Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D647A884D72211F0AE1D66409DD3641D.roa
File: D647A884D72211F0AE1D66409DD3641D.roa (raw, json)
Hash identifier: bM66p5zOxj+HbmX9r+XPZbdVjfn+RqjdzlicrralZrE=
Subject key identifier: 22:CC:FC:1C:05:1A:1F:93:CA:46:48:3A:B0:D0:2C:85:A4:B4:6F:78
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: DB24
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D647A884D72211F0AE1D66409DD3641D.roa
Signing time: Sun 01 Mar 2026 23:07:00 +0000
ROA not before: Tue 17 Feb 2026 06:41:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 17439
IP address blocks: 43.225.0.0/22 maxlen: 24
45.64.12.0/24 maxlen: 24
45.251.76.0/22 maxlen: 24
49.213.48.0/23 maxlen: 24
103.19.52.0/22 maxlen: 24
103.35.164.0/23 maxlen: 23
103.48.50.0/23 maxlen: 23
103.48.50.0/24 maxlen: 24
103.48.51.0/24 maxlen: 24
103.55.244.0/22 maxlen: 24
103.70.160.0/22 maxlen: 24
103.83.220.0/22 maxlen: 24
103.96.95.0/24 maxlen: 24
103.100.80.0/22 maxlen: 24
103.115.194.0/24 maxlen: 24
103.116.60.0/22 maxlen: 24
103.117.117.0/24 maxlen: 24
103.138.136.0/22 maxlen: 24
103.143.38.0/24 maxlen: 24
103.165.78.0/23 maxlen: 24
103.170.114.0/24 maxlen: 24
103.171.44.0/23 maxlen: 24
103.174.54.0/23 maxlen: 23
103.175.22.0/24 maxlen: 24
103.175.23.0/24 maxlen: 24
103.175.163.0/24 maxlen: 24
103.181.20.0/23 maxlen: 24
103.214.114.0/24 maxlen: 24
103.214.115.0/24 maxlen: 24
103.214.122.0/23 maxlen: 24
103.225.99.0/24 maxlen: 24
103.226.224.0/24 maxlen: 24
103.228.103.0/24 maxlen: 24
103.235.104.0/22 maxlen: 22
103.239.136.0/22 maxlen: 24
103.247.97.0/24 maxlen: 24
103.247.98.0/24 maxlen: 24
202.66.172.0/22 maxlen: 24
203.112.136.0/21 maxlen: 24
203.112.144.0/21 maxlen: 24
2001:df0:3a00::/48 maxlen: 48
2001:df2:f980::/48 maxlen: 48
2407:e9c0::/48 maxlen: 48
2407:e9c0:1::/48 maxlen: 48
2407:e9c0:2::/48 maxlen: 48
2407:e9c0:5::/48 maxlen: 48
2407:e9c0:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 07:55:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56100 (0xdb24)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Feb 17 06:41:44 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a4c694-83c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:16:3b:d7:3f:54:eb:bb:98:d0:4f:4e:9d:49:
26:ba:32:43:30:81:03:3c:95:1a:bf:c4:fa:4d:ee:
00:1f:11:10:70:52:a7:60:da:8d:0f:b7:57:84:28:
23:9b:99:6b:5d:c0:3e:5d:60:23:b3:a7:a4:72:62:
3c:2a:dc:4f:74:7e:66:44:79:58:25:ba:f8:9f:ff:
02:26:e4:7c:bd:83:5e:36:d2:9f:a6:f3:38:82:90:
8a:31:67:a7:38:e6:77:d7:54:27:ac:42:4d:b2:18:
91:8e:fe:15:05:18:68:98:89:23:72:be:8d:0b:8f:
5d:58:aa:22:82:35:98:67:7b:34:3a:d7:7e:9b:d1:
04:a0:9e:e0:81:37:62:a8:88:96:0a:07:42:77:b4:
ec:71:81:04:83:6e:d2:16:e5:bc:41:0a:6f:24:6d:
a0:ad:7e:77:2b:a5:98:6a:57:32:80:95:e2:ba:06:
c5:84:d9:ae:3e:13:2e:64:73:41:ca:c5:66:a9:4e:
51:73:ec:89:5c:87:90:d5:4b:b3:fe:33:4a:32:a6:
ab:db:ab:dd:57:a4:e5:bc:d1:3b:2e:70:93:c2:80:
ba:a7:ba:d6:44:e6:a7:83:2f:ad:b0:39:1b:f3:3b:
98:12:66:ee:a8:6c:f2:f8:2d:8d:fc:86:5a:4f:94:
44:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:CC:FC:1C:05:1A:1F:93:CA:46:48:3A:B0:D0:2C:85:A4:B4:6F:78
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D647A884D72211F0AE1D66409DD3641D.roa
sbgp-ipAddrBlock: critical
IPv4:
43.225.0.0/22
45.64.12.0/24
45.251.76.0/22
49.213.48.0/23
103.19.52.0/22
103.35.164.0/23
103.48.50.0/23
103.55.244.0/22
103.70.160.0/22
103.83.220.0/22
103.96.95.0/24
103.100.80.0/22
103.115.194.0/24
103.116.60.0/22
103.117.117.0/24
103.138.136.0/22
103.143.38.0/24
103.165.78.0/23
103.170.114.0/24
103.171.44.0/23
103.174.54.0/23
103.175.22.0/23
103.175.163.0/24
103.181.20.0/23
103.214.114.0/23
103.214.122.0/23
103.225.99.0/24
103.226.224.0/24
103.228.103.0/24
103.235.104.0/22
103.239.136.0/22
103.247.97.0-103.247.98.255
202.66.172.0/22
203.112.136.0-203.112.151.255
IPv6:
2001:df0:3a00::/48
2001:df2:f980::/48
2407:e9c0::-2407:e9c0:2:ffff:ffff:ffff:ffff:ffff
2407:e9c0:5::/48
2407:e9c0:7::/48
Signature Algorithm: sha256WithRSAEncryption
ac:73:a5:ca:00:01:ca:c8:2c:23:1e:3b:3a:2b:78:01:1a:7a:
29:83:0a:e8:36:dc:2a:41:f0:56:bd:eb:01:4b:e5:b7:25:ef:
cc:ad:b3:49:dc:f3:db:68:63:5b:ff:ac:10:fb:80:ff:33:6e:
b6:56:3b:d9:24:b4:95:14:a6:da:e8:a5:48:3b:21:61:67:ce:
c2:c7:b7:9d:28:a6:ef:bf:65:cf:75:fb:67:27:e1:63:21:7f:
bb:0a:42:5d:cf:2f:5e:13:6e:87:f3:17:1b:a1:0e:e0:19:39:
98:66:ef:b9:80:72:53:8d:19:56:ea:9a:79:4e:dd:06:e5:55:
26:97:ff:92:3f:62:a1:7b:a4:6f:7b:2e:64:ce:b3:07:6e:b0:
dc:61:03:cf:92:f5:b6:1e:3d:f0:8d:0c:c7:12:d4:21:3d:7a:
28:cf:6d:79:56:dd:50:e5:33:04:8d:7d:a8:14:1b:23:3f:9e:
2b:d2:8d:24:5a:91:8b:17:8c:4f:81:1f:eb:94:a5:4f:6a:10:
ea:0f:87:93:8b:fd:bd:2e:fb:ae:19:59:a9:25:30:d2:e3:29:
0b:14:fc:e1:0e:93:88:a3:a5:36:47:ce:93:d2:b9:16:8b:fc:
58:ca:34:7a:ca:07:21:6d:6f:5f:f9:10:b0:72:e0:cf:e1:e6:
06:b4:83:37
-----BEGIN CERTIFICATE-----
MIIGWTCCBUGgAwIBAgIDANskMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDIxNzA2NDE0NFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjlhNGM2OTQtODNjNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUWO9c/VOu7mNBPTp1JJroyQzCBAzyVGr/E+k3uAB8REHBSp2DajQ+3V4Qo
I5uZa13APl1gI7OnpHJiPCrcT3R+ZkR5WCW6+J//AibkfL2DXjbSn6bzOIKQijFn
pzjmd9dUJ6xCTbIYkY7+FQUYaJiJI3K+jQuPXViqIoI1mGd7NDrXfpvRBKCe4IE3
YqiIlgoHQne07HGBBINu0hblvEEKbyRtoK1+dyulmGpXMoCV4roGxYTZrj4TLmRz
QcrFZqlOUXPsiVyHkNVLs/4zSjKmq9ur3Vek5bzROy5wk8KAuqe61kTmp4MvrbA5
G/M7mBJm7qhs8vgtjfyGWk+URIUCAwEAAaOCA3wwggN4MB0GA1UdDgQWBBQizPwc
BRofk8pGSDqw0CyFpLRveDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0Q2NDdBODg0
RDcyMjExRjBBRTFENjY0MDlERDM2NDFELnJvYTCCATkGCCsGAQUFBwEHAQH/BIIB
KDCCASQwgeMEAgABMIHcAwQCK+EAAwQALUAMAwQCLftMAwQBMdUwAwQCZxM0AwQB
ZyOkAwQBZzAyAwQCZzf0AwQCZ0agAwQCZ1PcAwQAZ2BfAwQCZ2RQAwQAZ3PCAwQC
Z3Q8AwQAZ3V1AwQCZ4qIAwQAZ48mAwQBZ6VOAwQAZ6pyAwQBZ6ssAwQBZ642AwQB
Z68WAwQAZ6+jAwQBZ7UUAwQBZ9ZyAwQBZ9Z6AwQAZ+FjAwQAZ+LgAwQAZ+RnAwQC
Z+toAwQCZ++IMAwDBABn92EDBABn92IDBALKQqwwDAMEA8twiAMEA8twkDA8BAIA
AjA2AwcAIAEN8DoAAwcAIAEN8vmAMBADBQYkB+nAAwcAJAfpwAACAwcAJAfpwAAF
AwcAJAfpwAAHMA0GCSqGSIb3DQEBCwUAA4IBAQCsc6XKAAHKyCwjHjs6K3gBGnop
gwroNtwqQfBWvesBS+W3Je/MrbNJ3PPbaGNb/6wQ+4D/M262VjvZJLSVFKba6KVI
OyFhZ87Cx7edKKbvv2XPdftnJ+FjIX+7CkJdzy9eE26H8xcboQ7gGTmYZu+5gHJT
jRlW6pp5Tt0G5VUml/+SP2Khe6Rvey5kzrMHbrDcYQPPkvW2Hj3wjQzHEtQhPXoo
z215Vt1Q5TMEjX2oFBsjP54r0o0kWpGLF4xPgR/rlKVPahDqD4eTi/29LvuuGVmp
JTDS4ykLFPzhDpOIo6U2R86T0rkWi/xYyjR6ygchbW9f+RCwcuDP4eYGtIM3
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:31:33 2026 by rpki-client