Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914BF04/DA538A56EA2811EB9AE60B74C4F9AE02/1E143AA26E7D11EFBB48F63EC4F9AE02.roa
File: 1E143AA26E7D11EFBB48F63EC4F9AE02.roa (raw, json)
Hash identifier: leZ0cCoOlR1k5yKepuZNpVBVHzz4KHAcvcnF8Cllio0=
Subject key identifier: D6:D4:B1:71:EE:3E:43:B6:C3:8B:EA:64:1A:24:35:01:D8:82:93:57
Certificate issuer: /CN=A914BF04/serialNumber=B01E7C1EDE102251EE60741E2E19F060303D71C9
Certificate serial: 064B
Authority key identifier: B0:1E:7C:1E:DE:10:22:51:EE:60:74:1E:2E:19:F0:60:30:3D:71:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sB58Ht4QIlHuYHQeLhnwYDA9cck.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914BF04/DA538A56EA2811EB9AE60B74C4F9AE02/1E143AA26E7D11EFBB48F63EC4F9AE02.roa
Signing time: Sun 01 Mar 2026 14:16:44 +0000
ROA not before: Tue 24 Feb 2026 23:19:27 +0000
ROA not after: Sat 01 May 2027 00:00:00 +0000
asID: 141681
IP address blocks: 103.161.242.0/24 maxlen: 24
103.170.17.0/24 maxlen: 24
2400:bde0::/32 maxlen: 32
2400:bde0::/48 maxlen: 48
2400:bde0:0:100::/56 maxlen: 56
2400:bde0:0:100::/60 maxlen: 60
2400:bde0:0:108::/64 maxlen: 64
2400:bde0:1::/48 maxlen: 48
2400:bde0:1:150::/64 maxlen: 64
2400:bde0:2::/48 maxlen: 48
2400:bde0:100::/46 maxlen: 46
2400:bde0:100::/48 maxlen: 48
2400:bde0:3000::/46 maxlen: 46
2400:bde0:3000::/48 maxlen: 48
2400:bde0:4000::/44 maxlen: 44
2400:bde0:4000::/45 maxlen: 46
2400:bde0:6000::/46 maxlen: 46
2400:bde0:6004::/46 maxlen: 46
2400:bde0:8000::/44 maxlen: 45
2400:bde0:8000::/45 maxlen: 47
2400:bde0:8008::/46 maxlen: 46
2400:bde0:8008::/47 maxlen: 47
2400:bde0:8010::/44 maxlen: 45
2400:bde0:8010::/45 maxlen: 47
2400:bde0:8018::/46 maxlen: 46
2400:bde0:8018::/47 maxlen: 47
2400:bde0:8020::/44 maxlen: 45
2400:bde0:8020::/45 maxlen: 47
2400:bde0:8028::/46 maxlen: 46
2400:bde0:8028::/47 maxlen: 47
2400:bde0:8030::/44 maxlen: 45
2400:bde0:8030::/45 maxlen: 47
2400:bde0:8038::/46 maxlen: 46
2400:bde0:8038::/47 maxlen: 47
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914BF04/DA538A56EA2811EB9AE60B74C4F9AE02/sB58Ht4QIlHuYHQeLhnwYDA9cck.crl
rsync://rpki.apnic.net/member_repository/A914BF04/DA538A56EA2811EB9AE60B74C4F9AE02/sB58Ht4QIlHuYHQeLhnwYDA9cck.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sB58Ht4QIlHuYHQeLhnwYDA9cck.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 01:10:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1611 (0x64b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914BF04, serialNumber=B01E7C1EDE102251EE60741E2E19F060303D71C9
Validity
Not Before: Feb 24 23:19:27 2026 GMT
Not After : May 1 00:00:00 2027 GMT
Subject: CN=69a44a4b-fd85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:58:d3:b1:96:ad:e5:f0:03:18:82:54:aa:a8:
ef:5b:9b:03:a8:2e:71:a9:70:87:ad:f9:f4:51:16:
4d:a3:ca:69:f1:30:45:46:55:85:83:54:4c:17:f4:
9d:a4:03:b1:20:cd:a4:19:a9:03:19:3b:b0:32:4e:
43:5a:6d:80:26:19:9e:84:a8:3a:05:7c:ba:79:64:
48:7d:71:e4:97:30:a6:61:2e:b9:ca:a3:bc:87:56:
f3:61:22:1c:fc:9f:ec:9f:a4:84:de:02:8f:f6:ec:
e9:35:3d:b9:48:64:d3:4f:b0:af:4d:59:f4:28:1a:
62:5c:be:e4:e8:c2:8c:28:75:ab:44:e0:26:d1:3b:
4c:a1:ab:6f:c2:d6:f6:e4:f5:3c:84:33:82:7c:0b:
45:47:00:39:4e:d8:d9:51:2d:d5:c2:23:51:9e:7d:
b4:90:9f:28:0e:6e:44:0e:51:91:af:7d:ab:7b:10:
5a:54:31:81:c3:14:aa:ea:08:9b:05:78:ae:6b:c4:
2f:50:15:c7:48:79:94:56:ef:c9:db:f7:8b:e5:2c:
00:41:8e:15:80:17:0d:27:d4:f9:67:b5:c1:36:c5:
c3:0b:6c:11:ba:40:88:e2:96:8c:4c:5b:75:85:4d:
f2:7e:80:61:d0:7d:47:fc:e3:d1:fd:be:4c:0a:07:
3a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D4:B1:71:EE:3E:43:B6:C3:8B:EA:64:1A:24:35:01:D8:82:93:57
X509v3 Authority Key Identifier:
keyid:B0:1E:7C:1E:DE:10:22:51:EE:60:74:1E:2E:19:F0:60:30:3D:71:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914BF04/DA538A56EA2811EB9AE60B74C4F9AE02/sB58Ht4QIlHuYHQeLhnwYDA9cck.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sB58Ht4QIlHuYHQeLhnwYDA9cck.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BF04/DA538A56EA2811EB9AE60B74C4F9AE02/1E143AA26E7D11EFBB48F63EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.161.242.0/24
103.170.17.0/24
IPv6:
2400:bde0::/32
Signature Algorithm: sha256WithRSAEncryption
d8:92:2d:a3:df:46:e0:93:62:23:d6:1e:ac:bb:f9:95:55:40:
58:c3:7a:32:e7:a4:e2:2b:da:c6:b0:f8:81:4c:d4:cf:54:da:
93:4d:6b:02:61:0e:f7:6a:3b:be:ac:db:fa:ff:68:59:bb:a5:
83:be:5b:5a:44:f0:3b:25:c1:7a:b1:36:a9:af:a6:46:1a:0c:
c6:d0:4a:1a:58:01:41:4e:02:bf:15:46:0a:b9:4f:4e:28:b4:
9a:07:d5:a1:b3:e4:5d:e9:19:d5:78:1c:f0:6e:37:9a:a7:cc:
5c:a4:71:8b:13:e6:2b:79:80:69:c1:e2:e6:26:39:6f:ac:1d:
4a:12:60:24:c4:3e:8a:b8:cc:7c:75:4f:f5:3f:3c:3c:e2:54:
e7:6d:a0:d4:15:04:9a:3a:e4:f3:56:32:25:f9:ca:1d:a4:a3:
87:cb:ed:fe:fd:9e:5a:40:e4:4d:48:90:5f:cf:e2:53:80:54:
67:69:c2:eb:4a:54:0e:57:18:30:c8:85:3f:40:98:92:ed:2d:
25:13:ee:c7:ec:97:c6:a8:87:34:27:86:b4:2c:ec:91:8c:01:
17:27:31:a1:83:37:e1:d9:fe:7f:c4:dd:34:f4:6c:4a:bf:8d:
d7:fe:53:25:02:d1:60:1a:a3:b7:63:1e:e1:94:7c:d5:7f:b0:
58:a7:76:d4
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgICBkswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEJGMDQxMTAvBgNVBAUTKEIwMUU3QzFFREUxMDIyNTFFRTYwNzQxRTJFMTlGMDYw
MzAzRDcxQzkwHhcNMjYwMjI0MjMxOTI3WhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NGE0Yi1mZDg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlVjTsZat5fADGIJUqqjvW5sDqC5xqXCHrfn0URZNo8pp8TBFRlWFg1RMF/Sd
pAOxIM2kGakDGTuwMk5DWm2AJhmehKg6BXy6eWRIfXHklzCmYS65yqO8h1bzYSIc
/J/sn6SE3gKP9uzpNT25SGTTT7CvTVn0KBpiXL7k6MKMKHWrROAm0TtMoatvwtb2
5PU8hDOCfAtFRwA5TtjZUS3VwiNRnn20kJ8oDm5EDlGRr32rexBaVDGBwxSq6gib
BXiua8QvUBXHSHmUVu/J2/eL5SwAQY4VgBcNJ9T5Z7XBNsXDC2wRukCI4paMTFt1
hU3yfoBh0H1H/OPR/b5MCgc61QIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFNbUsXHu
PkO2w4vqZBokNQHYgpNXMB8GA1UdIwQYMBaAFLAefB7eECJR7mB0Hi4Z8GAwPXHJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QkYwNC9EQTUzOEE1NkVB
MjgxMUVCOUFFNjBCNzRDNEY5QUUwMi9zQjU4SHQ0UUlsSHVZSFFlTGhud1lEQTlj
Y2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NCNThIdDRRSWxIdVlIUWVMaG53WURBOWNjay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEJGMDQvREE1MzhBNTZFQTI4MTFFQjlBRTYwQjc0QzRGOUFFMDIvMUUxNDNBQTI2
RTdEMTFFRkJCNDhGNjNFQzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS
BAIAATAMAwQAZ6HyAwQAZ6oRMA0EAgACMAcDBQAkAL3gMA0GCSqGSIb3DQEBCwUA
A4IBAQDYki2j30bgk2Ij1h6su/mVVUBYw3oy56TiK9rGsPiBTNTPVNqTTWsCYQ73
aju+rNv6/2hZu6WDvltaRPA7JcF6sTapr6ZGGgzG0EoaWAFBTgK/FUYKuU9OKLSa
B9Whs+Rd6RnVeBzwbjeap8xcpHGLE+YreYBpweLmJjlvrB1KEmAkxD6KuMx8dU/1
Pzw84lTnbaDUFQSaOuTzVjIl+codpKOHy+3+/Z5aQORNSJBfz+JTgFRnacLrSlQO
VxgwyIU/QJiS7S0lE+7H7JfGqIc0J4a0LOyRjAEXJzGhgzfh2f5/xN009GxKv43X
/lMlAtFgGqO3Yx7hlHzVf7BYp3bU
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:33:24 2026 by rpki-client