Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/210AF2A29C3D11F080E2A01BC4F9AE02.roa
File: 210AF2A29C3D11F080E2A01BC4F9AE02.roa (raw, json)
Hash identifier: OVB3xs+1oisHhFfmGeDeS5umB0GFcbHcwodPhrpfxOM=
Subject key identifier: 88:EC:89:B9:46:C1:C1:2A:9F:8B:00:BC:D2:2E:12:6D:6C:8F:A3:8D
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: DD8D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/210AF2A29C3D11F080E2A01BC4F9AE02.roa
Signing time: Sat 04 Apr 2026 16:59:37 +0000
ROA not before: Sat 04 Apr 2026 16:59:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 138296
IP address blocks: 27.0.148.0/22 maxlen: 24
103.2.190.0/23 maxlen: 24
103.31.140.0/23 maxlen: 24
103.31.142.0/23 maxlen: 24
103.31.220.0/23 maxlen: 24
103.41.32.0/22 maxlen: 24
103.93.192.0/22 maxlen: 24
103.111.70.0/24 maxlen: 24
103.115.154.0/23 maxlen: 24
103.119.172.0/23 maxlen: 24
103.123.154.0/23 maxlen: 24
103.123.224.0/22 maxlen: 24
103.124.22.0/23 maxlen: 24
103.124.122.0/23 maxlen: 24
103.127.116.0/23 maxlen: 24
103.127.252.0/24 maxlen: 24
103.132.100.0/23 maxlen: 24
103.133.116.0/24 maxlen: 24
103.134.4.0/22 maxlen: 24
103.142.106.0/24 maxlen: 24
103.143.8.0/23 maxlen: 23
103.143.8.0/24 maxlen: 24
103.143.9.0/24 maxlen: 24
103.157.178.0/23 maxlen: 24
103.157.222.0/23 maxlen: 24
103.158.48.0/23 maxlen: 24
103.163.190.0/24 maxlen: 24
103.163.191.0/24 maxlen: 24
103.167.176.0/23 maxlen: 24
103.171.51.0/24 maxlen: 24
103.171.210.0/23 maxlen: 24
103.172.85.0/24 maxlen: 24
103.172.86.0/23 maxlen: 24
103.172.156.0/23 maxlen: 24
103.173.120.0/23 maxlen: 24
103.173.177.0/24 maxlen: 24
103.173.205.0/24 maxlen: 24
103.173.244.0/24 maxlen: 24
103.173.245.0/24 maxlen: 24
103.174.244.0/23 maxlen: 24
103.175.60.0/23 maxlen: 24
103.177.180.0/24 maxlen: 24
103.179.46.0/23 maxlen: 24
103.179.232.0/24 maxlen: 24
103.179.236.0/23 maxlen: 24
103.181.54.0/23 maxlen: 24
103.181.209.0/24 maxlen: 24
103.190.212.0/24 maxlen: 24
103.190.213.0/24 maxlen: 24
103.195.80.0/23 maxlen: 24
103.204.132.0/22 maxlen: 24
103.207.248.0/22 maxlen: 24
103.212.172.0/23 maxlen: 24
103.215.184.0/23 maxlen: 24
103.217.138.0/23 maxlen: 24
103.218.106.0/23 maxlen: 24
103.218.180.0/23 maxlen: 24
103.218.184.0/23 maxlen: 24
103.218.186.0/23 maxlen: 24
103.220.232.0/23 maxlen: 24
103.225.30.0/23 maxlen: 24
103.225.116.0/23 maxlen: 24
103.227.104.0/23 maxlen: 24
103.228.72.0/23 maxlen: 24
103.229.90.0/23 maxlen: 24
103.244.94.0/23 maxlen: 24
110.44.10.0/24 maxlen: 24
110.44.11.0/24 maxlen: 24
2001:df2:380::/48 maxlen: 48
2400:4fe0::/32 maxlen: 32
2404:58c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 24 Apr 2026 11:17:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56717 (0xdd8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Apr 4 16:59:37 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69d14379-be67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b8:51:c0:49:a3:2b:00:d4:03:12:88:33:a5:
14:da:5b:93:83:bb:e4:e1:ca:fe:b5:66:b2:bc:f6:
b8:f1:4d:04:a0:8d:58:1a:47:e7:52:31:c7:ca:36:
e8:92:8e:a4:ef:93:b4:fb:7c:72:23:f5:dd:3e:dd:
ef:a3:16:5c:c5:8b:dd:e7:ce:e0:14:79:f7:9f:a1:
7b:84:87:bf:21:51:67:fe:cb:1c:95:30:22:9d:0b:
5e:9a:0e:86:ad:2b:eb:e0:24:08:6d:e1:89:8f:71:
96:4e:01:b9:0a:be:66:43:fd:7a:f6:79:98:1b:c1:
0a:a9:f8:06:91:b0:1b:75:ee:cb:03:67:9c:d4:a7:
23:c1:8b:85:74:8e:d4:cf:60:6f:06:6c:42:16:36:
d9:0e:5f:21:7e:0a:05:c0:6e:72:bf:12:21:55:47:
d5:ec:b1:66:b8:48:9c:fa:52:be:bc:ae:39:61:8a:
64:3f:77:54:9b:02:15:c3:eb:18:57:33:a9:1f:ec:
9b:2e:7c:a5:06:32:64:fa:8f:fa:ef:46:23:63:ab:
bd:95:04:88:e9:03:b9:88:a0:59:5b:6c:fe:ce:16:
5c:f6:20:4d:27:64:2b:5b:5c:df:59:9e:1b:d9:4b:
f7:46:7a:69:88:7c:93:b6:b1:7b:4f:c0:78:d5:6d:
f7:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:EC:89:B9:46:C1:C1:2A:9F:8B:00:BC:D2:2E:12:6D:6C:8F:A3:8D
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/210AF2A29C3D11F080E2A01BC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
27.0.148.0/22
103.2.190.0/23
103.31.140.0/22
103.31.220.0/23
103.41.32.0/22
103.93.192.0/22
103.111.70.0/24
103.115.154.0/23
103.119.172.0/23
103.123.154.0/23
103.123.224.0/22
103.124.22.0/23
103.124.122.0/23
103.127.116.0/23
103.127.252.0/24
103.132.100.0/23
103.133.116.0/24
103.134.4.0/22
103.142.106.0/24
103.143.8.0/23
103.157.178.0/23
103.157.222.0/23
103.158.48.0/23
103.163.190.0/23
103.167.176.0/23
103.171.51.0/24
103.171.210.0/23
103.172.85.0-103.172.87.255
103.172.156.0/23
103.173.120.0/23
103.173.177.0/24
103.173.205.0/24
103.173.244.0/23
103.174.244.0/23
103.175.60.0/23
103.177.180.0/24
103.179.46.0/23
103.179.232.0/24
103.179.236.0/23
103.181.54.0/23
103.181.209.0/24
103.190.212.0/23
103.195.80.0/23
103.204.132.0/22
103.207.248.0/22
103.212.172.0/23
103.215.184.0/23
103.217.138.0/23
103.218.106.0/23
103.218.180.0/23
103.218.184.0/22
103.220.232.0/23
103.225.30.0/23
103.225.116.0/23
103.227.104.0/23
103.228.72.0/23
103.229.90.0/23
103.244.94.0/23
110.44.10.0/23
IPv6:
2001:df2:380::/48
2400:4fe0::/32
2404:58c0::/48
Signature Algorithm: sha256WithRSAEncryption
a1:8c:d7:05:8d:94:69:04:1a:00:cb:3b:19:68:e7:87:40:2f:
ef:0a:13:87:94:a1:74:3b:c1:b4:76:85:01:b3:a6:5b:82:9c:
97:86:e6:d9:c0:39:ed:72:48:17:f4:b1:64:ce:40:3e:f3:5a:
60:b1:f6:45:8b:85:0b:b8:d5:08:31:04:a1:bc:bf:15:dc:c6:
2a:ac:3d:83:c8:0b:28:ba:c6:d1:4c:b9:2e:0e:17:ae:b6:af:
84:2d:cd:9d:99:4d:10:40:d5:29:63:b2:b3:bc:79:1c:f2:93:
8e:cd:49:5e:f0:cb:b3:0b:20:7a:d0:58:ff:b7:2e:38:06:84:
c1:28:35:d2:fe:0d:43:61:c5:3a:a6:e9:97:55:ef:7e:8a:fb:
5d:8a:27:0f:14:5d:4d:32:e2:a3:fd:95:6b:c2:a1:93:40:4f:
78:11:09:7a:e0:d4:3d:b3:96:9e:ed:62:d9:08:82:a3:5a:79:
a9:fc:8e:ec:67:12:7f:02:c3:b7:ab:8e:03:38:d2:09:62:85:
9c:fb:3b:c6:4b:5f:25:bf:c9:3a:20:03:20:56:c6:66:84:c3:
b8:b7:84:cd:16:df:f4:93:fa:c7:89:20:81:55:95:3c:91:d7:
91:e3:8b:29:1e:48:4c:0a:b6:05:41:f7:bb:5b:7b:8e:24:b2:
a3:7a:ff:be
-----BEGIN CERTIFICATE-----
MIIGzDCCBbSgAwIBAgIDAN2NMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDQwNDE2NTkzN1oXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjlkMTQzNzktYmU2NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKi4UcBJoysA1AMSiDOlFNpbk4O75OHK/rVmsrz2uPFNBKCNWBpH51Ixx8o2
6JKOpO+TtPt8ciP13T7d76MWXMWL3efO4BR595+he4SHvyFRZ/7LHJUwIp0LXpoO
hq0r6+AkCG3hiY9xlk4BuQq+ZkP9evZ5mBvBCqn4BpGwG3XuywNnnNSnI8GLhXSO
1M9gbwZsQhY22Q5fIX4KBcBucr8SIVVH1eyxZrhInPpSvryuOWGKZD93VJsCFcPr
GFczqR/smy58pQYyZPqP+u9GI2OrvZUEiOkDuYigWVts/s4WXPYgTSdkK1tc31me
G9lL90Z6aYh8k7axe0/AeNVt95sCAwEAAaOCA+8wggPrMB0GA1UdDgQWBBSI7Im5
RsHBKp+LALzSLhJtbI+jjTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzIxMEFGMkEy
OUMzRDExRjA4MEUyQTAxQkM0RjlBRTAyLnJvYTCCAawGCCsGAQUFBwEHAQH/BIIB
mzCCAZcwggFyBAIAATCCAWoDBAIbAJQDBAFnAr4DBAJnH4wDBAFnH9wDBAJnKSAD
BAJnXcADBABnb0YDBAFnc5oDBAFnd6wDBAFne5oDBAJne+ADBAFnfBYDBAFnfHoD
BAFnf3QDBABnf/wDBAFnhGQDBABnhXQDBAJnhgQDBABnjmoDBAFnjwgDBAFnnbID
BAFnnd4DBAFnnjADBAFno74DBAFnp7ADBABnqzMDBAFnq9IwDAMEAGesVQMEA2es
UAMEAWesnAMEAWeteAMEAGetsQMEAGetzQMEAWet9AMEAWeu9AMEAWevPAMEAGex
tAMEAWezLgMEAGez6AMEAWez7AMEAWe1NgMEAGe10QMEAWe+1AMEAWfDUAMEAmfM
hAMEAmfP+AMEAWfUrAMEAWfXuAMEAWfZigMEAWfaagMEAWfatAMEAmfauAMEAWfc
6AMEAWfhHgMEAWfhdAMEAWfjaAMEAWfkSAMEAWflWgMEAWf0XgMEAW4sCjAfBAIA
AjAZAwcAIAEN8gOAAwUAJABP4AMHACQEWMAAADANBgkqhkiG9w0BAQsFAAOCAQEA
oYzXBY2UaQQaAMs7GWjnh0Av7woTh5ShdDvBtHaFAbOmW4Kcl4bm2cA57XJIF/Sx
ZM5APvNaYLH2RYuFC7jVCDEEoby/FdzGKqw9g8gLKLrG0Uy5Lg4XrravhC3NnZlN
EEDVKWOys7x5HPKTjs1JXvDLswsgetBY/7cuOAaEwSg10v4NQ2HFOqbpl1Xvfor7
XYonDxRdTTLio/2Va8Khk0BPeBEJeuDUPbOWnu1i2QiCo1p5qfyO7GcSfwLDt6uO
AzjSCWKFnPs7xktfJb/JOiADIFbGZoTDuLeEzRbf9JP6x4kggVWVPJHXkeOLKR5I
TAq2BUH3u1t7jiSyo3r/vg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:35:50 2026 by rpki-client