Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/0EA44D4E5ADD11EBB9CEE568C4F9AE02.roa
File: 0EA44D4E5ADD11EBB9CEE568C4F9AE02.roa (raw, json)
Hash identifier: L+W6w2B2/2JqZHEEy+XRZ0tQqm2y+76IdcVbyBsuS1w=
Subject key identifier: 26:D8:62:12:12:BA:4E:24:15:9D:09:63:96:96:B6:EB:72:16:FC:0D
Certificate issuer: /CN=A911647C/serialNumber=436B2C5F03F91CA741C6A249DC015A6D544A62A6
Certificate serial: 0AE0
Authority key identifier: 43:6B:2C:5F:03:F9:1C:A7:41:C6:A2:49:DC:01:5A:6D:54:4A:62:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/0EA44D4E5ADD11EBB9CEE568C4F9AE02.roa
Signing time: Wed 02 Jul 2025 20:29:46 +0000
ROA not before: Wed 02 Jul 2025 20:29:46 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 9381
IP address blocks: 14.136.0.0/16 maxlen: 24
14.198.0.0/17 maxlen: 24
14.198.128.0/18 maxlen: 24
14.198.192.0/19 maxlen: 24
14.198.224.0/20 maxlen: 24
14.199.0.0/16 maxlen: 24
43.224.232.0/22 maxlen: 24
58.176.0.0/15 maxlen: 15
58.176.0.0/16 maxlen: 24
58.177.0.0/16 maxlen: 24
59.148.0.0/15 maxlen: 15
59.148.0.0/16 maxlen: 24
59.149.0.0/16 maxlen: 24
61.92.0.0/15 maxlen: 15
61.92.0.0/16 maxlen: 24
61.93.0.0/16 maxlen: 24
61.238.0.0/15 maxlen: 15
61.238.0.0/16 maxlen: 24
61.239.0.0/16 maxlen: 24
61.244.0.0/16 maxlen: 24
103.243.0.0/22 maxlen: 24
110.235.0.0/17 maxlen: 24
119.246.0.0/15 maxlen: 15
119.246.0.0/16 maxlen: 24
119.247.0.0/16 maxlen: 24
123.202.0.0/15 maxlen: 15
123.202.0.0/16 maxlen: 24
123.203.0.0/16 maxlen: 24
124.244.0.0/16 maxlen: 24
183.178.0.0/15 maxlen: 15
183.178.0.0/16 maxlen: 24
183.179.0.0/16 maxlen: 24
202.77.4.0/22 maxlen: 24
202.77.24.0/21 maxlen: 24
202.77.32.0/19 maxlen: 24
203.80.64.0/18 maxlen: 24
203.80.192.0/18 maxlen: 24
203.185.0.0/18 maxlen: 24
203.186.0.0/16 maxlen: 24
210.6.0.0/16 maxlen: 24
2401:f400::/32 maxlen: 32
2403:f500::/32 maxlen: 32
2403:f500::/35 maxlen: 35
2403:f500:2000::/35 maxlen: 35
2403:f500:6000::/35 maxlen: 35
2403:f500:8000::/35 maxlen: 35
2403:f500:a000::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl
rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 09 Jul 2025 20:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2784 (0xae0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911647C, serialNumber=436B2C5F03F91CA741C6A249DC015A6D544A62A6
Validity
Not Before: Jul 2 20:29:46 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=686596b9-07cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:39:a4:96:0d:cd:57:49:eb:8f:e6:21:49:59:
45:43:56:61:76:71:f8:93:f6:d4:35:e2:aa:39:2f:
bf:30:19:b6:72:fb:0f:31:1a:82:dd:bf:8e:52:fc:
85:d6:08:00:f9:9f:70:f5:7c:a3:eb:29:5a:a4:1d:
84:44:9e:83:e0:92:76:5e:ed:29:56:4a:cf:03:8b:
46:d7:c9:6d:3d:7c:8f:eb:a4:49:81:22:e5:24:97:
a0:e6:17:32:d9:a3:c4:b6:5e:b6:e7:f8:2a:1a:bd:
c5:10:93:ef:a1:8c:50:fe:ea:af:91:34:2c:2c:31:
dc:19:5c:77:29:3d:d3:95:4c:28:e5:d5:cd:6e:12:
46:d5:b0:4b:92:0e:6d:8c:52:11:78:50:de:99:2a:
2b:f6:4a:a9:85:ce:d3:31:ef:29:49:07:de:4a:db:
5f:b1:e0:1a:11:85:c4:db:2e:4d:37:b1:a7:10:a8:
aa:17:13:15:e0:57:f1:ac:40:a6:b9:26:a5:e1:f1:
72:22:c7:d8:d6:6d:6b:ad:89:46:7d:0c:1d:76:6e:
dd:85:5b:4d:dd:d9:a1:11:db:6a:2b:ff:16:9a:b4:
40:61:c4:1d:95:cf:00:c9:41:5d:0c:f9:cb:91:30:
6f:04:65:97:69:48:46:48:26:25:d9:d1:e0:c5:7f:
65:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:D8:62:12:12:BA:4E:24:15:9D:09:63:96:96:B6:EB:72:16:FC:0D
X509v3 Authority Key Identifier:
keyid:43:6B:2C:5F:03:F9:1C:A7:41:C6:A2:49:DC:01:5A:6D:54:4A:62:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/0EA44D4E5ADD11EBB9CEE568C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.136.0.0/16
14.198.0.0-14.198.239.255
14.199.0.0/16
43.224.232.0/22
58.176.0.0/15
59.148.0.0/15
61.92.0.0/15
61.238.0.0/15
61.244.0.0/16
103.243.0.0/22
110.235.0.0/17
119.246.0.0/15
123.202.0.0/15
124.244.0.0/16
183.178.0.0/15
202.77.4.0/22
202.77.24.0-202.77.63.255
203.80.64.0/18
203.80.192.0/18
203.185.0.0/18
203.186.0.0/16
210.6.0.0/16
IPv6:
2401:f400::/32
2403:f500::/32
Signature Algorithm: sha256WithRSAEncryption
65:34:d2:bb:e2:cf:6e:28:90:0b:f0:46:8a:f5:41:a7:1d:62:
2e:18:0e:86:e4:46:7a:3c:fe:21:57:a1:36:68:38:fd:2b:13:
05:b7:05:d3:40:af:68:d3:4e:8a:1a:ae:7e:b6:3d:c5:f6:fd:
18:f1:c4:d2:68:3c:57:a1:88:15:63:db:bf:c3:4f:27:ed:d5:
72:6f:a9:a5:4f:e4:d1:46:52:e2:d1:09:c3:ff:d0:79:2e:ee:
fc:28:e0:d2:8b:d4:4e:cc:a1:9a:b4:a3:b7:3b:f1:26:2a:06:
b9:73:12:17:49:50:10:92:19:8c:65:61:88:a7:8b:cb:c3:2a:
e1:9c:a2:b8:73:77:b5:52:a9:64:3f:7a:5a:22:e6:11:f1:8c:
38:d8:0e:83:40:57:95:03:0b:3e:70:d2:45:77:14:14:fb:3a:
9f:16:ca:35:c7:50:5f:d0:16:6e:40:f2:e1:02:99:4a:6e:f8:
d7:24:69:fa:13:f7:6c:7b:5f:54:5f:a9:e8:33:64:42:b5:16:
fc:c2:3b:f7:bb:42:97:7e:94:c2:55:d6:d0:64:6a:ba:ee:e2:
99:39:5a:a1:be:ee:ad:68:12:cd:fa:19:c2:65:be:85:8e:9e:
a4:af:71:38:71:28:b3:b5:43:45:f4:b7:5b:6e:48:cc:8c:2b:
64:29:9a:13
-----BEGIN CERTIFICATE-----
MIIGDDCCBPSgAwIBAgICCuAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTY0N0MxMTAvBgNVBAUTKDQzNkIyQzVGMDNGOTFDQTc0MUM2QTI0OURDMDE1QTZE
NTQ0QTYyQTYwHhcNMjUwNzAyMjAyOTQ2WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODY1OTZiOS0wN2NkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8jmklg3NV0nrj+YhSVlFQ1ZhdnH4k/bUNeKqOS+/MBm2cvsPMRqC3b+OUvyF
1ggA+Z9w9Xyj6ylapB2ERJ6D4JJ2Xu0pVkrPA4tG18ltPXyP66RJgSLlJJeg5hcy
2aPEtl625/gqGr3FEJPvoYxQ/uqvkTQsLDHcGVx3KT3TlUwo5dXNbhJG1bBLkg5t
jFIReFDemSor9kqphc7TMe8pSQfeSttfseAaEYXE2y5NN7GnEKiqFxMV4FfxrECm
uSal4fFyIsfY1m1rrYlGfQwddm7dhVtN3dmhEdtqK/8WmrRAYcQdlc8AyUFdDPnL
kTBvBGWXaUhGSCYl2dHgxX9lNwIDAQABo4IDMDCCAywwHQYDVR0OBBYEFCbYYhIS
uk4kFZ0JY5aWtutyFvwNMB8GA1UdIwQYMBaAFENrLF8D+RynQcaiSdwBWm1USmKm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjQ3Qy80MzdDQzQwNjg1
MTMxMUVBQUEwQjBBN0ZDNEY5QUUwMi9RMnNzWHdQNUhLZEJ4cUpKM0FGYWJWUktZ
cVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1Eyc3NYd1A1SEtkQnhxSkozQUZhYlZSS1lxWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTY0N0MvNDM3Q0M0MDY4NTEzMTFFQUFBMEIwQTdGQzRGOUFFMDIvMEVBNDRENEU1
QUREMTFFQkI5Q0VFNTY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbkGCCsGAQUFBwEHAQH/
BIGpMIGmMIGNBAIAATCBhgMDAA6IMAsDAwEOxgMEBA7G4AMDAA7HAwQCK+DoAwMB
OrADAwE7lAMDAT1cAwMBPe4DAwA99AMEAmfzAAMEB27rAAMDAXf2AwMBe8oDAwB8
9AMDAbeyAwQCyk0EMAwDBAPKTRgDBAbKTQADBAbLUEADBAbLUMADBAbLuQADAwDL
ugMDANIGMBQEAgACMA4DBQAkAfQAAwUAJAP1ADANBgkqhkiG9w0BAQsFAAOCAQEA
ZTTSu+LPbiiQC/BGivVBpx1iLhgOhuRGejz+IVehNmg4/SsTBbcF00CvaNNOihqu
frY9xfb9GPHE0mg8V6GIFWPbv8NPJ+3Vcm+ppU/k0UZS4tEJw//QeS7u/Cjg0ovU
TsyhmrSjtzvxJioGuXMSF0lQEJIZjGVhiKeLy8Mq4ZyiuHN3tVKpZD96WiLmEfGM
ONgOg0BXlQMLPnDSRXcUFPs6nxbKNcdQX9AWbkDy4QKZSm741yRp+hP3bHtfVF+p
6DNkQrUW/MI797tCl36UwlXW0GRquu7imTlaob7urWgSzfoZwmW+hY6epK9xOHEo
s7VDRfS3W25IzIwrZCmaEw==
-----END CERTIFICATE-----
Generated at Thu Jul 3 21:48:14 2025 by rpki-client