Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/B8D18508EDE011EF88407251C4F9AE02.roa
File: B8D18508EDE011EF88407251C4F9AE02.roa (raw, json)
Hash identifier: NdZ92kK8LP+A4ucoxj2Mn/YHm/Cj8wuqKbvHDIwNWi0=
Subject key identifier: FB:C1:F5:6B:0B:DC:8A:1F:4B:AC:80:D1:AE:F1:44:3D:6B:4E:0E:47
Certificate issuer: /CN=A918C661/serialNumber=1EC42C1B69E16F5F37C73D81BF9FAB1F4BA42329
Certificate serial: 0B23
Authority key identifier: 1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/B8D18508EDE011EF88407251C4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:47:21 +0000
ROA not before: Sat 08 Nov 2025 19:10:05 +0000
ROA not after: Sun 31 Jan 2027 00:00:00 +0000
asID: 64050
IP address blocks: 1.32.192.0/18 maxlen: 24
14.128.32.0/19 maxlen: 24
27.50.48.0/20 maxlen: 24
27.124.0.0/18 maxlen: 24
103.200.200.0/22 maxlen: 24
118.107.0.0/18 maxlen: 19
118.107.0.0/19 maxlen: 23
118.107.0.0/22 maxlen: 24
118.107.4.0/24 maxlen: 24
118.107.6.0/23 maxlen: 24
118.107.8.0/21 maxlen: 24
118.107.16.0/20 maxlen: 24
118.107.32.0/20 maxlen: 24
118.107.56.0/21 maxlen: 24
118.107.176.0/22 maxlen: 24
180.222.204.0/22 maxlen: 24
182.173.70.0/24 maxlen: 24
202.36.48.0/20 maxlen: 24
202.61.128.0/18 maxlen: 24
202.79.160.0/20 maxlen: 24
202.95.0.0/22 maxlen: 24
202.95.4.0/22 maxlen: 24
202.95.8.0/21 maxlen: 24
202.95.16.0/20 maxlen: 24
202.162.96.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/HsQsG2nhb183xz2Bv5-rH0ukIyk.crl
rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/HsQsG2nhb183xz2Bv5-rH0ukIyk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:35:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2851 (0xb23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C661, serialNumber=1EC42C1B69E16F5F37C73D81BF9FAB1F4BA42329
Validity
Not Before: Nov 8 19:10:05 2025 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=69a47ba9-726f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:2b:58:c6:ef:4e:a8:b0:52:7c:98:ed:4c:5c:
e9:44:df:95:73:ce:06:6e:bf:f7:f8:3d:ae:81:c5:
39:8c:9d:fb:74:1d:0c:43:3b:9e:83:a7:82:00:b1:
1c:b2:97:06:d3:93:3f:29:0d:6f:72:a7:61:e9:90:
8d:af:b6:31:48:1d:19:e1:78:7d:45:56:72:e2:32:
cf:c5:97:5b:03:7e:ba:5b:6d:34:3c:13:c5:35:41:
f5:e3:5b:13:81:b2:fd:87:e9:b3:84:8b:60:d0:7c:
26:de:d4:98:9d:68:bd:ec:4e:e2:e7:af:cc:77:c1:
a0:84:59:70:41:9c:20:24:2a:5b:6f:ab:70:f6:63:
f7:fc:7e:97:27:67:27:5c:6b:1f:21:32:87:9e:47:
e1:4f:bc:7b:07:80:fc:4d:49:70:9a:25:38:8b:dd:
8c:aa:f6:d3:4a:a0:4b:ac:a3:ab:1e:81:ba:e4:05:
08:8c:b8:63:35:65:b7:21:44:15:bc:f9:8c:4a:d8:
ba:92:af:5e:2f:73:2c:6f:1b:4f:5f:1a:c5:f0:10:
e8:08:48:95:57:11:3e:ca:eb:3a:c6:7b:47:7c:af:
ca:00:e7:7e:41:50:00:63:7f:53:fe:c2:55:c6:a6:
34:1f:34:77:c6:34:77:88:89:bd:88:80:a5:04:32:
5b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:C1:F5:6B:0B:DC:8A:1F:4B:AC:80:D1:AE:F1:44:3D:6B:4E:0E:47
X509v3 Authority Key Identifier:
keyid:1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/HsQsG2nhb183xz2Bv5-rH0ukIyk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/B8D18508EDE011EF88407251C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
1.32.192.0/18
14.128.32.0/19
27.50.48.0/20
27.124.0.0/18
103.200.200.0/22
118.107.0.0/18
118.107.176.0/22
180.222.204.0/22
182.173.70.0/24
202.36.48.0/20
202.61.128.0/18
202.79.160.0/20
202.95.0.0/19
202.162.96.0/20
Signature Algorithm: sha256WithRSAEncryption
24:d2:61:78:03:73:86:be:aa:d5:dc:e5:07:3c:66:dc:96:2f:
0f:28:15:44:84:d0:4e:1e:25:59:ed:c9:c5:02:fb:3b:b7:f3:
5d:3f:95:7d:56:1f:32:29:7c:5d:f9:d4:90:c0:6f:ca:ee:c8:
1d:4f:f3:b0:a4:bd:72:6c:3b:b5:64:a6:8c:b1:ea:37:b2:3a:
d2:90:aa:00:74:26:0d:27:a3:83:48:0a:ce:cb:7f:30:01:d7:
12:5d:01:c6:d2:22:bd:bf:97:e9:68:e3:ab:fe:74:63:64:d4:
3f:03:75:f7:16:60:c4:3f:de:e9:28:6e:5a:c4:10:92:2e:20:
a5:4b:a6:54:4f:ae:1a:4c:cd:c4:3b:dd:18:b5:74:86:2f:90:
56:ce:01:43:c4:d4:52:11:d6:3d:d8:fa:36:1b:db:6a:5a:3c:
02:e7:98:00:07:41:5e:99:56:70:49:e3:ce:a8:0c:3f:29:77:
68:aa:a5:a7:ee:ce:00:2e:7a:d3:e9:e3:8b:b3:a1:41:11:38:
20:c5:91:40:32:e8:5f:5c:76:ba:dd:5b:5e:41:c1:df:d4:a0:
8c:76:d8:0e:59:e0:f3:06:0c:c3:97:35:cf:d3:2b:ae:33:d6:
b5:3e:19:17:bc:06:29:82:a9:ee:ae:8b:91:4a:b0:aa:6d:2c:
44:b1:74:89
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgICCyMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEM2NjExMTAvBgNVBAUTKDFFQzQyQzFCNjlFMTZGNUYzN0M3M0Q4MUJGOUZBQjFG
NEJBNDIzMjkwHhcNMjUxMTA4MTkxMDA1WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0N2JhOS03MjZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6StYxu9OqLBSfJjtTFzpRN+Vc84Gbr/3+D2ugcU5jJ37dB0MQzueg6eCALEc
spcG05M/KQ1vcqdh6ZCNr7YxSB0Z4Xh9RVZy4jLPxZdbA366W200PBPFNUH141sT
gbL9h+mzhItg0Hwm3tSYnWi97E7i56/Md8GghFlwQZwgJCpbb6tw9mP3/H6XJ2cn
XGsfITKHnkfhT7x7B4D8TUlwmiU4i92MqvbTSqBLrKOrHoG65AUIjLhjNWW3IUQV
vPmMSti6kq9eL3MsbxtPXxrF8BDoCEiVVxE+yus6xntHfK/KAOd+QVAAY39T/sJV
xqY0HzR3xjR3iIm9iIClBDJblQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFPvB9WsL
3IofS6yA0a7xRD1rTg5HMB8GA1UdIwQYMBaAFB7ELBtp4W9fN8c9gb+fqx9LpCMp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzY2MS8wQkJEOUVBMjgz
NkQxMUVBQjRBMkQ3NkRDNEY5QUUwMi9Ic1FzRzJuaGIxODN4ejJCdjUtckgwdWtJ
eWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hzUXNHMm5oYjE4M3h6MkJ2NS1ySDB1a0l5ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEM2NjEvMEJCRDlFQTI4MzZEMTFFQUI0QTJENzZEQzRGOUFFMDIvQjhEMTg1MDhF
REUwMTFFRjg4NDA3MjUxQzRGOUFFMDIucm9hMG0GCCsGAQUFBwEHAQH/BF4wXDBa
BAIAATBUAwQGASDAAwQFDoAgAwQEGzIwAwQGG3wAAwQCZ8jIAwQGdmsAAwQCdmuw
AwQCtN7MAwQAtq1GAwQEyiQwAwQGyj2AAwQEyk+gAwQFyl8AAwQEyqJgMA0GCSqG
SIb3DQEBCwUAA4IBAQAk0mF4A3OGvqrV3OUHPGbcli8PKBVEhNBOHiVZ7cnFAvs7
t/NdP5V9Vh8yKXxd+dSQwG/K7sgdT/OwpL1ybDu1ZKaMseo3sjrSkKoAdCYNJ6OD
SArOy38wAdcSXQHG0iK9v5fpaOOr/nRjZNQ/A3X3FmDEP97pKG5axBCSLiClS6ZU
T64aTM3EO90YtXSGL5BWzgFDxNRSEdY92Po2G9tqWjwC55gAB0FemVZwSePOqAw/
KXdoqqWn7s4ALnrT6eOLs6FBETggxZFAMuhfXHa63VteQcHf1KCMdtgOWeDzBgzD
lzXP0yuuM9a1PhkXvAYpgqnurouRSrCqbSxEsXSJ
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:03:39 2026 by rpki-client