Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8C807080CE7811F09D68494AC4F9AE02.roa
File: 8C807080CE7811F09D68494AC4F9AE02.roa (raw, json)
Hash identifier: ruA/+2h3fP9iSPhg9VW20Gs5I/D62xz+VaDfc4lH5Nw=
Subject key identifier: 4F:B0:F2:D2:F3:79:77:60:B1:CF:A0:33:BD:84:42:04:AF:54:2B:8C
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: DA7F
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8C807080CE7811F09D68494AC4F9AE02.roa
Signing time: Sun 01 Mar 2026 23:04:16 +0000
ROA not before: Mon 01 Dec 2025 05:42:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58678
IP address blocks: 43.241.28.0/22 maxlen: 24
43.241.128.0/22 maxlen: 24
43.241.132.0/22 maxlen: 24
43.242.208.0/24 maxlen: 24
43.242.209.0/24 maxlen: 24
43.242.210.0/24 maxlen: 24
43.242.211.0/24 maxlen: 24
43.242.228.0/22 maxlen: 24
45.64.84.0/22 maxlen: 24
45.114.192.0/22 maxlen: 24
45.117.0.0/22 maxlen: 24
45.127.120.0/22 maxlen: 24
45.250.248.0/24 maxlen: 24
45.250.249.0/24 maxlen: 24
45.250.250.0/24 maxlen: 24
45.251.236.0/24 maxlen: 24
45.251.237.0/24 maxlen: 24
45.251.238.0/24 maxlen: 24
45.251.239.0/24 maxlen: 24
103.14.232.0/22 maxlen: 24
103.26.52.0/22 maxlen: 22
103.26.52.0/24 maxlen: 24
103.26.53.0/24 maxlen: 24
103.26.54.0/24 maxlen: 24
103.26.55.0/24 maxlen: 24
103.26.56.0/22 maxlen: 24
103.39.251.0/24 maxlen: 24
103.42.160.0/22 maxlen: 24
103.48.56.0/23 maxlen: 24
103.48.58.0/24 maxlen: 24
103.48.59.0/24 maxlen: 24
103.48.100.0/22 maxlen: 24
103.57.96.0/23 maxlen: 24
103.59.212.0/22 maxlen: 24
103.69.238.0/24 maxlen: 24
103.74.236.0/22 maxlen: 24
103.77.152.0/22 maxlen: 23
103.77.152.0/23 maxlen: 24
103.77.154.0/24 maxlen: 24
103.89.40.0/22 maxlen: 24
103.111.132.0/22 maxlen: 24
103.112.32.0/24 maxlen: 24
103.112.33.0/24 maxlen: 24
103.112.34.0/24 maxlen: 24
103.112.35.0/24 maxlen: 24
103.117.184.0/24 maxlen: 24
103.117.187.0/24 maxlen: 24
103.137.152.0/22 maxlen: 24
103.148.207.0/24 maxlen: 24
103.153.151.0/24 maxlen: 24
103.166.112.0/23 maxlen: 24
103.173.208.0/23 maxlen: 24
103.174.30.0/24 maxlen: 24
103.174.38.0/24 maxlen: 24
103.178.212.0/24 maxlen: 24
103.178.213.0/24 maxlen: 24
103.181.209.0/24 maxlen: 24
103.185.11.0/24 maxlen: 24
103.204.119.0/24 maxlen: 24
103.209.18.0/24 maxlen: 24
103.209.19.0/24 maxlen: 24
103.215.114.0/23 maxlen: 24
103.216.144.0/22 maxlen: 24
103.218.100.0/22 maxlen: 24
103.219.164.0/24 maxlen: 24
103.219.165.0/24 maxlen: 24
103.219.166.0/24 maxlen: 24
103.219.167.0/24 maxlen: 24
103.220.80.0/22 maxlen: 24
103.220.212.0/22 maxlen: 24
103.226.0.0/22 maxlen: 24
103.226.4.0/22 maxlen: 24
103.226.28.0/22 maxlen: 24
124.108.16.0/22 maxlen: 24
163.223.244.0/23 maxlen: 24
203.134.248.0/23 maxlen: 24
2001:df6:f180::/48 maxlen: 48
2404:bd00::/48 maxlen: 48
2404:bd00:1::/48 maxlen: 48
2404:bd00:2::/48 maxlen: 48
2404:bd00:3::/48 maxlen: 48
2404:bd00:4::/48 maxlen: 48
2404:bd00:5::/48 maxlen: 48
2404:bd00:6::/48 maxlen: 48
2404:bd00:7::/48 maxlen: 48
2404:bd00:8::/48 maxlen: 48
2404:bd00:a::/48 maxlen: 48
2404:bd00:b::/48 maxlen: 48
2404:bd00:c::/48 maxlen: 48
2404:bd00:d::/48 maxlen: 48
2404:bd00:e::/48 maxlen: 48
2404:bd00:f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 07:20:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55935 (0xda7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Dec 1 05:42:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a4c5f0-70b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:41:bf:c7:90:87:0e:ee:5f:4e:e6:ef:47:88:
b7:90:98:9e:c5:a1:29:9b:12:69:77:78:cb:a5:bc:
8d:07:9d:5e:7d:90:3b:48:4e:fd:2b:fc:5b:0e:94:
51:2f:1f:e2:75:ad:f9:53:e7:71:54:03:a6:26:14:
8a:d6:37:a2:85:78:1e:48:62:68:d5:65:c8:6a:67:
f2:5e:f0:a1:72:7b:65:b3:67:80:fa:e2:9b:67:80:
6f:49:0c:cf:38:af:69:da:85:31:eb:dd:af:05:02:
47:e4:80:ef:d5:a4:7f:7b:da:68:c2:e4:28:47:6f:
fd:79:52:ce:bb:55:b4:9a:be:62:c1:6a:9f:15:8e:
a2:b5:b6:8b:24:d2:29:78:70:18:2c:5f:b5:e9:fe:
d6:85:05:c8:ed:f6:06:2d:ba:b0:6e:f8:fb:0c:7d:
70:f2:40:2e:d3:84:ae:d9:48:10:66:a0:c4:b7:d8:
68:04:06:29:61:79:7f:43:ae:a3:d8:ed:2f:a1:b6:
7f:68:07:7b:b4:79:19:88:85:e1:61:b4:3e:45:a3:
1a:b1:54:e4:f4:7f:0c:db:88:64:fd:50:12:38:f8:
c2:40:06:e7:8f:f0:59:8f:5b:69:39:29:2d:fe:94:
3c:70:28:ec:3c:c9:98:40:ba:04:be:23:b5:ec:db:
58:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:B0:F2:D2:F3:79:77:60:B1:CF:A0:33:BD:84:42:04:AF:54:2B:8C
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8C807080CE7811F09D68494AC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.241.28.0/22
43.241.128.0/21
43.242.208.0/22
43.242.228.0/22
45.64.84.0/22
45.114.192.0/22
45.117.0.0/22
45.127.120.0/22
45.250.248.0-45.250.250.255
45.251.236.0/22
103.14.232.0/22
103.26.52.0-103.26.59.255
103.39.251.0/24
103.42.160.0/22
103.48.56.0/22
103.48.100.0/22
103.57.96.0/23
103.59.212.0/22
103.69.238.0/24
103.74.236.0/22
103.77.152.0/22
103.89.40.0/22
103.111.132.0/22
103.112.32.0/22
103.117.184.0/24
103.117.187.0/24
103.137.152.0/22
103.148.207.0/24
103.153.151.0/24
103.166.112.0/23
103.173.208.0/23
103.174.30.0/24
103.174.38.0/24
103.178.212.0/23
103.181.209.0/24
103.185.11.0/24
103.204.119.0/24
103.209.18.0/23
103.215.114.0/23
103.216.144.0/22
103.218.100.0/22
103.219.164.0/22
103.220.80.0/22
103.220.212.0/22
103.226.0.0/21
103.226.28.0/22
124.108.16.0/22
163.223.244.0/23
203.134.248.0/23
IPv6:
2001:df6:f180::/48
2404:bd00::-2404:bd00:8:ffff:ffff:ffff:ffff:ffff
2404:bd00:a::-2404:bd00:f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8a:37:66:b7:a0:db:8d:bd:41:91:a1:76:e9:91:89:20:21:3c:
04:e6:96:34:9c:16:11:6e:25:b2:d4:40:8d:93:b4:8d:68:a1:
18:6d:3b:68:49:8a:80:32:d1:a3:5c:c4:a1:fd:4a:b5:3a:48:
a4:0b:29:d2:73:36:cc:f7:40:0a:f3:70:63:27:9e:79:05:d4:
9a:66:93:a6:47:67:b9:4b:31:c4:65:42:6b:8e:eb:e7:1a:d6:
e4:e0:4f:31:37:d0:e0:51:ea:f4:fd:13:ac:de:02:a4:a6:a1:
be:2b:84:5b:82:15:6f:ca:87:11:89:d7:99:70:12:eb:69:62:
ee:e0:dc:42:e2:0c:a8:02:b1:88:36:36:c0:80:93:fe:7d:dc:
3f:a8:7a:cd:0e:5d:f8:35:87:93:a5:f0:ad:8d:f2:38:95:0f:
9d:a8:49:a0:54:6c:fa:e5:b2:f8:e2:c5:d9:1a:c7:7c:32:8e:
8b:6d:d4:f7:c5:33:59:63:e3:0b:c7:8d:56:cd:91:3f:11:32:
cf:c5:5a:9d:b0:27:24:8d:4c:cc:94:2a:6e:88:b6:4a:26:85:
06:78:96:e2:fb:19:fe:a3:d9:f6:7b:87:a3:4b:cc:ce:7b:79:
f1:3c:be:6e:18:43:f0:41:ce:5e:33:25:0d:58:89:7f:73:cd:
37:cc:72:bc
-----BEGIN CERTIFICATE-----
MIIGrTCCBZWgAwIBAgIDANp/MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MTIwMTA1NDI0MFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjlhNGM1ZjAtNzBiNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJZBv8eQhw7uX07m70eIt5CYnsWhKZsSaXd4y6W8jQedXn2QO0hO/Sv8Ww6U
US8f4nWt+VPncVQDpiYUitY3ooV4HkhiaNVlyGpn8l7woXJ7ZbNngPrim2eAb0kM
zzivadqFMevdrwUCR+SA79Wkf3vaaMLkKEdv/XlSzrtVtJq+YsFqnxWOorW2iyTS
KXhwGCxften+1oUFyO32Bi26sG74+wx9cPJALtOErtlIEGagxLfYaAQGKWF5f0Ou
o9jtL6G2f2gHe7R5GYiF4WG0PkWjGrFU5PR/DNuIZP1QEjj4wkAG54/wWY9baTkp
Lf6UPHAo7DzJmEC6BL4jtezbWFsCAwEAAaOCA9AwggPMMB0GA1UdDgQWBBRPsPLS
83l3YLHPoDO9hEIEr1QrjDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzhDODA3MDgw
Q0U3ODExRjA5RDY4NDk0QUM0RjlBRTAyLnJvYTCCAY0GCCsGAQUFBwEHAQH/BIIB
fDCCAXgwggE+BAIAATCCATYDBAIr8RwDBAMr8YADBAIr8tADBAIr8uQDBAItQFQD
BAItcsADBAItdQADBAItf3gwDAMEAy36+AMEAC36+gMEAi377AMEAmcO6DAMAwQC
Zxo0AwQCZxo4AwQAZyf7AwQCZyqgAwQCZzA4AwQCZzBkAwQBZzlgAwQCZzvUAwQA
Z0XuAwQCZ0rsAwQCZ02YAwQCZ1koAwQCZ2+EAwQCZ3AgAwQAZ3W4AwQAZ3W7AwQC
Z4mYAwQAZ5TPAwQAZ5mXAwQBZ6ZwAwQBZ63QAwQAZ64eAwQAZ64mAwQBZ7LUAwQA
Z7XRAwQAZ7kLAwQAZ8x3AwQBZ9ESAwQBZ9dyAwQCZ9iQAwQCZ9pkAwQCZ9ukAwQC
Z9xQAwQCZ9zUAwQDZ+IAAwQCZ+IcAwQCfGwQAwQBo9/0AwQBy4b4MDQEAgACMC4D
BwAgAQ328YAwDwMEACQEvQMHACQEvQAACDASAwcBJAS9AAAKAwcEJAS9AAAAMA0G
CSqGSIb3DQEBCwUAA4IBAQCKN2a3oNuNvUGRoXbpkYkgITwE5pY0nBYRbiWy1ECN
k7SNaKEYbTtoSYqAMtGjXMSh/Uq1OkikCynSczbM90AK83BjJ555BdSaZpOmR2e5
SzHEZUJrjuvnGtbk4E8xN9DgUer0/ROs3gKkpqG+K4RbghVvyocRideZcBLraWLu
4NxC4gyoArGINjbAgJP+fdw/qHrNDl34NYeTpfCtjfI4lQ+dqEmgVGz65bL44sXZ
Gsd8Mo6LbdT3xTNZY+MLx41WzZE/ETLPxVqdsCckjUzMlCpuiLZKJoUGeJbi+xn+
o9n2e4ejS8zOe3nxPL5uGEPwQc5eMyUNWIl/c803zHK8
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:08:19 2026 by rpki-client