Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/02BFF64EE6A811EFB5943878C4F9AE02.roa
File: 02BFF64EE6A811EFB5943878C4F9AE02.roa (raw, json)
Hash identifier: Ip5tGE+xBmZzGbuYsKhlox7o+yVLz36sUIXrRO8cJe8=
Subject key identifier: 1C:CE:C8:31:31:DE:F9:BE:A2:74:29:38:24:8F:56:D5:14:86:72:C4
Certificate issuer: /CN=A919C47E/serialNumber=894FE11398B679AEB1B118B1BDE673E18CF6E934
Certificate serial: 1409
Authority key identifier: 89:4F:E1:13:98:B6:79:AE:B1:B1:18:B1:BD:E6:73:E1:8C:F6:E9:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iU_hE5i2ea6xsRixveZz4Yz26TQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/02BFF64EE6A811EFB5943878C4F9AE02.roa
Signing time: Sun 01 Mar 2026 16:59:58 +0000
ROA not before: Sat 04 Oct 2025 17:15:58 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 138398
IP address blocks: 103.121.34.0/23 maxlen: 23
103.121.34.0/24 maxlen: 24
103.121.35.0/24 maxlen: 24
103.130.68.0/24 maxlen: 24
103.130.69.0/24 maxlen: 24
103.139.78.0/24 maxlen: 24
2403:b4c0::/36 maxlen: 36
2403:b4c0:1000::/36 maxlen: 36
2403:b4c0:2000::/36 maxlen: 36
2403:b4c0:3000::/36 maxlen: 36
2403:b4c0:5000::/36 maxlen: 36
2403:b4c0:6000::/36 maxlen: 36
2403:b4c0:7000::/36 maxlen: 36
2403:b4c0:8000::/48 maxlen: 48
2403:b4c0:8001::/48 maxlen: 48
2403:b4c0:8002::/48 maxlen: 48
2403:b4c0:8003::/48 maxlen: 48
2403:b4c0:8004::/48 maxlen: 48
2403:b4c0:8005::/48 maxlen: 48
2403:b4c0:9000::/36 maxlen: 36
2403:b4c0:aa00::/40 maxlen: 40
2403:b4c0:ae00::/40 maxlen: 40
2403:b4c0:af00::/40 maxlen: 40
2403:b4c0:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/iU_hE5i2ea6xsRixveZz4Yz26TQ.crl
rsync://rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/iU_hE5i2ea6xsRixveZz4Yz26TQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iU_hE5i2ea6xsRixveZz4Yz26TQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 02:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5129 (0x1409)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919C47E, serialNumber=894FE11398B679AEB1B118B1BDE673E18CF6E934
Validity
Not Before: Oct 4 17:15:58 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=69a4708e-0b0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:78:1f:2a:d0:1d:c5:af:60:7c:1b:74:c5:fa:
81:8c:ae:8c:46:c5:f5:1a:c8:7d:a5:40:3d:53:2e:
2b:e3:ce:22:4c:0c:31:68:84:cb:37:2a:6f:30:4c:
43:d9:63:d0:b7:3d:25:12:0c:3f:f1:d1:1e:34:c9:
db:50:0f:8a:08:0e:c4:e0:77:ca:08:32:11:c3:92:
ad:f3:71:f1:5f:5f:d8:a4:08:45:24:e9:21:3e:04:
e6:6f:87:39:e4:b4:c3:a9:fe:fa:b3:87:9d:43:af:
a7:68:32:d0:fa:de:76:4c:e1:10:f8:6c:bb:ab:f3:
7d:fd:4d:08:f9:9e:43:d8:0e:7e:f2:93:1f:b4:4c:
b5:d9:30:4e:2d:d7:30:59:75:07:fa:fa:f5:07:5e:
95:46:b6:78:87:40:11:22:db:4f:8b:29:25:6a:45:
b8:d6:fc:b1:df:26:33:76:2e:19:06:5d:88:b4:f2:
9c:e0:9b:09:b0:9c:52:91:67:9a:92:a5:20:29:2e:
fb:8d:fc:aa:0e:d4:2c:1c:17:a5:43:62:b6:58:57:
68:aa:3a:b0:aa:4f:b6:6e:4e:d4:1b:d9:12:31:40:
13:1c:e3:0b:45:5a:c6:5a:fc:3d:3c:12:b5:6b:87:
46:f5:f8:b8:a5:c2:3f:a4:aa:4a:25:a1:73:64:47:
1f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:CE:C8:31:31:DE:F9:BE:A2:74:29:38:24:8F:56:D5:14:86:72:C4
X509v3 Authority Key Identifier:
keyid:89:4F:E1:13:98:B6:79:AE:B1:B1:18:B1:BD:E6:73:E1:8C:F6:E9:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/iU_hE5i2ea6xsRixveZz4Yz26TQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iU_hE5i2ea6xsRixveZz4Yz26TQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/02BFF64EE6A811EFB5943878C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.121.34.0/23
103.130.68.0/23
103.139.78.0/24
IPv6:
2403:b4c0::/34
2403:b4c0:5000::-2403:b4c0:8005:ffff:ffff:ffff:ffff:ffff
2403:b4c0:9000::/36
2403:b4c0:aa00::/40
2403:b4c0:ae00::/39
2403:b4c0:f000::/36
Signature Algorithm: sha256WithRSAEncryption
9a:1b:d9:32:65:0c:b8:a0:8d:e7:f7:7a:5a:9d:40:97:f4:36:
6a:62:78:27:21:3e:7c:e7:d8:72:a5:e0:f5:52:f0:70:bd:6c:
4b:e7:a5:a0:b4:ce:dc:0b:97:3c:c6:e0:05:af:0f:cd:b6:a1:
60:75:ae:7d:12:94:cd:3d:2b:b8:ee:1d:e8:5f:61:ae:6f:f4:
ba:00:7c:63:da:1c:fc:1a:a1:16:df:ab:32:75:c0:91:e3:7d:
01:b2:81:13:55:fb:26:68:42:a9:4a:37:16:c7:87:71:14:5c:
aa:40:ce:ca:9c:ae:27:7d:82:61:af:61:3c:50:12:59:bf:81:
dd:2d:e6:ac:14:3f:64:c7:68:25:c1:bc:01:76:e7:7c:9a:6d:
47:6d:39:cc:c7:35:00:47:61:bc:40:26:0d:d8:7c:a9:f2:0c:
a2:93:99:90:3d:17:a8:13:40:ed:a9:f8:af:43:8b:f0:d1:e7:
35:d5:36:f9:47:14:3f:66:a5:c5:47:24:23:f0:7a:f4:53:ec:
d3:15:0f:fc:71:2e:21:37:c4:05:29:09:97:2b:a8:38:60:05:
f3:8d:6e:e8:8c:ac:de:22:40:13:3f:08:78:7b:e6:e3:8a:15:
1d:1e:ba:73:df:59:8f:8c:b3:df:aa:73:40:0f:7a:82:96:b0:
81:d3:fb:cd
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICFAkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUM0N0UxMTAvBgNVBAUTKDg5NEZFMTEzOThCNjc5QUVCMUIxMThCMUJERTY3M0Ux
OENGNkU5MzQwHhcNMjUxMDA0MTcxNTU4WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzA4ZS0wYjBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyHgfKtAdxa9gfBt0xfqBjK6MRsX1Gsh9pUA9Uy4r484iTAwxaITLNypvMExD
2WPQtz0lEgw/8dEeNMnbUA+KCA7E4HfKCDIRw5Kt83HxX1/YpAhFJOkhPgTmb4c5
5LTDqf76s4edQ6+naDLQ+t52TOEQ+Gy7q/N9/U0I+Z5D2A5+8pMftEy12TBOLdcw
WXUH+vr1B16VRrZ4h0ARIttPiyklakW41vyx3yYzdi4ZBl2ItPKc4JsJsJxSkWea
kqUgKS77jfyqDtQsHBelQ2K2WFdoqjqwqk+2bk7UG9kSMUATHOMLRVrGWvw9PBK1
a4dG9fi4pcI/pKpKJaFzZEcfkwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFBzOyDEx
3vm+onQpOCSPVtUUhnLEMB8GA1UdIwQYMBaAFIlP4ROYtnmusbEYsb3mc+GM9uk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzQ3RS9CQ0VERjQ0MkIw
QkYxMUU4ODYzOTIyMzdDNEY5QUUwMi9pVV9oRTVpMmVhNnhzUml4dmVaejRZejI2
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lVX2hFNWkyZWE2eHNSaXh2ZVp6NFl6MjZUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUM0N0UvQkNFREY0NDJCMEJGMTFFODg2MzkyMjM3QzRGOUFFMDIvMDJCRkY2NEVF
NkE4MTFFRkI1OTQzODc4QzRGOUFFMDIucm9hMG4GCCsGAQUFBwEHAQH/BF8wXTAY
BAIAATASAwQBZ3kiAwQBZ4JEAwQAZ4tOMEEEAgACMDsDBgYkA7TAADARAwYEJAO0
wFADBwEkA7TAgAQDBgQkA7TAkAMGACQDtMCqAwYBJAO0wK4DBgQkA7TA8DANBgkq
hkiG9w0BAQsFAAOCAQEAmhvZMmUMuKCN5/d6Wp1Al/Q2amJ4JyE+fOfYcqXg9VLw
cL1sS+eloLTO3AuXPMbgBa8PzbahYHWufRKUzT0ruO4d6F9hrm/0ugB8Y9oc/Bqh
Ft+rMnXAkeN9AbKBE1X7JmhCqUo3FseHcRRcqkDOypyuJ32CYa9hPFASWb+B3S3m
rBQ/ZMdoJcG8AXbnfJptR205zMc1AEdhvEAmDdh8qfIMopOZkD0XqBNA7an4r0OL
8NHnNdU2+UcUP2alxUckI/B69FPs0xUP/HEuITfEBSkJlyuoOGAF841u6Iys3iJA
Ez8IeHvm44oVHR66c99Zj4yz36pzQA96gpawgdP7zQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:12:06 2026 by rpki-client