Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91778C2/ED2BBC70F88711E7921F8668C4F9AE02/0EF775B2EFCD11EF92BCB66CC4F9AE02.roa
File: 0EF775B2EFCD11EF92BCB66CC4F9AE02.roa (raw, json)
Hash identifier: 45ZKfLCd79M7grb/NFrxHrHTz4EXMCPhKmHz8mBqdu8=
Subject key identifier: 08:D0:3B:59:04:CA:E8:BC:32:28:3E:CA:41:D7:73:88:3B:13:B0:19
Certificate issuer: /CN=A91778C2/serialNumber=6D4AE89FA97A716A2D92661FF2CF5BD3CCDC29FC
Certificate serial: 17D8
Authority key identifier: 6D:4A:E8:9F:A9:7A:71:6A:2D:92:66:1F:F2:CF:5B:D3:CC:DC:29:FC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bUron6l6cWotkmYf8s9b08zcKfw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91778C2/ED2BBC70F88711E7921F8668C4F9AE02/0EF775B2EFCD11EF92BCB66CC4F9AE02.roa
Signing time: Sun 01 Mar 2026 13:44:21 +0000
ROA not before: Tue 28 Oct 2025 17:04:47 +0000
ROA not after: Wed 30 Dec 2026 00:00:00 +0000
asID: 132817
IP address blocks: 43.242.0.0/22 maxlen: 22
45.249.104.0/22 maxlen: 22
45.252.56.0/22 maxlen: 23
59.152.84.0/22 maxlen: 22
103.66.64.0/22 maxlen: 22
103.69.156.0/22 maxlen: 22
103.73.52.0/22 maxlen: 22
103.74.132.0/22 maxlen: 22
103.74.176.0/22 maxlen: 22
103.75.220.0/22 maxlen: 22
103.76.236.0/22 maxlen: 22
103.211.144.0/22 maxlen: 22
103.214.92.0/22 maxlen: 22
103.221.56.0/22 maxlen: 22
103.228.224.0/22 maxlen: 22
116.206.48.0/22 maxlen: 22
119.42.36.0/22 maxlen: 22
144.48.96.0/22 maxlen: 22
160.238.16.0/22 maxlen: 22
192.144.88.0/22 maxlen: 22
2402:54c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91778C2/ED2BBC70F88711E7921F8668C4F9AE02/bUron6l6cWotkmYf8s9b08zcKfw.crl
rsync://rpki.apnic.net/member_repository/A91778C2/ED2BBC70F88711E7921F8668C4F9AE02/bUron6l6cWotkmYf8s9b08zcKfw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bUron6l6cWotkmYf8s9b08zcKfw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 23:41:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6104 (0x17d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91778C2, serialNumber=6D4AE89FA97A716A2D92661FF2CF5BD3CCDC29FC
Validity
Not Before: Oct 28 17:04:47 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=69a442b5-8468
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:84:72:df:b0:b6:30:32:aa:99:36:bf:e7:01:
6a:66:72:cd:52:2c:ec:b5:e7:19:1a:76:23:39:e0:
b3:1f:2e:1c:62:fb:27:eb:fb:b0:26:c9:27:01:3e:
21:49:a4:08:9f:80:3d:9f:7d:96:b0:e6:7b:3f:1c:
dc:af:f0:a4:94:74:a3:98:72:a4:32:6e:93:57:f9:
49:9d:d5:d2:d0:32:50:8b:7f:51:69:54:38:f6:27:
e1:7e:4b:6b:98:4d:15:57:3c:c2:fa:89:97:e6:8c:
01:e3:cb:f0:a1:0a:51:dd:85:e8:e2:27:16:ef:8c:
14:2f:72:05:88:71:2a:11:d5:9f:33:86:78:44:7f:
1f:c1:0a:fb:1b:21:ab:fc:be:3e:9b:8d:29:27:a3:
c1:68:7a:75:9c:8c:20:e6:50:e9:e0:7c:cb:72:92:
4d:ae:65:67:7c:a5:97:5a:ec:11:a1:7b:a3:3f:e7:
fe:14:c9:c8:c6:2d:17:cb:3f:02:b0:d8:bb:3d:6d:
fe:98:4e:09:84:56:6f:ac:09:e2:80:82:fb:e5:3b:
68:f5:48:32:41:6a:71:d5:b6:c5:de:47:bd:27:c4:
6f:96:ba:92:1f:9e:81:90:1d:2c:0a:fc:8a:6a:ee:
11:78:35:9c:0b:6f:ec:5a:04:d5:3a:a7:1c:e9:ae:
e8:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D0:3B:59:04:CA:E8:BC:32:28:3E:CA:41:D7:73:88:3B:13:B0:19
X509v3 Authority Key Identifier:
keyid:6D:4A:E8:9F:A9:7A:71:6A:2D:92:66:1F:F2:CF:5B:D3:CC:DC:29:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91778C2/ED2BBC70F88711E7921F8668C4F9AE02/bUron6l6cWotkmYf8s9b08zcKfw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bUron6l6cWotkmYf8s9b08zcKfw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91778C2/ED2BBC70F88711E7921F8668C4F9AE02/0EF775B2EFCD11EF92BCB66CC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.242.0.0/22
45.249.104.0/22
45.252.56.0/22
59.152.84.0/22
103.66.64.0/22
103.69.156.0/22
103.73.52.0/22
103.74.132.0/22
103.74.176.0/22
103.75.220.0/22
103.76.236.0/22
103.211.144.0/22
103.214.92.0/22
103.221.56.0/22
103.228.224.0/22
116.206.48.0/22
119.42.36.0/22
144.48.96.0/22
160.238.16.0/22
192.144.88.0/22
IPv6:
2402:54c0::/32
Signature Algorithm: sha256WithRSAEncryption
3c:b6:d7:fa:63:ae:43:b8:f6:9b:ab:e6:93:a4:2a:14:bb:0a:
4d:dc:54:58:8c:c8:30:7c:e4:52:58:d7:eb:c9:28:ea:15:20:
aa:66:62:45:b6:8e:1b:6b:ce:10:4d:b5:eb:8f:1c:20:88:dd:
4e:20:b4:7d:5d:0b:2a:22:9a:43:39:f4:c9:50:ab:61:0e:43:
b0:d0:19:c2:d2:3b:5c:ed:0a:35:9c:5a:0a:d6:39:0b:39:7f:
46:00:d7:48:8d:3f:c9:aa:cb:95:4b:77:f9:13:3c:59:b5:a0:
8b:d4:62:bc:1d:50:1a:93:c3:9b:45:40:47:c8:de:f3:c7:9a:
cf:d6:a9:74:2f:e6:6d:89:8b:9f:7d:4f:1d:ca:71:62:b4:aa:
7e:de:30:73:3a:5c:05:8d:17:94:c0:e6:4e:0b:0f:2f:d9:c7:
9b:11:6a:02:58:49:5d:04:4c:6d:06:c9:2b:1f:05:1f:6b:bf:
5a:98:4e:39:26:e2:cf:84:c6:c0:6b:85:c6:aa:cc:60:1b:73:
18:b1:57:32:a7:e1:27:77:eb:fe:45:a2:aa:c1:a8:ae:50:9b:
e0:d1:3d:b3:8c:77:45:eb:d9:b4:89:d5:31:a4:bb:50:d5:32:
e6:ec:03:c5:43:5e:b2:78:a2:38:13:25:b5:68:c4:65:dc:83:
7d:a1:b7:9e
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgICF9gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Nzc4QzIxMTAvBgNVBAUTKDZENEFFODlGQTk3QTcxNkEyRDkyNjYxRkYyQ0Y1QkQz
Q0NEQzI5RkMwHhcNMjUxMDI4MTcwNDQ3WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NDJiNS04NDY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqoRy37C2MDKqmTa/5wFqZnLNUizstecZGnYjOeCzHy4cYvsn6/uwJsknAT4h
SaQIn4A9n32WsOZ7Pxzcr/CklHSjmHKkMm6TV/lJndXS0DJQi39RaVQ49ifhfktr
mE0VVzzC+omX5owB48vwoQpR3YXo4icW74wUL3IFiHEqEdWfM4Z4RH8fwQr7GyGr
/L4+m40pJ6PBaHp1nIwg5lDp4HzLcpJNrmVnfKWXWuwRoXujP+f+FMnIxi0Xyz8C
sNi7PW3+mE4JhFZvrAnigIL75Tto9UgyQWpx1bbF3ke9J8RvlrqSH56BkB0sCvyK
au4ReDWcC2/sWgTVOqcc6a7ogwIDAQABo4IC5DCCAuAwHQYDVR0OBBYEFAjQO1kE
yui8Mig+ykHXc4g7E7AZMB8GA1UdIwQYMBaAFG1K6J+penFqLZJmH/LPW9PM3Cn8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzhDMi9FRDJCQkM3MEY4
ODcxMUU3OTIxRjg2NjhDNEY5QUUwMi9iVXJvbjZsNmNXb3RrbVlmOHM5YjA4emNL
ZncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JVcm9uNmw2Y1dvdGttWWY4czliMDh6Y0tmdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Nzc4QzIvRUQyQkJDNzBGODg3MTFFNzkyMUY4NjY4QzRGOUFFMDIvMEVGNzc1QjJF
RkNEMTFFRjkyQkNCNjZDQzRGOUFFMDIucm9hMIGiBggrBgEFBQcBBwEB/wSBkjCB
jzB+BAIAATB4AwQCK/IAAwQCLfloAwQCLfw4AwQCO5hUAwQCZ0JAAwQCZ0WcAwQC
Z0k0AwQCZ0qEAwQCZ0qwAwQCZ0vcAwQCZ0zsAwQCZ9OQAwQCZ9ZcAwQCZ904AwQC
Z+TgAwQCdM4wAwQCdyokAwQCkDBgAwQCoO4QAwQCwJBYMA0EAgACMAcDBQAkAlTA
MA0GCSqGSIb3DQEBCwUAA4IBAQA8ttf6Y65DuPabq+aTpCoUuwpN3FRYjMgwfORS
WNfrySjqFSCqZmJFto4ba84QTbXrjxwgiN1OILR9XQsqIppDOfTJUKthDkOw0BnC
0jtc7Qo1nFoK1jkLOX9GANdIjT/JqsuVS3f5EzxZtaCL1GK8HVAak8ObRUBHyN7z
x5rP1ql0L+ZtiYuffU8dynFitKp+3jBzOlwFjReUwOZOCw8v2cebEWoCWEldBExt
BskrHwUfa79amE45JuLPhMbAa4XGqsxgG3MYsVcyp+End+v+RaKqwaiuUJvg0T2z
jHdF69m0idUxpLtQ1TLm7APFQ16yeKI4EyW1aMRl3IN9obee
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:38:40 2026 by rpki-client