Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/04281A2C6E8211F0A2E51335C4F9AE02.roa
File: 04281A2C6E8211F0A2E51335C4F9AE02.roa (raw, json)
Hash identifier: 6wqJkrhWgn2KZJhn88n3HWF1SBKv4/hdly58z7sEVqA=
Subject key identifier: 6B:13:90:04:8B:14:BD:66:06:14:90:05:53:CB:1C:B2:76:B5:0B:D4
Certificate issuer: /CN=A916B795/serialNumber=493339547B33003A58599836FB4C99E79449CDF2
Certificate serial: 0B41
Authority key identifier: 49:33:39:54:7B:33:00:3A:58:59:98:36:FB:4C:99:E7:94:49:CD:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/STM5VHszADpYWZg2-0yZ55RJzfI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/04281A2C6E8211F0A2E51335C4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:35:11 +0000
ROA not before: Thu 16 Oct 2025 03:27:48 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 4764
IP address blocks: 45.252.252.0/22 maxlen: 22
103.1.216.0/22 maxlen: 22
103.2.168.0/22 maxlen: 22
103.12.128.0/22 maxlen: 22
103.200.8.0/22 maxlen: 22
103.211.208.0/22 maxlen: 22
103.235.116.0/22 maxlen: 22
103.245.84.0/22 maxlen: 22
103.249.148.0/22 maxlen: 22
103.249.149.0/24 maxlen: 24
103.249.150.0/24 maxlen: 24
110.44.24.0/21 maxlen: 21
119.17.160.0/19 maxlen: 19
122.99.112.0/21 maxlen: 21
139.5.124.0/22 maxlen: 22
150.242.136.0/22 maxlen: 22
175.176.200.0/21 maxlen: 21
180.189.152.0/21 maxlen: 21
180.214.64.0/19 maxlen: 19
182.23.192.0/21 maxlen: 21
202.43.66.0/24 maxlen: 24
202.61.92.0/22 maxlen: 22
203.18.94.0/24 maxlen: 24
203.24.22.0/24 maxlen: 24
203.33.60.0/23 maxlen: 23
203.55.174.0/23 maxlen: 23
203.62.184.0/22 maxlen: 22
203.62.187.0/24 maxlen: 24
203.114.76.0/22 maxlen: 22
2001:df1:2000::/48 maxlen: 48
2401:ac00::/32 maxlen: 32
2402:c00::/32 maxlen: 32
2404:7d80::/32 maxlen: 32
2407:a00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.crl
rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/STM5VHszADpYWZg2-0yZ55RJzfI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 23:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2881 (0xb41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916B795, serialNumber=493339547B33003A58599836FB4C99E79449CDF2
Validity
Not Before: Oct 16 03:27:48 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=69a478cf-4cf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:fc:5f:19:9d:ff:37:62:9a:7c:78:51:91:75:
89:d6:fc:fe:61:a6:97:c9:97:11:c9:06:bd:f5:48:
3b:04:e8:a3:cb:8c:4d:a2:34:18:33:1c:20:9e:84:
dd:8b:36:dc:6a:61:6b:1d:97:d2:c5:01:ff:24:13:
99:8e:01:d9:4f:9b:e6:1e:80:7c:92:8f:3b:55:85:
a1:bc:1d:c9:83:c7:27:50:95:77:a9:17:8c:56:0b:
f1:bc:2f:61:fc:56:4c:0c:1b:23:8a:87:88:0e:36:
7b:fb:fc:4f:ec:d1:51:3d:54:e3:bc:44:0e:02:21:
db:40:96:7d:15:4d:d3:0b:7c:b9:44:6d:6d:11:de:
f9:5f:4a:c1:da:9f:7b:5b:a1:1e:cb:79:38:8d:01:
f2:ca:83:54:ae:50:53:f2:a3:1f:de:0d:98:bb:b1:
68:dd:b5:86:b2:e4:ba:f5:0b:36:8b:5e:6b:5c:25:
98:cd:06:4a:ac:9b:1a:18:8d:73:c9:b2:e7:e0:53:
a3:7c:61:c4:d4:c8:56:22:18:c3:ee:d3:ff:0c:f4:
34:80:fa:0e:6c:6f:ce:07:9d:e6:9a:a4:3c:b6:2a:
77:ab:4e:92:b3:ab:6b:e6:bc:10:9c:ac:06:1f:c2:
30:11:01:49:51:e7:81:0c:1d:e8:c5:42:d1:78:39:
41:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:13:90:04:8B:14:BD:66:06:14:90:05:53:CB:1C:B2:76:B5:0B:D4
X509v3 Authority Key Identifier:
keyid:49:33:39:54:7B:33:00:3A:58:59:98:36:FB:4C:99:E7:94:49:CD:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/STM5VHszADpYWZg2-0yZ55RJzfI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/04281A2C6E8211F0A2E51335C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.252.252.0/22
103.1.216.0/22
103.2.168.0/22
103.12.128.0/22
103.200.8.0/22
103.211.208.0/22
103.235.116.0/22
103.245.84.0/22
103.249.148.0/22
110.44.24.0/21
119.17.160.0/19
122.99.112.0/21
139.5.124.0/22
150.242.136.0/22
175.176.200.0/21
180.189.152.0/21
180.214.64.0/19
182.23.192.0/21
202.43.66.0/24
202.61.92.0/22
203.18.94.0/24
203.24.22.0/24
203.33.60.0/23
203.55.174.0/23
203.62.184.0/22
203.114.76.0/22
IPv6:
2001:df1:2000::/48
2401:ac00::/32
2402:c00::/32
2404:7d80::/32
2407:a00::/32
Signature Algorithm: sha256WithRSAEncryption
4b:69:11:37:29:21:bd:fa:b6:33:7b:f6:24:b9:b4:dd:22:e3:
6e:d2:ae:b9:3c:5a:5c:ab:27:4a:dd:b1:a6:91:ec:46:5a:95:
48:ef:f5:90:a8:ce:34:04:b5:90:1d:f0:a4:57:4b:e7:26:06:
b2:a3:04:2d:49:4a:ed:72:65:0a:4b:34:2e:35:47:d6:6b:df:
04:67:5f:4d:66:17:6a:54:97:ab:ce:30:08:77:d7:ff:09:1a:
b5:50:d5:99:95:51:73:d6:bb:e7:17:5d:b0:d0:a7:b7:55:c3:
b2:a9:cc:4b:b8:89:bd:ed:b4:b9:45:f0:fd:88:4c:d3:20:c8:
b1:cd:be:90:05:fa:12:6d:2b:81:4d:2f:b8:a4:46:21:75:6d:
0c:68:49:c4:a0:0e:1b:91:f3:9e:30:15:dc:cb:7d:21:68:e0:
bc:80:ce:13:f9:37:2c:99:c2:0a:cd:88:45:25:f7:87:8e:80:
17:c2:2a:f3:94:a5:c0:49:3e:03:f0:e6:11:a8:65:fa:b4:c9:
63:19:f3:4d:de:5f:98:e3:be:94:d7:6c:20:f4:62:83:e9:e1:
48:ce:15:fc:5a:7d:15:ea:1a:70:b7:59:92:a3:f4:70:cf:54:
6c:8d:4c:e2:e5:02:a8:8a:fa:80:68:db:70:00:6c:93:21:64:
4b:d6:44:a0
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgICC0EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkI3OTUxMTAvBgNVBAUTKDQ5MzMzOTU0N0IzMzAwM0E1ODU5OTgzNkZCNEM5OUU3
OTQ0OUNERjIwHhcNMjUxMDE2MDMyNzQ4WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzhjZi00Y2YxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmvxfGZ3/N2KafHhRkXWJ1vz+YaaXyZcRyQa99Ug7BOijy4xNojQYMxwgnoTd
izbcamFrHZfSxQH/JBOZjgHZT5vmHoB8ko87VYWhvB3Jg8cnUJV3qReMVgvxvC9h
/FZMDBsjioeIDjZ7+/xP7NFRPVTjvEQOAiHbQJZ9FU3TC3y5RG1tEd75X0rB2p97
W6Eey3k4jQHyyoNUrlBT8qMf3g2Yu7Fo3bWGsuS69Qs2i15rXCWYzQZKrJsaGI1z
ybLn4FOjfGHE1MhWIhjD7tP/DPQ0gPoObG/OB53mmqQ8tip3q06Ss6tr5rwQnKwG
H8IwEQFJUeeBDB3oxULReDlBeQIDAQABo4IDKDCCAyQwHQYDVR0OBBYEFGsTkASL
FL1mBhSQBVPLHLJ2tQvUMB8GA1UdIwQYMBaAFEkzOVR7MwA6WFmYNvtMmeeUSc3y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2Qjc5NS9CRDAzMkUwNDYz
NDAxMUVBQUNDRjAyNjJDNEY5QUUwMi9TVE01VkhzekFEcFlXWmcyLTB5WjU1Ukp6
ZkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NUTTVWSHN6QURwWVdaZzItMHlaNTVSSnpmSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkI3OTUvQkQwMzJFMDQ2MzQwMTFFQUFDQ0YwMjYyQzRGOUFFMDIvMDQyODFBMkM2
RTgyMTFGMEEyRTUxMzM1QzRGOUFFMDIucm9hMIHmBggrBgEFBQcBBwEB/wSB1jCB
0zCBowQCAAEwgZwDBAIt/PwDBAJnAdgDBAJnAqgDBAJnDIADBAJnyAgDBAJn09AD
BAJn63QDBAJn9VQDBAJn+ZQDBANuLBgDBAV3EaADBAN6Y3ADBAKLBXwDBAKW8ogD
BAOvsMgDBAO0vZgDBAW01kADBAO2F8ADBADKK0IDBALKPVwDBADLEl4DBADLGBYD
BAHLITwDBAHLN64DBALLPrgDBALLckwwKwQCAAIwJQMHACABDfEgAAMFACQBrAAD
BQAkAgwAAwUAJAR9gAMFACQHCgAwDQYJKoZIhvcNAQELBQADggEBAEtpETcpIb36
tjN79iS5tN0i427Srrk8WlyrJ0rdsaaR7EZalUjv9ZCozjQEtZAd8KRXS+cmBrKj
BC1JSu1yZQpLNC41R9Zr3wRnX01mF2pUl6vOMAh31/8JGrVQ1ZmVUXPWu+cXXbDQ
p7dVw7KpzEu4ib3ttLlF8P2ITNMgyLHNvpAF+hJtK4FNL7ikRiF1bQxoScSgDhuR
854wFdzLfSFo4LyAzhP5NyyZwgrNiEUl94eOgBfCKvOUpcBJPgPw5hGoZfq0yWMZ
803eX5jjvpTXbCD0YoPp4UjOFfxafRXqGnC3WZKj9HDPVGyNTOLlAqiK+oBo23AA
bJMhZEvWRKA=
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:41:01 2026 by rpki-client