Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/B35C646A52E211EAAF44AE23C4F9AE02.roa
File: B35C646A52E211EAAF44AE23C4F9AE02.roa (raw, json)
Hash identifier: Pbz8SUu4Fa6QitdUmbJG9+WkFTgMMNMW+GHyYn+iC2M=
Subject key identifier: 7D:8A:18:B0:CD:65:05:01:4F:C1:C0:57:1F:09:3A:5E:60:FB:EE:7C
Certificate issuer: /CN=A9167B50/serialNumber=991B3F17084F76F12F9F0509D597F0FFECA04B4A
Certificate serial: 35A3
Authority key identifier: 99:1B:3F:17:08:4F:76:F1:2F:9F:05:09:D5:97:F0:FF:EC:A0:4B:4A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/B35C646A52E211EAAF44AE23C4F9AE02.roa
Signing time: Sun 01 Mar 2026 16:58:16 +0000
ROA not before: Thu 30 Oct 2025 15:00:48 +0000
ROA not after: Wed 30 Dec 2026 00:00:00 +0000
asID: 7532
IP address blocks: 103.70.52.0/22 maxlen: 22
103.70.52.0/24 maxlen: 24
103.70.53.0/24 maxlen: 24
103.70.54.0/24 maxlen: 24
103.70.55.0/24 maxlen: 24
112.121.64.0/19 maxlen: 19
112.121.64.0/24 maxlen: 24
112.121.65.0/24 maxlen: 24
112.121.66.0/24 maxlen: 24
112.121.68.0/24 maxlen: 24
112.121.69.0/24 maxlen: 24
112.121.70.0/24 maxlen: 24
112.121.71.0/24 maxlen: 24
112.121.72.0/24 maxlen: 24
112.121.73.0/24 maxlen: 24
112.121.74.0/24 maxlen: 24
112.121.75.0/24 maxlen: 24
112.121.76.0/24 maxlen: 24
112.121.77.0/24 maxlen: 24
112.121.78.0/24 maxlen: 24
112.121.79.0/24 maxlen: 24
112.121.80.0/24 maxlen: 24
112.121.81.0/24 maxlen: 24
112.121.82.0/24 maxlen: 24
112.121.83.0/24 maxlen: 24
112.121.84.0/24 maxlen: 24
112.121.85.0/24 maxlen: 24
112.121.86.0/24 maxlen: 24
112.121.87.0/24 maxlen: 24
112.121.88.0/24 maxlen: 24
112.121.89.0/24 maxlen: 24
112.121.90.0/24 maxlen: 24
112.121.91.0/24 maxlen: 24
112.121.92.0/24 maxlen: 24
112.121.93.0/24 maxlen: 24
112.121.94.0/24 maxlen: 24
112.121.95.0/24 maxlen: 24
112.121.96.0/21 maxlen: 21
112.121.96.0/23 maxlen: 23
112.121.104.0/22 maxlen: 22
112.121.105.0/24 maxlen: 24
112.121.108.0/23 maxlen: 23
112.121.108.0/24 maxlen: 24
112.121.112.0/22 maxlen: 22
112.121.113.0/24 maxlen: 24
112.121.114.0/24 maxlen: 24
112.121.116.0/23 maxlen: 23
112.121.116.0/24 maxlen: 24
112.121.117.0/24 maxlen: 24
112.121.120.0/22 maxlen: 22
112.121.120.0/24 maxlen: 24
112.121.121.0/24 maxlen: 24
112.121.122.0/24 maxlen: 24
112.121.123.0/24 maxlen: 24
202.80.104.0/23 maxlen: 23
202.80.104.0/24 maxlen: 24
202.80.105.0/24 maxlen: 24
202.80.106.0/23 maxlen: 23
202.80.106.0/24 maxlen: 24
202.80.107.0/24 maxlen: 24
202.80.108.0/24 maxlen: 24
202.80.111.0/24 maxlen: 24
2402:b600::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.crl
rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 23:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13731 (0x35a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9167B50, serialNumber=991B3F17084F76F12F9F0509D597F0FFECA04B4A
Validity
Not Before: Oct 30 15:00:48 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=69a47028-969c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:54:e3:14:ff:74:d7:48:85:62:01:01:78:a1:
8f:c8:6c:a6:0c:83:5f:9e:16:7b:a5:44:17:6e:7f:
d4:15:ec:8f:b1:a8:e2:d2:a2:5a:d3:0a:4c:4b:7f:
f1:ab:fd:26:a1:01:3d:cc:b4:18:9e:97:d5:0c:dc:
03:42:f6:39:00:e9:ac:2a:d6:a2:6e:5f:0d:b3:e1:
5e:ce:88:43:29:bf:b8:6e:b6:17:b7:34:b6:90:fe:
21:c0:a1:e0:ef:3b:92:f9:c5:0b:e5:f5:9d:17:67:
de:f3:3e:8d:ea:7c:90:0f:0f:55:a7:57:ae:8c:e2:
70:4a:c4:fd:90:24:9a:12:aa:be:18:23:33:7e:12:
5d:38:ac:44:54:cd:3c:5d:61:28:2e:c7:ae:4d:12:
1a:26:b9:65:f2:58:5e:db:be:85:50:60:f7:a8:98:
4a:9c:46:ac:5d:49:ee:21:60:1b:ef:5c:4b:cc:37:
02:52:95:cc:6d:13:54:b1:ef:e9:34:d9:c2:db:88:
98:43:a6:ee:4f:ac:21:84:6d:a2:9f:56:14:d0:be:
42:3e:d0:01:07:14:f8:fb:07:40:c8:99:8d:d0:36:
91:dd:13:b7:55:39:51:9f:a1:2d:37:6c:d3:eb:18:
c7:81:3a:b6:1f:cf:bb:13:5b:2c:c9:b5:ee:12:ba:
2b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:8A:18:B0:CD:65:05:01:4F:C1:C0:57:1F:09:3A:5E:60:FB:EE:7C
X509v3 Authority Key Identifier:
keyid:99:1B:3F:17:08:4F:76:F1:2F:9F:05:09:D5:97:F0:FF:EC:A0:4B:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/B35C646A52E211EAAF44AE23C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.70.52.0/22
112.121.64.0-112.121.109.255
112.121.112.0-112.121.117.255
112.121.120.0/22
202.80.104.0-202.80.108.255
202.80.111.0/24
IPv6:
2402:b600::/32
Signature Algorithm: sha256WithRSAEncryption
9d:f3:cc:f2:23:c6:0d:e4:28:48:1d:6c:41:74:7e:d4:ca:0d:
4d:83:c3:c0:4a:ff:7c:e1:14:9d:22:90:e3:14:4a:d7:aa:b7:
0d:2e:39:f9:32:f7:13:e6:80:ea:84:73:28:bf:b6:76:e5:63:
d7:70:f3:f8:3e:0d:6b:08:51:77:41:80:48:54:9c:df:f3:70:
e0:05:b8:78:16:0d:6f:61:7f:8a:03:74:02:ec:b1:a2:e5:d2:
fc:33:0a:71:74:b5:bb:82:55:05:c6:7d:3d:b9:5d:2f:de:54:
7c:46:58:f3:9a:12:ef:a2:82:2c:6c:5a:70:a7:9f:59:7c:95:
0e:a1:15:5d:2e:b0:d0:63:27:48:25:1b:de:02:25:21:97:19:
9d:01:90:a7:03:12:f1:2f:ab:f0:53:ff:b1:64:ce:ea:86:0a:
db:d2:4b:4c:b0:86:f8:43:9c:93:7f:88:b9:fe:5d:df:c0:7f:
aa:03:7a:1a:dd:f3:65:62:59:68:2a:b2:ba:97:57:00:d3:1b:
46:02:7d:e7:9d:d1:04:a1:07:70:d4:3c:74:6e:96:b8:e9:a0:
75:2b:56:bb:c5:38:4e:4f:52:1c:67:f8:89:d5:32:a9:a0:a8:
1a:c6:32:07:4a:b2:37:93:4c:f7:48:d3:ad:39:71:6f:4a:31:
43:12:28:aa
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICNaMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjdCNTAxMTAvBgNVBAUTKDk5MUIzRjE3MDg0Rjc2RjEyRjlGMDUwOUQ1OTdGMEZG
RUNBMDRCNEEwHhcNMjUxMDMwMTUwMDQ4WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzAyOC05NjljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6FTjFP9010iFYgEBeKGPyGymDINfnhZ7pUQXbn/UFeyPsaji0qJa0wpMS3/x
q/0moQE9zLQYnpfVDNwDQvY5AOmsKtaibl8Ns+FezohDKb+4brYXtzS2kP4hwKHg
7zuS+cUL5fWdF2fe8z6N6nyQDw9Vp1eujOJwSsT9kCSaEqq+GCMzfhJdOKxEVM08
XWEoLseuTRIaJrll8lhe276FUGD3qJhKnEasXUnuIWAb71xLzDcCUpXMbRNUse/p
NNnC24iYQ6buT6whhG2in1YU0L5CPtABBxT4+wdAyJmN0DaR3RO3VTlRn6EtN2zT
6xjHgTq2H8+7E1ssybXuEror2wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFH2KGLDN
ZQUBT8HAVx8JOl5g++58MB8GA1UdIwQYMBaAFJkbPxcIT3bxL58FCdWX8P/soEtK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0I1MC85RDEzMDVDODFE
OEYxMUUyQTAyQkNERUUwOEIwMkNEMi9tUnNfRndoUGR2RXZud1VKMVpmd18teWdT
MG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21Sc19Gd2hQZHZFdm53VUoxWmZ3Xy15Z1Mwby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjdCNTAvOUQxMzA1QzgxRDhGMTFFMkEwMkJDREVFMDhCMDJDRDIvQjM1QzY0NkE1
MkUyMTFFQUFGNDRBRTIzQzRGOUFFMDIucm9hMGQGCCsGAQUFBwEHAQH/BFUwUzBC
BAIAATA8AwQCZ0Y0MAwDBAZweUADBAFweWwwDAMEBHB5cAMEAXB5dAMEAnB5eDAM
AwQDylBoAwQAylBsAwQAylBvMA0EAgACMAcDBQAkArYAMA0GCSqGSIb3DQEBCwUA
A4IBAQCd88zyI8YN5ChIHWxBdH7Uyg1Ng8PASv984RSdIpDjFErXqrcNLjn5MvcT
5oDqhHMov7Z25WPXcPP4Pg1rCFF3QYBIVJzf83DgBbh4Fg1vYX+KA3QC7LGi5dL8
MwpxdLW7glUFxn09uV0v3lR8RljzmhLvooIsbFpwp59ZfJUOoRVdLrDQYydIJRve
AiUhlxmdAZCnAxLxL6vwU/+xZM7qhgrb0ktMsIb4Q5yTf4i5/l3fwH+qA3oa3fNl
YlloKrK6l1cA0xtGAn3nndEEoQdw1Dx0bpa46aB1K1a7xThOT1IcZ/iJ1TKpoKga
xjIHSrI3k0z3SNOtOXFvSjFDEiiq
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:51:54 2026 by rpki-client