Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/70A511E6ECD111F09C92E5176E6F56BC.roa
File: 70A511E6ECD111F09C92E5176E6F56BC.roa (raw, json)
Hash identifier: yCJGiXMVC5eipDKuaZkcOuPc4ByW5ib3bNpfuOy5Wis=
Subject key identifier: 6D:BD:F7:21:28:ED:B6:EC:3F:E3:6B:CE:83:7A:B1:61:50:FF:5A:41
Certificate issuer: /CN=A911D3F3/serialNumber=317C307FFC6ECB6CF656F26B8282FFB9E62F9365
Certificate serial: 06B8
Authority key identifier: 31:7C:30:7F:FC:6E:CB:6C:F6:56:F2:6B:82:82:FF:B9:E6:2F:93:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/70A511E6ECD111F09C92E5176E6F56BC.roa
Signing time: Sun 01 Mar 2026 18:40:58 +0000
ROA not before: Thu 08 Jan 2026 21:15:23 +0000
ROA not after: Wed 30 Dec 2026 00:00:00 +0000
asID: 63956
IP address blocks: 45.112.244.0/22 maxlen: 24
103.20.17.0/24 maxlen: 24
103.21.108.0/24 maxlen: 24
103.52.116.0/22 maxlen: 24
103.97.52.0/22 maxlen: 22
103.97.52.0/24 maxlen: 24
103.97.53.0/24 maxlen: 24
103.97.54.0/24 maxlen: 24
103.97.55.0/24 maxlen: 24
103.225.96.0/24 maxlen: 24
202.46.160.0/20 maxlen: 24
202.58.32.0/19 maxlen: 24
202.59.32.0/19 maxlen: 24
203.12.129.0/24 maxlen: 24
203.18.194.0/24 maxlen: 24
203.209.192.0/19 maxlen: 24
203.210.102.0/24 maxlen: 24
2402:1b80::/32 maxlen: 36
2402:1b80::/40 maxlen: 40
2402:1b80:10::/48 maxlen: 48
2402:1b80:11::/48 maxlen: 48
2402:1b80:14::/48 maxlen: 48
2402:1b80:103::/48 maxlen: 48
2402:1b80:104::/48 maxlen: 48
2402:1b80:106::/48 maxlen: 48
2402:1b80:203::/48 maxlen: 48
2402:1b80:204::/48 maxlen: 48
2402:1b80:206::/48 maxlen: 48
2402:1b80:300::/40 maxlen: 40
2402:1b80:304::/48 maxlen: 48
2402:1b80:306::/48 maxlen: 48
2402:1b80:403::/48 maxlen: 48
2402:1b80:600::/40 maxlen: 40
2402:1b80:3000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.crl
rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 03:06:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1720 (0x6b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D3F3, serialNumber=317C307FFC6ECB6CF656F26B8282FFB9E62F9365
Validity
Not Before: Jan 8 21:15:23 2026 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=69a4883a-ea04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:48:83:cf:a7:4e:f3:24:cb:c7:95:03:90:6b:
b4:93:7c:05:c1:29:45:af:5e:10:4b:59:96:8b:e0:
07:33:52:06:d5:54:40:a5:85:7e:f7:4c:71:71:86:
63:28:b2:96:89:42:26:90:da:5a:a3:35:71:47:68:
1e:72:f5:0d:74:f8:82:59:e0:ce:a5:c3:33:01:dc:
f1:31:ed:e7:90:9e:ed:94:a5:df:5e:69:91:8b:70:
95:aa:cc:9a:1e:2e:d0:57:c6:10:d0:b3:c0:1f:4a:
e0:d2:21:82:e8:d3:94:f5:3c:50:84:c6:5b:cd:97:
e3:e2:da:da:2d:27:e2:9f:37:3c:86:b6:89:56:14:
9f:52:ed:8f:58:06:e3:b3:47:a5:9c:39:3f:50:67:
12:f4:48:e5:a4:d6:e7:9f:d2:0f:2e:ff:5a:60:40:
5f:95:14:a1:ad:25:06:ad:a9:60:70:d6:41:9c:23:
a2:4f:49:9d:78:1b:85:18:3a:f0:b0:a8:63:5f:c5:
a7:32:f2:6d:40:d5:83:e5:62:41:d8:9f:7c:6b:f2:
34:3d:f0:2d:b1:0c:cd:32:4d:b9:09:9c:c2:69:77:
a8:ea:9e:83:08:f9:7d:e1:bb:9d:db:46:42:dc:12:
cd:d5:8b:81:6e:27:b0:33:db:ab:32:c0:e5:ef:3a:
93:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:BD:F7:21:28:ED:B6:EC:3F:E3:6B:CE:83:7A:B1:61:50:FF:5A:41
X509v3 Authority Key Identifier:
keyid:31:7C:30:7F:FC:6E:CB:6C:F6:56:F2:6B:82:82:FF:B9:E6:2F:93:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/70A511E6ECD111F09C92E5176E6F56BC.roa
sbgp-ipAddrBlock: critical
IPv4:
45.112.244.0/22
103.20.17.0/24
103.21.108.0/24
103.52.116.0/22
103.97.52.0/22
103.225.96.0/24
202.46.160.0/20
202.58.32.0/19
202.59.32.0/19
203.12.129.0/24
203.18.194.0/24
203.209.192.0/19
203.210.102.0/24
IPv6:
2402:1b80::/32
Signature Algorithm: sha256WithRSAEncryption
c1:ab:d3:51:ba:d1:60:51:44:2e:bb:86:8d:ef:89:32:59:4f:
16:b4:ed:58:f5:9f:2f:bc:b9:50:d3:04:dd:34:e0:1b:8d:b4:
59:97:c5:08:26:2e:48:d7:62:c6:0f:a9:83:86:47:46:94:9b:
e1:e5:61:9f:68:f3:cc:ea:38:d8:a0:71:cc:a5:84:43:b7:48:
12:a9:9d:5a:ae:55:56:9b:5d:2e:d6:ee:cf:aa:1b:50:6d:7e:
e1:b9:f5:49:ba:58:5d:92:0a:50:15:c0:be:31:d3:d7:4d:4c:
d7:95:28:c6:a7:fb:c6:80:48:18:4e:79:b7:96:d5:01:57:7a:
2f:52:e5:be:15:fc:0b:02:35:0b:cb:b1:87:06:08:20:7e:b1:
64:f4:23:b6:13:a4:e9:1f:dd:52:e6:3f:a8:95:0d:63:e2:3b:
b9:f3:3e:a9:77:fb:2e:b4:72:b8:45:25:0a:c2:9c:11:c8:61:
ab:9f:22:0f:13:a7:7e:9a:e7:7c:a8:1e:f8:79:5d:c8:62:61:
2a:4b:7b:00:06:c9:e1:a5:20:2b:ee:65:1c:32:fc:f4:26:47:
ee:b5:c1:fd:5a:8a:13:da:fa:a9:aa:6d:40:31:b9:bf:4b:e9:
21:8f:17:55:9e:e8:e0:d1:5c:f2:98:84:0f:1f:72:8d:12:4a:
94:1c:fd:63
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICBrgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQzRjMxMTAvBgNVBAUTKDMxN0MzMDdGRkM2RUNCNkNGNjU2RjI2QjgyODJGRkI5
RTYyRjkzNjUwHhcNMjYwMTA4MjExNTIzWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODgzYS1lYTA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlEiDz6dO8yTLx5UDkGu0k3wFwSlFr14QS1mWi+AHM1IG1VRApYV+90xxcYZj
KLKWiUImkNpaozVxR2gecvUNdPiCWeDOpcMzAdzxMe3nkJ7tlKXfXmmRi3CVqsya
Hi7QV8YQ0LPAH0rg0iGC6NOU9TxQhMZbzZfj4traLSfinzc8hraJVhSfUu2PWAbj
s0elnDk/UGcS9EjlpNbnn9IPLv9aYEBflRShrSUGralgcNZBnCOiT0mdeBuFGDrw
sKhjX8WnMvJtQNWD5WJB2J98a/I0PfAtsQzNMk25CZzCaXeo6p6DCPl94bud20ZC
3BLN1YuBbiewM9urMsDl7zqTsQIDAQABo4ICtzCCArMwHQYDVR0OBBYEFG299yEo
7bbsP+NrzoN6sWFQ/1pBMB8GA1UdIwQYMBaAFDF8MH/8bsts9lbya4KC/7nmL5Nl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDNGMy9CMjU0NDgxQUNB
MzQxMUVCOEM5MEQ5NDFDNEY5QUUwMi9NWHd3Zl94dXkyejJWdkpyZ29MX3VlWXZr
MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01Yd3dmX3h1eTJ6MlZ2SnJnb0xfdWVZdmsyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQzRjMvQjI1NDQ4MUFDQTM0MTFFQjhDOTBEOTQxQzRGOUFFMDIvNzBBNTExRTZF
Q0QxMTFGMDlDOTJFNTE3NkU2RjU2QkMucm9hMHYGCCsGAQUFBwEHAQH/BGcwZTBU
BAIAATBOAwQCLXD0AwQAZxQRAwQAZxVsAwQCZzR0AwQCZ2E0AwQAZ+FgAwQEyi6g
AwQFyjogAwQFyjsgAwQAywyBAwQAyxLCAwQFy9HAAwQAy9JmMA0EAgACMAcDBQAk
AhuAMA0GCSqGSIb3DQEBCwUAA4IBAQDBq9NRutFgUUQuu4aN74kyWU8WtO1Y9Z8v
vLlQ0wTdNOAbjbRZl8UIJi5I12LGD6mDhkdGlJvh5WGfaPPM6jjYoHHMpYRDt0gS
qZ1arlVWm10u1u7PqhtQbX7hufVJulhdkgpQFcC+MdPXTUzXlSjGp/vGgEgYTnm3
ltUBV3ovUuW+FfwLAjULy7GHBgggfrFk9CO2E6TpH91S5j+olQ1j4ju58z6pd/su
tHK4RSUKwpwRyGGrnyIPE6d+mud8qB74eV3IYmEqS3sABsnhpSAr7mUcMvz0Jkfu
tcH9WooT2vqpqm1AMbm/S+khjxdVnujg0VzymIQPH3KNEkqUHP1j
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:35:25 2026 by rpki-client