Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1FE58C10EC7A11F098ACD3F1536F56BC.roa
File: 1FE58C10EC7A11F098ACD3F1536F56BC.roa (raw, json)
Hash identifier: V98PNI2Qbw/896MGecM8BGn9f1XZSUcxw0QnmnC56Ig=
Subject key identifier: 94:AA:A6:1E:88:79:28:C0:1A:3F:70:01:D1:C8:78:F3:37:9A:EC:B0
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: DACB
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1FE58C10EC7A11F098ACD3F1536F56BC.roa
Signing time: Sun 01 Mar 2026 23:05:34 +0000
ROA not before: Thu 08 Jan 2026 10:14:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133296
IP address blocks: 43.239.110.0/24 maxlen: 24
43.243.76.0/24 maxlen: 24
43.243.77.0/24 maxlen: 24
43.243.78.0/24 maxlen: 24
103.78.245.0/24 maxlen: 24
103.78.247.0/24 maxlen: 24
103.131.24.0/23 maxlen: 24
103.182.176.0/23 maxlen: 24
103.228.149.0/24 maxlen: 24
103.233.24.0/23 maxlen: 24
103.251.22.0/24 maxlen: 24
150.129.235.0/24 maxlen: 24
202.162.231.0/24 maxlen: 24
202.162.240.0/24 maxlen: 24
202.162.241.0/24 maxlen: 24
202.162.248.0/24 maxlen: 24
202.162.249.0/24 maxlen: 24
202.162.251.0/24 maxlen: 24
203.115.82.0/23 maxlen: 24
210.89.32.0/24 maxlen: 24
210.89.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 23:10:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56011 (0xdacb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jan 8 10:14:23 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a4c63e-0f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:56:28:6f:44:e5:70:ec:41:35:ed:e2:8b:05:
fd:7e:3f:d5:aa:2b:43:c9:86:dd:db:87:d9:69:06:
23:5f:5a:82:40:c2:9a:f9:c6:fe:d9:d9:21:57:e1:
00:a2:e1:53:d1:78:f2:9b:68:0a:b0:43:87:2a:9e:
8f:e2:12:80:e0:7c:c7:77:bd:2d:a1:77:e7:60:34:
4a:91:0d:cf:72:0a:a2:96:63:47:06:40:d2:da:df:
a8:00:c6:9d:0c:4a:ff:74:69:ae:bb:14:51:59:20:
fb:47:e4:ec:9d:54:ba:6a:85:77:7e:51:c4:f9:88:
f6:b0:b4:90:a5:4f:76:09:50:54:e9:b0:17:78:94:
d4:ab:41:3b:47:ae:3b:8f:41:f1:1a:9b:bf:72:86:
51:53:c7:ee:9e:4e:9b:34:3a:3d:97:83:ef:30:0e:
84:77:1a:e8:4f:23:3a:ea:16:63:d0:e7:3d:3a:e1:
96:f6:ef:94:d9:da:f2:c0:6f:ec:47:e8:6e:6f:7c:
fc:5f:eb:ae:ec:9c:88:b6:a2:77:4c:04:c3:97:a2:
57:d2:5f:5f:51:b2:d1:2c:53:fb:a5:0a:64:a1:b4:
f3:12:68:da:14:52:63:c5:e2:97:aa:90:64:b0:73:
53:28:49:56:4a:15:7b:29:f4:22:a2:8e:db:2c:eb:
6e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:AA:A6:1E:88:79:28:C0:1A:3F:70:01:D1:C8:78:F3:37:9A:EC:B0
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1FE58C10EC7A11F098ACD3F1536F56BC.roa
sbgp-ipAddrBlock: critical
IPv4:
43.239.110.0/24
43.243.76.0-43.243.78.255
103.78.245.0/24
103.78.247.0/24
103.131.24.0/23
103.182.176.0/23
103.228.149.0/24
103.233.24.0/23
103.251.22.0/24
150.129.235.0/24
202.162.231.0/24
202.162.240.0/23
202.162.248.0/23
202.162.251.0/24
203.115.82.0/23
210.89.32.0/24
210.89.49.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:b3:b2:31:f0:e4:84:1d:f7:a0:60:fd:71:76:28:ed:a2:dc:
9d:9f:9d:d2:41:36:96:e5:3e:39:4d:84:8f:cf:de:91:01:c2:
1e:ed:5b:3b:3a:1a:ab:05:e9:92:22:89:03:ca:dd:5c:45:ea:
b1:dc:22:f0:28:0d:cc:df:84:7f:a5:30:0a:b6:d5:fd:8e:2b:
57:55:20:73:bd:74:5a:dd:ee:14:5b:c5:8c:b8:c8:a2:05:90:
31:52:16:c7:5e:49:68:0e:cd:d8:ff:60:89:4b:f3:e2:63:8b:
53:41:2f:8f:11:4e:c0:4f:a1:25:ec:78:28:4e:93:ef:1d:ed:
5b:51:e9:89:7a:4c:ea:09:ee:16:ce:4f:9b:62:72:7d:69:d3:
73:de:c2:c4:44:50:13:0d:1a:23:a2:95:32:b6:7f:a8:cd:8f:
40:97:4c:3c:53:52:8a:2f:c9:21:ac:7c:ec:9c:a5:9e:9c:c4:
82:16:40:97:82:f8:f1:a1:1a:70:7e:73:1a:7f:c0:b0:b8:55:
21:76:02:0c:91:01:c5:a9:73:3e:5a:8d:43:30:fb:01:fe:89:
4f:15:ff:81:ed:35:37:7c:af:c2:7a:6a:a7:73:03:94:8f:63:
d9:81:e4:5f:55:36:05:23:d7:9c:db:f0:ce:ed:0e:da:ee:39:
1e:42:af:ad
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgIDANrLMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDEwODEwMTQyM1oXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjlhNGM2M2UtMGY1ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlWKG9E5XDsQTXt4osF/X4/1aorQ8mG3duH2WkGI19agkDCmvnG/tnZIVfh
AKLhU9F48ptoCrBDhyqej+ISgOB8x3e9LaF352A0SpENz3IKopZjRwZA0trfqADG
nQxK/3RprrsUUVkg+0fk7J1UumqFd35RxPmI9rC0kKVPdglQVOmwF3iU1KtBO0eu
O49B8Rqbv3KGUVPH7p5OmzQ6PZeD7zAOhHca6E8jOuoWY9DnPTrhlvbvlNna8sBv
7Efobm98/F/rruyciLaid0wEw5eiV9JfX1Gy0SxT+6UKZKG08xJo2hRSY8Xil6qQ
ZLBzUyhJVkoVeyn0IqKO2yzrbl8CAwEAAaOCAskwggLFMB0GA1UdDgQWBBSUqqYe
iHkowBo/cAHRyHjzN5rssDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzFGRTU4QzEw
RUM3QTExRjA5OEFDRDNGMTUzNkY1NkJDLnJvYTCBhwYIKwYBBQUHAQcBAf8EeDB2
MHQEAgABMG4DBAAr724wDAMEAivzTAMEACvzTgMEAGdO9QMEAGdO9wMEAWeDGAME
AWe2sAMEAGfklQMEAWfpGAMEAGf7FgMEAJaB6wMEAMqi5wMEAcqi8AMEAcqi+AME
AMqi+wMEActzUgMEANJZIAMEANJZMTANBgkqhkiG9w0BAQsFAAOCAQEAnbOyMfDk
hB33oGD9cXYo7aLcnZ+d0kE2luU+OU2Ej8/ekQHCHu1bOzoaqwXpkiKJA8rdXEXq
sdwi8CgNzN+Ef6UwCrbV/Y4rV1Ugc710Wt3uFFvFjLjIogWQMVIWx15JaA7N2P9g
iUvz4mOLU0EvjxFOwE+hJex4KE6T7x3tW1HpiXpM6gnuFs5Pm2JyfWnTc97CxERQ
Ew0aI6KVMrZ/qM2PQJdMPFNSii/JIax87JylnpzEghZAl4L48aEacH5zGn/AsLhV
IXYCDJEBxalzPlqNQzD7Af6JTxX/ge01N3yvwnpqp3MDlI9j2YHkX1U2BSPXnNvw
zu0O2u45HkKvrQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:20:14 2026 by rpki-client