Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/28BBBAA2634211EABE282367C4F9AE02.roa
File: 28BBBAA2634211EABE282367C4F9AE02.roa (raw, json)
Hash identifier: L8C4iZ3A0DV3wmBiyITzSqpZOzS8a21EtJ4UOfNMfBg=
Subject key identifier: 34:12:47:19:72:B9:D4:A2:89:64:B7:9D:59:36:D6:97:F4:00:9D:1C
Certificate issuer: /CN=A916B795/serialNumber=493339547B33003A58599836FB4C99E79449CDF2
Certificate serial: 0B40
Authority key identifier: 49:33:39:54:7B:33:00:3A:58:59:98:36:FB:4C:99:E7:94:49:CD:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/STM5VHszADpYWZg2-0yZ55RJzfI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/28BBBAA2634211EABE282367C4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:35:10 +0000
ROA not before: Mon 31 Mar 2025 20:19:45 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 9268
IP address blocks: 45.252.252.0/22 maxlen: 22
103.1.216.0/22 maxlen: 22
103.2.168.0/22 maxlen: 22
103.12.128.0/22 maxlen: 22
103.200.8.0/22 maxlen: 22
103.211.208.0/22 maxlen: 22
103.235.116.0/22 maxlen: 22
103.245.84.0/22 maxlen: 22
103.249.148.0/22 maxlen: 22
103.249.149.0/24 maxlen: 24
103.249.150.0/24 maxlen: 24
110.44.24.0/21 maxlen: 21
119.17.160.0/19 maxlen: 19
122.99.112.0/21 maxlen: 21
139.5.124.0/22 maxlen: 22
150.242.136.0/22 maxlen: 22
175.176.200.0/21 maxlen: 21
180.189.152.0/21 maxlen: 21
180.214.64.0/19 maxlen: 19
182.23.192.0/21 maxlen: 21
202.43.66.0/24 maxlen: 24
202.61.92.0/22 maxlen: 22
203.18.94.0/24 maxlen: 24
203.24.22.0/24 maxlen: 24
203.33.60.0/23 maxlen: 23
203.55.174.0/23 maxlen: 23
203.62.184.0/22 maxlen: 22
203.62.187.0/24 maxlen: 24
203.114.76.0/22 maxlen: 22
2001:df1:2000::/48 maxlen: 48
2401:ac00::/32 maxlen: 32
2402:c00::/32 maxlen: 32
2404:7d80::/32 maxlen: 32
2407:a00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.crl
rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/STM5VHszADpYWZg2-0yZ55RJzfI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 23:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2880 (0xb40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916B795, serialNumber=493339547B33003A58599836FB4C99E79449CDF2
Validity
Not Before: Mar 31 20:19:45 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=69a478ce-0046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a5:af:7d:39:0d:b4:f9:b4:57:66:55:6d:59:
a7:23:ff:ac:83:09:2d:a0:18:31:4c:c0:1c:0f:c1:
1b:47:c3:1b:ee:ed:d8:2a:e8:de:2e:04:b2:a7:bc:
19:bf:4d:2f:82:10:3a:26:c2:7e:a2:c8:82:68:db:
e8:22:d4:7b:c2:da:58:7e:c1:5e:19:de:5a:38:8c:
97:f7:78:72:28:7c:4c:5b:b1:b2:9e:71:fb:b4:82:
38:56:72:3b:a0:d2:13:52:e8:cf:b5:0f:29:04:23:
3f:61:64:3e:34:51:10:72:52:59:de:4b:4e:c4:4a:
3f:00:a3:1b:b9:1a:10:57:d0:09:9e:d0:bc:d8:99:
52:4f:e5:8d:25:97:a3:37:d5:4e:02:8e:9c:52:2b:
bf:9f:8e:a4:90:bb:7b:e9:a5:2f:58:69:47:16:7c:
b6:a9:56:d0:0c:bf:18:5e:ab:fb:df:3e:43:a5:54:
f4:9d:ac:6f:4e:97:ab:57:f2:ea:11:41:d7:eb:5b:
2f:dc:a4:14:23:77:5f:b1:49:15:cb:4e:29:c9:e1:
ac:db:a3:e9:35:f6:c6:6b:ca:1d:35:6d:16:22:a4:
a4:ca:ef:4f:7b:e1:14:68:0f:a2:ab:6f:7b:8f:7b:
e8:ff:55:c6:46:02:ce:54:3f:4e:47:a6:ab:10:13:
79:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:12:47:19:72:B9:D4:A2:89:64:B7:9D:59:36:D6:97:F4:00:9D:1C
X509v3 Authority Key Identifier:
keyid:49:33:39:54:7B:33:00:3A:58:59:98:36:FB:4C:99:E7:94:49:CD:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/STM5VHszADpYWZg2-0yZ55RJzfI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/28BBBAA2634211EABE282367C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.252.252.0/22
103.1.216.0/22
103.2.168.0/22
103.12.128.0/22
103.200.8.0/22
103.211.208.0/22
103.235.116.0/22
103.245.84.0/22
103.249.148.0/22
110.44.24.0/21
119.17.160.0/19
122.99.112.0/21
139.5.124.0/22
150.242.136.0/22
175.176.200.0/21
180.189.152.0/21
180.214.64.0/19
182.23.192.0/21
202.43.66.0/24
202.61.92.0/22
203.18.94.0/24
203.24.22.0/24
203.33.60.0/23
203.55.174.0/23
203.62.184.0/22
203.114.76.0/22
IPv6:
2001:df1:2000::/48
2401:ac00::/32
2402:c00::/32
2404:7d80::/32
2407:a00::/32
Signature Algorithm: sha256WithRSAEncryption
c8:5d:3f:b5:47:80:9a:d1:a1:a6:fc:83:36:6e:1a:d3:7f:00:
f3:25:e4:84:9e:12:62:ff:04:f3:5a:c1:60:a4:84:85:87:e8:
7c:be:04:9d:91:f9:ff:5b:1c:1d:b7:f4:6d:31:64:81:36:9c:
91:f4:0f:b2:fb:a7:35:d8:ec:13:0a:52:c5:de:ed:aa:a3:21:
e3:61:c1:67:28:4b:50:67:10:91:1e:56:95:97:7d:bd:8a:4b:
0b:58:a7:e8:ca:40:ac:57:28:18:cd:7c:46:a4:35:57:27:1c:
f8:81:c8:15:5f:2f:c7:5f:1c:d5:ab:ed:03:d1:50:81:1d:af:
1f:34:9a:19:e1:70:a8:d0:c6:70:a5:a9:d9:8c:54:d2:62:a5:
f0:2f:f0:84:89:ca:56:37:11:3a:5b:ca:72:95:bb:cc:56:e7:
48:e4:95:8b:ce:e7:a0:fd:4e:03:e0:cb:2b:8d:ce:2b:73:ab:
3e:8f:6c:23:31:2d:51:28:58:a0:94:cc:7c:dc:e9:eb:63:fc:
70:65:93:0f:90:fa:0a:e0:3b:56:5e:4f:22:dc:76:47:19:40:
91:f9:ff:58:63:8b:c6:f9:0e:9e:6b:7b:39:9c:d2:62:3c:0f:
2d:8d:c7:e8:30:db:d2:3c:4c:d6:19:50:3c:53:48:ed:d9:fe:
5f:f5:fc:d1
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgICC0AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkI3OTUxMTAvBgNVBAUTKDQ5MzMzOTU0N0IzMzAwM0E1ODU5OTgzNkZCNEM5OUU3
OTQ0OUNERjIwHhcNMjUwMzMxMjAxOTQ1WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzhjZS0wMDQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApaWvfTkNtPm0V2ZVbVmnI/+sgwktoBgxTMAcD8EbR8Mb7u3YKujeLgSyp7wZ
v00vghA6JsJ+osiCaNvoItR7wtpYfsFeGd5aOIyX93hyKHxMW7GynnH7tII4VnI7
oNITUujPtQ8pBCM/YWQ+NFEQclJZ3ktOxEo/AKMbuRoQV9AJntC82JlST+WNJZej
N9VOAo6cUiu/n46kkLt76aUvWGlHFny2qVbQDL8YXqv73z5DpVT0naxvTperV/Lq
EUHX61sv3KQUI3dfsUkVy04pyeGs26PpNfbGa8odNW0WIqSkyu9Pe+EUaA+iq297
j3vo/1XGRgLOVD9OR6arEBN5QQIDAQABo4IDKDCCAyQwHQYDVR0OBBYEFDQSRxly
udSiiWS3nVk21pf0AJ0cMB8GA1UdIwQYMBaAFEkzOVR7MwA6WFmYNvtMmeeUSc3y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2Qjc5NS9CRDAzMkUwNDYz
NDAxMUVBQUNDRjAyNjJDNEY5QUUwMi9TVE01VkhzekFEcFlXWmcyLTB5WjU1Ukp6
ZkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NUTTVWSHN6QURwWVdaZzItMHlaNTVSSnpmSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkI3OTUvQkQwMzJFMDQ2MzQwMTFFQUFDQ0YwMjYyQzRGOUFFMDIvMjhCQkJBQTI2
MzQyMTFFQUJFMjgyMzY3QzRGOUFFMDIucm9hMIHmBggrBgEFBQcBBwEB/wSB1jCB
0zCBowQCAAEwgZwDBAIt/PwDBAJnAdgDBAJnAqgDBAJnDIADBAJnyAgDBAJn09AD
BAJn63QDBAJn9VQDBAJn+ZQDBANuLBgDBAV3EaADBAN6Y3ADBAKLBXwDBAKW8ogD
BAOvsMgDBAO0vZgDBAW01kADBAO2F8ADBADKK0IDBALKPVwDBADLEl4DBADLGBYD
BAHLITwDBAHLN64DBALLPrgDBALLckwwKwQCAAIwJQMHACABDfEgAAMFACQBrAAD
BQAkAgwAAwUAJAR9gAMFACQHCgAwDQYJKoZIhvcNAQELBQADggEBAMhdP7VHgJrR
oab8gzZuGtN/APMl5ISeEmL/BPNawWCkhIWH6Hy+BJ2R+f9bHB239G0xZIE2nJH0
D7L7pzXY7BMKUsXe7aqjIeNhwWcoS1BnEJEeVpWXfb2KSwtYp+jKQKxXKBjNfEak
NVcnHPiByBVfL8dfHNWr7QPRUIEdrx80mhnhcKjQxnClqdmMVNJipfAv8ISJylY3
ETpbynKVu8xW50jklYvO56D9TgPgyyuNzitzqz6PbCMxLVEoWKCUzHzc6etj/HBl
kw+Q+grgO1ZeTyLcdkcZQJH5/1hji8b5Dp5rezmc0mI8Dy2Nx+gw29I8TNYZUDxT
SO3Z/l/1/NE=
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:55:56 2026 by rpki-client