e:3f:0b:ee:1c:39:c4:
fb:e2:83:ae:22:ef:72:9d:41:3e:2f:33:94:68:33:7f:d1:9b:
f4:79:e4:38
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgICBrkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUNBODIxMTAvBgNVBAUTKEQyQTA4NzFCQ0Q4Mzc2QzExQThGMDQ5QTM5ODU1QUZD
REIxODMwNjQwHhcNMjUxMjE3MDkwNTE5WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NmFmYi05ZWMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxtPPSKmmn4ZsYPvLOmONpkS7EbA2miQuGLDvmtnaDlKUDKjVOTSydnHeH5se
OZjYT1MGiM//ObVslaHg+DOu5BBU3iMmOv7Iky4SSiHfNR0N58ar0ll3Ne/xp3nn
27HkeJIf3qazap9ko6Hgl6HC5E2KH6VYkcmizmcxUoe1Qz9W6MIHDGKfifeGap1c
42qG83DMpJ5qvCgaIdBYi1Wago5hxF+jJr2v0ZkUiRJtUsDblSvuqj57YIh/BccX
yfRjOCdRCX2oKFpO+tU6SFeLAj2djjdtQttHA0CAad1RX1VjBdTeCz3V8nWm7Jgz
m3SYkUOhv0Y1AIScmLMP1z34UwIDAQABo4ICtDCCArAwHQYDVR0OBBYEFHq499xK
X9yfVSj1hTayC19FJ8QEMB8GA1UdIwQYMBaAFNKghxvNg3bBGo8EmjmFWvzbGDBk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0E4Mi8wQkVCMzc1QUJF
NDQxMUVCQUUzRDQzNDhDNEY5QUUwMi8wcUNIRzgyRGRzRWFqd1NhT1lWYV9Oc1lN
R1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBxQ0hHODJEZHNFYWp3U2FPWVZhX05zWU1HUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUNBODIvMEJFQjM3NUFCRTQ0MTFFQkFFM0Q0MzQ4QzRGOUFFMDIvQ0IzMDRDMzYz
MDcxMTFFREIwQ0JEOTQ2QzRGOUFFMDIucm9hMHMGCCsGAQUFBwEHAQH/BGQwYjBg
BAIAATBaAwQBK/9yAwQCLXiEAwQCZxRQAwQCZ2rMAwQCZ3dgAwQCZ4iwAwQBZ47Q
AwQBZ5PqAwQBZ5jCAwQDb0NgAwQBc7IYAwQCfGwEAwQCloEUAwQCyjoQAwQBy1Cq
MA0GCSqGSIb3DQEBCwUAA4IBAQCpiqVL4XwhdurMqc8qrnsuIS/bJRfs7KKmTjJ2
B5keHxfb6NaLw1ELuwr1lNvTu/2ZMbJSon766YMWkmVODu8avTuyTQBbvIhdy+u+
tNZ4Nz8ydOAlU0/A1xC6p+3UJYWA5JDJUqcr2zXlqH4zd2yN1YF4wppVHs3mZEAv
utZvZu+Fvg2IykR+yazTOXL3YN7EMZTHF9c8hCUETjaMTStFMKOO3b0itPdW6tur
OP9DFHX+tUADM2Tlkuv3AjPXJjHIbMATQS3D6GxeQXV/O1dYNXSWfanDnB7KbTYo
68bHHbdY3A4/C+4cOcT74oOuIu9ynUE+LzOUaDN/0Zv0eeQ4
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:48:28 2026 by rpki-client