Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/329956720BEA11F1B85EC7FC343D8C67.roa
File: 329956720BEA11F1B85EC7FC343D8C67.roa (raw, json)
Hash identifier: bhMfmHTKF9tvNPzpsd6lo2mtzlEkvoGK/pvhypqhAK4=
Subject key identifier: 5E:9C:66:2C:20:9E:AC:D4:3C:CB:98:15:61:96:9A:4A:F5:23:0F:09
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: DE75
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/329956720BEA11F1B85EC7FC343D8C67.roa
Signing time: Thu 16 Apr 2026 07:30:55 +0000
ROA not before: Thu 16 Apr 2026 07:30:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132296
IP address blocks: 43.248.68.0/24 maxlen: 24
43.248.69.0/24 maxlen: 24
43.248.70.0/24 maxlen: 24
43.248.71.0/24 maxlen: 24
45.119.12.0/24 maxlen: 24
45.119.13.0/24 maxlen: 24
45.119.14.0/24 maxlen: 24
45.119.15.0/24 maxlen: 24
49.213.39.0/24 maxlen: 24
103.57.252.0/24 maxlen: 24
103.57.253.0/24 maxlen: 24
103.57.254.0/24 maxlen: 24
103.57.255.0/24 maxlen: 24
103.116.169.0/24 maxlen: 24
103.147.174.0/23 maxlen: 24
103.148.138.0/23 maxlen: 24
103.157.206.0/23 maxlen: 24
103.157.230.0/23 maxlen: 24
103.162.224.0/23 maxlen: 24
103.171.126.0/23 maxlen: 24
103.174.26.0/23 maxlen: 24
103.177.58.0/23 maxlen: 24
103.177.128.0/24 maxlen: 24
103.177.129.0/24 maxlen: 24
103.181.147.0/24 maxlen: 24
103.255.36.0/24 maxlen: 24
103.255.37.0/24 maxlen: 24
103.255.38.0/24 maxlen: 24
103.255.39.0/24 maxlen: 24
163.227.152.0/24 maxlen: 24
163.227.153.0/24 maxlen: 24
2402:5c80::/32 maxlen: 32
2407:6fc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 24 Apr 2026 11:17:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56949 (0xde75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Apr 16 07:30:55 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69e0902f-5d05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8e:42:04:27:87:c0:50:b0:b4:e5:3e:0e:0a:
a6:f2:2c:be:f8:92:5b:23:7a:3b:ab:e3:d3:67:cb:
4b:66:a3:39:46:6d:2d:d0:55:77:a0:97:65:ad:c5:
b6:05:90:41:c3:74:08:52:53:88:91:13:30:7d:90:
78:07:6f:8e:52:29:4b:84:0e:0e:d2:3f:e6:a8:2b:
5a:11:66:7c:d7:96:82:cf:fc:54:b3:ef:69:a8:5a:
a0:9c:0e:c9:8b:4d:f9:2b:2e:1d:24:04:c6:fe:e9:
e9:42:14:ad:f7:76:f9:6a:01:8d:e8:b8:43:53:af:
39:60:20:d6:e4:54:28:e5:58:32:94:87:cd:71:2c:
db:ec:0d:67:74:61:6b:42:32:d9:a4:d2:be:d3:f4:
99:3e:0f:8c:80:06:d2:ac:7b:29:1d:2a:6b:c2:39:
9c:6d:7a:ad:55:9f:af:22:c6:b4:9b:58:49:8f:45:
be:1e:cc:4d:b3:10:9f:f3:d3:11:8f:fd:3a:80:f9:
d1:8d:93:b2:40:09:b2:26:1b:12:8b:40:b1:b9:ed:
9d:f5:1a:c9:11:82:a9:e3:11:27:89:1e:c6:0c:54:
9f:ba:c6:63:ac:a0:32:b7:2c:f8:05:e2:78:97:4d:
b6:68:fc:47:b4:65:a2:f2:81:74:ae:d8:b2:be:bf:
21:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:9C:66:2C:20:9E:AC:D4:3C:CB:98:15:61:96:9A:4A:F5:23:0F:09
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/329956720BEA11F1B85EC7FC343D8C67.roa
sbgp-ipAddrBlock: critical
IPv4:
43.248.68.0/22
45.119.12.0/22
49.213.39.0/24
103.57.252.0/22
103.116.169.0/24
103.147.174.0/23
103.148.138.0/23
103.157.206.0/23
103.157.230.0/23
103.162.224.0/23
103.171.126.0/23
103.174.26.0/23
103.177.58.0/23
103.177.128.0/23
103.181.147.0/24
103.255.36.0/22
163.227.152.0/23
IPv6:
2402:5c80::/32
2407:6fc0::/32
Signature Algorithm: sha256WithRSAEncryption
01:83:9b:d0:1e:fe:d6:cc:9b:47:59:d5:79:a8:23:bc:13:56:
84:e6:88:5f:05:7f:28:4d:a1:a2:c6:18:e6:b5:b3:13:d6:4e:
de:ef:bf:55:42:60:0d:91:83:35:a2:83:f9:7d:39:a6:c4:5a:
e0:82:7d:2e:09:58:df:88:3a:ae:b2:65:34:9f:39:16:c1:04:
63:3c:94:c3:aa:b4:3b:29:78:3b:b0:74:f2:02:5e:47:f9:a1:
f5:c5:73:b8:78:16:0b:2c:71:c3:4c:76:6b:0e:e8:d9:12:16:
a9:92:06:4c:1d:de:f5:51:c6:dc:2e:6f:a6:e4:8e:4e:dc:bd:
18:0a:06:db:b3:3b:09:d8:b1:d6:a2:d2:cc:52:20:e1:76:b3:
2d:b5:ea:17:31:b3:83:59:1d:98:f1:0d:e2:28:6a:fb:cf:36:
79:35:3a:00:ae:a5:59:25:d6:51:61:f6:db:07:ac:e1:31:48:
04:1a:61:c2:fb:60:d0:05:95:53:d7:32:92:e5:f8:4e:f2:a2:
b6:e8:30:b3:0c:cb:ed:e6:bc:bc:ff:42:d9:28:29:b8:bf:74:
d5:fb:4e:d7:eb:65:62:69:99:b6:bc:36:5e:c3:b6:d6:16:a3:
d8:20:2b:bc:90:dd:61:fe:ce:be:21:b9:71:49:f0:e5:61:c5:
ff:9c:e4:c6
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgIDAN51MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDQxNjA3MzA1NVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjllMDkwMmYtNWQwNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJeOQgQnh8BQsLTlPg4KpvIsvviSWyN6O6vj02fLS2ajOUZtLdBVd6CXZa3F
tgWQQcN0CFJTiJETMH2QeAdvjlIpS4QODtI/5qgrWhFmfNeWgs/8VLPvaahaoJwO
yYtN+SsuHSQExv7p6UIUrfd2+WoBjei4Q1OvOWAg1uRUKOVYMpSHzXEs2+wNZ3Rh
a0Iy2aTSvtP0mT4PjIAG0qx7KR0qa8I5nG16rVWfryLGtJtYSY9Fvh7MTbMQn/PT
EY/9OoD50Y2TskAJsiYbEotAsbntnfUayRGCqeMRJ4kexgxUn7rGY6ygMrcs+AXi
eJdNtmj8R7RlovKBdK7Ysr6/IQ8CAwEAAaOCAtkwggLVMB0GA1UdDgQWBBRenGYs
IJ6s1DzLmBVhlppK9SMPCTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzMyOTk1Njcy
MEJFQTExRjFCODVFQzdGQzM0M0Q4QzY3LnJvYTCBlwYIKwYBBQUHAQcBAf8EgYcw
gYQwbAQCAAEwZgMEAiv4RAMEAi13DAMEADHVJwMEAmc5/AMEAGd0qQMEAWeTrgME
AWeUigMEAWedzgMEAWed5gMEAWei4AMEAWerfgMEAWeuGgMEAWexOgMEAWexgAME
AGe1kwMEAmf/JAMEAaPjmDAUBAIAAjAOAwUAJAJcgAMFACQHb8AwDQYJKoZIhvcN
AQELBQADggEBAAGDm9Ae/tbMm0dZ1XmoI7wTVoTmiF8FfyhNoaLGGOa1sxPWTt7v
v1VCYA2RgzWig/l9OabEWuCCfS4JWN+IOq6yZTSfORbBBGM8lMOqtDspeDuwdPIC
Xkf5ofXFc7h4FgssccNMdmsO6NkSFqmSBkwd3vVRxtwub6bkjk7cvRgKBtuzOwnY
sdai0sxSIOF2sy216hcxs4NZHZjxDeIoavvPNnk1OgCupVkl1lFh9tsHrOExSAQa
YcL7YNAFlVPXMpLl+E7yorboMLMMy+3mvLz/QtkoKbi/dNX7TtfrZWJpmba8Nl7D
ttYWo9ggK7yQ3WH+zr4huXFJ8OVhxf+c5MY=
-----END CERTIFICATE-----
Generated at Fri Apr 17 20:29:50 2026 by rpki-client