Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/2E96A63A690A11EF9525E980C4F9AE02.roa
File: 2E96A63A690A11EF9525E980C4F9AE02.roa (raw, json)
Hash identifier: cke1NFfNL9L9qxr7ZE02PXCwTKlIG2fZiMZ8kT9IRhc=
Subject key identifier: 6F:51:58:83:84:8D:92:3A:A9:FC:87:27:E3:C7:B6:BF:57:55:E2:B2
Certificate issuer: /CN=A9157D7A/serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Certificate serial: 075C
Authority key identifier: 40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/2E96A63A690A11EF9525E980C4F9AE02.roa
Signing time: Wed 14 May 2025 23:12:22 +0000
ROA not before: Wed 14 May 2025 23:12:22 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 45820
IP address blocks: 14.194.0.0/18 maxlen: 24
14.194.64.0/18 maxlen: 24
14.194.128.0/18 maxlen: 24
14.194.208.0/20 maxlen: 24
14.194.240.0/20 maxlen: 24
14.195.0.0/18 maxlen: 24
14.195.64.0/19 maxlen: 24
14.195.96.0/19 maxlen: 24
14.195.128.0/18 maxlen: 24
14.195.192.0/20 maxlen: 24
14.195.208.0/20 maxlen: 24
14.195.240.0/20 maxlen: 24
49.200.0.0/14 maxlen: 14
49.202.208.0/24 maxlen: 24
49.249.0.0/17 maxlen: 24
49.249.128.0/18 maxlen: 24
115.160.217.0/24 maxlen: 24
182.156.0.0/18 maxlen: 22
182.156.0.0/22 maxlen: 24
182.156.4.0/23 maxlen: 24
182.156.8.0/21 maxlen: 24
182.156.16.0/22 maxlen: 24
182.156.22.0/23 maxlen: 24
182.156.24.0/23 maxlen: 24
182.156.28.0/22 maxlen: 24
182.156.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 22 May 2025 09:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1884 (0x75c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D7A, serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Validity
Not Before: May 14 23:12:22 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=68252356-3169
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:32:89:a8:8d:63:47:c8:b3:72:aa:47:84:7d:
cd:4b:1c:a2:d5:3c:ad:a2:a2:20:c8:c1:d9:f3:a6:
9b:ff:28:c3:8a:52:dd:85:07:a2:9f:b5:ab:3f:53:
f4:50:63:46:0e:b6:13:8d:66:7d:7e:62:74:2d:46:
e3:4a:f5:58:86:72:69:b2:70:8c:eb:37:a5:fd:55:
b7:88:86:df:a9:c8:d3:f8:c0:65:88:4a:b8:a1:bf:
07:b9:cf:a5:da:78:50:12:89:54:9e:9c:06:50:1a:
c6:44:66:c2:20:25:da:36:ba:59:e5:87:4d:27:2e:
2d:bf:2b:0d:c4:a8:a0:bd:43:e0:60:7b:e9:66:91:
d2:4c:1f:3d:b0:2f:bb:7d:35:18:ee:97:d8:1b:d1:
3a:71:60:82:9b:96:8d:53:16:bb:ee:7e:66:6d:7d:
d5:9d:8a:b6:d2:5b:5e:4c:1d:75:e0:bc:27:21:54:
80:73:ea:db:32:56:04:3e:1c:2d:7f:51:9d:61:a7:
fd:a8:aa:8a:f2:1b:5c:aa:ba:af:61:c4:b3:53:77:
77:74:99:21:de:2e:08:b4:84:a7:40:82:fa:07:a9:
2e:a3:5d:fe:ea:00:91:a6:56:df:3b:52:21:cc:a7:
b7:95:61:24:fe:c7:87:63:a2:ae:d4:61:44:de:1f:
94:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:51:58:83:84:8D:92:3A:A9:FC:87:27:E3:C7:B6:BF:57:55:E2:B2
X509v3 Authority Key Identifier:
keyid:40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/2E96A63A690A11EF9525E980C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.194.0.0-14.194.191.255
14.194.208.0/20
14.194.240.0-14.195.223.255
14.195.240.0/20
49.200.0.0/14
49.249.0.0-49.249.191.255
115.160.217.0/24
182.156.0.0/18
Signature Algorithm: sha256WithRSAEncryption
7c:1c:97:40:ee:c7:2f:a1:b5:ee:a6:3e:a0:fc:8f:52:af:c9:
1b:22:b8:38:9c:fd:9f:e9:2d:22:60:5a:50:3d:6f:fe:73:10:
6c:ca:28:e2:70:63:c9:89:5b:1d:a9:45:32:2b:8e:0a:51:0c:
58:70:ac:d9:4c:79:dc:24:53:28:45:c1:62:15:b3:3a:3e:ef:
49:bf:bd:79:60:bb:00:0d:5c:5f:a5:02:0e:a9:e2:ca:df:36:
74:2f:66:e3:25:cc:1a:71:c7:47:25:be:ac:01:78:9a:5c:1a:
f0:f5:5c:06:aa:bb:12:7a:47:01:fc:b8:48:58:63:9c:1d:9a:
a6:ac:9d:33:23:58:1f:05:3a:6b:71:74:c8:7f:2d:48:70:7a:
ae:ee:14:ea:f9:e1:dd:08:c7:2a:30:17:f2:f0:2a:ff:4b:b5:
68:de:93:c7:79:63:20:e7:bc:04:a3:44:a5:99:5f:05:c5:32:
b9:7a:e1:22:bd:b1:af:ee:32:e7:ae:4b:05:49:1f:d7:98:9b:
ef:49:8c:56:be:3d:b2:77:8f:02:e6:f1:cc:03:ad:a8:42:47:
db:23:5e:b1:2a:1d:05:67:24:cc:93:cf:73:87:a5:34:6e:98:
f0:9b:83:fb:ab:ad:38:64:d1:20:9f:77:49:f6:06:50:fe:8a:
98:e7:2b:9e
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgICB1wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdEN0ExMTAvBgNVBAUTKDQwMUI0Mjk5MDZDOTBFQTAzRUNGQzYxQjE1QkE0RUYx
MjM5MDMzNzkwHhcNMjUwNTE0MjMxMjIyWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02ODI1MjM1Ni0zMTY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0DKJqI1jR8izcqpHhH3NSxyi1TytoqIgyMHZ86ab/yjDilLdhQein7WrP1P0
UGNGDrYTjWZ9fmJ0LUbjSvVYhnJpsnCM6zel/VW3iIbfqcjT+MBliEq4ob8Huc+l
2nhQEolUnpwGUBrGRGbCICXaNrpZ5YdNJy4tvysNxKigvUPgYHvpZpHSTB89sC+7
fTUY7pfYG9E6cWCCm5aNUxa77n5mbX3VnYq20lteTB114LwnIVSAc+rbMlYEPhwt
f1GdYaf9qKqK8htcqrqvYcSzU3d3dJkh3i4ItISnQIL6B6kuo13+6gCRplbfO1Ih
zKe3lWEk/seHY6Ku1GFE3h+UUwIDAQABo4IC1DCCAtAwHQYDVR0OBBYEFG9RWIOE
jZI6qfyHJ+PHtr9XVeKyMB8GA1UdIwQYMBaAFEAbQpkGyQ6gPs/GGxW6TvEjkDN5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q3QS81RERDQ0NDNjk5
MTUxMUVCOTY3MjcyNDNDNEY5QUUwMi9RQnRDbVFiSkRxQS16OFliRmJwTzhTT1FN
M2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FCdENtUWJKRHFBLXo4WWJGYnBPOFNPUU0zay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdEN0EvNUREQ0NDQzY5OTE1MTFFQjk2NzI3MjQzQzRGOUFFMDIvMkU5NkE2M0E2
OTBBMTFFRjk1MjVFOTgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXgYIKwYBBQUHAQcBAf8E
TzBNMEsEAgABMEUwCwMDAQ7CAwQGDsKAAwQEDsLQMAwDBAQOwvADBAUOw8ADBAQO
w/ADAwIxyDALAwMAMfkDBAYx+YADBABzoNkDBAa2nAAwDQYJKoZIhvcNAQELBQAD
ggEBAHwcl0Duxy+hte6mPqD8j1KvyRsiuDic/Z/pLSJgWlA9b/5zEGzKKOJwY8mJ
Wx2pRTIrjgpRDFhwrNlMedwkUyhFwWIVszo+70m/vXlguwANXF+lAg6p4srfNnQv
ZuMlzBpxx0clvqwBeJpcGvD1XAaquxJ6RwH8uEhYY5wdmqasnTMjWB8FOmtxdMh/
LUhweq7uFOr54d0IxyowF/LwKv9LtWjek8d5YyDnvASjRKWZXwXFMrl64SK9sa/u
MueuSwVJH9eYm+9JjFa+PbJ3jwLm8cwDrahCR9sjXrEqHQVnJMyTz3OHpTRumPCb
g/urrThk0SCfd0n2BlD+ipjnK54=
-----END CERTIFICATE-----
Generated at Fri May 16 06:41:29 2025 by rpki-client