Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D834/DFBA50B81D8D11E2824DEDEB08B02CD2/F62323DEB97911F0A728D041C4F9AE02.roa
File: F62323DEB97911F0A728D041C4F9AE02.roa (raw, json)
Hash identifier: VYA799jHHyf/EZwQx98vKIoBtcAMfoZki4v45ia4iow=
Subject key identifier: F3:AE:6A:E7:AA:AC:8F:2F:DC:13:E6:E0:50:0B:12:2A:AE:79:2F:26
Certificate issuer: /CN=A911D834/serialNumber=FDB2754D950630EB11DF84E2855CAAB7D1626F80
Certificate serial: 357A
Authority key identifier: FD:B2:75:4D:95:06:30:EB:11:DF:84:E2:85:5C:AA:B7:D1:62:6F:80
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_bJ1TZUGMOsR34TihVyqt9Fib4A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D834/DFBA50B81D8D11E2824DEDEB08B02CD2/F62323DEB97911F0A728D041C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:12:00 +0000
ROA not before: Tue 04 Nov 2025 12:29:52 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 4007
IP address blocks: 103.232.152.0/22 maxlen: 24
103.235.196.0/22 maxlen: 24
110.34.0.0/19 maxlen: 24
116.66.192.0/21 maxlen: 24
163.47.148.0/22 maxlen: 22
163.47.148.0/24 maxlen: 24
163.47.149.0/24 maxlen: 24
163.47.150.0/24 maxlen: 24
163.47.151.0/24 maxlen: 24
163.53.24.0/23 maxlen: 23
163.53.24.0/24 maxlen: 24
163.53.25.0/24 maxlen: 24
182.93.64.0/19 maxlen: 24
202.51.80.0/24 maxlen: 24
202.51.88.0/23 maxlen: 24
202.51.92.0/24 maxlen: 24
202.51.93.0/24 maxlen: 24
202.63.240.0/21 maxlen: 24
2403:3800::/32 maxlen: 40
2403:3800:8::/48 maxlen: 48
2403:3800:600::/48 maxlen: 48
2403:3800:700::/48 maxlen: 48
2403:3800:820::/48 maxlen: 48
2403:3800:1200::/44 maxlen: 44
2403:3800:1210::/44 maxlen: 44
2403:3800:1220::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D834/DFBA50B81D8D11E2824DEDEB08B02CD2/_bJ1TZUGMOsR34TihVyqt9Fib4A.crl
rsync://rpki.apnic.net/member_repository/A911D834/DFBA50B81D8D11E2824DEDEB08B02CD2/_bJ1TZUGMOsR34TihVyqt9Fib4A.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_bJ1TZUGMOsR34TihVyqt9Fib4A.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 01:03:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13690 (0x357a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D834, serialNumber=FDB2754D950630EB11DF84E2855CAAB7D1626F80
Validity
Not Before: Nov 4 12:29:52 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=69a48170-fd7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:db:8b:e9:e3:68:98:8d:b7:e1:15:50:d2:de:
d4:7f:19:ea:ba:8b:87:54:7c:df:c2:cd:f3:97:b1:
bb:01:52:2c:bf:a2:f8:3f:7e:ad:78:20:d7:8a:10:
70:03:e0:23:87:4c:a6:43:b8:4d:df:43:29:c6:a7:
22:74:2c:00:7a:c0:d5:c3:4d:e1:17:12:c6:64:63:
5a:f0:82:50:d8:d0:8b:08:62:97:3f:9a:99:be:c6:
85:ab:0e:ae:0b:d6:d0:5e:ab:53:07:a9:9e:cf:c4:
4c:4a:30:67:25:b2:bf:de:18:da:e5:97:39:0d:0a:
ce:07:ce:e3:eb:fa:2d:0d:b9:1a:1c:64:c3:e1:2e:
43:6b:87:94:4b:d3:75:31:05:42:4f:4b:88:9b:0d:
68:91:3f:c9:15:df:2b:7c:e9:1b:af:c2:58:33:d6:
f7:d1:60:72:00:9d:45:a3:15:09:b0:0e:55:da:a4:
5c:8b:8f:1a:2d:6e:05:f0:a0:f4:d7:e4:d8:75:21:
b4:bc:96:ca:b9:e0:38:4e:24:84:9f:5b:eb:30:85:
da:4a:72:dc:ec:91:b4:90:b5:95:93:a3:90:49:3a:
e7:e4:cf:20:77:bd:6a:02:b8:79:58:26:a2:65:96:
05:38:e1:66:81:e7:3d:87:8a:38:e0:0e:89:d7:4b:
df:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:AE:6A:E7:AA:AC:8F:2F:DC:13:E6:E0:50:0B:12:2A:AE:79:2F:26
X509v3 Authority Key Identifier:
keyid:FD:B2:75:4D:95:06:30:EB:11:DF:84:E2:85:5C:AA:B7:D1:62:6F:80
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D834/DFBA50B81D8D11E2824DEDEB08B02CD2/_bJ1TZUGMOsR34TihVyqt9Fib4A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_bJ1TZUGMOsR34TihVyqt9Fib4A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D834/DFBA50B81D8D11E2824DEDEB08B02CD2/F62323DEB97911F0A728D041C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.232.152.0/22
103.235.196.0/22
110.34.0.0/19
116.66.192.0/21
163.47.148.0/22
163.53.24.0/23
182.93.64.0/19
202.51.80.0/24
202.51.88.0/23
202.51.92.0/23
202.63.240.0/21
IPv6:
2403:3800::/32
Signature Algorithm: sha256WithRSAEncryption
64:74:83:bc:f6:be:00:1b:84:83:f0:b1:33:ec:40:e3:3e:2c:
44:91:13:5f:3f:95:ef:45:bb:c9:4e:93:c7:be:38:93:d3:96:
a8:91:eb:9b:ed:81:0d:25:c4:9b:a2:1a:e5:3e:54:58:49:8f:
15:45:8e:90:be:a5:e2:6d:b1:49:22:47:93:cd:cd:3e:3e:1a:
11:ab:5e:6b:0b:a6:d9:d0:54:c8:74:47:6d:23:6e:e4:fc:42:
64:c5:7c:b1:ee:e3:c1:a4:dd:db:64:a2:c8:6b:62:ce:ac:d1:
4d:34:87:47:8f:0c:8a:43:a1:2b:70:36:f1:b0:c8:84:fa:a7:
6d:23:ea:ed:e1:ac:b9:c7:30:14:af:ce:6f:79:00:03:af:f6:
a0:fb:a8:3b:8c:52:cf:19:0c:64:1b:10:79:c1:0d:c9:3c:f7:
e7:f8:ef:f4:22:e8:a6:82:df:0e:05:df:22:75:3c:d6:e9:59:
82:c8:0d:c2:86:70:46:f0:27:3a:5c:a0:b2:9a:8a:1c:42:29:
53:da:41:52:86:9a:ef:c3:a9:91:e6:58:99:d8:d3:e9:25:f0:
0d:1f:a6:93:69:3d:e4:1f:9f:0a:35:b3:ad:33:97:21:bd:3e:
35:48:93:c2:a7:c1:15:f5:83:09:fc:d8:db:02:24:b2:74:ce:
b0:7d:78:fc
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICNXowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ4MzQxMTAvBgNVBAUTKEZEQjI3NTREOTUwNjMwRUIxMURGODRFMjg1NUNBQUI3
RDE2MjZGODAwHhcNMjUxMTA0MTIyOTUyWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODE3MC1mZDdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtNuL6eNomI234RVQ0t7UfxnquouHVHzfws3zl7G7AVIsv6L4P36teCDXihBw
A+Ajh0ymQ7hN30MpxqcidCwAesDVw03hFxLGZGNa8IJQ2NCLCGKXP5qZvsaFqw6u
C9bQXqtTB6mez8RMSjBnJbK/3hja5Zc5DQrOB87j6/otDbkaHGTD4S5Da4eUS9N1
MQVCT0uImw1okT/JFd8rfOkbr8JYM9b30WByAJ1FoxUJsA5V2qRci48aLW4F8KD0
1+TYdSG0vJbKueA4TiSEn1vrMIXaSnLc7JG0kLWVk6OQSTrn5M8gd71qArh5WCai
ZZYFOOFmgec9h4o44A6J10vf6QIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFPOuaueq
rI8v3BPm4FALEiqueS8mMB8GA1UdIwQYMBaAFP2ydU2VBjDrEd+E4oVcqrfRYm+A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDgzNC9ERkJBNTBCODFE
OEQxMUUyODI0REVERUIwOEIwMkNEMi9fYkoxVFpVR01Pc1IzNFRpaFZ5cXQ5Rmli
NEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19iSjFUWlVHTU9zUjM0VGloVnlxdDlGaWI0QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQ4MzQvREZCQTUwQjgxRDhEMTFFMjgyNERFREVCMDhCMDJDRDIvRjYyMzIzREVC
OTc5MTFGMEE3MjhEMDQxQzRGOUFFMDIucm9hMGoGCCsGAQUFBwEHAQH/BFswWTBI
BAIAATBCAwQCZ+iYAwQCZ+vEAwQFbiIAAwQDdELAAwQCoy+UAwQBozUYAwQFtl1A
AwQAyjNQAwQByjNYAwQByjNcAwQDyj/wMA0EAgACMAcDBQAkAzgAMA0GCSqGSIb3
DQEBCwUAA4IBAQBkdIO89r4AG4SD8LEz7EDjPixEkRNfP5XvRbvJTpPHvjiT05ao
keub7YENJcSbohrlPlRYSY8VRY6QvqXibbFJIkeTzc0+PhoRq15rC6bZ0FTIdEdt
I27k/EJkxXyx7uPBpN3bZKLIa2LOrNFNNIdHjwyKQ6ErcDbxsMiE+qdtI+rt4ay5
xzAUr85veQADr/ag+6g7jFLPGQxkGxB5wQ3JPPfn+O/0Iuimgt8OBd8idTzW6VmC
yA3ChnBG8Cc6XKCymoocQilT2kFShprvw6mR5liZ2NPpJfANH6aTaT3kH58KNbOt
M5chvT41SJPCp8EV9YMJ/NjbAiSydM6wfXj8
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:55:41 2026 by rpki-client