Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/0E95C2D8F14211EAA4333775C4F9AE02.roa
File: 0E95C2D8F14211EAA4333775C4F9AE02.roa (raw, json)
Hash identifier: GGQfOCCTKM5uEJbHe5QQxWuS4zJHwzAM+PQrjofddOE=
Subject key identifier: 20:6C:52:67:20:77:10:80:8E:6F:0B:B8:1F:92:65:53:61:DA:E0:01
Certificate issuer: /CN=A914CE75/serialNumber=49892537D8B2C0325B7BE081FD9286C79BEA6A85
Certificate serial: 336B
Authority key identifier: 49:89:25:37:D8:B2:C0:32:5B:7B:E0:81:FD:92:86:C7:9B:EA:6A:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SYklN9iywDJbe-CB_ZKGx5vqaoU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/0E95C2D8F14211EAA4333775C4F9AE02.roa
Signing time: Sat 02 May 2026 16:17:28 +0000
ROA not before: Sat 02 May 2026 16:17:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 10199
IP address blocks: 14.141.140.0/24 maxlen: 24
59.161.0.0/16 maxlen: 16
59.161.0.0/20 maxlen: 20
59.161.16.0/20 maxlen: 20
59.161.64.0/18 maxlen: 18
59.161.80.0/21 maxlen: 21
59.161.88.0/22 maxlen: 22
59.161.92.0/22 maxlen: 22
59.161.96.0/21 maxlen: 21
59.161.120.0/21 maxlen: 21
59.161.128.0/20 maxlen: 20
59.161.144.0/20 maxlen: 20
115.117.0.0/16 maxlen: 16
115.117.19.0/24 maxlen: 24
115.117.35.0/24 maxlen: 24
115.117.50.0/23 maxlen: 23
115.117.56.0/22 maxlen: 22
115.117.100.0/22 maxlen: 22
115.117.160.0/22 maxlen: 22
115.117.164.0/22 maxlen: 22
115.117.168.0/22 maxlen: 22
115.117.172.0/22 maxlen: 22
115.117.180.0/22 maxlen: 22
115.117.184.0/21 maxlen: 21
115.117.192.0/18 maxlen: 18
115.117.208.0/20 maxlen: 20
115.118.67.0/24 maxlen: 24
121.244.0.0/21 maxlen: 21
121.244.10.0/23 maxlen: 23
121.244.12.0/23 maxlen: 23
121.244.14.0/23 maxlen: 23
121.244.16.0/23 maxlen: 23
121.244.18.0/23 maxlen: 23
121.244.20.0/23 maxlen: 23
121.245.32.0/20 maxlen: 24
121.245.64.0/20 maxlen: 20
121.245.80.0/20 maxlen: 20
121.245.96.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/SYklN9iywDJbe-CB_ZKGx5vqaoU.crl
rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/SYklN9iywDJbe-CB_ZKGx5vqaoU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SYklN9iywDJbe-CB_ZKGx5vqaoU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 15:27:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13163 (0x336b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914CE75, serialNumber=49892537D8B2C0325B7BE081FD9286C79BEA6A85
Validity
Not Before: May 2 16:17:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=69f62398-e2c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:77:98:43:9f:6d:f2:0d:7c:0c:16:09:a2:78:
02:05:20:94:aa:3a:a7:33:bd:b4:0e:5b:9d:58:a8:
96:91:6d:b2:b2:a8:e7:ae:ba:26:e4:b0:87:97:60:
59:8e:0b:e6:f2:1f:5e:39:fb:a5:2a:fc:6c:ad:3d:
e3:aa:ad:85:13:93:a7:73:69:72:ee:d2:e3:66:28:
87:64:e8:ef:9f:ba:5c:67:d0:9e:e9:ce:2e:60:ee:
79:a1:83:40:be:ed:31:d6:51:e5:f0:81:da:76:90:
39:67:63:8b:12:98:cd:99:f8:7f:a3:5a:fd:b0:1d:
ba:ae:86:98:88:a3:47:05:11:0e:3a:fa:c1:19:76:
18:5d:51:08:2b:a2:0d:7e:a6:c8:cf:bb:b6:05:88:
0f:24:0c:10:0c:ea:f3:c4:c6:17:50:3b:ee:c8:a2:
ba:7d:07:69:6f:3a:03:c1:8a:de:5f:4b:f4:bd:a6:
6c:ce:94:87:0a:3c:c3:d1:d9:e2:b2:36:45:f4:af:
77:89:1e:a1:b1:d5:6e:36:ac:82:c0:cb:1b:9f:26:
78:97:0b:18:e5:68:a5:9a:7b:8f:e3:95:77:e3:2a:
d7:f9:c5:31:47:79:00:dd:17:02:f4:0a:8f:d6:dc:
9e:19:35:b0:a4:de:fe:97:9a:50:0c:1a:55:9b:9a:
f3:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:6C:52:67:20:77:10:80:8E:6F:0B:B8:1F:92:65:53:61:DA:E0:01
X509v3 Authority Key Identifier:
keyid:49:89:25:37:D8:B2:C0:32:5B:7B:E0:81:FD:92:86:C7:9B:EA:6A:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/SYklN9iywDJbe-CB_ZKGx5vqaoU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SYklN9iywDJbe-CB_ZKGx5vqaoU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/0E95C2D8F14211EAA4333775C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
14.141.140.0/24
59.161.0.0/16
115.117.0.0/16
115.118.67.0/24
121.244.0.0/21
121.244.10.0-121.244.21.255
121.245.32.0/20
121.245.64.0-121.245.111.255
Signature Algorithm: sha256WithRSAEncryption
66:3a:52:0e:ca:58:52:32:09:36:81:d2:30:2a:60:2c:54:a0:
78:5d:5f:1e:13:24:38:58:06:cd:55:a1:8d:37:91:2f:1f:a9:
1e:5e:a5:d5:5e:38:51:e0:5e:dc:e0:43:95:72:f9:b4:05:4b:
e9:48:05:24:d2:59:ff:32:31:9c:2d:f9:72:99:28:27:91:85:
4e:c7:fa:09:94:29:57:a4:19:b5:b3:5e:cf:bd:7d:5b:4b:0d:
a8:9b:2c:88:77:c6:84:b9:93:ee:a9:99:cb:ee:de:fe:95:41:
45:ee:11:39:78:8b:0b:a9:09:3a:79:d2:23:db:29:21:2a:43:
dc:61:63:7b:6f:d1:68:d6:b3:5b:24:55:93:ef:61:b0:40:35:
2a:b1:b1:55:6f:a8:60:42:f5:1f:f9:46:23:d5:0a:8b:99:57:
81:8f:08:35:5c:0b:a2:d2:2a:ef:35:af:56:54:51:82:40:ee:
22:d6:04:ea:ac:60:14:76:14:51:07:96:c5:1a:bf:67:85:d1:
a9:be:3f:f2:9e:4b:ef:8e:a2:af:78:46:36:d6:a9:d2:de:3a:
7f:50:73:a9:d4:db:6e:0e:76:a9:da:ee:68:6c:15:f3:96:21:
21:5a:5b:7e:63:aa:81:71:45:99:00:b0:21:9e:34:ce:af:b9:
e5:0c:73:93
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICM2swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NENFNzUxMTAvBgNVBAUTKDQ5ODkyNTM3RDhCMkMwMzI1QjdCRTA4MUZEOTI4NkM3
OUJFQTZBODUwHhcNMjYwNTAyMTYxNzI4WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWY2MjM5OC1lMmM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuXeYQ59t8g18DBYJongCBSCUqjqnM720DludWKiWkW2ysqjnrrom5LCHl2BZ
jgvm8h9eOfulKvxsrT3jqq2FE5Onc2ly7tLjZiiHZOjvn7pcZ9Ce6c4uYO55oYNA
vu0x1lHl8IHadpA5Z2OLEpjNmfh/o1r9sB26roaYiKNHBREOOvrBGXYYXVEIK6IN
fqbIz7u2BYgPJAwQDOrzxMYXUDvuyKK6fQdpbzoDwYreX0v0vaZszpSHCjzD0dni
sjZF9K93iR6hsdVuNqyCwMsbnyZ4lwsY5WilmnuP45V34yrX+cUxR3kA3RcC9AqP
1tyeGTWwpN7+l5pQDBpVm5rzyQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFCBsUmcg
dxCAjm8LuB+SZVNh2uABMB8GA1UdIwQYMBaAFEmJJTfYssAyW3vggf2Shseb6mqF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Q0U3NS9EMjJFRjNENkZG
NEIxMUUyODFCRTA2NjI1OTExRUEzMi9TWWtsTjlpeXdESmJlLUNCX1pLR3g1dnFh
b1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NZa2xOOWl5d0RKYmUtQ0JfWktHeDV2cWFvVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NENFNzUvRDIyRUYzRDZGRjRCMTFFMjgxQkUwNjYyNTkxMUVBMzIvMEU5NUMyRDhG
MTQyMTFFQUE0MzMzNzc1QzRGOUFFMDIucm9hMFcGCCsGAQUFBwEHAQH/BEgwRjBE
BAIAATA+AwQADo2MAwMAO6EDAwBzdQMEAHN2QwMEA3n0ADAMAwQBefQKAwQBefQU
AwQEefUgMAwDBAZ59UADBAR59WAwDQYJKoZIhvcNAQELBQADggEBAGY6Ug7KWFIy
CTaB0jAqYCxUoHhdXx4TJDhYBs1VoY03kS8fqR5epdVeOFHgXtzgQ5Vy+bQFS+lI
BSTSWf8yMZwt+XKZKCeRhU7H+gmUKVekGbWzXs+9fVtLDaibLIh3xoS5k+6pmcvu
3v6VQUXuETl4iwupCTp50iPbKSEqQ9xhY3tv0WjWs1skVZPvYbBANSqxsVVvqGBC
9R/5RiPVCouZV4GPCDVcC6LSKu81r1ZUUYJA7iLWBOqsYBR2FFEHlsUav2eF0am+
P/KeS++Ooq94RjbWqdLeOn9Qc6nU224Odqna7mhsFfOWISFaW35jqoFxRZkAsCGe
NM6vueUMc5M=
-----END CERTIFICATE-----
Generated at Wed May 13 15:38:52 2026 by rpki-client