Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6973CAC265711F08B890022C4F9AE02.roa
File: F6973CAC265711F08B890022C4F9AE02.roa (raw, json)
Hash identifier: Rwr5U4O/CPnEzWg53BulnOWxIb959yHOX9WipX02T1o=
Subject key identifier: BE:65:84:C4:77:D2:63:50:BC:75:F7:90:2F:CC:23:82:44:36:23:76
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: DA20
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6973CAC265711F08B890022C4F9AE02.roa
Signing time: Sun 01 Mar 2026 23:02:37 +0000
ROA not before: Tue 23 Sep 2025 09:15:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 135872
IP address blocks: 45.251.68.0/22 maxlen: 24
103.59.88.0/24 maxlen: 24
103.60.219.0/24 maxlen: 24
103.135.228.0/23 maxlen: 24
103.151.156.0/23 maxlen: 24
103.165.114.0/23 maxlen: 24
103.170.182.0/23 maxlen: 24
103.171.246.0/23 maxlen: 24
103.175.62.0/23 maxlen: 24
103.175.139.0/24 maxlen: 24
103.175.168.0/23 maxlen: 24
103.175.184.0/23 maxlen: 24
103.177.156.0/23 maxlen: 24
103.178.210.0/23 maxlen: 24
103.179.16.0/23 maxlen: 24
103.185.246.0/24 maxlen: 24
103.186.36.0/23 maxlen: 24
103.188.162.0/23 maxlen: 24
103.205.163.0/24 maxlen: 24
103.211.20.0/22 maxlen: 24
103.211.132.0/22 maxlen: 24
103.234.93.0/24 maxlen: 24
139.5.140.0/24 maxlen: 24
139.5.141.0/24 maxlen: 24
139.5.142.0/24 maxlen: 24
139.5.143.0/24 maxlen: 24
146.196.44.0/22 maxlen: 24
160.238.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 07:20:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55840 (0xda20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Sep 23 09:15:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a4c58d-5a83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e1:13:8a:4e:1e:9f:1e:61:6f:70:43:c3:b4:
ab:5c:6d:f6:e5:e1:dc:ac:08:b0:ab:11:25:50:ad:
4f:ba:7c:eb:75:73:7d:c2:91:ec:a4:81:4b:7e:0d:
51:40:d2:52:68:e0:80:d5:27:00:4a:c9:26:e7:e4:
2e:fc:9a:d3:c6:aa:f5:38:c4:0e:a4:08:7d:a2:f4:
af:0c:32:54:00:80:b9:24:87:36:82:b4:c3:bb:2a:
76:ef:5f:61:72:d2:0d:84:d7:8b:f1:b7:91:67:06:
06:49:c8:c7:6a:fd:7a:ad:18:28:8c:04:43:e1:0f:
fa:71:50:9b:f2:34:81:26:58:6a:68:8a:c9:af:80:
43:2e:be:ce:88:e0:5c:dd:58:8d:94:61:54:37:57:
92:60:a4:9f:c4:e2:04:a9:d9:72:f4:72:ce:77:c6:
56:38:b2:26:59:b5:65:b5:b9:13:84:60:94:52:a5:
6f:44:47:9e:da:d0:ba:a0:75:99:33:0a:fa:17:0a:
f6:d7:03:66:77:38:8f:80:a8:48:f9:e5:c9:4f:e1:
57:73:e7:4f:6a:1e:74:2d:88:c7:9c:6e:bc:b0:89:
99:06:4c:bd:16:9c:98:99:42:f9:58:97:cf:07:85:
56:eb:26:fd:9a:fd:7a:45:58:ae:97:c6:35:10:eb:
54:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:65:84:C4:77:D2:63:50:BC:75:F7:90:2F:CC:23:82:44:36:23:76
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6973CAC265711F08B890022C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.251.68.0/22
103.59.88.0/24
103.60.219.0/24
103.135.228.0/23
103.151.156.0/23
103.165.114.0/23
103.170.182.0/23
103.171.246.0/23
103.175.62.0/23
103.175.139.0/24
103.175.168.0/23
103.175.184.0/23
103.177.156.0/23
103.178.210.0/23
103.179.16.0/23
103.185.246.0/24
103.186.36.0/23
103.188.162.0/23
103.205.163.0/24
103.211.20.0/22
103.211.132.0/22
103.234.93.0/24
139.5.140.0/22
146.196.44.0/22
160.238.92.0/22
Signature Algorithm: sha256WithRSAEncryption
62:16:4e:82:c6:e3:81:8a:29:05:b9:4f:8b:34:1c:64:60:a9:
e7:cb:06:21:0c:f7:ba:02:a7:e9:bd:56:de:f3:85:d0:ce:8c:
d3:9b:f6:ea:bf:0d:65:99:1f:ff:13:e4:2c:58:6b:7a:78:22:
f1:f1:e1:a4:b0:bc:67:55:e9:18:f2:0d:11:92:40:2d:a3:d7:
e7:cf:89:9e:42:5a:8e:fb:d1:2d:c0:93:13:10:9f:a0:80:ce:
d3:16:e1:bd:26:69:59:69:02:48:e7:65:5d:0d:72:15:70:2f:
a3:44:ed:a7:70:f6:48:72:a7:9b:49:7f:b9:55:ec:ae:ed:fa:
25:4f:64:6a:56:ee:24:1b:a1:41:3a:e8:dd:7d:fb:e3:01:4c:
1f:f6:33:24:e5:96:2d:bf:83:ce:f0:75:a3:0a:3c:88:31:b6:
1f:29:8b:00:e0:59:b3:be:9d:d6:b4:d8:9c:b2:63:e4:8f:86:
6e:d0:0f:e5:fa:6b:00:92:d0:8b:39:ec:e8:60:d2:7c:43:38:
6c:ba:6d:4a:53:c3:65:52:2a:ca:e5:82:85:5e:4b:1f:9e:e4:
f3:72:dc:0d:21:8e:c6:92:2c:a0:7c:7f:dd:38:a0:cd:ad:6a:
dd:0a:ee:35:d9:d2:15:18:62:d1:80:97:60:02:ab:e1:a0:40:
4e:95:24:e3
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgIDANogMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDkyMzA5MTU1M1oXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjlhNGM1OGQtNWE4MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANbhE4pOHp8eYW9wQ8O0q1xt9uXh3KwIsKsRJVCtT7p863VzfcKR7KSBS34N
UUDSUmjggNUnAErJJufkLvya08aq9TjEDqQIfaL0rwwyVACAuSSHNoK0w7sqdu9f
YXLSDYTXi/G3kWcGBknIx2r9eq0YKIwEQ+EP+nFQm/I0gSZYamiKya+AQy6+zojg
XN1YjZRhVDdXkmCkn8TiBKnZcvRyznfGVjiyJlm1ZbW5E4RglFKlb0RHntrQuqB1
mTMK+hcK9tcDZnc4j4CoSPnlyU/hV3PnT2oedC2Ix5xuvLCJmQZMvRacmJlC+ViX
zweFVusm/Zr9ekVYrpfGNRDrVKECAwEAAaOCAvUwggLxMB0GA1UdDgQWBBS+ZYTE
d9JjULx195AvzCOCRDYjdjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0Y2OTczQ0FD
MjY1NzExRjA4Qjg5MDAyMkM0RjlBRTAyLnJvYTCBswYIKwYBBQUHAQcBAf8EgaMw
gaAwgZ0EAgABMIGWAwQCLftEAwQAZztYAwQAZzzbAwQBZ4fkAwQBZ5ecAwQBZ6Vy
AwQBZ6q2AwQBZ6v2AwQBZ68+AwQAZ6+LAwQBZ6+oAwQBZ6+4AwQBZ7GcAwQBZ7LS
AwQBZ7MQAwQAZ7n2AwQBZ7okAwQBZ7yiAwQAZ82jAwQCZ9MUAwQCZ9OEAwQAZ+pd
AwQCiwWMAwQCksQsAwQCoO5cMA0GCSqGSIb3DQEBCwUAA4IBAQBiFk6CxuOBiikF
uU+LNBxkYKnnywYhDPe6AqfpvVbe84XQzozTm/bqvw1lmR//E+QsWGt6eCLx8eGk
sLxnVekY8g0RkkAto9fnz4meQlqO+9EtwJMTEJ+ggM7TFuG9JmlZaQJI52VdDXIV
cC+jRO2ncPZIcqebSX+5Veyu7folT2RqVu4kG6FBOujdffvjAUwf9jMk5ZYtv4PO
8HWjCjyIMbYfKYsA4Fmzvp3WtNicsmPkj4Zu0A/l+msAktCLOezoYNJ8Qzhsum1K
U8NlUirK5YKFXksfnuTzctwNIY7GkiygfH/dOKDNrWrdCu412dIVGGLRgJdgAqvh
oEBOlSTj
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:07:44 2026 by rpki-client