Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/49F4284AED4711F0BB4F794E4F6F56BC.roa
File: 49F4284AED4711F0BB4F794E4F6F56BC.roa (raw, json)
Hash identifier: /qisybuiQPtQXT+pu0wONA+yTy3pzTnbvb5fF53/34c=
Subject key identifier: 8B:BE:9B:00:25:F3:FC:BC:A1:D6:2E:F5:ED:87:95:FC:56:9A:69:31
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: DAD2
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/49F4284AED4711F0BB4F794E4F6F56BC.roa
Signing time: Sun 01 Mar 2026 23:05:41 +0000
ROA not before: Fri 09 Jan 2026 10:38:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24186
IP address blocks: 27.0.216.0/22 maxlen: 22
27.0.216.0/24 maxlen: 24
27.0.217.0/24 maxlen: 24
27.0.218.0/24 maxlen: 24
27.0.219.0/24 maxlen: 24
27.0.220.0/22 maxlen: 22
27.0.220.0/24 maxlen: 24
27.0.221.0/24 maxlen: 24
27.0.222.0/24 maxlen: 24
27.0.223.0/24 maxlen: 24
27.0.244.0/22 maxlen: 22
27.0.244.0/24 maxlen: 24
27.0.245.0/24 maxlen: 24
27.0.246.0/24 maxlen: 24
27.0.247.0/24 maxlen: 24
27.0.248.0/22 maxlen: 22
27.0.248.0/24 maxlen: 24
27.0.249.0/24 maxlen: 24
27.0.250.0/24 maxlen: 24
27.0.251.0/24 maxlen: 24
27.111.72.0/22 maxlen: 24
27.112.120.0/22 maxlen: 24
27.116.40.0/22 maxlen: 24
27.122.60.0/22 maxlen: 24
36.255.4.0/22 maxlen: 22
36.255.4.0/24 maxlen: 24
36.255.5.0/24 maxlen: 24
36.255.6.0/24 maxlen: 24
36.255.7.0/24 maxlen: 24
36.255.12.0/22 maxlen: 24
36.255.16.0/22 maxlen: 24
36.255.20.0/22 maxlen: 24
45.115.88.0/22 maxlen: 24
45.121.0.0/22 maxlen: 24
61.14.230.0/24 maxlen: 24
103.15.252.0/22 maxlen: 24
103.28.244.0/22 maxlen: 24
103.30.64.0/22 maxlen: 24
103.30.116.0/22 maxlen: 24
103.30.176.0/22 maxlen: 24
103.55.72.0/22 maxlen: 24
103.61.72.0/22 maxlen: 24
103.66.72.0/22 maxlen: 24
103.74.108.0/22 maxlen: 24
103.76.208.0/22 maxlen: 22
103.76.208.0/24 maxlen: 24
103.76.209.0/24 maxlen: 24
103.76.210.0/24 maxlen: 24
103.76.211.0/24 maxlen: 24
103.82.80.0/22 maxlen: 24
103.87.100.0/24 maxlen: 24
103.197.112.0/22 maxlen: 24
103.199.180.0/22 maxlen: 24
103.199.188.0/22 maxlen: 24
103.199.200.0/22 maxlen: 24
103.199.204.0/22 maxlen: 24
103.199.208.0/22 maxlen: 24
103.199.212.0/22 maxlen: 24
103.200.84.0/22 maxlen: 24
103.201.134.0/23 maxlen: 24
103.203.72.0/22 maxlen: 24
103.206.144.0/22 maxlen: 22
103.206.144.0/24 maxlen: 24
103.206.145.0/24 maxlen: 24
103.206.146.0/24 maxlen: 24
103.206.147.0/24 maxlen: 24
103.207.124.0/22 maxlen: 22
103.207.124.0/24 maxlen: 24
103.207.125.0/24 maxlen: 24
103.207.126.0/24 maxlen: 24
103.207.127.0/24 maxlen: 24
103.207.224.0/22 maxlen: 24
103.208.104.0/22 maxlen: 22
103.208.104.0/24 maxlen: 24
103.208.105.0/24 maxlen: 24
103.208.106.0/24 maxlen: 24
103.208.107.0/24 maxlen: 24
103.208.108.0/24 maxlen: 24
103.208.109.0/24 maxlen: 24
103.208.110.0/24 maxlen: 24
103.208.111.0/24 maxlen: 24
103.208.144.0/22 maxlen: 22
103.208.144.0/24 maxlen: 24
103.208.145.0/24 maxlen: 24
103.208.146.0/24 maxlen: 24
103.208.147.0/24 maxlen: 24
103.208.156.0/22 maxlen: 22
103.208.156.0/24 maxlen: 24
103.208.157.0/24 maxlen: 24
103.208.158.0/24 maxlen: 24
103.208.159.0/24 maxlen: 24
103.208.172.0/22 maxlen: 24
103.208.228.0/22 maxlen: 24
103.208.232.0/22 maxlen: 24
103.208.236.0/22 maxlen: 22
103.208.236.0/24 maxlen: 24
103.208.237.0/24 maxlen: 24
103.208.238.0/24 maxlen: 24
103.208.239.0/24 maxlen: 24
103.208.240.0/22 maxlen: 24
103.210.88.0/22 maxlen: 24
103.210.92.0/22 maxlen: 24
103.210.100.0/22 maxlen: 24
103.215.240.0/24 maxlen: 24
103.229.0.0/24 maxlen: 24
103.246.40.0/22 maxlen: 24
103.246.192.0/22 maxlen: 24
103.247.4.0/22 maxlen: 24
103.247.52.0/22 maxlen: 24
106.0.40.0/22 maxlen: 22
106.0.40.0/24 maxlen: 24
106.0.41.0/24 maxlen: 24
106.0.42.0/24 maxlen: 24
106.0.43.0/24 maxlen: 24
112.133.192.0/18 maxlen: 24
120.138.12.0/22 maxlen: 24
121.46.92.0/22 maxlen: 22
121.46.92.0/24 maxlen: 24
121.46.93.0/24 maxlen: 24
121.46.94.0/24 maxlen: 24
121.46.95.0/24 maxlen: 24
122.252.224.0/19 maxlen: 24
137.59.92.0/22 maxlen: 24
137.59.156.0/22 maxlen: 22
137.59.156.0/24 maxlen: 24
137.59.157.0/24 maxlen: 24
137.59.158.0/24 maxlen: 24
137.59.159.0/24 maxlen: 24
137.59.164.0/22 maxlen: 22
137.59.164.0/24 maxlen: 24
137.59.165.0/24 maxlen: 24
137.59.166.0/24 maxlen: 24
137.59.167.0/24 maxlen: 24
137.59.176.0/22 maxlen: 22
137.59.176.0/24 maxlen: 24
137.59.177.0/24 maxlen: 24
137.59.178.0/24 maxlen: 24
137.59.179.0/24 maxlen: 24
139.5.0.0/22 maxlen: 24
139.5.4.0/22 maxlen: 24
139.5.8.0/22 maxlen: 24
139.5.12.0/22 maxlen: 22
139.5.12.0/24 maxlen: 24
139.5.13.0/24 maxlen: 24
139.5.14.0/24 maxlen: 24
139.5.15.0/24 maxlen: 24
175.111.188.0/22 maxlen: 22
175.111.188.0/24 maxlen: 24
175.111.189.0/24 maxlen: 24
175.111.190.0/24 maxlen: 24
175.111.191.0/24 maxlen: 24
180.94.32.0/22 maxlen: 24
202.21.40.0/22 maxlen: 24
202.21.44.0/22 maxlen: 24
202.43.120.0/22 maxlen: 24
202.140.128.0/22 maxlen: 24
202.141.0.0/17 maxlen: 24
202.148.56.0/22 maxlen: 24
202.168.84.0/22 maxlen: 24
202.170.200.0/22 maxlen: 24
202.170.204.0/22 maxlen: 24
202.176.0.0/22 maxlen: 24
203.153.32.0/20 maxlen: 20
203.153.32.0/24 maxlen: 24
203.153.33.0/24 maxlen: 24
203.153.34.0/24 maxlen: 24
203.153.35.0/24 maxlen: 24
203.153.36.0/24 maxlen: 24
203.153.37.0/24 maxlen: 24
203.153.38.0/24 maxlen: 24
203.153.39.0/24 maxlen: 24
203.153.40.0/24 maxlen: 24
203.153.41.0/24 maxlen: 24
203.153.42.0/24 maxlen: 24
203.153.43.0/24 maxlen: 24
203.153.44.0/24 maxlen: 24
203.153.45.0/24 maxlen: 24
203.153.46.0/24 maxlen: 24
203.153.47.0/24 maxlen: 24
220.158.156.0/22 maxlen: 24
2401:b200::/32 maxlen: 48
2406:f00:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 07:20:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56018 (0xdad2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jan 9 10:38:09 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a4c645-919c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f9:60:4c:88:62:df:c9:35:61:83:85:0d:94:
9a:e0:53:82:7a:72:b6:6a:72:6f:57:3f:40:72:65:
18:45:24:95:a5:c3:99:02:b2:02:f0:bd:38:18:6e:
28:0c:c3:e4:7c:9d:27:de:18:88:4e:0a:9e:8d:14:
e8:a1:7b:30:9a:2c:e8:1d:fc:96:55:97:25:e7:02:
18:6d:ef:da:e3:ee:9b:c1:ea:47:37:2b:48:01:32:
ae:e8:22:d7:40:72:6c:dd:00:19:b2:d5:e0:a1:d0:
3e:73:ef:fa:a5:11:88:ea:3a:70:28:e9:36:7e:8b:
77:93:98:6c:7c:8d:aa:47:d2:8b:de:6a:a8:5e:8d:
db:88:f5:b7:03:1a:e8:90:13:66:61:3a:ec:d0:17:
d7:29:9d:81:5b:2c:ca:fe:95:68:1c:f3:36:55:89:
c5:90:e7:ad:ba:84:e7:8d:a3:47:6b:98:ec:56:80:
57:0b:b4:45:2e:56:34:56:3d:84:2b:5a:97:e2:83:
86:8c:ae:60:a8:3e:c7:38:ad:73:3f:1a:28:d0:fe:
5a:a9:8a:e3:e7:6b:3b:73:9c:2d:7f:7d:64:6c:a4:
9c:b6:00:4d:5d:db:2b:f8:72:0f:eb:fd:5d:07:fc:
c6:43:79:56:53:ef:e2:e0:48:41:bc:d6:b9:a9:63:
ec:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:BE:9B:00:25:F3:FC:BC:A1:D6:2E:F5:ED:87:95:FC:56:9A:69:31
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/49F4284AED4711F0BB4F794E4F6F56BC.roa
sbgp-ipAddrBlock: critical
IPv4:
27.0.216.0/21
27.0.244.0-27.0.251.255
27.111.72.0/22
27.112.120.0/22
27.116.40.0/22
27.122.60.0/22
36.255.4.0/22
36.255.12.0-36.255.23.255
45.115.88.0/22
45.121.0.0/22
61.14.230.0/24
103.15.252.0/22
103.28.244.0/22
103.30.64.0/22
103.30.116.0/22
103.30.176.0/22
103.55.72.0/22
103.61.72.0/22
103.66.72.0/22
103.74.108.0/22
103.76.208.0/22
103.82.80.0/22
103.87.100.0/24
103.197.112.0/22
103.199.180.0/22
103.199.188.0/22
103.199.200.0-103.199.215.255
103.200.84.0/22
103.201.134.0/23
103.203.72.0/22
103.206.144.0/22
103.207.124.0/22
103.207.224.0/22
103.208.104.0/21
103.208.144.0/22
103.208.156.0/22
103.208.172.0/22
103.208.228.0-103.208.243.255
103.210.88.0/21
103.210.100.0/22
103.215.240.0/24
103.229.0.0/24
103.246.40.0/22
103.246.192.0/22
103.247.4.0/22
103.247.52.0/22
106.0.40.0/22
112.133.192.0/18
120.138.12.0/22
121.46.92.0/22
122.252.224.0/19
137.59.92.0/22
137.59.156.0/22
137.59.164.0/22
137.59.176.0/22
139.5.0.0/20
175.111.188.0/22
180.94.32.0/22
202.21.40.0/21
202.43.120.0/22
202.140.128.0/22
202.141.0.0/17
202.148.56.0/22
202.168.84.0/22
202.170.200.0/21
202.176.0.0/22
203.153.32.0/20
220.158.156.0/22
IPv6:
2401:b200::/32
2406:f00:7::/48
Signature Algorithm: sha256WithRSAEncryption
2e:4f:b5:5c:ab:e4:f1:22:ca:bc:1e:fa:99:06:25:74:b7:81:
a7:b2:14:12:c8:11:37:35:fe:ab:ce:a6:bc:b8:05:43:19:3b:
36:f7:ae:0c:cc:b6:76:c2:5e:39:ce:50:0a:92:d7:93:c7:c2:
63:9e:77:57:d2:27:85:24:fd:4f:fb:11:fc:5f:e4:6b:79:34:
cd:25:89:f0:d1:42:8a:f0:02:d2:f9:a8:7d:40:7b:e7:3c:8d:
8c:01:9b:6e:ee:d6:b9:f7:f3:6f:af:32:13:6b:7c:7e:a2:dd:
ed:33:67:86:e6:ea:32:22:e1:c9:d0:6b:06:bb:89:8a:d2:d4:
83:15:10:65:f0:48:ea:16:4f:a7:1e:60:47:fe:76:1f:13:63:
bb:5e:01:2a:bd:04:8f:47:fa:32:97:05:e5:4b:08:c6:df:af:
df:23:11:54:4c:32:ab:bf:13:16:0f:25:02:0d:a2:2d:02:4c:
62:8c:53:f0:0f:29:71:18:93:1e:25:ca:64:5e:41:45:1b:ed:
86:be:a4:19:b0:8f:4e:41:7f:62:04:c1:29:a0:93:b6:f5:68:
c6:14:93:7b:33:f6:d5:93:42:3f:e6:c8:1b:49:15:9c:f3:90:
3b:50:fa:c7:a3:e6:ae:a7:60:b5:7d:e4:65:ab:a6:cc:58:2b:
3b:2b:46:68
-----BEGIN CERTIFICATE-----
MIIHETCCBfmgAwIBAgIDANrSMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDEwOTEwMzgwOVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjlhNGM2NDUtOTE5YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJr5YEyIYt/JNWGDhQ2UmuBTgnpytmpyb1c/QHJlGEUklaXDmQKyAvC9OBhu
KAzD5HydJ94YiE4Kno0U6KF7MJos6B38llWXJecCGG3v2uPum8HqRzcrSAEyrugi
10BybN0AGbLV4KHQPnPv+qURiOo6cCjpNn6Ld5OYbHyNqkfSi95qqF6N24j1twMa
6JATZmE67NAX1ymdgVssyv6VaBzzNlWJxZDnrbqE542jR2uY7FaAVwu0RS5WNFY9
hCtal+KDhoyuYKg+xzitcz8aKND+WqmK4+drO3OcLX99ZGyknLYATV3bK/hyD+v9
XQf8xkN5VlPv4uBIQbzWualj7KsCAwEAAaOCBDQwggQwMB0GA1UdDgQWBBSLvpsA
JfP8vKHWLvXth5X8VpppMTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzQ5RjQyODRB
RUQ0NzExRjBCQjRGNzk0RTRGNkY1NkJDLnJvYTCCAfEGCCsGAQUFBwEHAQH/BIIB
4DCCAdwwggHABAIAATCCAbgDBAMbANgwDAMEAhsA9AMEAhsA+AMEAhtvSAMEAhtw
eAMEAht0KAMEAht6PAMEAiT/BDAMAwQCJP8MAwQDJP8QAwQCLXNYAwQCLXkAAwQA
PQ7mAwQCZw/8AwQCZxz0AwQCZx5AAwQCZx50AwQCZx6wAwQCZzdIAwQCZz1IAwQC
Z0JIAwQCZ0psAwQCZ0zQAwQCZ1JQAwQAZ1dkAwQCZ8VwAwQCZ8e0AwQCZ8e8MAwD
BANnx8gDBANnx9ADBAJnyFQDBAFnyYYDBAJny0gDBAJnzpADBAJnz3wDBAJnz+AD
BANn0GgDBAJn0JADBAJn0JwDBAJn0KwwDAMEAmfQ5AMEAmfQ8AMEA2fSWAMEAmfS
ZAMEAGfX8AMEAGflAAMEAmf2KAMEAmf2wAMEAmf3BAMEAmf3NAMEAmoAKAMEBnCF
wAMEAniKDAMEAnkuXAMEBXr84AMEAok7XAMEAok7nAMEAok7pAMEAok7sAMEBIsF
AAMEAq9vvAMEArReIAMEA8oVKAMEAsoreAMEAsqMgAMEB8qNAAMEAsqUOAMEAsqo
VAMEA8qqyAMEAsqwAAMEBMuZIAMEAtyenDAWBAIAAjAQAwUAJAGyAAMHACQGDwAA
BzANBgkqhkiG9w0BAQsFAAOCAQEALk+1XKvk8SLKvB76mQYldLeBp7IUEsgRNzX+
q86mvLgFQxk7NveuDMy2dsJeOc5QCpLXk8fCY553V9InhST9T/sR/F/ka3k0zSWJ
8NFCivAC0vmofUB75zyNjAGbbu7Wuffzb68yE2t8fqLd7TNnhubqMiLhydBrBruJ
itLUgxUQZfBI6hZPpx5gR/52HxNju14BKr0Ej0f6MpcF5UsIxt+v3yMRVEwyq78T
Fg8lAg2iLQJMYoxT8A8pcRiTHiXKZF5BRRvthr6kGbCPTkF/YgTBKaCTtvVoxhST
ezP21ZNCP+bIG0kVnPOQO1D6x6PmrqdgtX3kZaumzFgrOytGaA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:05:52 2026 by rpki-client