Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/210AF2A29C3D11F080E2A01BC4F9AE02.roa
File: 210AF2A29C3D11F080E2A01BC4F9AE02.roa (raw, json)
Hash identifier: zmoI0Eka0O1bMX6JFDI9ou4KCxfrByUS4flBf1nyIf8=
Subject key identifier: B9:13:1F:54:56:8E:C0:B6:F6:92:9B:17:BE:0A:09:75:C0:D5:FC:AD
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: DB06
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/210AF2A29C3D11F080E2A01BC4F9AE02.roa
Signing time: Sun 01 Mar 2026 23:06:30 +0000
ROA not before: Mon 09 Feb 2026 06:14:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 138296
IP address blocks: 103.2.190.0/23 maxlen: 24
103.31.140.0/23 maxlen: 24
103.31.142.0/23 maxlen: 24
103.31.220.0/23 maxlen: 24
103.41.32.0/22 maxlen: 24
103.93.192.0/22 maxlen: 24
103.111.70.0/24 maxlen: 24
103.115.154.0/23 maxlen: 24
103.119.172.0/23 maxlen: 24
103.123.154.0/23 maxlen: 24
103.123.224.0/22 maxlen: 24
103.124.22.0/23 maxlen: 24
103.124.122.0/23 maxlen: 24
103.127.116.0/23 maxlen: 24
103.127.252.0/24 maxlen: 24
103.132.100.0/23 maxlen: 24
103.133.116.0/24 maxlen: 24
103.134.4.0/22 maxlen: 24
103.142.106.0/24 maxlen: 24
103.143.8.0/23 maxlen: 23
103.143.8.0/24 maxlen: 24
103.143.9.0/24 maxlen: 24
103.157.178.0/23 maxlen: 24
103.157.222.0/23 maxlen: 24
103.158.48.0/23 maxlen: 24
103.167.176.0/23 maxlen: 24
103.171.51.0/24 maxlen: 24
103.171.210.0/23 maxlen: 24
103.172.85.0/24 maxlen: 24
103.172.86.0/23 maxlen: 24
103.172.156.0/23 maxlen: 24
103.173.120.0/23 maxlen: 24
103.173.177.0/24 maxlen: 24
103.173.205.0/24 maxlen: 24
103.173.244.0/24 maxlen: 24
103.173.245.0/24 maxlen: 24
103.174.244.0/23 maxlen: 24
103.175.60.0/23 maxlen: 24
103.179.46.0/23 maxlen: 24
103.179.232.0/24 maxlen: 24
103.179.236.0/23 maxlen: 24
103.181.54.0/23 maxlen: 24
103.190.212.0/24 maxlen: 24
103.190.213.0/24 maxlen: 24
103.195.80.0/23 maxlen: 24
103.204.132.0/22 maxlen: 24
103.212.172.0/23 maxlen: 24
103.215.184.0/23 maxlen: 24
103.217.138.0/23 maxlen: 24
103.218.106.0/23 maxlen: 24
103.218.180.0/23 maxlen: 24
103.218.184.0/23 maxlen: 24
103.218.186.0/23 maxlen: 24
103.220.232.0/23 maxlen: 24
103.225.30.0/23 maxlen: 24
103.225.116.0/23 maxlen: 24
103.227.104.0/23 maxlen: 24
103.228.72.0/23 maxlen: 24
103.229.90.0/23 maxlen: 24
103.244.94.0/23 maxlen: 24
110.44.10.0/24 maxlen: 24
110.44.11.0/24 maxlen: 24
2001:df2:380::/48 maxlen: 48
2400:4fe0::/32 maxlen: 32
2404:58c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 07:20:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56070 (0xdb06)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Feb 9 06:14:21 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a4c675-b32a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:24:ba:3c:cb:37:42:fa:4a:9c:9b:d6:47:d2:
1d:fc:9d:5e:7f:43:05:a0:f8:e4:15:56:64:e5:69:
be:fc:ce:ba:d2:e9:a3:51:b0:06:27:85:c1:6d:98:
6a:7e:d7:8e:3f:12:e5:4f:9b:fe:71:e0:62:56:bc:
ef:0f:69:20:a1:ac:22:3e:4d:9e:a8:a2:6c:7c:45:
65:a6:62:19:24:02:17:4b:8e:0c:3e:5e:a5:e0:31:
a1:59:18:b5:51:87:e3:90:5e:88:da:e6:91:0f:3c:
15:22:4e:ce:24:9b:8b:8d:6a:35:5a:f2:b2:24:77:
dd:e8:3d:c8:05:d9:16:35:fe:55:f1:20:67:e6:2a:
cb:1d:cf:80:fa:99:c2:ca:1e:0d:14:3d:15:57:6c:
71:fc:c5:2e:71:a2:17:f5:7e:03:a7:02:b9:7f:2e:
2a:c2:3c:5b:01:b2:5e:8a:6b:3a:73:bb:41:f2:e7:
d3:34:68:d2:ea:56:c5:e9:0c:39:2c:d2:da:74:c7:
6d:7e:91:08:60:71:cb:c0:56:ab:11:38:51:34:81:
29:71:94:12:f2:d9:18:dc:1b:80:93:88:15:b5:23:
e1:41:4f:4a:65:5e:d5:67:8c:55:5c:78:43:5a:7c:
1a:2b:2a:54:ba:6c:4f:99:b8:a0:40:3a:ad:ba:e5:
e5:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:13:1F:54:56:8E:C0:B6:F6:92:9B:17:BE:0A:09:75:C0:D5:FC:AD
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/210AF2A29C3D11F080E2A01BC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.2.190.0/23
103.31.140.0/22
103.31.220.0/23
103.41.32.0/22
103.93.192.0/22
103.111.70.0/24
103.115.154.0/23
103.119.172.0/23
103.123.154.0/23
103.123.224.0/22
103.124.22.0/23
103.124.122.0/23
103.127.116.0/23
103.127.252.0/24
103.132.100.0/23
103.133.116.0/24
103.134.4.0/22
103.142.106.0/24
103.143.8.0/23
103.157.178.0/23
103.157.222.0/23
103.158.48.0/23
103.167.176.0/23
103.171.51.0/24
103.171.210.0/23
103.172.85.0-103.172.87.255
103.172.156.0/23
103.173.120.0/23
103.173.177.0/24
103.173.205.0/24
103.173.244.0/23
103.174.244.0/23
103.175.60.0/23
103.179.46.0/23
103.179.232.0/24
103.179.236.0/23
103.181.54.0/23
103.190.212.0/23
103.195.80.0/23
103.204.132.0/22
103.212.172.0/23
103.215.184.0/23
103.217.138.0/23
103.218.106.0/23
103.218.180.0/23
103.218.184.0/22
103.220.232.0/23
103.225.30.0/23
103.225.116.0/23
103.227.104.0/23
103.228.72.0/23
103.229.90.0/23
103.244.94.0/23
110.44.10.0/23
IPv6:
2001:df2:380::/48
2400:4fe0::/32
2404:58c0::/48
Signature Algorithm: sha256WithRSAEncryption
48:2a:9d:39:4b:b1:19:16:48:45:4e:bf:30:d2:f3:ea:0e:ce:
0c:a2:cc:58:e0:a1:87:c4:38:47:d9:06:d7:b7:d9:da:fb:f3:
37:67:fd:25:3f:54:1d:ed:4f:e6:41:9f:1f:7c:6c:e1:7b:4a:
06:65:d4:9e:cb:6d:51:b9:fc:07:a6:a5:30:17:46:5b:50:5a:
cd:50:69:05:3e:13:54:dd:81:ca:18:43:20:c1:76:d8:2b:50:
8c:31:49:cf:a3:c7:60:88:d4:6e:51:3c:6c:26:22:ff:ef:f1:
ea:63:b8:31:ae:6e:bb:c4:6b:80:c1:b0:42:d2:cd:ac:65:5b:
e2:0d:cc:aa:64:92:01:ce:3c:12:3e:b4:d2:5e:03:f5:11:f2:
8d:da:1e:1e:da:29:28:b9:e5:b3:6a:f0:ab:11:61:54:d7:5e:
9c:81:02:f3:3f:8b:8c:0a:13:f6:74:02:b6:6c:cc:35:dc:3f:
a4:f6:a2:68:1f:5d:7f:43:67:37:41:41:36:6b:7d:76:f8:dd:
a7:ff:f4:fa:b3:71:50:3d:72:0b:e0:c9:78:e7:f4:5f:98:6a:
5e:50:8c:75:94:ab:3e:65:f2:48:94:4f:d6:41:8e:dc:11:fc:
d5:2f:3e:8d:2d:11:7b:15:16:69:01:9f:1f:b3:0d:41:dc:ac:
6d:df:6b:8d
-----BEGIN CERTIFICATE-----
MIIGrjCCBZagAwIBAgIDANsGMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDIwOTA2MTQyMVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjlhNGM2NzUtYjMyYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMkujzLN0L6Spyb1kfSHfydXn9DBaD45BVWZOVpvvzOutLpo1GwBieFwW2Y
an7Xjj8S5U+b/nHgYla87w9pIKGsIj5NnqiibHxFZaZiGSQCF0uODD5epeAxoVkY
tVGH45BeiNrmkQ88FSJOziSbi41qNVrysiR33eg9yAXZFjX+VfEgZ+Yqyx3PgPqZ
wsoeDRQ9FVdscfzFLnGiF/V+A6cCuX8uKsI8WwGyXoprOnO7QfLn0zRo0upWxekM
OSzS2nTHbX6RCGBxy8BWqxE4UTSBKXGUEvLZGNwbgJOIFbUj4UFPSmVe1WeMVVx4
Q1p8GisqVLpsT5m4oEA6rbrl5Y8CAwEAAaOCA9EwggPNMB0GA1UdDgQWBBS5Ex9U
Vo7AtvaSmxe+Cgl1wNX8rTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzIxMEFGMkEy
OUMzRDExRjA4MEUyQTAxQkM0RjlBRTAyLnJvYTCCAY4GCCsGAQUFBwEHAQH/BIIB
fTCCAXkwggFUBAIAATCCAUwDBAFnAr4DBAJnH4wDBAFnH9wDBAJnKSADBAJnXcAD
BABnb0YDBAFnc5oDBAFnd6wDBAFne5oDBAJne+ADBAFnfBYDBAFnfHoDBAFnf3QD
BABnf/wDBAFnhGQDBABnhXQDBAJnhgQDBABnjmoDBAFnjwgDBAFnnbIDBAFnnd4D
BAFnnjADBAFnp7ADBABnqzMDBAFnq9IwDAMEAGesVQMEA2esUAMEAWesnAMEAWet
eAMEAGetsQMEAGetzQMEAWet9AMEAWeu9AMEAWevPAMEAWezLgMEAGez6AMEAWez
7AMEAWe1NgMEAWe+1AMEAWfDUAMEAmfMhAMEAWfUrAMEAWfXuAMEAWfZigMEAWfa
agMEAWfatAMEAmfauAMEAWfc6AMEAWfhHgMEAWfhdAMEAWfjaAMEAWfkSAMEAWfl
WgMEAWf0XgMEAW4sCjAfBAIAAjAZAwcAIAEN8gOAAwUAJABP4AMHACQEWMAAADAN
BgkqhkiG9w0BAQsFAAOCAQEASCqdOUuxGRZIRU6/MNLz6g7ODKLMWOChh8Q4R9kG
17fZ2vvzN2f9JT9UHe1P5kGfH3xs4XtKBmXUnsttUbn8B6alMBdGW1BazVBpBT4T
VN2ByhhDIMF22CtQjDFJz6PHYIjUblE8bCYi/+/x6mO4Ma5uu8RrgMGwQtLNrGVb
4g3MqmSSAc48Ej600l4D9RHyjdoeHtopKLnls2rwqxFhVNdenIEC8z+LjAoT9nQC
tmzMNdw/pPaiaB9df0NnN0FBNmt9dvjdp//0+rNxUD1yC+DJeOf0X5hqXlCMdZSr
PmXySJRP1kGO3BH81S8+jS0RexUWaQGfH7MNQdysbd9rjQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:07:12 2026 by rpki-client