Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/3240ED82D62D11EFB0442B5DC4F9AE02.roa
File: 3240ED82D62D11EFB0442B5DC4F9AE02.roa (raw, json)
Hash identifier: goxpVgCyktDRuj+zXY8IwkJZe67SlMAI6ql6BNqLFHg=
Subject key identifier: CF:8F:5A:37:E0:4F:CD:A2:92:53:B1:55:E4:A8:63:B7:D2:EF:51:53
Certificate issuer: /CN=A9150384/serialNumber=B1BA33053C39BA5865537743112389E300C48807
Certificate serial: 0D1F
Authority key identifier: B1:BA:33:05:3C:39:BA:58:65:53:77:43:11:23:89:E3:00:C4:88:07
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sbozBTw5ulhlU3dDESOJ4wDEiAc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/3240ED82D62D11EFB0442B5DC4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:39:58 +0000
ROA not before: Wed 14 Jan 2026 18:15:54 +0000
ROA not after: Wed 31 Mar 2027 00:00:00 +0000
asID: 134968
IP address blocks: 103.23.204.0/22 maxlen: 22
103.23.204.0/23 maxlen: 23
103.23.204.0/24 maxlen: 24
103.23.205.0/24 maxlen: 24
103.23.206.0/23 maxlen: 23
103.23.206.0/24 maxlen: 24
103.23.207.0/24 maxlen: 24
223.25.252.0/22 maxlen: 22
223.25.252.0/23 maxlen: 23
223.25.252.0/24 maxlen: 24
223.25.253.0/24 maxlen: 24
223.25.254.0/23 maxlen: 23
223.25.254.0/24 maxlen: 24
223.25.255.0/24 maxlen: 24
2401:52c0::/32 maxlen: 32
2401:52c0::/40 maxlen: 40
2401:52c0:7::/48 maxlen: 48
2401:52c0:9::/48 maxlen: 48
2401:52c0:100::/40 maxlen: 40
2401:52c0:100::/44 maxlen: 44
2401:52c0:110::/44 maxlen: 44
2401:52c0:120::/44 maxlen: 44
2401:52c0:130::/44 maxlen: 44
2401:52c0:140::/44 maxlen: 44
2401:52c0:150::/44 maxlen: 44
2401:52c0:160::/44 maxlen: 44
2401:52c0:170::/44 maxlen: 44
2401:52c0:180::/44 maxlen: 44
2401:52c0:190::/44 maxlen: 44
2401:52c0:1a0::/44 maxlen: 44
2401:52c0:1b0::/44 maxlen: 44
2401:52c0:1c0::/44 maxlen: 44
2401:52c0:1d0::/44 maxlen: 44
2401:52c0:1e0::/44 maxlen: 44
2401:52c0:1f0::/44 maxlen: 44
2401:52c0:200::/40 maxlen: 40
2401:52c0:300::/40 maxlen: 40
2401:52c0:400::/40 maxlen: 40
2401:52c0:500::/40 maxlen: 40
2401:52c0:600::/40 maxlen: 40
2401:52c0:700::/40 maxlen: 40
2401:52c0:800::/40 maxlen: 40
2401:52c0:900::/40 maxlen: 40
2401:52c0:a00::/40 maxlen: 40
2401:52c0:b00::/40 maxlen: 40
2401:52c0:c00::/40 maxlen: 40
2401:52c0:d00::/40 maxlen: 40
2401:52c0:e00::/40 maxlen: 40
2401:52c0:f00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/sbozBTw5ulhlU3dDESOJ4wDEiAc.crl
rsync://rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/sbozBTw5ulhlU3dDESOJ4wDEiAc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sbozBTw5ulhlU3dDESOJ4wDEiAc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:25:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3359 (0xd1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9150384, serialNumber=B1BA33053C39BA5865537743112389E300C48807
Validity
Not Before: Jan 14 18:15:54 2026 GMT
Not After : Mar 31 00:00:00 2027 GMT
Subject: CN=69a479ee-0856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3a:21:a1:34:6e:63:e2:35:77:02:f0:9f:1e:
17:d3:19:0a:1c:5b:92:f1:44:2a:db:63:b6:41:a8:
b0:59:14:cc:5e:3c:db:c9:70:d4:ec:99:12:90:40:
51:0c:9f:93:d6:30:a3:91:03:ad:3d:29:32:91:cd:
4d:fa:ca:3f:3f:1a:06:0e:a7:83:68:a8:95:89:31:
0f:73:26:c0:92:ea:aa:c9:bb:ce:b4:48:dd:ae:84:
1b:9c:82:92:73:b9:28:ce:b3:8d:91:5b:a7:f4:44:
e4:df:8c:2f:92:a1:d3:6c:66:97:42:77:69:97:a2:
7f:9c:73:f5:84:82:b2:7e:f9:d4:17:65:ad:c9:0f:
0c:1e:a1:64:eb:eb:d3:3f:09:c3:85:fd:38:f9:6c:
93:2b:ae:c5:33:e1:2e:b5:27:44:a2:92:c5:d9:4b:
f4:71:09:fd:d0:a3:b2:e9:f2:94:f0:49:6b:28:bc:
c1:c9:3b:2e:8a:81:dd:54:a3:c2:d0:61:06:c3:cc:
5b:a5:9f:0e:9e:d8:e5:1a:27:40:de:fe:43:be:14:
9d:4b:e5:6c:fb:58:ec:0b:8e:8d:01:70:9f:f4:75:
67:7c:19:0b:d9:59:7d:d8:d6:c1:c5:16:bf:e0:7e:
82:37:83:d5:31:12:c0:aa:56:78:9b:cf:47:18:6a:
4c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:8F:5A:37:E0:4F:CD:A2:92:53:B1:55:E4:A8:63:B7:D2:EF:51:53
X509v3 Authority Key Identifier:
keyid:B1:BA:33:05:3C:39:BA:58:65:53:77:43:11:23:89:E3:00:C4:88:07
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/sbozBTw5ulhlU3dDESOJ4wDEiAc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sbozBTw5ulhlU3dDESOJ4wDEiAc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/3240ED82D62D11EFB0442B5DC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.23.204.0/22
223.25.252.0/22
IPv6:
2401:52c0::/32
Signature Algorithm: sha256WithRSAEncryption
42:5f:a5:23:ca:61:d6:fc:8e:50:cc:20:c7:74:47:e4:4c:b2:
79:5d:9f:f1:ab:9f:c3:43:16:60:13:c2:8b:d8:67:2d:d3:88:
3a:63:60:a4:14:6c:47:c8:a6:8c:72:f8:a5:8c:e6:58:ae:43:
97:4b:3d:57:16:ff:8f:15:1c:70:b8:0b:db:5c:a4:8e:9a:38:
db:49:5c:14:ae:c1:47:fc:2e:71:3c:b0:09:01:de:0b:c8:43:
18:51:29:b0:fe:3b:5a:b0:12:64:83:fd:c8:f4:3b:a2:9c:d1:
eb:ce:b9:01:18:5c:45:b8:88:fb:24:42:92:9e:67:cd:ba:d2:
b3:75:6f:65:c3:16:89:a9:9a:7e:94:5b:e8:c2:7c:d9:3d:35:
56:0f:80:43:61:e6:42:57:49:f1:33:5b:5a:75:85:62:29:2f:
2e:cf:42:bb:68:f9:5f:c0:0c:ae:13:2b:3a:5d:db:39:80:03:
15:a2:16:45:07:49:6a:18:88:90:99:7c:f1:00:41:a0:dd:b5:
84:f9:a8:60:78:c9:c4:db:84:73:cc:71:cc:03:53:17:e7:94:
97:4e:2d:df:78:38:86:82:a6:c1:44:cc:78:e1:d5:4b:e8:44:
79:1d:36:d3:58:e8:28:89:7b:a6:a9:4e:7b:34:64:19:bf:57:
5d:16:27:38
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgICDR8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTAzODQxMTAvBgNVBAUTKEIxQkEzMzA1M0MzOUJBNTg2NTUzNzc0MzExMjM4OUUz
MDBDNDg4MDcwHhcNMjYwMTE0MTgxNTU0WhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzllZS0wODU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArDohoTRuY+I1dwLwnx4X0xkKHFuS8UQq22O2QaiwWRTMXjzbyXDU7JkSkEBR
DJ+T1jCjkQOtPSkykc1N+so/PxoGDqeDaKiViTEPcybAkuqqybvOtEjdroQbnIKS
c7kozrONkVun9ETk34wvkqHTbGaXQndpl6J/nHP1hIKyfvnUF2WtyQ8MHqFk6+vT
PwnDhf04+WyTK67FM+EutSdEopLF2Uv0cQn90KOy6fKU8ElrKLzByTsuioHdVKPC
0GEGw8xbpZ8OntjlGidA3v5DvhSdS+Vs+1jsC46NAXCf9HVnfBkL2Vl92NbBxRa/
4H6CN4PVMRLAqlZ4m89HGGpMlQIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFM+PWjfg
T82iklOxVeSoY7fS71FTMB8GA1UdIwQYMBaAFLG6MwU8ObpYZVN3QxEjieMAxIgH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MDM4NC85MzdGMzcyRTAw
NUExMUVBQTA5NEJEMzFDNEY5QUUwMi9zYm96QlR3NXVsaGxVM2RERVNPSjR3REVp
QWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Nib3pCVHc1dWxobFUzZERFU09KNHdERWlBYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTAzODQvOTM3RjM3MkUwMDVBMTFFQUEwOTRCRDMxQzRGOUFFMDIvMzI0MEVEODJE
NjJEMTFFRkIwNDQyQjVEQzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS
BAIAATAMAwQCZxfMAwQC3xn8MA0EAgACMAcDBQAkAVLAMA0GCSqGSIb3DQEBCwUA
A4IBAQBCX6UjymHW/I5QzCDHdEfkTLJ5XZ/xq5/DQxZgE8KL2Gct04g6Y2CkFGxH
yKaMcviljOZYrkOXSz1XFv+PFRxwuAvbXKSOmjjbSVwUrsFH/C5xPLAJAd4LyEMY
USmw/jtasBJkg/3I9DuinNHrzrkBGFxFuIj7JEKSnmfNutKzdW9lwxaJqZp+lFvo
wnzZPTVWD4BDYeZCV0nxM1tadYViKS8uz0K7aPlfwAyuEys6Xds5gAMVohZFB0lq
GIiQmXzxAEGg3bWE+ahgeMnE24RzzHHMA1MX55SXTi3feDiGgqbBRMx44dVL6ER5
HTbTWOgoiXumqU57NGQZv1ddFic4
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:12:34 2026 by rpki-client