Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/75D2A3666E8011EF92BDE465C4F9AE02.roa
File: 75D2A3666E8011EF92BDE465C4F9AE02.roa (raw, json)
Hash identifier: pQIAQO2x1Y98U1wPMfCQmXLie1tIp4nTPRrtQeF4Db8=
Subject key identifier: D4:67:70:0A:8A:64:C9:11:A8:11:28:DB:E8:DD:63:5B:73:08:5C:AD
Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Certificate serial: 1DE2
Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/75D2A3666E8011EF92BDE465C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:06:18 +0000
ROA not before: Wed 24 Sep 2025 16:34:35 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 132165
IP address blocks: 43.245.128.0/24 maxlen: 24
43.245.129.0/24 maxlen: 24
43.245.130.0/24 maxlen: 24
43.245.131.0/24 maxlen: 24
103.12.120.0/24 maxlen: 24
103.12.121.0/24 maxlen: 24
103.12.122.0/24 maxlen: 24
103.12.123.0/24 maxlen: 24
111.119.160.0/24 maxlen: 24
111.119.161.0/24 maxlen: 24
111.119.162.0/24 maxlen: 24
111.119.163.0/24 maxlen: 24
111.119.164.0/24 maxlen: 24
111.119.165.0/24 maxlen: 24
111.119.166.0/24 maxlen: 24
111.119.167.0/24 maxlen: 24
113.203.192.0/24 maxlen: 24
113.203.193.0/24 maxlen: 24
113.203.195.0/24 maxlen: 24
113.203.200.0/24 maxlen: 24
113.203.201.0/24 maxlen: 24
113.203.202.0/24 maxlen: 24
113.203.203.0/24 maxlen: 24
113.203.204.0/24 maxlen: 24
113.203.205.0/24 maxlen: 24
113.203.207.0/24 maxlen: 24
115.42.64.0/24 maxlen: 24
115.42.65.0/24 maxlen: 24
115.42.66.0/24 maxlen: 24
115.42.67.0/24 maxlen: 24
115.42.68.0/24 maxlen: 24
115.42.69.0/24 maxlen: 24
115.42.70.0/24 maxlen: 24
115.42.71.0/24 maxlen: 24
118.103.226.0/24 maxlen: 24
118.103.227.0/24 maxlen: 24
118.103.228.0/24 maxlen: 24
118.103.229.0/24 maxlen: 24
118.103.230.0/24 maxlen: 24
118.103.231.0/24 maxlen: 24
118.103.232.0/24 maxlen: 24
118.103.233.0/24 maxlen: 24
118.103.234.0/24 maxlen: 24
118.103.235.0/24 maxlen: 24
118.103.236.0/24 maxlen: 24
118.103.237.0/24 maxlen: 24
118.103.238.0/24 maxlen: 24
118.103.239.0/24 maxlen: 24
2406:d00::/48 maxlen: 48
2406:d00:2222::/48 maxlen: 48
2406:d00:5555::/48 maxlen: 48
2406:d00:aaaa::/48 maxlen: 48
2406:d00:bbbb::/48 maxlen: 48
2406:d00:ccaa::/47 maxlen: 48
2406:d00:ccad::/48 maxlen: 48
2406:d00:ccc0::/46 maxlen: 48
2406:d00:cccc::/46 maxlen: 48
2406:d00:cce0::/48 maxlen: 48
2406:d00:ccea::/48 maxlen: 48
2406:d00:ddc1::/48 maxlen: 48
2406:d00:ddcc::/48 maxlen: 48
2406:d00:ddd1::/48 maxlen: 48
2406:d00:dddd::/48 maxlen: 48
2406:d00:ddf1::/48 maxlen: 48
2406:d00:ddff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 02:19:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7650 (0x1de2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A84A, serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Validity
Not Before: Sep 24 16:34:35 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=69a48019-c270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:21:03:09:bf:0c:87:9c:d2:ea:30:66:ed:50:
17:6e:71:d7:37:1a:6d:90:19:08:52:26:a7:49:b3:
88:eb:b4:e0:fe:b8:51:74:d6:15:ac:a8:ed:bb:9a:
38:65:3f:cb:e4:86:2e:0e:01:a3:5f:d7:5c:3b:01:
c6:c0:ab:7c:b2:89:2b:6f:03:13:ac:1b:f1:0f:79:
fd:00:ae:d6:fe:0a:b4:cf:39:eb:0f:fa:9e:d7:2a:
f5:41:ce:d1:4f:fc:29:5d:41:67:ca:b5:03:8a:48:
ce:c2:b3:16:c3:ac:e3:87:9d:56:32:68:23:fd:20:
23:67:21:bd:da:e0:e6:4b:68:ad:8b:ce:a3:c9:43:
07:e3:b9:0e:a1:57:f0:f5:2a:72:f8:ac:b5:03:30:
41:00:2e:3b:2c:b1:31:f9:16:d0:a3:2b:1f:ee:8c:
f4:68:6c:18:a1:e2:ff:21:ab:10:ef:4c:9c:1c:f7:
3a:d2:25:2c:b4:b7:8a:4c:4b:50:90:47:c6:d4:ce:
36:3f:b7:33:d0:8f:70:73:80:3f:5a:d4:31:ea:8a:
fd:7e:71:9c:46:74:68:b6:21:c9:a2:78:dd:19:67:
7b:cc:a5:ee:9a:90:73:d3:31:e9:46:b1:3b:19:2a:
33:5a:c4:26:8f:fe:7e:ca:6d:49:34:a4:07:13:8c:
0e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:67:70:0A:8A:64:C9:11:A8:11:28:DB:E8:DD:63:5B:73:08:5C:AD
X509v3 Authority Key Identifier:
keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/75D2A3666E8011EF92BDE465C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.245.128.0/22
103.12.120.0/22
111.119.160.0/21
113.203.192.0/23
113.203.195.0/24
113.203.200.0-113.203.205.255
113.203.207.0/24
115.42.64.0/21
118.103.226.0-118.103.239.255
IPv6:
2406:d00::/48
2406:d00:2222::/48
2406:d00:5555::/48
2406:d00:aaaa::/48
2406:d00:bbbb::/48
2406:d00:ccaa::/47
2406:d00:ccad::/48
2406:d00:ccc0::/46
2406:d00:cccc::/46
2406:d00:cce0::/48
2406:d00:ccea::/48
2406:d00:ddc1::/48
2406:d00:ddcc::/48
2406:d00:ddd1::/48
2406:d00:dddd::/48
2406:d00:ddf1::/48
2406:d00:ddff::/48
Signature Algorithm: sha256WithRSAEncryption
68:76:8e:c9:d0:92:6b:eb:9e:b4:79:c0:8f:3c:58:53:b6:a6:
47:d1:49:9d:80:03:8f:a1:3c:1d:79:15:d4:05:22:dd:79:76:
5d:fb:78:69:cf:02:cc:df:cd:b6:37:31:c1:26:fa:0b:d5:bb:
b3:19:03:52:73:bc:f5:27:f1:c3:84:07:93:c9:11:de:fa:9b:
c1:f4:67:97:0e:7d:8c:61:3d:d3:ec:c0:a9:26:0e:fe:91:2f:
ca:85:89:98:7f:38:8e:04:37:de:7a:ba:bb:aa:ea:a2:01:62:
22:8b:46:ee:73:ab:91:c9:91:1b:f1:f4:14:86:db:76:47:04:
96:b7:27:8d:67:b7:f8:dc:7b:01:8a:12:a4:df:f1:82:e4:67:
21:b7:56:4f:8f:d1:e1:d3:d3:c0:09:b9:c5:c6:8d:74:ff:64:
22:13:1e:73:09:d9:e8:7f:74:fa:44:9c:e6:f6:13:86:6d:f9:
2d:d2:9e:be:3b:88:4d:f6:a4:23:92:cf:71:10:3f:d9:a0:17:
85:8e:31:58:f2:c4:ba:cc:c6:d8:b7:0f:fd:6a:01:b5:b6:6b:
08:ae:ae:27:27:ae:87:73:82:82:76:52:d1:11:60:b0:57:c7:
37:03:6e:c3:e7:8d:e9:73:1e:72:88:50:8f:fd:33:99:8a:4d:
70:0d:ae:62
-----BEGIN CERTIFICATE-----
MIIGIzCCBQugAwIBAgICHeIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB
ODEzOTYwM0EwHhcNMjUwOTI0MTYzNDM1WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODAxOS1jMjcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1yEDCb8Mh5zS6jBm7VAXbnHXNxptkBkIUianSbOI67Tg/rhRdNYVrKjtu5o4
ZT/L5IYuDgGjX9dcOwHGwKt8sokrbwMTrBvxD3n9AK7W/gq0zznrD/qe1yr1Qc7R
T/wpXUFnyrUDikjOwrMWw6zjh51WMmgj/SAjZyG92uDmS2iti86jyUMH47kOoVfw
9Spy+Ky1AzBBAC47LLEx+RbQoysf7oz0aGwYoeL/IasQ70ycHPc60iUstLeKTEtQ
kEfG1M42P7cz0I9wc4A/WtQx6or9fnGcRnRotiHJonjdGWd7zKXumpBz0zHpRrE7
GSozWsQmj/5+ym1JNKQHE4wO6wIDAQABo4IDRzCCA0MwHQYDVR0OBBYEFNRncAqK
ZMkRqBEo2+jdY1tzCFytMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx
RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E4NEEvMTgwNTE5MUFFMUVGMTFFNjlEMzY1MDFCQzRGOUFFMDIvNzVEMkEzNjY2
RTgwMTFFRjkyQkRFNDY1QzRGOUFFMDIucm9hMIIBBAYIKwYBBQUHAQcBAf8EgfQw
gfEwTAQCAAEwRgMEAiv1gAMEAmcMeAMEA293oAMEAXHLwAMEAHHLwzAMAwQDccvI
AwQBccvMAwQAccvPAwQDcypAMAwDBAF2Z+IDBAR2Z+AwgaAEAgACMIGZAwcAJAYN
AAAAAwcAJAYNACIiAwcAJAYNAFVVAwcAJAYNAKqqAwcAJAYNALu7AwcBJAYNAMyq
AwcAJAYNAMytAwcCJAYNAMzAAwcCJAYNAMzMAwcAJAYNAMzgAwcAJAYNAMzqAwcA
JAYNAN3BAwcAJAYNAN3MAwcAJAYNAN3RAwcAJAYNAN3dAwcAJAYNAN3xAwcAJAYN
AN3/MA0GCSqGSIb3DQEBCwUAA4IBAQBodo7J0JJr6560ecCPPFhTtqZH0UmdgAOP
oTwdeRXUBSLdeXZd+3hpzwLM3822NzHBJvoL1buzGQNSc7z1J/HDhAeTyRHe+pvB
9GeXDn2MYT3T7MCpJg7+kS/KhYmYfziOBDfeerq7quqiAWIii0buc6uRyZEb8fQU
htt2RwSWtyeNZ7f43HsBihKk3/GC5Gcht1ZPj9Hh09PACbnFxo10/2QiEx5zCdno
f3T6RJzm9hOGbfkt0p6+O4hN9qQjks9xED/ZoBeFjjFY8sS6zMbYtw/9agG1tmsI
rq4nJ66Hc4KCdlLREWCwV8c3A27D543pcx5yiFCP/TOZik1wDa5i
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:30:30 2026 by rpki-client