Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B795678A8D4B11F0872E1828C4F9AE02.roa
File: B795678A8D4B11F0872E1828C4F9AE02.roa (raw, json)
Hash identifier: frhT3Yv/A8ADuVhfdYx7+NeWypnByM+zXV9sQthr/fY=
Subject key identifier: 5A:A0:E3:5B:3E:C7:EB:42:33:63:05:22:7A:CB:52:13:E0:8A:14:B5
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: DAFB
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B795678A8D4B11F0872E1828C4F9AE02.roa
Signing time: Sun 01 Mar 2026 23:06:19 +0000
ROA not before: Sat 31 Jan 2026 11:02:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132215
IP address blocks: 1.6.136.0/24 maxlen: 24
1.6.226.0/24 maxlen: 24
1.6.227.0/24 maxlen: 24
1.6.228.0/24 maxlen: 24
1.7.142.0/24 maxlen: 24
1.7.151.0/24 maxlen: 24
1.7.161.0/24 maxlen: 24
1.7.162.0/24 maxlen: 24
1.7.180.0/24 maxlen: 24
1.7.200.0/24 maxlen: 24
1.7.201.0/24 maxlen: 24
1.7.202.0/24 maxlen: 24
43.227.132.0/22 maxlen: 24
45.127.208.0/22 maxlen: 24
45.127.228.0/22 maxlen: 24
45.127.236.0/22 maxlen: 24
45.249.232.0/22 maxlen: 22
45.249.234.0/24 maxlen: 24
45.249.235.0/24 maxlen: 24
58.84.20.0/22 maxlen: 24
58.84.24.0/22 maxlen: 24
59.152.80.0/22 maxlen: 24
61.14.204.0/22 maxlen: 24
103.7.128.0/22 maxlen: 24
103.15.228.0/22 maxlen: 24
103.59.140.0/22 maxlen: 24
103.70.60.0/22 maxlen: 24
103.120.28.0/22 maxlen: 24
103.196.188.0/22 maxlen: 24
103.196.216.0/22 maxlen: 24
103.196.224.0/22 maxlen: 24
103.197.36.0/22 maxlen: 24
103.197.40.0/22 maxlen: 24
103.197.80.0/22 maxlen: 24
103.197.100.0/22 maxlen: 24
103.197.124.0/22 maxlen: 24
103.197.128.0/22 maxlen: 24
103.197.136.0/22 maxlen: 24
103.197.140.0/22 maxlen: 24
103.200.76.0/22 maxlen: 24
103.200.80.0/22 maxlen: 24
103.200.88.0/22 maxlen: 24
103.203.80.0/22 maxlen: 24
103.218.228.0/24 maxlen: 24
103.218.229.0/24 maxlen: 24
111.235.68.0/22 maxlen: 24
114.134.16.0/22 maxlen: 24
202.177.153.0/24 maxlen: 24
202.177.157.0/24 maxlen: 24
218.185.248.0/22 maxlen: 24
220.158.128.0/22 maxlen: 24
220.158.144.0/22 maxlen: 24
220.158.168.0/22 maxlen: 24
220.158.172.0/22 maxlen: 24
220.158.180.0/22 maxlen: 24
220.158.184.0/22 maxlen: 24
223.31.120.0/24 maxlen: 24
223.31.121.0/24 maxlen: 24
223.31.122.0/24 maxlen: 24
223.31.123.0/24 maxlen: 24
223.31.159.0/24 maxlen: 24
223.31.174.0/24 maxlen: 24
2401:ac20::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 07:55:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56059 (0xdafb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jan 31 11:02:32 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a4c66b-0d88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:59:21:a5:17:e3:e9:fa:34:d9:a3:77:5b:e8:
5c:5c:8f:3c:bd:c6:c0:2e:0f:75:f5:b9:aa:ab:d0:
55:61:85:a3:20:5e:89:a2:ab:a2:bd:0a:85:60:e2:
33:c2:17:9f:c1:02:93:3f:ed:8d:4d:db:1d:e3:41:
cf:73:8b:e4:95:dd:68:70:47:52:a2:c8:bf:3a:6e:
f7:9f:09:41:a2:e9:3c:e9:29:72:86:46:4e:9b:c1:
16:70:9f:29:a6:ee:65:12:14:bf:74:54:dd:0c:7f:
7b:84:2c:4c:2d:be:17:e8:d3:f7:68:f4:4e:4a:5d:
33:ea:6a:66:df:a8:5c:37:de:bb:44:49:58:7f:ff:
14:d7:87:a9:21:5e:40:59:c9:de:d4:68:f7:9f:da:
1f:4c:c2:72:82:3c:1d:27:e6:55:bd:be:9a:51:29:
bb:0b:c1:94:ff:95:09:ee:b1:5f:e9:54:7b:9a:31:
0e:b9:15:f2:fa:7c:1e:27:6e:cc:ce:db:0b:9a:66:
2b:e1:83:b4:9b:50:e6:46:8c:63:02:f9:ae:f7:ee:
ac:ba:00:53:32:c4:ca:7c:17:14:9a:78:4e:d7:f8:
3c:a7:d9:02:73:80:97:38:f5:32:1f:29:b4:56:54:
89:dc:63:99:b1:87:ef:28:84:46:b5:8d:c3:8e:17:
21:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:A0:E3:5B:3E:C7:EB:42:33:63:05:22:7A:CB:52:13:E0:8A:14:B5
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B795678A8D4B11F0872E1828C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
1.6.136.0/24
1.6.226.0-1.6.228.255
1.7.142.0/24
1.7.151.0/24
1.7.161.0-1.7.162.255
1.7.180.0/24
1.7.200.0-1.7.202.255
43.227.132.0/22
45.127.208.0/22
45.127.228.0/22
45.127.236.0/22
45.249.232.0/22
58.84.20.0-58.84.27.255
59.152.80.0/22
61.14.204.0/22
103.7.128.0/22
103.15.228.0/22
103.59.140.0/22
103.70.60.0/22
103.120.28.0/22
103.196.188.0/22
103.196.216.0/22
103.196.224.0/22
103.197.36.0-103.197.43.255
103.197.80.0/22
103.197.100.0/22
103.197.124.0-103.197.131.255
103.197.136.0/21
103.200.76.0-103.200.83.255
103.200.88.0/22
103.203.80.0/22
103.218.228.0/23
111.235.68.0/22
114.134.16.0/22
202.177.153.0/24
202.177.157.0/24
218.185.248.0/22
220.158.128.0/22
220.158.144.0/22
220.158.168.0/21
220.158.180.0-220.158.187.255
223.31.120.0/22
223.31.159.0/24
223.31.174.0/24
IPv6:
2401:ac20::/32
Signature Algorithm: sha256WithRSAEncryption
09:e5:fb:4c:22:85:f1:20:8e:46:b9:6d:c9:a8:ab:64:c3:ef:
9e:1e:23:86:e2:f4:97:6f:6e:95:fe:db:c6:84:a6:b2:7d:d0:
53:9b:0f:bc:79:8f:e3:0c:b5:75:81:64:1e:ff:f1:9d:4d:e2:
55:0e:1a:ed:50:50:60:03:72:04:85:42:f1:92:fd:89:73:b2:
6b:e1:60:9f:f9:df:20:71:b3:73:40:e0:ca:65:38:ad:ab:ce:
9e:9b:31:85:cc:c1:a8:2f:a1:a4:16:4a:9e:0d:fd:ec:83:a8:
6a:25:0b:56:a6:ae:3a:f3:e3:79:5d:44:09:0b:02:4a:aa:98:
4f:6b:83:56:da:d9:af:26:29:cc:d6:fa:ca:99:37:87:b6:78:
a0:ef:5f:76:1c:d2:53:48:79:f1:7e:f2:83:2f:bc:96:96:14:
2f:a8:ec:d8:44:72:5a:07:50:1e:35:7a:ea:e9:7d:96:40:03:
97:02:d2:83:2e:41:9e:ca:d3:47:ae:52:6b:49:b9:e9:9a:ec:
4f:0e:2e:55:3b:2c:da:7d:07:ee:0e:78:2b:72:ce:22:2a:ad:
62:a9:72:81:f6:47:49:57:cf:93:62:5f:7b:18:85:f1:79:24:
18:a6:00:bb:c9:ae:c1:bc:60:24:c7:b9:e0:ec:6a:55:95:a3:
6f:47:bc:6e
-----BEGIN CERTIFICATE-----
MIIGmDCCBYCgAwIBAgIDANr7MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDEzMTExMDIzMloXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjlhNGM2NmItMGQ4ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMpZIaUX4+n6NNmjd1voXFyPPL3GwC4PdfW5qqvQVWGFoyBeiaKror0KhWDi
M8IXn8ECkz/tjU3bHeNBz3OL5JXdaHBHUqLIvzpu958JQaLpPOkpcoZGTpvBFnCf
KabuZRIUv3RU3Qx/e4QsTC2+F+jT92j0TkpdM+pqZt+oXDfeu0RJWH//FNeHqSFe
QFnJ3tRo95/aH0zCcoI8HSfmVb2+mlEpuwvBlP+VCe6xX+lUe5oxDrkV8vp8Hidu
zM7bC5pmK+GDtJtQ5kaMYwL5rvfurLoAUzLEynwXFJp4Ttf4PKfZAnOAlzj1Mh8p
tFZUidxjmbGH7yiERrWNw44XIS0CAwEAAaOCA7swggO3MB0GA1UdDgQWBBRaoONb
PsfrQjNjBSJ6y1IT4IoUtTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0I3OTU2NzhB
OEQ0QjExRjA4NzJFMTgyOEM0RjlBRTAyLnJvYTCCAXgGCCsGAQUFBwEHAQH/BIIB
ZzCCAWMwggFQBAIAATCCAUgDBAABBogwDAMEAQEG4gMEAAEG5AMEAAEHjgMEAAEH
lzAMAwQAAQehAwQAAQeiAwQAAQe0MAwDBAMBB8gDBAABB8oDBAIr44QDBAItf9AD
BAItf+QDBAItf+wDBAIt+egwDAMEAjpUFAMEAjpUGAMEAjuYUAMEAj0OzAMEAmcH
gAMEAmcP5AMEAmc7jAMEAmdGPAMEAmd4HAMEAmfEvAMEAmfE2AMEAmfE4DAMAwQC
Z8UkAwQCZ8UoAwQCZ8VQAwQCZ8VkMAwDBAJnxXwDBAJnxYADBANnxYgwDAMEAmfI
TAMEAmfIUAMEAmfIWAMEAmfLUAMEAWfa5AMEAm/rRAMEAnKGEAMEAMqxmQMEAMqx
nQMEAtq5+AMEAtyegAMEAtyekAMEA9yeqDAMAwQC3J60AwQC3J64AwQC3x94AwQA
3x+fAwQA3x+uMA0EAgACMAcDBQAkAawgMA0GCSqGSIb3DQEBCwUAA4IBAQAJ5ftM
IoXxII5GuW3JqKtkw++eHiOG4vSXb26V/tvGhKayfdBTmw+8eY/jDLV1gWQe//Gd
TeJVDhrtUFBgA3IEhULxkv2Jc7Jr4WCf+d8gcbNzQODKZTitq86emzGFzMGoL6Gk
FkqeDf3sg6hqJQtWpq468+N5XUQJCwJKqphPa4NW2tmvJinM1vrKmTeHtnig7192
HNJTSHnxfvKDL7yWlhQvqOzYRHJaB1AeNXrq6X2WQAOXAtKDLkGeytNHrlJrSbnp
muxPDi5VOyzafQfuDngrcs4iKq1iqXKB9kdJV8+TYl97GIXxeSQYpgC7ya7BvGAk
x7ng7GpVlaNvR7xu
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:17:20 2026 by rpki-client