Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/BC4DD946CC4E11F09B7F956BC4F9AE02.roa
File: BC4DD946CC4E11F09B7F956BC4F9AE02.roa (raw, json)
Hash identifier: XjHuA4keK5deD92n7xXi2leMjBJyMrJ5gt1ovPyWJro=
Subject key identifier: 54:52:8E:1F:F6:A7:D5:2F:F2:E3:AB:5C:CD:CB:0B:34:7E:8F:96:31
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: DA7E
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/BC4DD946CC4E11F09B7F956BC4F9AE02.roa
Signing time: Sun 01 Mar 2026 23:04:15 +0000
ROA not before: Sat 29 Nov 2025 07:01:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 18207
IP address blocks: 103.170.42.0/23 maxlen: 24
103.246.212.0/22 maxlen: 22
103.246.212.0/23 maxlen: 24
103.246.214.0/23 maxlen: 24
123.201.0.0/16 maxlen: 16
123.201.0.0/17 maxlen: 24
123.201.128.0/17 maxlen: 24
150.107.208.0/22 maxlen: 22
150.107.208.0/23 maxlen: 24
150.107.210.0/23 maxlen: 24
175.100.128.0/19 maxlen: 19
175.100.128.0/20 maxlen: 24
175.100.144.0/20 maxlen: 24
203.88.128.0/19 maxlen: 19
203.88.128.0/24 maxlen: 24
203.88.129.0/24 maxlen: 24
203.88.130.0/24 maxlen: 24
203.88.131.0/24 maxlen: 24
203.88.132.0/24 maxlen: 24
203.88.133.0/24 maxlen: 24
203.88.134.0/24 maxlen: 24
203.88.135.0/24 maxlen: 24
203.88.136.0/24 maxlen: 24
203.88.137.0/24 maxlen: 24
203.88.138.0/24 maxlen: 24
203.88.139.0/24 maxlen: 24
203.88.140.0/24 maxlen: 24
203.88.141.0/24 maxlen: 24
203.88.142.0/24 maxlen: 24
203.88.143.0/24 maxlen: 24
203.88.144.0/24 maxlen: 24
203.88.145.0/24 maxlen: 24
203.88.146.0/24 maxlen: 24
203.88.147.0/24 maxlen: 24
203.88.148.0/24 maxlen: 24
203.88.149.0/24 maxlen: 24
203.88.150.0/24 maxlen: 24
203.88.151.0/24 maxlen: 24
203.88.152.0/24 maxlen: 24
203.88.153.0/24 maxlen: 24
203.88.154.0/24 maxlen: 24
203.88.155.0/24 maxlen: 24
203.88.156.0/24 maxlen: 24
203.88.157.0/24 maxlen: 24
203.88.158.0/24 maxlen: 24
203.88.159.0/24 maxlen: 24
203.109.64.0/18 maxlen: 18
203.109.64.0/19 maxlen: 24
203.109.96.0/24 maxlen: 24
203.109.97.0/24 maxlen: 24
203.109.98.0/24 maxlen: 24
203.109.99.0/24 maxlen: 24
203.109.100.0/24 maxlen: 24
203.109.101.0/24 maxlen: 24
203.109.102.0/24 maxlen: 24
203.109.103.0/24 maxlen: 24
203.109.104.0/24 maxlen: 24
203.109.105.0/24 maxlen: 24
203.109.106.0/24 maxlen: 24
203.109.107.0/24 maxlen: 24
203.109.108.0/24 maxlen: 24
203.109.109.0/24 maxlen: 24
203.109.110.0/24 maxlen: 24
203.109.111.0/24 maxlen: 24
203.109.112.0/24 maxlen: 24
203.109.113.0/24 maxlen: 24
203.109.114.0/24 maxlen: 24
203.109.115.0/24 maxlen: 24
203.109.116.0/24 maxlen: 24
203.109.117.0/24 maxlen: 24
203.109.118.0/24 maxlen: 24
203.109.119.0/24 maxlen: 24
203.109.120.0/24 maxlen: 24
203.109.121.0/24 maxlen: 24
203.109.122.0/24 maxlen: 24
203.109.123.0/24 maxlen: 24
203.109.124.0/24 maxlen: 24
203.109.125.0/24 maxlen: 24
203.109.126.0/24 maxlen: 24
203.109.127.0/24 maxlen: 24
203.187.192.0/18 maxlen: 18
203.187.192.0/24 maxlen: 24
203.187.193.0/24 maxlen: 24
203.187.194.0/24 maxlen: 24
203.187.195.0/24 maxlen: 24
203.187.196.0/24 maxlen: 24
203.187.197.0/24 maxlen: 24
203.187.198.0/24 maxlen: 24
203.187.199.0/24 maxlen: 24
203.187.200.0/24 maxlen: 24
203.187.201.0/24 maxlen: 24
203.187.202.0/24 maxlen: 24
203.187.203.0/24 maxlen: 24
203.187.204.0/24 maxlen: 24
203.187.205.0/24 maxlen: 24
203.187.206.0/24 maxlen: 24
203.187.207.0/24 maxlen: 24
203.187.208.0/24 maxlen: 24
203.187.209.0/24 maxlen: 24
203.187.210.0/24 maxlen: 24
203.187.211.0/24 maxlen: 24
203.187.212.0/24 maxlen: 24
203.187.213.0/24 maxlen: 24
203.187.214.0/24 maxlen: 24
203.187.215.0/24 maxlen: 24
203.187.216.0/24 maxlen: 24
203.187.217.0/24 maxlen: 24
203.187.218.0/24 maxlen: 24
203.187.219.0/24 maxlen: 24
203.187.220.0/24 maxlen: 24
203.187.221.0/24 maxlen: 24
203.187.222.0/24 maxlen: 24
203.187.223.0/24 maxlen: 24
203.187.224.0/19 maxlen: 24
219.91.128.0/17 maxlen: 17
219.91.128.0/18 maxlen: 24
219.91.192.0/18 maxlen: 24
2405:6800::/32 maxlen: 32
2405:6800::/33 maxlen: 37
2405:6800:8000::/33 maxlen: 37
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 11:16:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55934 (0xda7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Nov 29 07:01:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a4c5ef-e7a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:be:bf:de:49:c5:e3:a0:d4:c6:33:fe:6d:95:
cb:49:37:34:16:15:d2:4e:61:19:fa:5b:9f:c7:6e:
46:2e:cc:17:96:10:ab:14:10:0e:6c:6b:64:2d:17:
84:3e:12:8d:63:d0:1e:da:a2:2b:c7:6a:5e:a7:94:
cf:08:13:64:dd:7a:05:8d:3b:0d:01:86:3d:e6:1c:
e5:9f:a3:e3:87:da:7e:c7:77:d2:48:e8:91:8e:e2:
28:24:4c:74:a7:53:f4:e4:11:09:d1:87:60:07:b9:
7c:1e:33:f7:55:0a:1f:32:d6:c1:f3:bf:9b:a4:38:
10:07:e7:6c:64:c7:d0:ba:fd:a2:88:6e:ed:c5:bd:
e1:04:96:91:ba:40:45:b6:86:04:a6:e1:60:a4:1c:
76:df:bd:e2:2a:97:3e:a1:49:e7:fa:ab:6d:14:eb:
24:04:3f:e1:de:ad:91:57:a3:2c:38:24:5a:50:56:
71:df:fe:ee:6d:38:7f:67:74:44:5e:83:99:4b:49:
09:34:22:c5:0b:82:5d:e7:f9:9b:ae:4c:6f:a2:0a:
f2:8a:49:6f:da:e8:66:ce:a6:f0:91:0d:da:ef:eb:
f5:07:e1:0d:42:b1:6c:d7:fa:46:6d:c7:45:48:4c:
d6:d9:f9:eb:2f:d1:68:af:e4:f9:93:06:43:bd:b9:
e7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:52:8E:1F:F6:A7:D5:2F:F2:E3:AB:5C:CD:CB:0B:34:7E:8F:96:31
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/BC4DD946CC4E11F09B7F956BC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.170.42.0/23
103.246.212.0/22
123.201.0.0/16
150.107.208.0/22
175.100.128.0/19
203.88.128.0/19
203.109.64.0/18
203.187.192.0/18
219.91.128.0/17
IPv6:
2405:6800::/32
Signature Algorithm: sha256WithRSAEncryption
58:88:8c:d8:5d:53:9a:eb:08:c7:f7:73:88:a1:61:8b:c8:1b:
7f:3f:34:06:6e:ee:9b:59:e4:6e:2f:09:ca:4f:b1:8f:2c:8a:
ab:29:fa:29:69:3e:5d:a7:80:7f:fb:1c:ab:84:8c:1e:3a:f6:
52:23:79:6f:4b:f2:e2:cc:7b:fc:20:79:75:22:39:d7:f9:1d:
d6:fa:2e:90:a0:df:dc:61:e7:ea:55:57:f4:ca:b0:07:19:65:
3c:6f:27:ec:f9:9a:86:a1:76:ff:5d:e7:e0:2d:6c:8d:2b:84:
47:0d:c8:ef:d7:29:d6:4b:df:6b:89:a5:4f:8d:21:ee:eb:7a:
61:16:b1:43:77:5c:2a:ba:be:57:2c:c7:91:7e:41:49:d7:a5:
be:c2:03:32:82:1d:03:11:eb:c5:67:f5:b4:08:b7:42:00:60:
0f:6d:66:e6:87:c6:9f:9f:6c:91:51:d5:45:96:02:74:a3:5c:
46:37:3e:60:6a:40:58:4d:13:a4:3a:60:f6:82:d2:d5:fd:0a:
ea:e0:f8:50:78:73:a9:7f:49:b4:1c:e0:70:d9:c1:b6:03:9d:
82:0b:78:49:b3:ef:70:96:78:98:f4:ab:a2:0d:1c:e4:ec:b6:
51:d0:cd:f4:e7:37:c3:9b:23:45:40:23:03:da:50:04:8b:4b:
15:cf:3a:dd
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIDANp+MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MTEyOTA3MDE0MloXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjlhNGM1ZWYtZTdhMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMS+v95JxeOg1MYz/m2Vy0k3NBYV0k5hGfpbn8duRi7MF5YQqxQQDmxrZC0X
hD4SjWPQHtqiK8dqXqeUzwgTZN16BY07DQGGPeYc5Z+j44fafsd30kjokY7iKCRM
dKdT9OQRCdGHYAe5fB4z91UKHzLWwfO/m6Q4EAfnbGTH0Lr9oohu7cW94QSWkbpA
RbaGBKbhYKQcdt+94iqXPqFJ5/qrbRTrJAQ/4d6tkVejLDgkWlBWcd/+7m04f2d0
RF6DmUtJCTQixQuCXef5m65Mb6IK8opJb9roZs6m8JEN2u/r9QfhDUKxbNf6Rm3H
RUhM1tn56y/RaK/k+ZMGQ7255+MCAwEAAaOCAp4wggKaMB0GA1UdDgQWBBRUUo4f
9qfVL/Ljq1zNyws0fo+WMTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0JDNEREOTQ2
Q0M0RTExRjA5QjdGOTU2QkM0RjlBRTAyLnJvYTBdBggrBgEFBQcBBwEB/wROMEww
OwQCAAEwNQMEAWeqKgMEAmf21AMDAHvJAwQClmvQAwQFr2SAAwQFy1iAAwQGy21A
AwQGy7vAAwQH21uAMA0EAgACMAcDBQAkBWgAMA0GCSqGSIb3DQEBCwUAA4IBAQBY
iIzYXVOa6wjH93OIoWGLyBt/PzQGbu6bWeRuLwnKT7GPLIqrKfopaT5dp4B/+xyr
hIweOvZSI3lvS/LizHv8IHl1IjnX+R3W+i6QoN/cYefqVVf0yrAHGWU8byfs+ZqG
oXb/XefgLWyNK4RHDcjv1ynWS99riaVPjSHu63phFrFDd1wqur5XLMeRfkFJ16W+
wgMygh0DEevFZ/W0CLdCAGAPbWbmh8afn2yRUdVFlgJ0o1xGNz5gakBYTROkOmD2
gtLV/Qrq4PhQeHOpf0m0HOBw2cG2A52CC3hJs+9wlniY9KuiDRzk7LZR0M305zfD
myNFQCMD2lAEi0sVzzrd
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:48:18 2026 by rpki-client