Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/0D341A3005A911F19E018F8D063D8C67.roa
File: 0D341A3005A911F19E018F8D063D8C67.roa (raw, json)
Hash identifier: y4m6yYrzdqqRXHW2Z2qtJIcDrcsI0TGTykZNYjDl5pA=
Subject key identifier: 53:71:EB:29:22:51:01:F1:36:AE:48:25:32:B6:4C:7E:5D:BE:B5:1A
Certificate issuer: /CN=A911D75C/serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
Certificate serial: 0D99
Authority key identifier: 1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/0D341A3005A911F19E018F8D063D8C67.roa
Signing time: Sun 01 Mar 2026 18:32:09 +0000
ROA not before: Mon 09 Feb 2026 11:18:25 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 134371
IP address blocks: 103.62.140.0/22 maxlen: 24
202.136.88.0/22 maxlen: 24
2400:3dc0::/32 maxlen: 32
2400:3dc0::/36 maxlen: 36
2400:3dc0::/44 maxlen: 48
2400:3dc0:10::/44 maxlen: 48
2400:3dc0:2e::/48 maxlen: 48
2400:3dc0:2f::/48 maxlen: 48
2400:3dc0:3e::/48 maxlen: 48
2400:3dc0:3f::/48 maxlen: 48
2400:3dc0:40::/44 maxlen: 47
2400:3dc0:40::/48 maxlen: 48
2400:3dc0:43::/48 maxlen: 48
2400:3dc0:45::/48 maxlen: 48
2400:3dc0:46::/48 maxlen: 48
2400:3dc0:49::/48 maxlen: 48
2400:3dc0:4a::/47 maxlen: 48
2400:3dc0:4c::/48 maxlen: 48
2400:3dc0:50::/44 maxlen: 47
2400:3dc0:56::/47 maxlen: 48
2400:3dc0:58::/48 maxlen: 48
2400:3dc0:5a::/47 maxlen: 48
2400:3dc0:60::/44 maxlen: 47
2400:3dc0:60::/47 maxlen: 48
2400:3dc0:68::/47 maxlen: 48
2400:3dc0:6a::/48 maxlen: 48
2400:3dc0:6c::/48 maxlen: 48
2400:3dc0:6e::/47 maxlen: 48
2400:3dc0:7b::/48 maxlen: 48
2400:3dc0:89::/48 maxlen: 48
2400:3dc0:100::/48 maxlen: 48
2400:3dc0:101::/48 maxlen: 48
2400:3dc0:140::/48 maxlen: 48
2400:3dc0:200::/48 maxlen: 48
2400:3dc0:201::/48 maxlen: 48
2400:3dc0:300::/48 maxlen: 48
2400:3dc0:400::/48 maxlen: 48
2400:3dc0:500::/48 maxlen: 48
2400:3dc0:600::/48 maxlen: 48
2400:3dc0:700::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.crl
rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 02:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3481 (0xd99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D75C, serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
Validity
Not Before: Feb 9 11:18:25 2026 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=69a48629-b1f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:37:e7:07:b7:31:6f:a3:b4:4f:43:73:15:a9:
4b:3f:eb:8a:4c:88:b9:1a:79:9d:8d:fa:56:bf:5b:
53:09:6c:31:8d:32:b4:2b:00:85:24:9a:eb:cc:de:
f3:d8:5e:35:f6:80:ce:9e:7d:2e:6d:f9:87:25:ba:
e3:76:c0:7c:fc:00:ec:39:4e:ac:0e:44:5b:4c:84:
64:5e:74:91:df:25:e2:19:a7:29:35:f4:31:4d:34:
09:1c:10:19:16:71:5c:75:15:fd:96:71:95:89:b3:
58:a9:e9:57:7b:87:9a:30:ae:ff:64:0a:c5:d0:42:
93:07:64:4c:7b:81:7a:ef:b4:d9:12:5d:4e:10:ee:
6f:e4:56:13:9d:5c:0e:4d:7b:96:0d:88:70:62:a2:
0d:61:24:1e:ba:66:6e:6c:6c:f6:53:98:eb:4c:bb:
1e:33:a8:b3:41:1c:d2:90:7f:b8:1a:fc:13:f2:2c:
24:8b:dd:20:6c:0e:01:37:0a:31:5b:aa:6a:4a:10:
53:a9:f9:be:67:78:d3:5d:9b:f1:e0:21:36:97:f7:
8d:e0:49:8a:1a:cc:2f:12:28:65:8b:b1:b2:cf:2f:
8d:a1:6d:21:b0:41:7c:c0:26:d0:d1:75:11:76:27:
67:7b:89:81:05:9f:1f:30:4d:07:91:f0:b6:8e:44:
37:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:71:EB:29:22:51:01:F1:36:AE:48:25:32:B6:4C:7E:5D:BE:B5:1A
X509v3 Authority Key Identifier:
keyid:1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/0D341A3005A911F19E018F8D063D8C67.roa
sbgp-ipAddrBlock: critical
IPv4:
103.62.140.0/22
202.136.88.0/22
IPv6:
2400:3dc0::/32
Signature Algorithm: sha256WithRSAEncryption
0d:06:42:9c:08:80:a4:92:0d:9e:86:a3:b3:0f:99:f2:c2:ed:
c7:5c:62:69:98:80:59:4b:69:60:3e:5e:66:23:25:2c:08:e2:
52:df:cd:3a:63:59:36:c1:4c:28:29:5b:71:2c:1b:60:f0:09:
05:00:b7:26:70:73:2b:ff:fa:f7:72:26:a7:03:7d:62:95:1a:
f2:6e:85:7e:ab:6b:ea:a1:32:27:15:d4:f4:7e:1d:76:98:9a:
40:b3:25:a9:e2:b5:ff:5b:89:2c:fc:02:1a:3d:5e:ac:32:41:
a0:85:26:95:db:33:bf:3a:46:17:35:45:91:ef:e5:c5:d3:d9:
96:1e:b9:e8:12:38:a8:27:55:cc:a2:e5:43:85:19:fa:0c:7f:
22:10:6d:2b:b3:2f:7b:c1:4c:5a:3f:34:ef:d6:ce:3a:04:7d:
de:eb:6f:13:28:20:43:ff:81:6b:6d:98:36:df:4e:2c:79:8e:
c9:28:2e:e6:7b:f5:b1:44:8c:90:5e:ae:fa:cd:b1:1b:af:ed:
82:85:3e:55:b5:e2:17:e9:50:cd:13:58:e7:c9:12:db:9c:18:
63:cb:7c:01:ec:a1:31:8f:99:c7:4f:f8:8d:ef:3a:65:be:40:
df:fc:eb:b1:c0:f4:0b:69:4d:88:5d:a6:8c:6f:09:cc:1a:c3:
de:09:44:6f
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgICDZkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ3NUMxMTAvBgNVBAUTKDFBMUE0MEFEOTNBNEE0MzA3RUQ3MjY0RDQ3RDI1MkNB
RjYyREVGRkQwHhcNMjYwMjA5MTExODI1WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODYyOS1iMWY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAjTfnB7cxb6O0T0NzFalLP+uKTIi5GnmdjfpWv1tTCWwxjTK0KwCFJJrrzN7z
2F419oDOnn0ubfmHJbrjdsB8/ADsOU6sDkRbTIRkXnSR3yXiGacpNfQxTTQJHBAZ
FnFcdRX9lnGVibNYqelXe4eaMK7/ZArF0EKTB2RMe4F677TZEl1OEO5v5FYTnVwO
TXuWDYhwYqINYSQeumZubGz2U5jrTLseM6izQRzSkH+4GvwT8iwki90gbA4BNwox
W6pqShBTqfm+Z3jTXZvx4CE2l/eN4EmKGswvEihli7Gyzy+NoW0hsEF8wCbQ0XUR
didne4mBBZ8fME0HkfC2jkQ3nwIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFFNx6yki
UQHxNq5IJTK2TH5dvrUaMB8GA1UdIwQYMBaAFBoaQK2TpKQwftcmTUfSUsr2Le/9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDc1Qy8yQkM1RkQ0MDA2
QzAxMUVBQkM0M0I3MDlDNEY5QUUwMi9HaHBBclpPa3BEQi0xeVpOUjlKU3l2WXQ3
XzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0docEFyWk9rcERCLTF5Wk5SOUpTeXZZdDdfMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQ3NUMvMkJDNUZENDAwNkMwMTFFQUJDNDNCNzA5QzRGOUFFMDIvMEQzNDFBMzAw
NUE5MTFGMTlFMDE4RjhEMDYzRDhDNjcucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS
BAIAATAMAwQCZz6MAwQCyohYMA0EAgACMAcDBQAkAD3AMA0GCSqGSIb3DQEBCwUA
A4IBAQANBkKcCICkkg2ehqOzD5nywu3HXGJpmIBZS2lgPl5mIyUsCOJS3806Y1k2
wUwoKVtxLBtg8AkFALcmcHMr//r3cianA31ilRryboV+q2vqoTInFdT0fh12mJpA
syWp4rX/W4ks/AIaPV6sMkGghSaV2zO/OkYXNUWR7+XF09mWHrnoEjioJ1XMouVD
hRn6DH8iEG0rsy97wUxaPzTv1s46BH3e628TKCBD/4FrbZg2304seY7JKC7me/Wx
RIyQXq76zbEbr+2ChT5VteIX6VDNE1jnyRLbnBhjy3wB7KExj5nHT/iN7zplvkDf
/OuxwPQLaU2IXaaMbwnMGsPeCURv
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:53:48 2026 by rpki-client