Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7403EBDAEC7911F09ED87EBA536F56BC.roa
File: 7403EBDAEC7911F09ED87EBA536F56BC.roa (raw, json)
Hash identifier: VhcLn1hI5Ezde2Fplm/JvJgWide4OXc9PnRPLM/7IFQ=
Subject key identifier: 35:BD:8A:B6:DA:69:FB:00:2A:90:37:65:43:78:F1:5C:7D:31:56:26
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: D017
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7403EBDAEC7911F09ED87EBA536F56BC.roa
Signing time: Mon 09 Feb 2026 06:51:11 +0000
ROA not before: Mon 09 Feb 2026 06:51:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 140641
IP address blocks: 103.69.43.0/24 maxlen: 24
103.93.94.0/24 maxlen: 24
103.95.50.0/23 maxlen: 24
103.97.104.0/24 maxlen: 24
103.97.105.0/24 maxlen: 24
103.97.106.0/24 maxlen: 24
103.97.107.0/24 maxlen: 24
103.117.212.0/24 maxlen: 24
103.119.170.0/23 maxlen: 24
103.129.97.0/24 maxlen: 24
103.131.26.0/24 maxlen: 24
103.139.7.0/24 maxlen: 24
103.140.72.0/24 maxlen: 24
103.152.79.0/24 maxlen: 24
103.171.44.0/24 maxlen: 24
103.171.45.0/24 maxlen: 24
103.218.124.0/24 maxlen: 24
103.218.125.0/24 maxlen: 24
103.218.126.0/24 maxlen: 24
103.218.127.0/24 maxlen: 24
103.240.89.0/24 maxlen: 24
103.251.150.0/24 maxlen: 24
103.253.70.0/24 maxlen: 24
163.227.186.0/24 maxlen: 24
163.227.187.0/24 maxlen: 24
175.158.75.0/24 maxlen: 24
202.162.240.0/24 maxlen: 24
202.162.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 07 Mar 2026 21:10:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53271 (0xd017)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Feb 9 06:51:11 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=698983df-a724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:29:e8:39:09:83:ca:23:4b:86:7a:f9:17:65:
b2:01:ec:2f:b7:c7:21:8e:ad:0c:5a:30:a7:3c:7f:
76:46:99:87:e3:cc:51:d1:7e:56:34:f7:51:e5:8e:
fb:20:19:84:87:0d:a0:a8:9c:bf:77:96:13:c0:5f:
d5:cd:6c:f8:64:27:8a:78:ae:aa:58:93:b1:34:92:
13:c1:e9:29:d3:c7:1e:32:e2:a8:8b:c7:9e:4a:92:
6b:56:52:09:b1:5f:d1:7b:6a:e3:36:66:27:0e:1a:
08:03:02:a2:ae:a6:70:eb:67:28:4e:eb:85:cf:ed:
a7:4c:2f:ca:33:ed:be:49:6f:b3:58:3a:62:e3:86:
f6:de:8f:96:4a:d6:2c:26:03:95:b6:90:b0:a3:7b:
60:cf:1c:68:06:2d:99:79:53:8e:71:6d:16:2c:d6:
2d:d7:8d:c8:71:45:61:64:6c:d6:cd:3d:25:06:ca:
3e:23:13:6a:78:2e:9f:5e:58:b2:26:f8:61:73:c9:
03:3c:57:0d:63:40:98:5a:79:18:1e:f7:5f:3a:7f:
1b:69:f0:c7:82:2b:72:21:20:24:e3:d7:fd:89:c4:
9e:3b:7c:89:92:d6:c2:53:b9:5e:2b:66:1d:26:23:
1f:60:12:cf:59:48:4d:64:10:0b:31:a4:3c:01:bc:
9e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:BD:8A:B6:DA:69:FB:00:2A:90:37:65:43:78:F1:5C:7D:31:56:26
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7403EBDAEC7911F09ED87EBA536F56BC.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.69.43.0/24
103.93.94.0/24
103.95.50.0/23
103.97.104.0/22
103.117.212.0/24
103.119.170.0/23
103.129.97.0/24
103.131.26.0/24
103.139.7.0/24
103.140.72.0/24
103.152.79.0/24
103.171.44.0/23
103.218.124.0/22
103.240.89.0/24
103.251.150.0/24
103.253.70.0/24
163.227.186.0/23
175.158.75.0/24
202.162.240.0/23
Signature Algorithm: sha256WithRSAEncryption
62:e0:6a:b0:81:56:1a:20:31:80:e5:b9:7e:34:f7:8b:bd:ad:
5d:bd:88:d3:bc:05:c9:af:11:3c:e7:3b:4b:e1:eb:06:ba:00:
21:12:a2:d2:fa:85:08:d8:df:74:55:1d:38:b7:bd:ef:60:c8:
a9:3c:ce:bd:a6:df:fe:67:70:49:b4:a8:14:3f:7d:63:53:c2:
de:0e:58:06:8f:c2:4f:00:bd:5a:48:6d:63:a0:55:78:20:43:
8f:ec:a3:bb:eb:db:1b:30:8b:36:3b:d2:1b:c9:b2:6f:b6:8c:
5d:5b:d4:a6:ab:32:f5:25:f2:5b:09:0b:df:15:5e:b4:53:01:
bb:9b:0f:31:3e:cb:86:dc:0d:ea:5e:02:0e:20:a2:8a:bc:49:
3a:5b:80:16:93:94:e6:8c:07:cd:d4:20:3f:25:c2:a3:97:56:
c5:a6:b3:5c:02:8b:26:b2:b0:ee:5b:63:41:45:84:4f:d5:a5:
e5:5c:e8:82:fc:ee:7f:c3:df:d5:02:b5:53:1c:5a:dc:53:3a:
90:4a:e3:30:5e:85:4e:1a:0c:97:40:f9:d0:ee:55:9a:ad:66:
9b:66:9e:c9:b1:45:94:17:d7:02:c0:dd:c0:13:ff:68:a2:cd:
ff:7d:29:50:6f:83:1b:13:df:a6:c5:8e:19:30:df:3a:e9:e7:
cf:01:46:1f
-----BEGIN CERTIFICATE-----
MIIF3zCCBMegAwIBAgIDANAXMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMMCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDIwOTA2NTExMVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAwwNNjk4OTgzZGYtYTcyNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALwp6DkJg8ojS4Z6+RdlsgHsL7fHIY6tDFowpzx/dkaZh+PMUdF+VjT3UeWO
+yAZhIcNoKicv3eWE8Bf1c1s+GQniniuqliTsTSSE8HpKdPHHjLiqIvHnkqSa1ZS
CbFf0Xtq4zZmJw4aCAMCoq6mcOtnKE7rhc/tp0wvyjPtvklvs1g6YuOG9t6PlkrW
LCYDlbaQsKN7YM8caAYtmXlTjnFtFizWLdeNyHFFYWRs1s09JQbKPiMTangun15Y
sib4YXPJAzxXDWNAmFp5GB73Xzp/G2nwx4IrciEgJOPX/YnEnjt8iZLWwlO5Xitm
HSYjH2ASz1lITWQQCzGkPAG8nm8CAwEAAaOCAwIwggL+MB0GA1UdDgQWBBQ1vYq2
2mn7ACqQN2VDePFcfTFWJjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzc0MDNFQkRB
RUM3OTExRjA5RUQ4N0VCQTUzNkY1NkJDLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcBBwEB
/wR8MHoweAQCAAEwcgMEAGdFKwMEAGddXgMEAWdfMgMEAmdhaAMEAGd11AMEAWd3
qgMEAGeBYQMEAGeDGgMEAGeLBwMEAGeMSAMEAGeYTwMEAWerLAMEAmfafAMEAGfw
WQMEAGf7lgMEAGf9RgMEAaPjugMEAK+eSwMEAcqi8DANBgkqhkiG9w0BAQsFAAOC
AQEAYuBqsIFWGiAxgOW5fjT3i72tXb2I07wFya8RPOc7S+HrBroAIRKi0vqFCNjf
dFUdOLe972DIqTzOvabf/mdwSbSoFD99Y1PC3g5YBo/CTwC9WkhtY6BVeCBDj+yj
u+vbGzCLNjvSG8myb7aMXVvUpqsy9SXyWwkL3xVetFMBu5sPMT7LhtwN6l4CDiCi
irxJOluAFpOU5owHzdQgPyXCo5dWxaazXAKLJrKw7ltjQUWET9Wl5Vzogvzuf8Pf
1QK1Uxxa3FM6kErjMF6FThoMl0D50O5Vmq1mm2aeybFFlBfXAsDdwBP/aKLN/30p
UG+DGxPfpsWOGTDfOunnzwFGHw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:46:24 2026 by rpki-client