Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/329956720BEA11F1B85EC7FC343D8C67.roa
File: 329956720BEA11F1B85EC7FC343D8C67.roa (raw, json)
Hash identifier: WAt/MRe1GM99IzdeKvtFcz6nHHarDR7xvSCLYbJcaR8=
Subject key identifier: 07:59:6D:85:45:8F:47:E4:E2:97:C9:01:28:85:1D:FD:42:A4:D0:2A
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: DB26
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/329956720BEA11F1B85EC7FC343D8C67.roa
Signing time: Sun 01 Mar 2026 23:07:02 +0000
ROA not before: Tue 17 Feb 2026 10:19:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132296
IP address blocks: 43.248.68.0/24 maxlen: 24
43.248.69.0/24 maxlen: 24
43.248.70.0/24 maxlen: 24
43.248.71.0/24 maxlen: 24
45.119.12.0/24 maxlen: 24
45.119.13.0/24 maxlen: 24
45.119.14.0/24 maxlen: 24
45.119.15.0/24 maxlen: 24
103.57.252.0/24 maxlen: 24
103.57.253.0/24 maxlen: 24
103.57.254.0/24 maxlen: 24
103.57.255.0/24 maxlen: 24
103.116.169.0/24 maxlen: 24
103.147.174.0/23 maxlen: 24
103.148.138.0/23 maxlen: 24
103.157.206.0/23 maxlen: 24
103.157.230.0/23 maxlen: 24
103.162.224.0/23 maxlen: 24
103.171.126.0/23 maxlen: 24
103.174.26.0/23 maxlen: 24
103.177.58.0/23 maxlen: 24
103.177.128.0/24 maxlen: 24
103.177.129.0/24 maxlen: 24
103.181.147.0/24 maxlen: 24
103.255.36.0/24 maxlen: 24
103.255.37.0/24 maxlen: 24
103.255.38.0/24 maxlen: 24
103.255.39.0/24 maxlen: 24
2402:5c80::/32 maxlen: 32
2407:6fc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 11:16:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56102 (0xdb26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Feb 17 10:19:52 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a4c696-a0c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:49:b4:4f:73:74:47:08:87:a4:d3:02:c9:c2:
5a:8b:60:d9:5a:0c:02:b5:80:b1:82:f5:ae:86:38:
98:1f:96:8a:60:60:0d:21:cd:61:aa:05:64:37:8d:
81:10:55:5e:f9:35:50:ad:75:26:b7:06:5d:c1:15:
de:3e:2b:bf:97:c3:ce:34:b0:fb:75:a6:ca:8a:a2:
e5:8d:1c:87:9f:7e:9e:da:95:e5:a3:3c:5c:1e:81:
0e:10:ab:ec:a8:92:76:91:60:67:86:0a:f4:c4:06:
df:e6:85:9d:23:29:66:ce:17:b6:84:0f:e4:0b:57:
56:2f:96:78:19:7c:f4:5d:41:44:85:e5:c3:d4:6a:
87:91:a9:5c:ee:43:ee:b4:54:31:db:ef:49:ed:e2:
5c:f7:6e:07:85:c6:bb:6b:88:30:be:d1:62:51:e3:
db:b0:8f:0a:cd:67:97:e3:84:8d:bf:02:70:5f:00:
c7:c5:62:a3:a7:0d:6d:ac:30:4d:a6:51:98:b1:1b:
3a:eb:fd:5c:18:d4:25:c6:1a:09:4d:79:8f:35:8d:
ff:7a:1f:90:87:22:1d:df:4d:98:a8:28:e7:df:37:
10:04:b5:95:f0:92:4c:1b:80:ed:f8:8a:3c:61:00:
f4:2d:e1:b1:00:18:32:f0:52:5c:6d:0e:ed:58:25:
d8:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:59:6D:85:45:8F:47:E4:E2:97:C9:01:28:85:1D:FD:42:A4:D0:2A
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/329956720BEA11F1B85EC7FC343D8C67.roa
sbgp-ipAddrBlock: critical
IPv4:
43.248.68.0/22
45.119.12.0/22
103.57.252.0/22
103.116.169.0/24
103.147.174.0/23
103.148.138.0/23
103.157.206.0/23
103.157.230.0/23
103.162.224.0/23
103.171.126.0/23
103.174.26.0/23
103.177.58.0/23
103.177.128.0/23
103.181.147.0/24
103.255.36.0/22
IPv6:
2402:5c80::/32
2407:6fc0::/32
Signature Algorithm: sha256WithRSAEncryption
5b:68:5a:ac:b8:4e:94:b4:3a:30:b9:20:0b:ac:f1:80:0b:6d:
23:56:8e:0c:ca:bf:c3:0c:60:db:76:b6:5a:26:df:01:66:3e:
3c:ad:0c:c7:be:44:cc:64:80:a2:8e:2b:8f:1a:ae:09:b2:22:
7a:d3:59:ec:97:bf:24:53:94:4b:38:b2:d3:ee:24:ed:2a:a7:
51:90:61:e6:d1:52:7c:78:fa:4c:9a:80:3f:f3:7b:dd:a2:7b:
44:8e:8f:20:32:58:4f:21:fb:c1:4a:10:8b:28:63:86:4b:c0:
80:79:c3:28:4e:5b:f6:c1:d6:b7:b7:c4:c2:d9:6b:1c:21:3e:
6c:69:30:73:3e:a4:d9:d5:c1:26:42:c2:0f:b0:e0:8e:c6:1f:
3f:8e:0b:95:14:07:0e:16:e4:f1:7a:bb:b2:c4:ca:dd:a5:c2:
be:f3:91:3c:06:4b:0e:db:ed:07:7e:6c:77:65:fe:27:c8:62:
35:dc:d9:43:58:a9:c6:1f:c3:d7:a3:8b:19:69:69:33:0c:39:
88:0e:d0:b8:de:06:b7:12:29:68:ca:c4:de:7e:ac:4d:75:f1:
a7:ac:1a:71:33:78:c7:b4:92:70:cc:e9:1c:f9:24:c1:4c:a4:
52:67:5a:fd:44:d2:7d:c8:96:6c:e7:9f:f0:25:57:bb:52:bb:
6e:49:12:48
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgIDANsmMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDIxNzEwMTk1MloXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjlhNGM2OTYtYTBjNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFJtE9zdEcIh6TTAsnCWotg2VoMArWAsYL1roY4mB+WimBgDSHNYaoFZDeN
gRBVXvk1UK11JrcGXcEV3j4rv5fDzjSw+3Wmyoqi5Y0ch59+ntqV5aM8XB6BDhCr
7KiSdpFgZ4YK9MQG3+aFnSMpZs4XtoQP5AtXVi+WeBl89F1BRIXlw9Rqh5GpXO5D
7rRUMdvvSe3iXPduB4XGu2uIML7RYlHj27CPCs1nl+OEjb8CcF8Ax8Vio6cNbaww
TaZRmLEbOuv9XBjUJcYaCU15jzWN/3ofkIciHd9NmKgo5983EAS1lfCSTBuA7fiK
PGEA9C3hsQAYMvBSXG0O7Vgl2GsCAwEAAaOCAsswggLHMB0GA1UdDgQWBBQHWW2F
RY9H5OKXyQEohR39QqTQKjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzMyOTk1Njcy
MEJFQTExRjFCODVFQzdGQzM0M0Q4QzY3LnJvYTCBiQYIKwYBBQUHAQcBAf8EejB4
MGAEAgABMFoDBAIr+EQDBAItdwwDBAJnOfwDBABndKkDBAFnk64DBAFnlIoDBAFn
nc4DBAFnneYDBAFnouADBAFnq34DBAFnrhoDBAFnsToDBAFnsYADBABntZMDBAJn
/yQwFAQCAAIwDgMFACQCXIADBQAkB2/AMA0GCSqGSIb3DQEBCwUAA4IBAQBbaFqs
uE6UtDowuSALrPGAC20jVo4Myr/DDGDbdrZaJt8BZj48rQzHvkTMZICijiuPGq4J
siJ601nsl78kU5RLOLLT7iTtKqdRkGHm0VJ8ePpMmoA/83vdontEjo8gMlhPIfvB
ShCLKGOGS8CAecMoTlv2wda3t8TC2WscIT5saTBzPqTZ1cEmQsIPsOCOxh8/jguV
FAcOFuTxeruyxMrdpcK+85E8BksO2+0Hfmx3Zf4nyGI13NlDWKnGH8PXo4sZaWkz
DDmIDtC43ga3EiloysTefqxNdfGnrBpxM3jHtJJwzOkc+STBTKRSZ1r9RNJ9yJZs
55/wJVe7UrtuSRJI
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:21:26 2026 by rpki-client