Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912F1D5/EE0180780F6211EAA706AF3DC4F9AE02/392036B4808B11EFAB024F45C4F9AE02.roa
File: 392036B4808B11EFAB024F45C4F9AE02.roa (raw, json)
Hash identifier: XUOecCq3slx7jxCIgwHTqZiq4GEzwouLtwixym+eJh0=
Subject key identifier: FD:6C:F8:CC:CB:18:04:06:BC:38:81:E3:96:F4:B3:B3:41:A1:89:F4
Certificate issuer: /CN=A912F1D5/serialNumber=FBBA4A9609B4174E6CB47B95834E2A9C3D968663
Certificate serial: 0CEB
Authority key identifier: FB:BA:4A:96:09:B4:17:4E:6C:B4:7B:95:83:4E:2A:9C:3D:96:86:63
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7pKlgm0F05stHuVg04qnD2WhmM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912F1D5/EE0180780F6211EAA706AF3DC4F9AE02/392036B4808B11EFAB024F45C4F9AE02.roa
Signing time: Sun 01 Mar 2026 11:41:35 +0000
ROA not before: Wed 30 Apr 2025 18:58:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38026
IP address blocks: 43.240.100.0/24 maxlen: 24
43.240.101.0/24 maxlen: 24
43.240.102.0/24 maxlen: 24
43.240.103.0/24 maxlen: 24
103.36.100.0/22 maxlen: 22
103.36.100.0/24 maxlen: 24
103.36.101.0/24 maxlen: 24
103.36.102.0/24 maxlen: 24
103.36.103.0/24 maxlen: 24
116.193.216.0/24 maxlen: 24
116.193.217.0/24 maxlen: 24
116.193.219.0/24 maxlen: 24
116.193.220.0/24 maxlen: 24
116.193.221.0/24 maxlen: 24
116.193.222.0/24 maxlen: 24
116.193.223.0/24 maxlen: 24
202.164.208.0/21 maxlen: 24
2404:af80::/32 maxlen: 32
2404:af80::/48 maxlen: 48
2404:af80:1::/48 maxlen: 48
2404:af80:2::/48 maxlen: 48
2404:af80:3::/48 maxlen: 48
2404:af80:4::/48 maxlen: 48
2404:af80:10::/48 maxlen: 48
2404:af80:11::/48 maxlen: 48
2404:af80:12::/48 maxlen: 48
2404:af80:13::/48 maxlen: 48
2404:af80:14::/48 maxlen: 48
2404:af80:15::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A912F1D5/EE0180780F6211EAA706AF3DC4F9AE02/-7pKlgm0F05stHuVg04qnD2WhmM.crl
rsync://rpki.apnic.net/member_repository/A912F1D5/EE0180780F6211EAA706AF3DC4F9AE02/-7pKlgm0F05stHuVg04qnD2WhmM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7pKlgm0F05stHuVg04qnD2WhmM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 01:42:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3307 (0xceb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912F1D5, serialNumber=FBBA4A9609B4174E6CB47B95834E2A9C3D968663
Validity
Not Before: Apr 30 18:58:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a425ef-72e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f3:02:18:76:e6:16:1a:15:37:8b:81:23:4b:
30:8a:4d:a5:0c:06:af:14:c7:c8:87:38:9b:e2:af:
f2:09:64:90:a3:a6:62:26:2e:0d:6e:94:99:d6:4b:
13:34:4f:b5:06:fe:b1:bc:60:cc:0a:11:9e:04:6a:
8a:c1:9e:c6:f3:c3:13:c3:ff:f3:da:d5:dd:e4:f4:
a6:aa:49:ec:dc:f6:0d:92:bf:51:c4:c8:42:a7:46:
c3:f4:64:24:e4:66:ff:24:d0:75:f9:d8:cf:11:9c:
1e:57:5a:bd:b3:f5:d9:e0:e3:52:70:7f:11:a4:93:
94:e4:9a:b6:43:83:c6:de:20:4c:2a:af:d8:cc:9a:
1a:ea:8a:56:6d:90:56:81:c9:6c:e8:2f:cf:0f:c4:
3e:38:74:1d:2f:a6:83:e7:b5:a5:e4:28:78:71:76:
be:3f:fc:dc:68:7c:7d:06:98:f1:c9:fe:6f:fb:2c:
46:2a:22:7a:5a:a2:03:d8:9d:b4:74:3a:af:2e:81:
b5:a7:81:59:f8:5f:07:42:b2:7b:09:84:38:78:73:
69:9e:38:67:e5:a1:40:6e:d1:c2:94:df:01:c4:bb:
51:89:79:f9:ef:f9:29:56:a7:5a:39:c1:0a:da:10:
ce:cf:da:e2:42:c9:b0:03:c5:ac:4e:8a:6c:54:af:
38:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:6C:F8:CC:CB:18:04:06:BC:38:81:E3:96:F4:B3:B3:41:A1:89:F4
X509v3 Authority Key Identifier:
keyid:FB:BA:4A:96:09:B4:17:4E:6C:B4:7B:95:83:4E:2A:9C:3D:96:86:63
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912F1D5/EE0180780F6211EAA706AF3DC4F9AE02/-7pKlgm0F05stHuVg04qnD2WhmM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7pKlgm0F05stHuVg04qnD2WhmM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912F1D5/EE0180780F6211EAA706AF3DC4F9AE02/392036B4808B11EFAB024F45C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.240.100.0/22
103.36.100.0/22
116.193.216.0/23
116.193.219.0-116.193.223.255
202.164.208.0/21
IPv6:
2404:af80::/32
Signature Algorithm: sha256WithRSAEncryption
81:6d:cb:ec:8e:ce:58:3d:1a:6d:58:9a:1a:1e:31:b7:8c:c7:
c6:2c:6b:9a:e7:22:88:60:6b:59:ea:98:8e:b5:74:e5:bd:50:
1a:ba:c8:e2:22:ee:2f:9e:66:f1:15:a5:74:d7:a3:ae:27:f8:
7f:d1:b4:ae:54:bd:89:ba:14:ba:b3:aa:76:de:6f:c0:86:c2:
c7:f2:55:f8:70:80:5c:30:40:1a:35:47:09:e7:27:6b:4f:17:
ef:22:d3:61:82:ea:7b:15:a2:b2:f3:27:0b:43:af:8b:20:4d:
ce:93:c3:ff:5a:47:e6:17:93:d6:e0:f8:09:ea:d8:87:21:b7:
19:b5:ba:52:18:aa:1b:3f:7b:84:a6:53:8d:76:4f:94:bb:04:
2e:f8:c5:25:e4:c3:e3:9c:95:99:7f:77:78:30:1d:06:3b:4f:
b7:51:c1:59:a2:e6:3b:5c:72:db:69:da:16:b3:dc:47:40:5a:
3d:88:ee:05:96:fd:a5:ac:f0:df:3f:c9:5e:3f:ac:23:88:2d:
73:0d:76:19:f8:7c:d7:65:64:6e:e9:55:bc:d2:f7:36:9b:01:
9f:b5:53:84:2a:2a:72:b0:a7:01:b0:02:ae:63:0e:ef:29:61:
c7:4f:97:dc:52:c4:ce:d1:e9:3d:8f:ec:8c:ee:1b:d0:e8:5d:
c3:5f:53:a8
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgICDOswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkYxRDUxMTAvBgNVBAUTKEZCQkE0QTk2MDlCNDE3NEU2Q0I0N0I5NTgzNEUyQTlD
M0Q5Njg2NjMwHhcNMjUwNDMwMTg1ODA5WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0MjVlZi03MmUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArPMCGHbmFhoVN4uBI0swik2lDAavFMfIhzib4q/yCWSQo6ZiJi4NbpSZ1ksT
NE+1Bv6xvGDMChGeBGqKwZ7G88MTw//z2tXd5PSmqkns3PYNkr9RxMhCp0bD9GQk
5Gb/JNB1+djPEZweV1q9s/XZ4ONScH8RpJOU5Jq2Q4PG3iBMKq/YzJoa6opWbZBW
gcls6C/PD8Q+OHQdL6aD57Wl5Ch4cXa+P/zcaHx9Bpjxyf5v+yxGKiJ6WqID2J20
dDqvLoG1p4FZ+F8HQrJ7CYQ4eHNpnjhn5aFAbtHClN8BxLtRiXn57/kpVqdaOcEK
2hDOz9riQsmwA8WsTopsVK84IQIDAQABo4ICjzCCAoswHQYDVR0OBBYEFP1s+MzL
GAQGvDiB45b0s7NBoYn0MB8GA1UdIwQYMBaAFPu6SpYJtBdObLR7lYNOKpw9loZj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRjFENS9FRTAxODA3ODBG
NjIxMUVBQTcwNkFGM0RDNEY5QUUwMi8tN3BLbGdtMEYwNXN0SHVWZzA0cW5EMldo
bU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy03cEtsZ20wRjA1c3RIdVZnMDRxbkQyV2htTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkYxRDUvRUUwMTgwNzgwRjYyMTFFQUE3MDZBRjNEQzRGOUFFMDIvMzkyMDM2QjQ4
MDhCMTFFRkFCMDI0RjQ1QzRGOUFFMDIucm9hME4GCCsGAQUFBwEHAQH/BD8wPTAs
BAIAATAmAwQCK/BkAwQCZyRkAwQBdMHYMAwDBAB0wdsDBAV0wcADBAPKpNAwDQQC
AAIwBwMFACQEr4AwDQYJKoZIhvcNAQELBQADggEBAIFty+yOzlg9Gm1YmhoeMbeM
x8Ysa5rnIohga1nqmI61dOW9UBq6yOIi7i+eZvEVpXTXo64n+H/RtK5UvYm6FLqz
qnbeb8CGwsfyVfhwgFwwQBo1RwnnJ2tPF+8i02GC6nsVorLzJwtDr4sgTc6Tw/9a
R+YXk9bg+Anq2Ichtxm1ulIYqhs/e4SmU412T5S7BC74xSXkw+OclZl/d3gwHQY7
T7dRwVmi5jtccttp2haz3EdAWj2I7gWW/aWs8N8/yV4/rCOILXMNdhn4fNdlZG7p
VbzS9zabAZ+1U4QqKnKwpwGwAq5jDu8pYcdPl9xSxM7R6T2P7IzuG9DoXcNfU6g=
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:46:36 2026 by rpki-client