Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919C3BE/947B3506093811EA95CA3129C4F9AE02/F0202A84B36311F082F02072C4F9AE02.roa
File: F0202A84B36311F082F02072C4F9AE02.roa (raw, json)
Hash identifier: rVfs6LGzrLN0wWbbQ4d7gHO9mKYMBzycz9A93jxHPEY=
Subject key identifier: 24:82:2F:79:2A:72:11:E8:10:8C:B4:26:59:40:CA:1B:7A:62:58:A2
Certificate issuer: /CN=A919C3BE/serialNumber=C467CB2CCB9C21A707B5DFBCEABA054C190523AE
Certificate serial: 0D16
Authority key identifier: C4:67:CB:2C:CB:9C:21:A7:07:B5:DF:BC:EA:BA:05:4C:19:05:23:AE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xGfLLMucIacHtd-86roFTBkFI64.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919C3BE/947B3506093811EA95CA3129C4F9AE02/F0202A84B36311F082F02072C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:00:25 +0000
ROA not before: Mon 16 Feb 2026 18:15:53 +0000
ROA not after: Wed 31 Mar 2027 00:00:00 +0000
asID: 134970
IP address blocks: 103.251.244.0/22 maxlen: 24
103.251.244.0/23 maxlen: 24
103.251.245.0/24 maxlen: 24
103.251.246.0/24 maxlen: 24
103.251.247.0/24 maxlen: 24
220.247.128.0/22 maxlen: 24
220.247.128.0/24 maxlen: 24
220.247.130.0/23 maxlen: 23
220.247.130.0/24 maxlen: 24
220.247.131.0/24 maxlen: 24
2407:7380::/48 maxlen: 48
2407:7380:b::/48 maxlen: 48
2407:7380:c::/48 maxlen: 48
2407:7380:d::/48 maxlen: 48
2407:7380:1000::/48 maxlen: 48
2407:7380:2000::/48 maxlen: 48
2407:7380:3000::/48 maxlen: 48
2407:7380:4000::/48 maxlen: 48
2407:7380:5000::/48 maxlen: 48
2407:7380:6000::/48 maxlen: 48
2407:7380:7000::/48 maxlen: 48
2407:7380:8000::/48 maxlen: 48
2407:7380:9000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919C3BE/947B3506093811EA95CA3129C4F9AE02/xGfLLMucIacHtd-86roFTBkFI64.crl
rsync://rpki.apnic.net/member_repository/A919C3BE/947B3506093811EA95CA3129C4F9AE02/xGfLLMucIacHtd-86roFTBkFI64.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xGfLLMucIacHtd-86roFTBkFI64.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:25:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3350 (0xd16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919C3BE, serialNumber=C467CB2CCB9C21A707B5DFBCEABA054C190523AE
Validity
Not Before: Feb 16 18:15:53 2026 GMT
Not After : Mar 31 00:00:00 2027 GMT
Subject: CN=69a47eb9-30bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:42:cd:a4:68:75:0c:8e:3b:e8:e2:64:79:03:
ac:1f:15:90:7d:e0:ce:47:c6:7d:52:5a:8b:46:30:
8f:28:31:2d:1f:f7:f4:e7:37:17:86:c9:43:a0:18:
4c:5a:32:be:9b:e6:43:db:db:e4:1e:e8:4c:83:e8:
00:8a:58:09:a1:31:85:d2:b9:be:e1:cc:fc:0f:37:
0e:83:09:82:0a:21:30:35:3c:1d:0f:17:80:28:11:
0d:71:20:01:99:4b:b7:9b:ac:5f:4c:6c:56:b4:5e:
6d:1e:65:24:80:aa:a7:b9:6f:1f:f3:73:27:03:78:
8b:e6:63:5f:6f:8b:16:a3:f1:71:ac:27:a6:3f:fa:
b3:2e:fa:fa:ea:51:a0:77:56:51:d3:61:1e:23:49:
df:62:8c:63:53:06:3b:b4:7f:9d:09:24:f5:1f:c6:
d7:33:42:fd:27:76:43:77:df:ba:5f:01:3f:3f:69:
3f:41:37:fc:97:0a:5b:52:6c:e5:7e:e3:ec:5f:a4:
03:02:e4:d9:35:9f:de:5a:08:90:46:04:1f:78:6b:
57:4f:84:64:90:48:41:c4:1f:08:f0:e3:96:49:28:
91:b6:5b:79:4d:b3:ed:75:db:ce:51:5d:a6:0c:c4:
51:9d:73:af:4a:af:5b:e5:7d:91:dc:b9:77:c5:23:
2d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:82:2F:79:2A:72:11:E8:10:8C:B4:26:59:40:CA:1B:7A:62:58:A2
X509v3 Authority Key Identifier:
keyid:C4:67:CB:2C:CB:9C:21:A7:07:B5:DF:BC:EA:BA:05:4C:19:05:23:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919C3BE/947B3506093811EA95CA3129C4F9AE02/xGfLLMucIacHtd-86roFTBkFI64.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xGfLLMucIacHtd-86roFTBkFI64.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C3BE/947B3506093811EA95CA3129C4F9AE02/F0202A84B36311F082F02072C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.251.244.0/22
220.247.128.0/22
IPv6:
2407:7380::/48
2407:7380:b::-2407:7380:d:ffff:ffff:ffff:ffff:ffff
2407:7380:1000::/48
2407:7380:2000::/48
2407:7380:3000::/48
2407:7380:4000::/48
2407:7380:5000::/48
2407:7380:6000::/48
2407:7380:7000::/48
2407:7380:8000::/48
2407:7380:9000::/48
Signature Algorithm: sha256WithRSAEncryption
b9:69:a8:9f:2a:04:32:56:55:c7:e4:93:1d:4b:9b:73:80:68:
7f:1a:6f:d9:e4:21:f3:3b:30:d2:8c:02:39:b6:73:69:99:2f:
9d:97:e6:13:b4:e0:f9:e6:0a:bb:08:e9:6f:a8:c6:45:15:ec:
ee:c4:4e:78:be:57:3a:7c:4e:e8:13:dc:23:6f:31:a8:6e:c3:
40:f5:72:94:ff:72:a8:37:6d:99:2d:7c:5d:6c:53:24:08:12:
d4:3d:63:c6:ba:7e:18:c9:05:7e:ef:80:ad:36:c6:cd:23:6b:
bc:01:42:78:26:e3:fb:06:6d:f4:f8:18:6f:7d:34:ea:06:a8:
d7:48:92:5d:af:4f:19:c4:4d:0d:39:52:b6:62:a2:04:e7:6e:
cb:17:f0:a4:50:1d:cd:cf:fc:29:9e:74:ce:d8:e9:36:b1:86:
58:87:70:f5:8e:a4:4c:7a:3e:17:6a:0e:98:7d:14:78:af:e0:
29:3b:5a:e5:23:14:1d:ea:f8:96:0e:16:07:d7:0f:00:7b:fe:
f7:91:3b:bb:27:23:b6:44:38:11:74:4c:f5:87:e2:4a:4e:5b:
1d:d6:b9:17:e1:51:e4:f4:f2:a5:09:94:10:b7:8c:e7:34:1f:
8a:2a:8b:8d:3c:9a:9d:2b:5c:ae:1d:e6:71:9c:cd:c5:4c:9c:
60:06:99:d9
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgICDRYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUMzQkUxMTAvBgNVBAUTKEM0NjdDQjJDQ0I5QzIxQTcwN0I1REZCQ0VBQkEwNTRD
MTkwNTIzQUUwHhcNMjYwMjE2MTgxNTUzWhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0N2ViOS0zMGJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6ELNpGh1DI476OJkeQOsHxWQfeDOR8Z9UlqLRjCPKDEtH/f05zcXhslDoBhM
WjK+m+ZD29vkHuhMg+gAilgJoTGF0rm+4cz8DzcOgwmCCiEwNTwdDxeAKBENcSAB
mUu3m6xfTGxWtF5tHmUkgKqnuW8f83MnA3iL5mNfb4sWo/FxrCemP/qzLvr66lGg
d1ZR02EeI0nfYoxjUwY7tH+dCST1H8bXM0L9J3ZDd9+6XwE/P2k/QTf8lwpbUmzl
fuPsX6QDAuTZNZ/eWgiQRgQfeGtXT4RkkEhBxB8I8OOWSSiRtlt5TbPtddvOUV2m
DMRRnXOvSq9b5X2R3Ll3xSMtUwIDAQABo4IC3zCCAtswHQYDVR0OBBYEFCSCL3kq
chHoEIy0JllAyht6YliiMB8GA1UdIwQYMBaAFMRnyyzLnCGnB7XfvOq6BUwZBSOu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzNCRS85NDdCMzUwNjA5
MzgxMUVBOTVDQTMxMjlDNEY5QUUwMi94R2ZMTE11Y0lhY0h0ZC04NnJvRlRCa0ZJ
NjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hHZkxMTXVjSWFjSHRkLTg2cm9GVEJrRkk2NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUMzQkUvOTQ3QjM1MDYwOTM4MTFFQTk1Q0EzMTI5QzRGOUFFMDIvRjAyMDJBODRC
MzYzMTFGMDgyRjAyMDcyQzRGOUFFMDIucm9hMIGdBggrBgEFBQcBBwEB/wSBjTCB
ijASBAIAATAMAwQCZ/v0AwQC3PeAMHQEAgACMG4DBwAkB3OAAAAwEgMHACQHc4AA
CwMHASQHc4AADAMHACQHc4AQAAMHACQHc4AgAAMHACQHc4AwAAMHACQHc4BAAAMH
ACQHc4BQAAMHACQHc4BgAAMHACQHc4BwAAMHACQHc4CAAAMHACQHc4CQADANBgkq
hkiG9w0BAQsFAAOCAQEAuWmonyoEMlZVx+STHUubc4Bofxpv2eQh8zsw0owCObZz
aZkvnZfmE7Tg+eYKuwjpb6jGRRXs7sROeL5XOnxO6BPcI28xqG7DQPVylP9yqDdt
mS18XWxTJAgS1D1jxrp+GMkFfu+ArTbGzSNrvAFCeCbj+wZt9PgYb3006gao10iS
Xa9PGcRNDTlStmKiBOduyxfwpFAdzc/8KZ50ztjpNrGGWIdw9Y6kTHo+F2oOmH0U
eK/gKTta5SMUHer4lg4WB9cPAHv+95E7uycjtkQ4EXRM9YfiSk5bHda5F+FR5PTy
pQmUELeM5zQfiiqLjTyanStcrh3mcZzNxUycYAaZ2Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:59:10 2026 by rpki-client