Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/2E96A63A690A11EF9525E980C4F9AE02.roa
File: 2E96A63A690A11EF9525E980C4F9AE02.roa (raw, json)
Hash identifier: iQfhc9O2c/j6hNKmqolyh0eDzRYj6oaCAwEBH6T74Jw=
Subject key identifier: 66:97:8E:71:63:82:6A:56:2A:9D:A7:29:81:32:3F:4F:68:50:1C:6B
Certificate issuer: /CN=A9157D7A/serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Certificate serial: 087D
Authority key identifier: 40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/2E96A63A690A11EF9525E980C4F9AE02.roa
Signing time: Thu 26 Mar 2026 06:18:59 +0000
ROA not before: Thu 26 Mar 2026 06:18:59 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 45820
IP address blocks: 14.194.0.0/18 maxlen: 24
14.194.64.0/18 maxlen: 24
14.194.128.0/18 maxlen: 24
14.194.208.0/20 maxlen: 24
14.194.240.0/20 maxlen: 24
14.195.0.0/18 maxlen: 24
14.195.64.0/19 maxlen: 24
14.195.96.0/19 maxlen: 24
14.195.128.0/18 maxlen: 24
14.195.192.0/20 maxlen: 24
14.195.208.0/20 maxlen: 24
14.195.240.0/20 maxlen: 24
49.200.0.0/14 maxlen: 14
49.200.0.0/19 maxlen: 24
49.200.40.0/21 maxlen: 24
49.200.48.0/21 maxlen: 24
49.200.56.0/22 maxlen: 24
49.200.60.0/22 maxlen: 24
49.200.96.0/21 maxlen: 24
49.200.104.0/21 maxlen: 24
49.200.112.0/21 maxlen: 24
49.200.120.0/21 maxlen: 24
49.200.128.0/21 maxlen: 24
49.200.136.0/21 maxlen: 24
49.200.144.0/21 maxlen: 24
49.200.152.0/21 maxlen: 24
49.200.160.0/21 maxlen: 24
49.200.168.0/21 maxlen: 24
49.200.176.0/21 maxlen: 24
49.200.184.0/21 maxlen: 24
49.200.192.0/21 maxlen: 24
49.200.224.0/21 maxlen: 24
49.200.232.0/21 maxlen: 24
49.202.208.0/24 maxlen: 24
49.249.0.0/17 maxlen: 24
49.249.128.0/18 maxlen: 24
115.160.217.0/24 maxlen: 24
182.156.0.0/18 maxlen: 22
182.156.0.0/22 maxlen: 24
182.156.4.0/23 maxlen: 24
182.156.8.0/21 maxlen: 24
182.156.16.0/22 maxlen: 24
182.156.22.0/23 maxlen: 24
182.156.24.0/21 maxlen: 23
182.156.24.0/23 maxlen: 24
182.156.28.0/22 maxlen: 24
182.156.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 Apr 2026 06:19:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2173 (0x87d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D7A, serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Validity
Not Before: Mar 26 06:18:59 2026 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=69c4cfd3-194a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d7:e9:3a:ec:62:88:63:90:75:a7:fd:fc:e1:
47:c2:b5:0d:12:fb:bf:e2:ec:c0:9b:06:5e:57:78:
96:8a:97:22:35:f7:63:e2:7a:a4:d7:c2:25:57:1e:
70:58:34:cb:f6:94:e2:4c:d5:82:d7:82:a4:ae:d7:
84:ed:05:24:4f:0e:e2:f2:17:bc:28:3e:4b:be:81:
cc:af:1a:c4:9f:f2:7c:9e:b7:b1:f7:5c:9e:70:cf:
92:7f:32:19:be:9e:87:fc:27:59:f3:36:27:2d:6f:
3f:e8:4f:58:2d:ea:c3:d3:0c:6e:45:82:50:78:7e:
cc:05:19:f0:07:fc:df:56:74:4c:c8:43:36:21:6f:
0c:eb:f6:c9:1a:34:cc:44:ec:45:1a:8f:3e:f9:e6:
42:01:3a:18:a5:71:81:9c:6f:a9:8e:a2:79:f0:d4:
7c:00:59:8b:3f:94:da:4b:db:8a:d1:cd:fb:32:b0:
68:5b:6b:f5:ea:49:e7:fe:6c:a5:1b:bd:55:0c:57:
4c:38:a9:54:3b:39:59:bd:b9:70:96:6c:d9:bc:02:
73:0f:b5:c5:73:3d:e6:66:05:ea:bf:3f:e7:c6:cf:
b5:6a:cc:b0:e7:99:c5:71:7e:b7:02:32:2e:55:88:
1f:59:60:6f:7c:3c:d5:5f:9e:a1:f1:39:af:90:d2:
12:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:97:8E:71:63:82:6A:56:2A:9D:A7:29:81:32:3F:4F:68:50:1C:6B
X509v3 Authority Key Identifier:
keyid:40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/2E96A63A690A11EF9525E980C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
14.194.0.0-14.194.191.255
14.194.208.0/20
14.194.240.0-14.195.223.255
14.195.240.0/20
49.200.0.0/14
49.249.0.0-49.249.191.255
115.160.217.0/24
182.156.0.0/18
Signature Algorithm: sha256WithRSAEncryption
a4:70:42:4a:22:03:55:ce:e9:7f:41:2e:96:6c:21:3c:df:18:
31:d3:a7:fe:6d:bd:44:d0:42:57:9e:fe:9a:d2:bc:27:c4:12:
0c:aa:89:24:23:36:77:3a:f9:e2:2b:69:5c:fc:4f:6d:c8:f7:
1e:73:aa:b5:a5:30:77:6a:e4:bf:df:f9:8a:f5:7e:ad:23:af:
11:00:1a:4e:ad:15:17:55:29:d4:29:cd:7e:11:c8:2d:41:f4:
c5:84:9c:f4:60:e8:5f:3c:f1:f4:4b:3e:23:57:70:c0:e3:85:
f9:db:82:85:d3:f5:2f:2c:83:2a:b9:1f:40:18:46:82:50:59:
76:c2:bd:85:cf:21:97:45:b1:05:ce:54:51:b0:88:0e:40:34:
d8:08:53:4f:77:e5:34:f6:38:52:67:16:2f:2d:62:07:bb:f7:
d1:58:11:46:ea:69:37:8d:67:37:c3:e9:2d:8f:65:6c:75:05:
9c:21:83:20:96:26:4e:13:3c:2c:96:ad:b4:a9:45:d7:b8:5a:
1e:e4:8f:f8:10:0e:69:5a:1d:fd:54:0d:d3:82:8b:f2:36:68:
dc:6d:e5:66:73:35:a2:4b:f2:fa:7c:92:1b:4e:61:57:98:21:
4a:dc:8d:bd:d9:03:1f:f5:d6:6c:e6:27:ed:1d:df:ba:a1:9d:
d3:6a:df:8c
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgICCH0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdEN0ExMTAvBgNVBAUTKDQwMUI0Mjk5MDZDOTBFQTAzRUNGQzYxQjE1QkE0RUYx
MjM5MDMzNzkwHhcNMjYwMzI2MDYxODU5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWM0Y2ZkMy0xOTRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArdfpOuxiiGOQdaf9/OFHwrUNEvu/4uzAmwZeV3iWipciNfdj4nqk18IlVx5w
WDTL9pTiTNWC14KkrteE7QUkTw7i8he8KD5LvoHMrxrEn/J8nrex91yecM+SfzIZ
vp6H/CdZ8zYnLW8/6E9YLerD0wxuRYJQeH7MBRnwB/zfVnRMyEM2IW8M6/bJGjTM
ROxFGo8++eZCAToYpXGBnG+pjqJ58NR8AFmLP5TaS9uK0c37MrBoW2v16knn/myl
G71VDFdMOKlUOzlZvblwlmzZvAJzD7XFcz3mZgXqvz/nxs+1asyw55nFcX63AjIu
VYgfWWBvfDzVX56h8TmvkNISoQIDAQABo4ICnzCCApswHQYDVR0OBBYEFGaXjnFj
gmpWKp2nKYEyP09oUBxrMB8GA1UdIwQYMBaAFEAbQpkGyQ6gPs/GGxW6TvEjkDN5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q3QS81RERDQ0NDNjk5
MTUxMUVCOTY3MjcyNDNDNEY5QUUwMi9RQnRDbVFiSkRxQS16OFliRmJwTzhTT1FN
M2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FCdENtUWJKRHFBLXo4WWJGYnBPOFNPUU0zay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdEN0EvNUREQ0NDQzY5OTE1MTFFQjk2NzI3MjQzQzRGOUFFMDIvMkU5NkE2M0E2
OTBBMTFFRjk1MjVFOTgwQzRGOUFFMDIucm9hMF4GCCsGAQUFBwEHAQH/BE8wTTBL
BAIAATBFMAsDAwEOwgMEBg7CgAMEBA7C0DAMAwQEDsLwAwQFDsPAAwQEDsPwAwMC
McgwCwMDADH5AwQGMfmAAwQAc6DZAwQGtpwAMA0GCSqGSIb3DQEBCwUAA4IBAQCk
cEJKIgNVzul/QS6WbCE83xgx06f+bb1E0EJXnv6a0rwnxBIMqokkIzZ3OvniK2lc
/E9tyPcec6q1pTB3auS/3/mK9X6tI68RABpOrRUXVSnUKc1+EcgtQfTFhJz0YOhf
PPH0Sz4jV3DA44X524KF0/UvLIMquR9AGEaCUFl2wr2FzyGXRbEFzlRRsIgOQDTY
CFNPd+U09jhSZxYvLWIHu/fRWBFG6mk3jWc3w+ktj2VsdQWcIYMgliZOEzwslq20
qUXXuFoe5I/4EA5pWh39VA3TgovyNmjcbeVmczWiS/L6fJIbTmFXmCFK3I292QMf
9dZs5iftHd+6oZ3Tat+M
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:25:22 2026 by rpki-client