Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/0774A2C894F211EAB30E7682C4F9AE02.roa
File: 0774A2C894F211EAB30E7682C4F9AE02.roa (raw, json)
Hash identifier: l2tsnXDfo/hIktpCNOIO2/elh/NggYLVtKn+htr+20w=
Subject key identifier: E8:EB:D9:45:73:C7:2D:F8:EC:65:2A:38:AC:5F:C2:F0:86:0B:E4:13
Certificate issuer: /CN=A917F8A9/serialNumber=5C0AB425F2B4235E1C815683BD6C8E8B7B80B727
Certificate serial: 0A12
Authority key identifier: 5C:0A:B4:25:F2:B4:23:5E:1C:81:56:83:BD:6C:8E:8B:7B:80:B7:27
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/0774A2C894F211EAB30E7682C4F9AE02.roa
Signing time: Sun 01 Mar 2026 11:49:41 +0000
ROA not before: Thu 20 Mar 2025 20:30:29 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 136384
IP address blocks: 43.251.252.0/24 maxlen: 24
43.251.253.0/24 maxlen: 24
43.251.254.0/24 maxlen: 24
43.251.255.0/24 maxlen: 24
103.86.52.0/22 maxlen: 24
202.165.226.0/24 maxlen: 24
202.165.227.0/24 maxlen: 24
202.165.230.0/24 maxlen: 24
202.165.232.0/24 maxlen: 24
202.165.233.0/24 maxlen: 24
202.165.234.0/24 maxlen: 24
202.165.236.0/24 maxlen: 24
202.165.237.0/24 maxlen: 24
202.165.238.0/24 maxlen: 24
202.165.246.0/24 maxlen: 24
202.165.250.0/24 maxlen: 24
2400:b940:a::/48 maxlen: 48
2400:b940:b::/48 maxlen: 48
2400:b940:c::/48 maxlen: 48
2400:b940:d::/48 maxlen: 48
2400:b940:e::/48 maxlen: 48
2400:b940:f::/48 maxlen: 48
2400:b940:10::/48 maxlen: 48
2400:b940:11::/48 maxlen: 48
2400:b940:12::/48 maxlen: 48
2400:b940:13::/48 maxlen: 48
2400:b940:14::/48 maxlen: 48
2400:b940:15::/48 maxlen: 48
2400:b940:16::/48 maxlen: 48
2400:b940:18::/48 maxlen: 48
2400:b940:19::/48 maxlen: 48
2400:b940:1a::/48 maxlen: 48
2400:b940:1b::/48 maxlen: 48
2400:b940:1c::/48 maxlen: 48
2400:b940:1d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.crl
rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:24:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2578 (0xa12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917F8A9, serialNumber=5C0AB425F2B4235E1C815683BD6C8E8B7B80B727
Validity
Not Before: Mar 20 20:30:29 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=69a427d5-a923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fc:4a:92:e6:31:b4:a0:a9:a9:2e:c8:6c:8b:
f5:ea:0d:fb:62:cf:bc:b9:30:42:1b:5b:f6:b5:1b:
e8:40:fa:82:78:b1:28:9e:82:04:02:a5:d1:9f:90:
c4:66:7d:6b:9d:4e:b3:12:19:61:1a:55:8b:06:69:
e1:86:bb:a3:2c:8d:03:68:23:09:e4:aa:ef:b0:a1:
e1:42:6e:6f:2f:18:05:12:e4:a6:94:fc:40:3a:82:
8b:5c:c2:8e:da:e8:27:8c:74:d9:d1:60:be:0b:93:
3c:4e:b9:a8:30:66:d6:24:21:50:1a:84:fe:b4:e3:
b3:3c:39:35:d0:dd:38:43:3b:b0:b2:d6:30:46:11:
5d:f6:8c:2a:df:2f:75:6e:19:54:a0:eb:9f:54:20:
b9:af:62:66:4c:01:9c:f0:bf:94:04:2a:e7:d5:d9:
14:04:64:c6:88:9b:40:56:e5:cd:5e:79:3f:20:7f:
68:67:f7:4e:0f:e7:ef:0a:aa:25:fe:6b:c6:29:ad:
98:35:26:1a:36:43:fe:e0:3b:d8:3d:88:19:15:70:
74:ed:cd:05:9e:7d:c0:9e:e8:81:f8:3a:45:84:c4:
d8:34:fb:53:c1:40:a4:ce:22:9b:79:6b:25:56:ba:
a1:6d:43:ce:84:aa:01:81:bb:3d:7d:29:6a:88:8e:
ab:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:EB:D9:45:73:C7:2D:F8:EC:65:2A:38:AC:5F:C2:F0:86:0B:E4:13
X509v3 Authority Key Identifier:
keyid:5C:0A:B4:25:F2:B4:23:5E:1C:81:56:83:BD:6C:8E:8B:7B:80:B7:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/0774A2C894F211EAB30E7682C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.251.252.0/22
103.86.52.0/22
202.165.226.0/23
202.165.230.0/24
202.165.232.0-202.165.234.255
202.165.236.0-202.165.238.255
202.165.246.0/24
202.165.250.0/24
IPv6:
2400:b940:a::-2400:b940:16:ffff:ffff:ffff:ffff:ffff
2400:b940:18::-2400:b940:1d:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
82:98:54:55:8f:cf:8e:72:ad:6e:45:9d:7e:34:6b:dd:99:f9:
04:68:8b:8e:39:e6:d3:78:6d:2b:ce:ca:ca:83:c2:5d:90:5b:
d7:0f:e6:b4:ef:18:09:79:0d:23:08:30:5d:b6:65:0c:b9:a0:
f6:9f:3b:54:b6:3a:27:98:f6:bf:86:55:db:28:59:4e:d1:08:
bd:f0:75:eb:c4:92:2e:6f:8f:e9:44:cd:74:85:ca:d9:46:17:
07:a7:c7:de:51:68:98:6b:88:81:9e:c1:ee:c5:d2:70:d4:89:
b9:21:a2:5e:58:6f:ff:09:4a:7d:56:ae:fd:0f:42:6b:93:24:
0a:0c:79:9a:77:d1:28:4e:26:9e:11:26:54:4f:c2:c0:07:12:
ee:46:ae:04:1e:c1:b3:81:37:1f:8d:21:e2:35:49:06:21:1e:
f5:0d:7a:2b:9d:0a:b3:0f:6f:9d:29:47:4e:38:af:5e:c2:d6:
60:f7:5d:f2:95:86:bb:eb:9a:4e:b5:5a:af:d2:f8:1b:ed:78:
2b:f3:dc:03:10:3a:35:75:71:73:22:4f:7c:46:b2:a2:d0:81:
fa:bd:a4:13:c4:b7:ee:72:79:d6:f2:bd:5f:f4:65:2b:d8:93:
b9:0e:05:0f:7e:a9:16:72:b7:ea:90:f7:6b:ee:f2:a7:cf:2a:
bc:20:78:ca
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgICChIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0Y4QTkxMTAvBgNVBAUTKDVDMEFCNDI1RjJCNDIzNUUxQzgxNTY4M0JENkM4RThC
N0I4MEI3MjcwHhcNMjUwMzIwMjAzMDI5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0MjdkNS1hOTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2vxKkuYxtKCpqS7IbIv16g37Ys+8uTBCG1v2tRvoQPqCeLEonoIEAqXRn5DE
Zn1rnU6zEhlhGlWLBmnhhrujLI0DaCMJ5KrvsKHhQm5vLxgFEuSmlPxAOoKLXMKO
2ugnjHTZ0WC+C5M8TrmoMGbWJCFQGoT+tOOzPDk10N04QzuwstYwRhFd9owq3y91
bhlUoOufVCC5r2JmTAGc8L+UBCrn1dkUBGTGiJtAVuXNXnk/IH9oZ/dOD+fvCqol
/mvGKa2YNSYaNkP+4DvYPYgZFXB07c0Fnn3AnuiB+DpFhMTYNPtTwUCkziKbeWsl
VrqhbUPOhKoBgbs9fSlqiI6rAwIDAQABo4ICyzCCAscwHQYDVR0OBBYEFOjr2UVz
xy347GUqOKxfwvCGC+QTMB8GA1UdIwQYMBaAFFwKtCXytCNeHIFWg71sjot7gLcn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RjhBOS8yQUEwNDMzMDk0
RjAxMUVBODNFRjFFN0RDNEY5QUUwMi9YQXEwSmZLMEkxNGNnVmFEdld5T2kzdUF0
eWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hBcTBKZkswSTE0Y2dWYUR2V3lPaTN1QXR5Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0Y4QTkvMkFBMDQzMzA5NEYwMTFFQTgzRUYxRTdEQzRGOUFFMDIvMDc3NEEyQzg5
NEYyMTFFQUIzMEU3NjgyQzRGOUFFMDIucm9hMIGJBggrBgEFBQcBBwEB/wR6MHgw
RgQCAAEwQAMEAiv7/AMEAmdWNAMEAcql4gMEAMql5jAMAwQDyqXoAwQAyqXqMAwD
BALKpewDBADKpe4DBADKpfYDBADKpfowLgQCAAIwKDASAwcBJAC5QAAKAwcAJAC5
QAAWMBIDBwMkALlAABgDBwEkALlAABwwDQYJKoZIhvcNAQELBQADggEBAIKYVFWP
z45yrW5FnX40a92Z+QRoi4455tN4bSvOysqDwl2QW9cP5rTvGAl5DSMIMF22ZQy5
oPafO1S2OieY9r+GVdsoWU7RCL3wdevEki5vj+lEzXSFytlGFwenx95RaJhriIGe
we7F0nDUibkhol5Yb/8JSn1Wrv0PQmuTJAoMeZp30ShOJp4RJlRPwsAHEu5GrgQe
wbOBNx+NIeI1SQYhHvUNeiudCrMPb50pR044r17C1mD3XfKVhrvrmk61Wq/S+Bvt
eCvz3AMQOjV1cXMiT3xGsqLQgfq9pBPEt+5yedbyvV/0ZSvYk7kOBQ9+qRZyt+qQ
92vu8qfPKrwgeMo=
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:51:14 2026 by rpki-client