Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912AFA4/B67862FAAB9511EAB2559C5BC4F9AE02/E350F182060411F192CA7B231D3D8C67.roa
File: E350F182060411F192CA7B231D3D8C67.roa (raw, json)
Hash identifier: 8eg4WpDQ17b1CxcyQLYtPFeBceYv8sn2OO0ZgMPrrDg=
Subject key identifier: DD:9C:CF:22:33:9A:03:DC:B6:89:C4:38:8B:EB:8B:D3:9E:AF:F0:37
Certificate issuer: /CN=A912AFA4/serialNumber=51942D25EDBCA51DFA56CE09ED361EB7A26DBD25
Certificate serial: 09FF
Authority key identifier: 51:94:2D:25:ED:BC:A5:1D:FA:56:CE:09:ED:36:1E:B7:A2:6D:BD:25
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UZQtJe28pR36Vs4J7TYet6JtvSU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912AFA4/B67862FAAB9511EAB2559C5BC4F9AE02/E350F182060411F192CA7B231D3D8C67.roa
Signing time: Sun 01 Mar 2026 18:37:41 +0000
ROA not before: Sat 28 Feb 2026 21:17:34 +0000
ROA not after: Sat 01 May 2027 00:00:00 +0000
asID: 135060
IP address blocks: 103.93.150.0/24 maxlen: 24
103.93.151.0/24 maxlen: 24
103.152.128.0/24 maxlen: 24
103.152.129.0/24 maxlen: 24
103.208.4.0/22 maxlen: 22
103.208.4.0/24 maxlen: 24
103.208.5.0/24 maxlen: 24
103.208.6.0/24 maxlen: 24
103.208.7.0/24 maxlen: 24
116.206.128.0/24 maxlen: 24
116.206.129.0/24 maxlen: 24
123.100.140.0/23 maxlen: 24
123.100.143.0/24 maxlen: 24
123.100.144.0/24 maxlen: 24
123.100.145.0/24 maxlen: 24
123.100.146.0/24 maxlen: 24
123.100.147.0/24 maxlen: 24
123.100.148.0/22 maxlen: 22
123.100.148.0/24 maxlen: 24
123.100.149.0/24 maxlen: 24
123.100.150.0/24 maxlen: 24
123.100.151.0/24 maxlen: 24
123.100.152.0/24 maxlen: 24
123.253.192.0/24 maxlen: 24
123.253.193.0/24 maxlen: 24
123.253.194.0/23 maxlen: 23
123.253.194.0/24 maxlen: 24
202.86.52.0/24 maxlen: 24
202.86.53.0/24 maxlen: 24
202.86.54.0/24 maxlen: 24
202.86.55.0/24 maxlen: 24
2404:6a80::/41 maxlen: 41
2404:6a80:200::/41 maxlen: 41
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A912AFA4/B67862FAAB9511EAB2559C5BC4F9AE02/UZQtJe28pR36Vs4J7TYet6JtvSU.crl
rsync://rpki.apnic.net/member_repository/A912AFA4/B67862FAAB9511EAB2559C5BC4F9AE02/UZQtJe28pR36Vs4J7TYet6JtvSU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UZQtJe28pR36Vs4J7TYet6JtvSU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:41:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2559 (0x9ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912AFA4, serialNumber=51942D25EDBCA51DFA56CE09ED361EB7A26DBD25
Validity
Not Before: Feb 28 21:17:34 2026 GMT
Not After : May 1 00:00:00 2027 GMT
Subject: CN=69a48775-70e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fa:67:29:99:cd:5d:12:94:6c:66:e0:fa:17:
96:f7:2d:50:fc:cf:23:a7:a1:b9:bc:31:00:62:0a:
03:cd:b1:73:3f:87:e6:79:29:96:58:41:ca:00:c8:
80:3b:13:79:a3:17:24:f7:97:7f:0e:c6:e3:69:ba:
f2:5f:0a:d8:cc:cd:8e:82:67:25:55:b9:c8:82:a6:
1a:f6:9a:05:95:1a:92:d0:82:2e:77:02:40:4c:fa:
be:dd:73:bd:22:9c:a7:51:08:1c:39:35:87:6d:db:
10:d6:58:29:1d:dd:40:bc:20:7e:f4:fd:0b:26:7d:
a5:dd:90:fb:d1:16:39:67:91:c2:db:b4:a8:3c:24:
c9:19:08:17:91:3b:2d:a4:db:82:29:c2:47:ea:f1:
22:49:96:4c:8b:b3:30:9a:8e:e4:00:c3:32:91:17:
a9:fb:c0:66:dc:17:33:12:a0:29:e2:65:27:8c:fb:
b5:22:29:14:9e:22:bb:5b:11:e1:08:6f:68:3a:d0:
d9:08:ba:78:02:89:af:66:de:32:43:19:ed:b8:16:
55:01:57:3d:33:0f:e2:fb:5f:43:77:16:1c:f9:d6:
22:1b:bd:71:c6:d1:de:f7:4c:95:8f:c1:ef:ec:c0:
44:39:62:4a:d5:52:32:00:8f:df:25:41:d9:22:38:
dd:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:9C:CF:22:33:9A:03:DC:B6:89:C4:38:8B:EB:8B:D3:9E:AF:F0:37
X509v3 Authority Key Identifier:
keyid:51:94:2D:25:ED:BC:A5:1D:FA:56:CE:09:ED:36:1E:B7:A2:6D:BD:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912AFA4/B67862FAAB9511EAB2559C5BC4F9AE02/UZQtJe28pR36Vs4J7TYet6JtvSU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UZQtJe28pR36Vs4J7TYet6JtvSU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912AFA4/B67862FAAB9511EAB2559C5BC4F9AE02/E350F182060411F192CA7B231D3D8C67.roa
sbgp-ipAddrBlock: critical
IPv4:
103.93.150.0/23
103.152.128.0/23
103.208.4.0/22
116.206.128.0/23
123.100.140.0/23
123.100.143.0-123.100.152.255
123.253.192.0/22
202.86.52.0/22
IPv6:
2404:6a80::/41
2404:6a80:200::/41
Signature Algorithm: sha256WithRSAEncryption
6c:a7:03:50:ce:f9:13:6d:73:90:9f:2a:f5:fd:83:18:86:38:
5a:91:0b:e9:c5:68:8e:53:18:e8:36:a2:5d:38:6f:05:34:b9:
f0:42:90:af:52:5d:92:52:1d:84:65:48:ad:4b:90:bf:f2:8d:
36:7c:73:d2:c3:89:be:cb:23:40:ec:04:54:dc:ab:30:76:d4:
35:86:99:4e:ab:2d:c0:ed:2f:21:e3:9a:ee:f0:00:ef:99:57:
90:46:51:3c:ab:04:4e:86:5f:96:6c:8b:f3:81:a5:7b:02:98:
49:21:7e:00:4d:7b:e5:c8:0a:a4:c8:6d:d0:9a:b2:66:bc:e3:
ad:9c:f3:5a:a6:f9:50:02:e1:27:f7:9a:87:a4:29:71:d5:a5:
6c:96:a3:e5:db:64:d8:73:0f:de:b3:65:8a:fe:66:57:a3:c5:
f1:bd:90:1a:5b:60:20:10:80:ec:4f:78:30:f7:0b:5b:03:18:
e0:50:51:08:3a:f1:c3:39:5d:cc:ba:2f:db:48:66:20:1e:ac:
88:5a:4b:dc:6e:7a:f2:4e:ee:40:3f:a4:29:2b:cf:a1:4e:2e:
b2:90:c0:b9:88:ac:04:bb:b1:f2:7c:0d:89:0d:47:40:fa:79:
0c:d3:a3:c7:70:a1:f1:0b:9c:1f:92:2e:43:0d:75:03:18:ed:
d1:70:65:21
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICCf8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkFGQTQxMTAvBgNVBAUTKDUxOTQyRDI1RURCQ0E1MURGQTU2Q0UwOUVEMzYxRUI3
QTI2REJEMjUwHhcNMjYwMjI4MjExNzM0WhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODc3NS03MGUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsvpnKZnNXRKUbGbg+heW9y1Q/M8jp6G5vDEAYgoDzbFzP4fmeSmWWEHKAMiA
OxN5oxck95d/DsbjabryXwrYzM2OgmclVbnIgqYa9poFlRqS0IIudwJATPq+3XO9
IpynUQgcOTWHbdsQ1lgpHd1AvCB+9P0LJn2l3ZD70RY5Z5HC27SoPCTJGQgXkTst
pNuCKcJH6vEiSZZMi7Mwmo7kAMMykRep+8Bm3BczEqAp4mUnjPu1IikUniK7WxHh
CG9oOtDZCLp4AomvZt4yQxntuBZVAVc9Mw/i+19DdxYc+dYiG71xxtHe90yVj8Hv
7MBEOWJK1VIyAI/fJUHZIjjdfQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFN2czyIz
mgPctonEOIvri9Oer/A3MB8GA1UdIwQYMBaAFFGULSXtvKUd+lbOCe02Hreibb0l
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQUZBNC9CNjc4NjJGQUFC
OTUxMUVBQjI1NTlDNUJDNEY5QUUwMi9VWlF0SmUyOHBSMzZWczRKN1RZZXQ2SnR2
U1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VaUXRKZTI4cFIzNlZzNEo3VFlldDZKdHZTVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkFGQTQvQjY3ODYyRkFBQjk1MTFFQUIyNTU5QzVCQzRGOUFFMDIvRTM1MEYxODIw
NjA0MTFGMTkyQ0E3QjIzMUQzRDhDNjcucm9hMGsGCCsGAQUFBwEHAQH/BFwwWjA+
BAIAATA4AwQBZ12WAwQBZ5iAAwQCZ9AEAwQBdM6AAwQBe2SMMAwDBAB7ZI8DBAB7
ZJgDBAJ7/cADBALKVjQwGAQCAAIwEgMHByQEaoAAAAMHByQEaoACADANBgkqhkiG
9w0BAQsFAAOCAQEAbKcDUM75E21zkJ8q9f2DGIY4WpEL6cVojlMY6DaiXThvBTS5
8EKQr1JdklIdhGVIrUuQv/KNNnxz0sOJvssjQOwEVNyrMHbUNYaZTqstwO0vIeOa
7vAA75lXkEZRPKsEToZflmyL84GlewKYSSF+AE175cgKpMht0JqyZrzjrZzzWqb5
UALhJ/eah6QpcdWlbJaj5dtk2HMP3rNliv5mV6PF8b2QGltgIBCA7E94MPcLWwMY
4FBRCDrxwzldzLov20hmIB6siFpL3G568k7uQD+kKSvPoU4uspDAuYisBLux8nwN
iQ1HQPp5DNOjx3Ch8QucH5IuQw11Axjt0XBlIQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:01:12 2026 by rpki-client