Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/88ABB4B8F4FE11F0B9BB54A8506F56BC.roa
File: 88ABB4B8F4FE11F0B9BB54A8506F56BC.roa (raw, json)
Hash identifier: C1EQsxS3UmSMQkD8WxOl9jTV8AJ655kRbGmSm6OmhFk=
Subject key identifier: 5F:40:A0:E1:4D:68:1E:49:80:F6:D8:EC:80:44:1B:32:80:BC:6C:61
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: DAE2
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/88ABB4B8F4FE11F0B9BB54A8506F56BC.roa
Signing time: Sun 01 Mar 2026 23:05:56 +0000
ROA not before: Mon 19 Jan 2026 06:17:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 45804
IP address blocks: 43.251.168.0/22 maxlen: 24
43.251.172.0/22 maxlen: 24
43.251.176.0/22 maxlen: 24
45.114.176.0/22 maxlen: 24
45.116.188.0/22 maxlen: 24
45.248.56.0/22 maxlen: 24
103.27.140.0/22 maxlen: 24
103.43.80.0/24 maxlen: 24
103.43.81.0/24 maxlen: 24
103.43.82.0/24 maxlen: 24
103.43.83.0/24 maxlen: 24
103.56.236.0/22 maxlen: 24
103.70.44.0/22 maxlen: 24
103.76.80.0/22 maxlen: 24
103.93.100.0/22 maxlen: 24
103.100.20.0/24 maxlen: 24
103.100.21.0/24 maxlen: 24
103.100.22.0/24 maxlen: 24
103.100.23.0/24 maxlen: 24
103.176.138.0/23 maxlen: 23
103.180.216.0/23 maxlen: 24
103.193.88.0/22 maxlen: 24
103.199.97.0/24 maxlen: 24
103.216.204.0/22 maxlen: 24
103.244.240.0/22 maxlen: 24
103.244.244.0/24 maxlen: 24
103.245.2.0/24 maxlen: 24
103.245.20.0/24 maxlen: 24
103.251.80.0/22 maxlen: 24
114.29.224.0/22 maxlen: 24
150.129.108.0/22 maxlen: 24
150.129.132.0/22 maxlen: 24
2001:df0:9fc0::/48 maxlen: 48
2001:df4:4240::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 07:55:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56034 (0xdae2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jan 19 06:17:30 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a4c654-103c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:45:ec:f0:a5:fb:dc:6c:4e:db:1b:bf:8c:11:
3a:e1:2e:81:ee:88:22:23:73:2f:48:c8:b7:c3:b7:
fa:40:7d:70:77:34:7f:43:cf:56:aa:fd:56:ce:d1:
12:f5:45:fe:5f:a3:e5:cf:93:15:fa:99:b7:1a:35:
8d:22:87:83:82:0c:db:3e:d4:c8:53:61:51:1c:0b:
42:e0:a9:d3:c7:87:c8:f1:7b:fd:53:03:f1:41:5a:
34:aa:89:df:4a:0b:81:54:e7:a5:55:3c:fd:b2:3f:
5f:62:45:dd:36:8c:25:b4:47:1b:48:32:2c:6e:89:
01:e3:d4:ea:fb:b9:35:6e:e8:db:3f:1e:26:48:5a:
52:02:f7:9d:10:49:8a:83:98:1e:4a:c7:53:e1:64:
24:50:61:d5:40:99:b5:61:aa:7c:03:76:d1:02:fd:
fe:3c:68:0c:b5:7c:a5:d1:96:21:02:41:6e:5e:c0:
16:82:ba:22:2b:40:4d:d5:38:b5:2b:c3:c8:5f:2c:
0e:d9:d5:33:6b:b9:93:a7:60:70:c2:59:53:ad:dd:
91:b8:82:20:31:5c:b3:34:52:40:5f:ca:84:8c:a5:
45:81:3c:ea:fe:bf:29:38:d9:c8:25:6c:6c:8b:5a:
11:56:f0:d6:fc:5d:fb:65:c7:d9:0e:af:89:3d:49:
db:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:40:A0:E1:4D:68:1E:49:80:F6:D8:EC:80:44:1B:32:80:BC:6C:61
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/88ABB4B8F4FE11F0B9BB54A8506F56BC.roa
sbgp-ipAddrBlock: critical
IPv4:
43.251.168.0-43.251.179.255
45.114.176.0/22
45.116.188.0/22
45.248.56.0/22
103.27.140.0/22
103.43.80.0/22
103.56.236.0/22
103.70.44.0/22
103.76.80.0/22
103.93.100.0/22
103.100.20.0/22
103.176.138.0/23
103.180.216.0/23
103.193.88.0/22
103.199.97.0/24
103.216.204.0/22
103.244.240.0-103.244.244.255
103.245.2.0/24
103.245.20.0/24
103.251.80.0/22
114.29.224.0/22
150.129.108.0/22
150.129.132.0/22
IPv6:
2001:df0:9fc0::/48
2001:df4:4240::/48
Signature Algorithm: sha256WithRSAEncryption
09:9c:70:15:fd:75:e8:36:8d:5d:3e:4b:09:d3:93:a2:1e:8a:
be:59:f9:95:9f:6b:10:2b:2d:76:e2:6e:76:49:97:9c:09:af:
d1:f2:e1:d0:b3:75:05:51:4a:c5:81:70:f3:68:de:89:bf:5e:
f9:96:ec:73:fd:b7:1c:a9:c5:4e:a5:66:5b:e5:a2:79:a8:99:
fd:5d:7a:e0:93:e9:05:6a:83:d1:e8:6e:65:76:32:5b:27:0c:
bb:8d:88:64:7e:61:2d:93:a0:00:19:22:23:dd:62:5c:6c:da:
ac:f2:aa:0e:68:f9:22:6b:ad:b3:e2:27:f8:d3:01:99:2f:f6:
a1:e1:c1:33:bf:c9:20:0c:13:78:70:a6:81:fb:d1:4f:48:42:
c5:db:d7:be:4c:bc:b4:f6:cf:48:1c:b1:91:16:fe:30:e4:82:
ab:53:2b:d8:ee:f1:3e:d2:ce:f9:eb:60:1f:20:af:cd:37:60:
10:23:53:98:3b:16:b7:8a:a1:49:a1:7b:f5:63:51:2c:49:f3:
99:a7:75:d4:91:dd:af:f3:0e:6d:b5:eb:bd:fa:a0:02:87:33:
93:8b:e4:a2:13:88:10:a4:43:c4:01:c6:1e:c4:37:2e:0c:58:
68:1b:03:ab:c3:8b:43:c4:57:94:dd:cd:bb:6a:d9:ae:b9:7e:
01:c5:cf:c8
-----BEGIN CERTIFICATE-----
MIIF8DCCBNigAwIBAgIDANriMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDExOTA2MTczMFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjlhNGM2NTQtMTAzYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOFF7PCl+9xsTtsbv4wROuEuge6IIiNzL0jIt8O3+kB9cHc0f0PPVqr9Vs7R
EvVF/l+j5c+TFfqZtxo1jSKHg4IM2z7UyFNhURwLQuCp08eHyPF7/VMD8UFaNKqJ
30oLgVTnpVU8/bI/X2JF3TaMJbRHG0gyLG6JAePU6vu5NW7o2z8eJkhaUgL3nRBJ
ioOYHkrHU+FkJFBh1UCZtWGqfAN20QL9/jxoDLV8pdGWIQJBbl7AFoK6IitATdU4
tSvDyF8sDtnVM2u5k6dgcMJZU63dkbiCIDFcszRSQF/KhIylRYE86v6/KTjZyCVs
bItaEVbw1vxd+2XH2Q6viT1J2yUCAwEAAaOCAxMwggMPMB0GA1UdDgQWBBRfQKDh
TWgeSYD22OyARBsygLxsYTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzg4QUJCNEI4
RjRGRTExRjBCOUJCNTRBODUwNkY1NkJDLnJvYTCB0QYIKwYBBQUHAQcBAf8EgcEw
gb4wgaEEAgABMIGaMAwDBAMr+6gDBAIr+7ADBAItcrADBAItdLwDBAIt+DgDBAJn
G4wDBAJnK1ADBAJnOOwDBAJnRiwDBAJnTFADBAJnXWQDBAJnZBQDBAFnsIoDBAFn
tNgDBAJnwVgDBABnx2EDBAJn2MwwDAMEBGf08AMEAGf09AMEAGf1AgMEAGf1FAME
Amf7UAMEAnId4AMEApaBbAMEApaBhDAYBAIAAjASAwcAIAEN8J/AAwcAIAEN9EJA
MA0GCSqGSIb3DQEBCwUAA4IBAQAJnHAV/XXoNo1dPksJ05OiHoq+WfmVn2sQKy12
4m52SZecCa/R8uHQs3UFUUrFgXDzaN6Jv175luxz/bccqcVOpWZb5aJ5qJn9XXrg
k+kFaoPR6G5ldjJbJwy7jYhkfmEtk6AAGSIj3WJcbNqs8qoOaPkia62z4if40wGZ
L/ah4cEzv8kgDBN4cKaB+9FPSELF29e+TLy09s9IHLGRFv4w5IKrUyvY7vE+0s75
62AfIK/NN2AQI1OYOxa3iqFJoXv1Y1EsSfOZp3XUkd2v8w5tteu9+qAChzOTi+Si
E4gQpEPEAcYexDcuDFhoGwOrw4tDxFeU3c27atmuuX4Bxc/I
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:45:01 2026 by rpki-client