Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915BF4F/C5E2D71E041911ED91576528C4F9AE02/42D236F0042111ED888BB024C4F9AE02.roa
File: 42D236F0042111ED888BB024C4F9AE02.roa (raw, json)
Hash identifier: H+Evm+yHnBSmOexYo7titYsM/D4dZ2Sj/np2eWPGmNY=
Subject key identifier: 2D:45:B3:D5:21:6F:24:CE:9E:12:F9:55:85:7A:B0:8B:CA:26:1D:C8
Certificate issuer: /CN=A915BF4F/serialNumber=A0DE572A46CF324BAE08C3E930BCAFE739A015D1
Certificate serial: 0330
Authority key identifier: A0:DE:57:2A:46:CF:32:4B:AE:08:C3:E9:30:BC:AF:E7:39:A0:15:D1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oN5XKkbPMkuuCMPpMLyv5zmgFdE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915BF4F/C5E2D71E041911ED91576528C4F9AE02/42D236F0042111ED888BB024C4F9AE02.roa
Signing time: Sun 01 Mar 2026 12:05:04 +0000
ROA not before: Thu 03 Jul 2025 02:06:33 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 38209
IP address blocks: 103.240.112.0/22 maxlen: 22
103.240.112.0/24 maxlen: 24
103.240.113.0/24 maxlen: 24
103.240.114.0/24 maxlen: 24
103.240.115.0/24 maxlen: 24
120.136.24.0/21 maxlen: 21
120.136.24.0/24 maxlen: 24
120.136.25.0/24 maxlen: 24
120.136.26.0/24 maxlen: 24
120.136.27.0/24 maxlen: 24
120.136.28.0/24 maxlen: 24
120.136.29.0/24 maxlen: 24
120.136.30.0/24 maxlen: 24
120.136.31.0/24 maxlen: 24
124.108.48.0/21 maxlen: 21
124.108.48.0/24 maxlen: 24
124.108.49.0/24 maxlen: 24
124.108.50.0/24 maxlen: 24
124.108.51.0/24 maxlen: 24
124.108.52.0/23 maxlen: 23
124.108.54.0/24 maxlen: 24
124.108.55.0/24 maxlen: 24
183.81.184.0/21 maxlen: 21
183.81.184.0/24 maxlen: 24
183.81.185.0/24 maxlen: 24
183.81.186.0/24 maxlen: 24
183.81.187.0/24 maxlen: 24
183.81.188.0/24 maxlen: 24
183.81.189.0/24 maxlen: 24
183.81.190.0/24 maxlen: 24
183.81.191.0/24 maxlen: 24
2400:d460::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915BF4F/C5E2D71E041911ED91576528C4F9AE02/oN5XKkbPMkuuCMPpMLyv5zmgFdE.crl
rsync://rpki.apnic.net/member_repository/A915BF4F/C5E2D71E041911ED91576528C4F9AE02/oN5XKkbPMkuuCMPpMLyv5zmgFdE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oN5XKkbPMkuuCMPpMLyv5zmgFdE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 02:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 816 (0x330)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915BF4F, serialNumber=A0DE572A46CF324BAE08C3E930BCAFE739A015D1
Validity
Not Before: Jul 3 02:06:33 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=69a42b6f-54a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:df:20:4d:e6:86:69:07:2c:09:9c:25:fb:aa:
1e:e2:b0:31:e1:09:c7:14:2e:82:5b:61:d8:b1:18:
1a:e0:51:44:f0:57:ff:40:d3:e2:da:8c:bf:f1:73:
ac:42:44:ee:3e:6d:55:f0:a6:cc:13:4a:8f:6c:08:
8b:3b:f2:b9:47:5c:99:84:ce:59:4b:8a:2f:8e:5f:
80:68:c2:5c:54:68:95:ab:fb:f1:f6:3b:cc:42:4f:
70:c7:86:7c:30:a5:23:9b:85:f7:2f:f4:a2:94:57:
d2:c6:25:3d:ec:d5:1b:45:2c:90:cf:30:b1:02:ab:
84:1f:8b:3d:c4:72:e0:b2:e8:17:aa:35:6b:64:63:
ff:a4:1f:3f:55:60:1d:7a:2e:19:a3:8d:44:47:ac:
bd:a5:61:14:03:b8:29:d6:78:f3:09:f1:d9:48:91:
ef:e8:7b:dc:1f:6b:87:28:a1:12:bf:2a:64:44:41:
cc:3a:2c:2b:49:62:60:5b:e9:62:56:98:53:5d:1d:
72:dd:19:eb:09:16:c8:b4:d7:0f:bb:66:f5:b7:c5:
e0:58:e3:ca:a3:6e:12:20:72:8e:6d:3f:94:2e:68:
0a:6e:4e:8b:ec:5c:07:02:67:15:ad:5b:b3:50:ae:
00:0c:b9:8b:84:cd:0d:4d:46:46:f1:c3:86:31:bb:
a8:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:45:B3:D5:21:6F:24:CE:9E:12:F9:55:85:7A:B0:8B:CA:26:1D:C8
X509v3 Authority Key Identifier:
keyid:A0:DE:57:2A:46:CF:32:4B:AE:08:C3:E9:30:BC:AF:E7:39:A0:15:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915BF4F/C5E2D71E041911ED91576528C4F9AE02/oN5XKkbPMkuuCMPpMLyv5zmgFdE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oN5XKkbPMkuuCMPpMLyv5zmgFdE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915BF4F/C5E2D71E041911ED91576528C4F9AE02/42D236F0042111ED888BB024C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.240.112.0/22
120.136.24.0/21
124.108.48.0/21
183.81.184.0/21
IPv6:
2400:d460::/32
Signature Algorithm: sha256WithRSAEncryption
23:ba:b9:00:21:38:eb:89:54:44:40:c7:20:0c:96:7f:b6:75:
20:e6:1c:52:5c:65:1e:af:a9:ae:c7:87:f4:0e:ac:78:e8:c4:
c4:2a:12:61:c0:99:ae:af:88:09:46:bf:d5:f9:e4:44:3a:c4:
ae:98:a8:27:35:83:4d:7c:02:32:05:34:67:0f:5d:8d:4e:01:
6c:5b:d0:ff:5c:be:7e:14:92:2f:2e:1a:1a:38:97:af:7e:43:
3a:73:3d:0f:60:a1:31:00:40:bb:05:4b:ef:10:1d:04:93:1f:
5f:63:02:df:db:76:6a:55:b7:df:d1:dd:57:bc:2c:26:8b:6d:
97:a8:5c:af:17:99:31:1d:7f:5d:95:a0:24:77:3a:60:96:5d:
3f:19:93:97:95:fc:f0:e3:0b:b2:63:ce:c9:89:93:3b:70:2f:
05:24:3a:c9:9d:4b:b5:93:6e:62:cb:cb:d5:5b:87:cb:fa:ec:
99:e6:39:90:a9:b2:95:db:4f:47:1c:64:0a:a1:7a:1c:9a:a4:
c2:51:0f:2f:44:af:4e:3d:39:5b:ea:1b:94:e9:07:5f:14:44:
e3:6a:c2:5c:29:b2:0d:4d:57:fa:64:5a:db:c4:8d:d5:b7:33:
86:ca:6e:dc:d9:fa:f7:ed:a3:59:83:29:10:e7:43:5d:b2:d2:
a3:00:d2:e5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgICAzAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUJGNEYxMTAvBgNVBAUTKEEwREU1NzJBNDZDRjMyNEJBRTA4QzNFOTMwQkNBRkU3
MzlBMDE1RDEwHhcNMjUwNzAzMDIwNjMzWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0MmI2Zi01NGEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqt8gTeaGaQcsCZwl+6oe4rAx4QnHFC6CW2HYsRga4FFE8Ff/QNPi2oy/8XOs
QkTuPm1V8KbME0qPbAiLO/K5R1yZhM5ZS4ovjl+AaMJcVGiVq/vx9jvMQk9wx4Z8
MKUjm4X3L/SilFfSxiU97NUbRSyQzzCxAquEH4s9xHLgsugXqjVrZGP/pB8/VWAd
ei4Zo41ER6y9pWEUA7gp1njzCfHZSJHv6HvcH2uHKKESvypkREHMOiwrSWJgW+li
VphTXR1y3RnrCRbItNcPu2b1t8XgWOPKo24SIHKObT+ULmgKbk6L7FwHAmcVrVuz
UK4ADLmLhM0NTUZG8cOGMbuovQIDAQABo4ICgTCCAn0wHQYDVR0OBBYEFC1Fs9Uh
byTOnhL5VYV6sIvKJh3IMB8GA1UdIwQYMBaAFKDeVypGzzJLrgjD6TC8r+c5oBXR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QkY0Ri9DNUUyRDcxRTA0
MTkxMUVEOTE1NzY1MjhDNEY5QUUwMi9vTjVYS2tiUE1rdXVDTVBwTUx5djV6bWdG
ZEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29ONVhLa2JQTWt1dUNNUHBNTHl2NXptZ0ZkRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUJGNEYvQzVFMkQ3MUUwNDE5MTFFRDkxNTc2NTI4QzRGOUFFMDIvNDJEMjM2RjAw
NDIxMTFFRDg4OEJCMDI0QzRGOUFFMDIucm9hMEAGCCsGAQUFBwEHAQH/BDEwLzAe
BAIAATAYAwQCZ/BwAwQDeIgYAwQDfGwwAwQDt1G4MA0EAgACMAcDBQAkANRgMA0G
CSqGSIb3DQEBCwUAA4IBAQAjurkAITjriVREQMcgDJZ/tnUg5hxSXGUer6mux4f0
Dqx46MTEKhJhwJmur4gJRr/V+eREOsSumKgnNYNNfAIyBTRnD12NTgFsW9D/XL5+
FJIvLhoaOJevfkM6cz0PYKExAEC7BUvvEB0Ekx9fYwLf23ZqVbff0d1XvCwmi22X
qFyvF5kxHX9dlaAkdzpgll0/GZOXlfzw4wuyY87JiZM7cC8FJDrJnUu1k25iy8vV
W4fL+uyZ5jmQqbKV209HHGQKoXocmqTCUQ8vRK9OPTlb6huU6QdfFETjasJcKbIN
TVf6ZFrbxI3VtzOGym7c2fr37aNZgykQ50NdstKjANLl
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:16:35 2026 by rpki-client