Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/04281A2C6E8211F0A2E51335C4F9AE02.roa
File: 04281A2C6E8211F0A2E51335C4F9AE02.roa (raw, json)
Hash identifier: bvbNtF0AY2UdGflEtQc3rZe1CpDIiWe7q6JZWQcMBNY=
Subject key identifier: CE:F6:F0:0B:5B:E7:72:78:24:00:34:D2:BF:58:80:4F:D9:45:BF:73
Certificate issuer: /CN=A916B795/serialNumber=493339547B33003A58599836FB4C99E79449CDF2
Certificate serial: 0B54
Authority key identifier: 49:33:39:54:7B:33:00:3A:58:59:98:36:FB:4C:99:E7:94:49:CD:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/STM5VHszADpYWZg2-0yZ55RJzfI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/04281A2C6E8211F0A2E51335C4F9AE02.roa
Signing time: Mon 30 Mar 2026 19:25:03 +0000
ROA not before: Mon 30 Mar 2026 19:25:03 +0000
ROA not after: Fri 28 May 2027 00:00:00 +0000
asID: 4764
IP address blocks: 45.252.252.0/22 maxlen: 22
103.1.216.0/22 maxlen: 22
103.2.168.0/22 maxlen: 22
103.12.128.0/22 maxlen: 22
103.200.8.0/22 maxlen: 22
103.211.208.0/22 maxlen: 22
103.235.116.0/22 maxlen: 22
103.245.84.0/22 maxlen: 22
103.249.148.0/22 maxlen: 22
103.249.149.0/24 maxlen: 24
103.249.150.0/24 maxlen: 24
110.44.24.0/21 maxlen: 21
119.17.160.0/19 maxlen: 19
122.99.112.0/21 maxlen: 21
139.5.124.0/22 maxlen: 22
150.242.136.0/22 maxlen: 22
175.176.200.0/21 maxlen: 21
180.189.152.0/21 maxlen: 21
180.214.64.0/19 maxlen: 19
182.23.192.0/21 maxlen: 21
202.43.66.0/24 maxlen: 24
202.61.92.0/22 maxlen: 22
203.18.94.0/24 maxlen: 24
203.24.22.0/24 maxlen: 24
203.33.60.0/23 maxlen: 23
203.55.174.0/23 maxlen: 23
203.62.184.0/22 maxlen: 22
203.62.187.0/24 maxlen: 24
203.114.76.0/22 maxlen: 22
2001:df1:2000::/48 maxlen: 48
2401:ac00::/32 maxlen: 32
2402:c00::/32 maxlen: 32
2404:7d80::/32 maxlen: 32
2407:a00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.crl
rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/STM5VHszADpYWZg2-0yZ55RJzfI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Apr 2026 19:14:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2900 (0xb54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916B795, serialNumber=493339547B33003A58599836FB4C99E79449CDF2
Validity
Not Before: Mar 30 19:25:03 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=69cace0f-29d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9c:b6:8c:c1:9a:94:c3:75:0f:6b:94:75:ba:
bf:bc:4d:5e:26:d3:9e:22:09:66:84:11:fe:62:95:
a3:3c:6b:d1:61:8b:42:72:7f:2b:cf:6f:d6:48:64:
1d:77:3c:9b:cd:c7:b1:f1:39:0c:d6:d7:56:2d:d2:
68:cb:19:3a:ef:22:f7:90:6e:94:fd:74:03:fb:b9:
ef:15:08:9c:e4:fb:ad:75:a1:3f:f1:f9:63:9c:87:
d2:b5:04:16:0c:7c:7b:c8:9b:01:4e:36:55:76:2e:
fb:1f:00:34:d0:43:98:f0:34:de:6f:2c:35:8b:39:
4f:7a:2e:2f:9e:08:68:50:8a:a3:a7:df:89:10:0c:
1e:97:37:f2:ca:07:4f:52:a0:72:84:e4:74:35:7c:
5f:27:88:7f:88:71:b7:b5:4b:73:e4:e4:8c:eb:eb:
af:69:1b:c1:49:09:2e:f0:92:5c:39:83:7c:2a:78:
bb:6d:20:0c:fc:a3:d3:86:b1:00:bf:d9:44:96:0f:
ab:a9:26:0b:7d:bf:41:ee:3a:54:18:82:32:0e:aa:
be:d1:10:8d:11:0e:f1:af:65:00:59:92:2b:87:c4:
80:43:42:c3:cf:3f:74:66:49:19:84:62:64:a8:b1:
8d:a6:10:2d:52:66:46:0b:be:c6:0e:bd:bf:36:46:
a0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:F6:F0:0B:5B:E7:72:78:24:00:34:D2:BF:58:80:4F:D9:45:BF:73
X509v3 Authority Key Identifier:
keyid:49:33:39:54:7B:33:00:3A:58:59:98:36:FB:4C:99:E7:94:49:CD:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/STM5VHszADpYWZg2-0yZ55RJzfI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/04281A2C6E8211F0A2E51335C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.252.252.0/22
103.1.216.0/22
103.2.168.0/22
103.12.128.0/22
103.200.8.0/22
103.211.208.0/22
103.235.116.0/22
103.245.84.0/22
103.249.148.0/22
110.44.24.0/21
119.17.160.0/19
122.99.112.0/21
139.5.124.0/22
150.242.136.0/22
175.176.200.0/21
180.189.152.0/21
180.214.64.0/19
182.23.192.0/21
202.43.66.0/24
202.61.92.0/22
203.18.94.0/24
203.24.22.0/24
203.33.60.0/23
203.55.174.0/23
203.62.184.0/22
203.114.76.0/22
IPv6:
2001:df1:2000::/48
2401:ac00::/32
2402:c00::/32
2404:7d80::/32
2407:a00::/32
Signature Algorithm: sha256WithRSAEncryption
37:72:7f:c6:35:f9:de:b1:48:08:15:0e:15:e8:b7:af:03:31:
49:c7:2d:63:92:8d:62:9b:a7:24:2f:0e:51:7b:fa:f3:f5:4e:
57:bc:98:89:f6:dd:b0:8d:2c:45:49:1c:bc:57:83:32:a8:15:
ed:08:0f:0f:16:2e:4e:ef:89:29:21:db:a0:45:66:2e:ba:39:
dd:84:74:da:02:f9:dd:9d:2b:00:b1:88:2e:49:86:a3:a1:a9:
81:86:13:04:0c:34:95:ad:1a:e8:66:63:15:79:c7:7c:7b:6b:
2e:f9:1d:a1:29:06:d8:c2:23:33:eb:23:23:22:95:76:15:f2:
63:40:9b:31:b1:54:b9:49:67:c8:19:f7:33:2f:14:cb:c4:26:
65:5f:a8:f6:63:2a:fc:16:95:b7:36:c2:02:81:b7:85:8d:bd:
2b:10:34:08:0a:5c:3d:3a:ad:c0:51:25:4e:8c:40:33:52:b0:
92:8c:67:5e:95:7b:ba:f3:7f:10:c2:58:18:ca:e1:a5:1b:44:
59:e6:02:e0:c6:9e:81:b5:74:32:82:1e:d2:ab:cf:8f:73:2d:
ac:87:73:26:71:8a:d3:a8:85:43:5a:05:73:52:77:ff:1a:87:
a1:3f:39:f2:67:5c:66:ba:12:74:2f:af:0f:22:da:a3:2c:7a:
a3:af:f0:f9
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgICC1QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkI3OTUxMTAvBgNVBAUTKDQ5MzMzOTU0N0IzMzAwM0E1ODU5OTgzNkZCNEM5OUU3
OTQ0OUNERjIwHhcNMjYwMzMwMTkyNTAzWhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWNhY2UwZi0yOWQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzZy2jMGalMN1D2uUdbq/vE1eJtOeIglmhBH+YpWjPGvRYYtCcn8rz2/WSGQd
dzybzcex8TkM1tdWLdJoyxk67yL3kG6U/XQD+7nvFQic5PutdaE/8fljnIfStQQW
DHx7yJsBTjZVdi77HwA00EOY8DTebyw1izlPei4vnghoUIqjp9+JEAwelzfyygdP
UqByhOR0NXxfJ4h/iHG3tUtz5OSM6+uvaRvBSQku8JJcOYN8Kni7bSAM/KPThrEA
v9lElg+rqSYLfb9B7jpUGIIyDqq+0RCNEQ7xr2UAWZIrh8SAQ0LDzz90ZkkZhGJk
qLGNphAtUmZGC77GDr2/NkagMwIDAQABo4IDKDCCAyQwHQYDVR0OBBYEFM728Atb
53J4JAA00r9YgE/ZRb9zMB8GA1UdIwQYMBaAFEkzOVR7MwA6WFmYNvtMmeeUSc3y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2Qjc5NS9CRDAzMkUwNDYz
NDAxMUVBQUNDRjAyNjJDNEY5QUUwMi9TVE01VkhzekFEcFlXWmcyLTB5WjU1Ukp6
ZkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NUTTVWSHN6QURwWVdaZzItMHlaNTVSSnpmSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkI3OTUvQkQwMzJFMDQ2MzQwMTFFQUFDQ0YwMjYyQzRGOUFFMDIvMDQyODFBMkM2
RTgyMTFGMEEyRTUxMzM1QzRGOUFFMDIucm9hMIHmBggrBgEFBQcBBwEB/wSB1jCB
0zCBowQCAAEwgZwDBAIt/PwDBAJnAdgDBAJnAqgDBAJnDIADBAJnyAgDBAJn09AD
BAJn63QDBAJn9VQDBAJn+ZQDBANuLBgDBAV3EaADBAN6Y3ADBAKLBXwDBAKW8ogD
BAOvsMgDBAO0vZgDBAW01kADBAO2F8ADBADKK0IDBALKPVwDBADLEl4DBADLGBYD
BAHLITwDBAHLN64DBALLPrgDBALLckwwKwQCAAIwJQMHACABDfEgAAMFACQBrAAD
BQAkAgwAAwUAJAR9gAMFACQHCgAwDQYJKoZIhvcNAQELBQADggEBADdyf8Y1+d6x
SAgVDhXot68DMUnHLWOSjWKbpyQvDlF7+vP1Tle8mIn23bCNLEVJHLxXgzKoFe0I
Dw8WLk7viSkh26BFZi66Od2EdNoC+d2dKwCxiC5JhqOhqYGGEwQMNJWtGuhmYxV5
x3x7ay75HaEpBtjCIzPrIyMilXYV8mNAmzGxVLlJZ8gZ9zMvFMvEJmVfqPZjKvwW
lbc2wgKBt4WNvSsQNAgKXD06rcBRJU6MQDNSsJKMZ16Ve7rzfxDCWBjK4aUbRFnm
AuDGnoG1dDKCHtKrz49zLayHcyZxitOohUNaBXNSd/8ah6E/OfJnXGa6EnQvrw8i
2qMseqOv8Pk=
-----END CERTIFICATE-----
Generated at Fri Apr 17 21:30:18 2026 by rpki-client