Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/EEF771D4FED311EF8B263515C4F9AE02.roa
File: EEF771D4FED311EF8B263515C4F9AE02.roa (raw, json)
Hash identifier: Phleh4XfyUr3zGnO9+DWKm6TLv7fk+W/Pgx517wbsV0=
Subject key identifier: 40:8A:0F:29:1C:EA:B3:FA:E3:CD:8D:74:09:9A:CD:D0:F7:5E:82:FC
Certificate issuer: /CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Certificate serial: 3C19
Authority key identifier: EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/EEF771D4FED311EF8B263515C4F9AE02.roa
Signing time: Sun 01 Mar 2026 21:26:27 +0000
ROA not before: Fri 04 Jul 2025 14:50:36 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 18305
IP address blocks: 203.244.39.0/24 maxlen: 24
203.244.45.0/24 maxlen: 24
203.244.50.0/24 maxlen: 24
203.244.60.0/24 maxlen: 24
203.244.67.0/24 maxlen: 24
203.244.70.0/24 maxlen: 24
203.244.80.0/24 maxlen: 24
203.244.95.0/24 maxlen: 24
203.245.134.0/24 maxlen: 24
203.245.136.0/24 maxlen: 24
203.245.147.0/24 maxlen: 24
203.245.152.0/24 maxlen: 24
203.245.155.0/24 maxlen: 24
203.245.156.0/24 maxlen: 24
203.245.157.0/24 maxlen: 24
203.245.158.0/24 maxlen: 24
203.245.160.0/24 maxlen: 24
203.245.161.0/24 maxlen: 24
203.245.162.0/24 maxlen: 24
203.245.163.0/24 maxlen: 24
203.245.200.0/24 maxlen: 24
203.245.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl
rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 14:22:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15385 (0x3c19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9149F3E, serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Validity
Not Before: Jul 4 14:50:36 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=69a4af03-374b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f1:cd:f9:98:ad:bd:ac:ea:64:c7:fc:81:84:
5a:42:ed:76:a3:35:94:74:4b:86:2d:08:dc:ee:7c:
1c:d5:7e:b8:0b:e0:25:a8:b9:b5:04:92:cf:bd:ba:
68:65:b2:09:dd:e4:2d:48:26:9b:19:d0:b9:40:8b:
0c:8c:f0:e6:ae:f5:b8:ed:ab:53:64:66:3b:dc:7f:
19:db:24:8c:16:99:1b:eb:98:aa:85:50:e7:05:02:
0c:28:1c:d2:87:9f:bc:3d:63:bd:f0:ad:9b:b3:c3:
53:39:46:9a:e3:a0:9a:59:fb:76:75:8d:cb:d9:16:
f1:68:fa:3e:1b:d8:8c:37:f7:60:ec:9b:35:86:f4:
89:eb:eb:4c:34:5b:ff:50:c6:c5:37:89:6e:67:df:
2c:a8:0a:ef:8b:b6:b8:53:f8:f8:4e:db:7e:70:d8:
38:73:56:05:f9:5b:61:ef:90:82:73:24:1e:dc:76:
82:01:ad:0d:97:2d:9f:16:57:85:89:7a:e1:93:57:
1c:6e:49:f3:57:04:2b:c3:1d:cb:f2:69:08:e4:74:
fc:57:03:59:6e:86:0d:4f:c1:85:c0:a4:b2:98:d7:
c0:b0:5a:d8:8a:30:96:b8:a7:06:74:46:ce:a4:75:
a3:2e:a8:e1:c2:61:46:2f:08:7e:39:59:35:81:71:
20:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:8A:0F:29:1C:EA:B3:FA:E3:CD:8D:74:09:9A:CD:D0:F7:5E:82:FC
X509v3 Authority Key Identifier:
keyid:EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/EEF771D4FED311EF8B263515C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
203.244.39.0/24
203.244.45.0/24
203.244.50.0/24
203.244.60.0/24
203.244.67.0/24
203.244.70.0/24
203.244.80.0/24
203.244.95.0/24
203.245.134.0/24
203.245.136.0/24
203.245.147.0/24
203.245.152.0/24
203.245.155.0-203.245.158.255
203.245.160.0/22
203.245.200.0/23
Signature Algorithm: sha256WithRSAEncryption
32:1f:53:07:e8:51:5a:fe:ff:13:9a:2a:3a:f5:28:64:c4:35:
f5:8d:08:fc:5a:ab:3d:fe:88:04:17:21:8d:70:b1:8f:b0:ac:
0d:e4:a2:b8:09:61:77:57:51:46:c4:65:ba:c7:00:b7:af:c8:
6c:52:cf:af:1d:c0:15:38:11:e2:f2:97:a0:d9:df:27:eb:cd:
0a:9c:12:b7:f8:38:cd:c1:a8:d0:bd:82:9c:cc:ac:e7:cc:c8:
5d:ae:bf:ea:78:cf:82:40:d6:be:23:51:a4:40:74:46:4b:35:
85:a3:f6:c5:84:88:ee:1b:fb:e4:ac:45:1a:51:d9:dc:9f:15:
9b:a0:18:81:86:0c:f2:87:43:81:63:b9:9c:73:2f:45:15:2d:
ed:a5:da:4d:c6:ac:ad:d0:25:d6:fe:6e:ce:6a:3c:00:aa:88:
6e:1b:ca:4b:45:b2:4a:cf:51:40:39:15:05:10:19:25:94:96:
37:36:60:7d:33:0e:6c:6f:2a:ec:88:57:83:db:39:71:a1:70:
af:52:1d:7d:9c:7b:83:51:b6:59:9a:44:f7:44:3e:83:84:48:
8a:3b:46:e6:61:bb:74:0c:d1:67:b2:81:55:3b:5a:fe:5b:27:
51:f9:0f:bf:34:e4:d0:12:9f:33:29:55:38:b7:e9:f2:d0:d2:
2c:4e:a4:25
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICPBkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDlGM0UxMTAvBgNVBAUTKEVCMzg5RkIzMzlCMzkwOEQ1NDlBNjUzOTBDOTJFMTVG
OURGN0M1NEIwHhcNMjUwNzA0MTQ1MDM2WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0YWYwMy0zNzRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAjfHN+ZitvazqZMf8gYRaQu12ozWUdEuGLQjc7nwc1X64C+AlqLm1BJLPvbpo
ZbIJ3eQtSCabGdC5QIsMjPDmrvW47atTZGY73H8Z2ySMFpkb65iqhVDnBQIMKBzS
h5+8PWO98K2bs8NTOUaa46CaWft2dY3L2RbxaPo+G9iMN/dg7Js1hvSJ6+tMNFv/
UMbFN4luZ98sqArvi7a4U/j4Ttt+cNg4c1YF+Vth75CCcyQe3HaCAa0Nly2fFleF
iXrhk1ccbknzVwQrwx3L8mkI5HT8VwNZboYNT8GFwKSymNfAsFrYijCWuKcGdEbO
pHWjLqjhwmFGLwh+OVk1gXEgEQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFECKDykc
6rP6482NdAmazdD3XoL8MB8GA1UdIwQYMBaAFOs4n7M5s5CNVJplOQyS4V+d98VL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS9BQzUyQjc0ODFE
ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi82emlmc3ptemtJMVVtbVU1REpMaFg1MzN4
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZ6aWZzem16a0kxVW1tVTVESkxoWDUzM3hVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDlGM0UvQUM1MkI3NDgxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvRUVGNzcxRDRG
RUQzMTFFRjhCMjYzNTE1QzRGOUFFMDIucm9hMHsGCCsGAQUFBwEHAQH/BGwwajBo
BAIAATBiAwQAy/QnAwQAy/QtAwQAy/QyAwQAy/Q8AwQAy/RDAwQAy/RGAwQAy/RQ
AwQAy/RfAwQAy/WGAwQAy/WIAwQAy/WTAwQAy/WYMAwDBADL9ZsDBADL9Z4DBALL
9aADBAHL9cgwDQYJKoZIhvcNAQELBQADggEBADIfUwfoUVr+/xOaKjr1KGTENfWN
CPxaqz3+iAQXIY1wsY+wrA3korgJYXdXUUbEZbrHALevyGxSz68dwBU4EeLyl6DZ
3yfrzQqcErf4OM3BqNC9gpzMrOfMyF2uv+p4z4JA1r4jUaRAdEZLNYWj9sWEiO4b
++SsRRpR2dyfFZugGIGGDPKHQ4FjuZxzL0UVLe2l2k3GrK3QJdb+bs5qPACqiG4b
yktFskrPUUA5FQUQGSWUljc2YH0zDmxvKuyIV4PbOXGhcK9SHX2ce4NRtlmaRPdE
PoOESIo7RuZhu3QM0WeygVU7Wv5bJ1H5D7805NASnzMpVTi36fLQ0ixOpCU=
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:25:27 2026 by rpki-client