Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E95B8766D68611F0A003219E6AD3641D.roa
File: E95B8766D68611F0A003219E6AD3641D.roa (raw, json)
Hash identifier: 6ImC0LdB3qBc5pxnNWNOWze3fjV/jLQO/mRfJ6b7ICo=
Subject key identifier: D7:BE:42:C2:2D:39:F3:B6:CC:A6:B9:08:5E:D3:4D:CA:73:C0:02:22
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: DB1D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E95B8766D68611F0A003219E6AD3641D.roa
Signing time: Sun 01 Mar 2026 23:06:53 +0000
ROA not before: Fri 13 Feb 2026 08:14:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58965
IP address blocks: 43.225.192.0/22 maxlen: 24
103.74.144.0/22 maxlen: 24
103.77.40.0/22 maxlen: 24
103.83.144.0/22 maxlen: 24
103.110.16.0/22 maxlen: 22
103.110.16.0/24 maxlen: 24
103.110.17.0/24 maxlen: 24
103.110.18.0/24 maxlen: 24
103.110.19.0/24 maxlen: 24
103.110.180.0/24 maxlen: 24
103.125.128.0/22 maxlen: 22
103.125.128.0/24 maxlen: 24
103.125.129.0/24 maxlen: 24
103.125.130.0/24 maxlen: 24
103.125.131.0/24 maxlen: 24
103.134.115.0/24 maxlen: 24
103.141.90.0/24 maxlen: 24
103.161.198.0/24 maxlen: 24
103.163.144.0/23 maxlen: 24
103.164.46.0/24 maxlen: 24
103.164.47.0/24 maxlen: 24
103.165.28.0/23 maxlen: 24
103.180.43.0/24 maxlen: 24
103.188.126.0/24 maxlen: 24
103.231.32.0/23 maxlen: 24
103.233.116.0/22 maxlen: 24
103.243.7.0/24 maxlen: 24
103.254.204.0/23 maxlen: 24
2001:df0:4940::/48 maxlen: 48
2001:df1:5640::/48 maxlen: 48
2001:df3:69c0::/48 maxlen: 48
2001:df3:cac0::/48 maxlen: 48
2001:df7:2b00::/48 maxlen: 48
2407:45c0::/32 maxlen: 32
2407:45c0:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 07:55:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56093 (0xdb1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Feb 13 08:14:09 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a4c68d-f6fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:dd:74:33:c4:82:91:ef:e4:6a:54:05:3a:5c:
9a:df:b8:03:3e:4c:45:e6:be:b3:9d:6c:6f:b6:0b:
db:7c:72:81:45:89:c6:d8:4a:bd:e6:3a:09:06:28:
4e:fe:08:1b:a5:d8:82:df:27:93:83:d6:b8:dd:d8:
e5:ef:c7:43:80:1e:88:e7:bd:08:87:f6:53:cf:60:
c1:bb:19:cc:2c:c4:5a:2f:98:63:b9:64:99:74:57:
bf:99:b6:7b:10:26:4a:30:ad:f7:6b:7d:fa:fa:3a:
cc:5f:1d:d6:cc:24:55:fb:97:be:cc:80:9c:af:dc:
da:f2:bd:3e:ce:2c:d3:21:17:17:6a:9a:60:ed:50:
65:5e:b9:34:e0:84:17:00:c2:99:e1:0c:72:1c:8f:
40:c0:e5:52:11:14:27:28:14:85:00:d6:c3:3e:6f:
70:41:76:00:8c:46:46:9a:f4:30:41:0a:c2:0f:ad:
a1:40:18:8c:4f:6d:b9:7a:f3:12:66:1a:72:ec:ed:
c0:4e:1b:ee:2e:0a:2b:ab:63:c1:68:03:12:de:a9:
8c:34:26:2b:80:54:c5:a0:7e:a5:f1:de:bb:45:fd:
2d:85:de:1c:4f:4c:f4:77:23:a9:71:41:b9:71:31:
05:16:a9:8c:33:e1:60:13:14:9c:bb:a0:e6:58:7c:
1c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:BE:42:C2:2D:39:F3:B6:CC:A6:B9:08:5E:D3:4D:CA:73:C0:02:22
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E95B8766D68611F0A003219E6AD3641D.roa
sbgp-ipAddrBlock: critical
IPv4:
43.225.192.0/22
103.74.144.0/22
103.77.40.0/22
103.83.144.0/22
103.110.16.0/22
103.110.180.0/24
103.125.128.0/22
103.134.115.0/24
103.141.90.0/24
103.161.198.0/24
103.163.144.0/23
103.164.46.0/23
103.165.28.0/23
103.180.43.0/24
103.188.126.0/24
103.231.32.0/23
103.233.116.0/22
103.243.7.0/24
103.254.204.0/23
IPv6:
2001:df0:4940::/48
2001:df1:5640::/48
2001:df3:69c0::/48
2001:df3:cac0::/48
2001:df7:2b00::/48
2407:45c0::/32
Signature Algorithm: sha256WithRSAEncryption
7d:a8:e9:d1:8b:64:94:c6:56:90:51:df:48:7a:41:a1:7d:a2:
55:a8:9b:e0:34:44:06:f8:9f:1e:98:6f:ca:1e:f2:7f:11:ea:
b9:62:29:3e:c8:d0:c7:9b:7a:36:e8:70:12:2b:9e:6c:e9:ec:
98:2a:53:ed:d4:96:b7:9a:f2:61:0a:ed:dd:ee:52:02:46:13:
a5:69:bd:b7:66:e4:12:a3:05:79:ed:d7:d6:5f:22:0e:aa:73:
46:f1:12:80:08:96:0c:7c:9b:a7:4d:57:30:25:5c:bc:b2:41:
5e:70:56:13:3d:06:6a:49:66:f3:12:e5:72:f1:6b:fb:12:57:
12:da:0d:61:db:b2:a3:9e:7a:fa:c8:97:2d:29:68:04:96:ce:
dc:94:49:98:87:14:b4:1a:0a:a3:7d:cd:01:f6:ba:f7:46:c3:
44:4f:cd:62:04:7f:91:5c:34:8c:ec:57:a3:fa:b3:48:a7:28:
95:8b:92:58:5c:bb:e9:47:d6:f2:3d:bd:ff:1d:38:ca:50:a1:
80:8f:89:b7:00:7a:a3:23:70:ab:85:05:5f:c1:3d:13:25:f5:
a2:06:20:b9:ff:7a:ac:46:7a:88:32:a4:ea:3f:0c:9e:ac:d1:
09:f7:56:4b:78:09:be:24:fe:e5:01:6c:26:e1:a3:7b:d8:84:
a4:14:14:2f
-----BEGIN CERTIFICATE-----
MIIF6DCCBNCgAwIBAgIDANsdMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDIxMzA4MTQwOVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjlhNGM2OGQtZjZmYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALvddDPEgpHv5GpUBTpcmt+4Az5MRea+s51sb7YL23xygUWJxthKveY6CQYo
Tv4IG6XYgt8nk4PWuN3Y5e/HQ4AeiOe9CIf2U89gwbsZzCzEWi+YY7lkmXRXv5m2
exAmSjCt92t9+vo6zF8d1swkVfuXvsyAnK/c2vK9Ps4s0yEXF2qaYO1QZV65NOCE
FwDCmeEMchyPQMDlUhEUJygUhQDWwz5vcEF2AIxGRpr0MEEKwg+toUAYjE9tuXrz
EmYacuztwE4b7i4KK6tjwWgDEt6pjDQmK4BUxaB+pfHeu0X9LYXeHE9M9HcjqXFB
uXExBRapjDPhYBMUnLug5lh8HNUCAwEAAaOCAwswggMHMB0GA1UdDgQWBBTXvkLC
LTnztsymuQhe003Kc8ACIjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0U5NUI4NzY2
RDY4NjExRjBBMDAzMjE5RTZBRDM2NDFELnJvYTCByQYIKwYBBQUHAQcBAf8Egbkw
gbYweAQCAAEwcgMEAivhwAMEAmdKkAMEAmdNKAMEAmdTkAMEAmduEAMEAGdutAME
Amd9gAMEAGeGcwMEAGeNWgMEAGehxgMEAWejkAMEAWekLgMEAWelHAMEAGe0KwME
AGe8fgMEAWfnIAMEAmfpdAMEAGfzBwMEAWf+zDA6BAIAAjA0AwcAIAEN8ElAAwcA
IAEN8VZAAwcAIAEN82nAAwcAIAEN88rAAwcAIAEN9ysAAwUAJAdFwDANBgkqhkiG
9w0BAQsFAAOCAQEAfajp0YtklMZWkFHfSHpBoX2iVaib4DREBvifHphvyh7yfxHq
uWIpPsjQx5t6NuhwEiuebOnsmCpT7dSWt5ryYQrt3e5SAkYTpWm9t2bkEqMFee3X
1l8iDqpzRvESgAiWDHybp01XMCVcvLJBXnBWEz0Gaklm8xLlcvFr+xJXEtoNYduy
o556+siXLSloBJbO3JRJmIcUtBoKo33NAfa690bDRE/NYgR/kVw0jOxXo/qzSKco
lYuSWFy76UfW8j29/x04ylChgI+JtwB6oyNwq4UFX8E9EyX1ogYguf96rEZ6iDKk
6j8MnqzRCfdWS3gJviT+5QFsJuGje9iEpBQULw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:48:13 2026 by rpki-client