Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/2E96A63A690A11EF9525E980C4F9AE02.roa
File: 2E96A63A690A11EF9525E980C4F9AE02.roa (raw, json)
Hash identifier: JPCOlxoIy+z2DNQ0BspzKR/Qwx0mCFczeUvb2HAlSEs=
Subject key identifier: 33:11:27:17:65:E1:CC:21:23:E0:D4:91:F5:F7:FB:79:FF:13:54:53
Certificate issuer: /CN=A9157D7A/serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Certificate serial: 0894
Authority key identifier: 40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/2E96A63A690A11EF9525E980C4F9AE02.roa
Signing time: Tue 28 Apr 2026 23:29:22 +0000
ROA not before: Tue 28 Apr 2026 23:29:22 +0000
ROA not after: Fri 28 Aug 2026 00:00:00 +0000
asID: 45820
IP address blocks: 14.194.0.0/18 maxlen: 24
14.194.64.0/18 maxlen: 24
14.194.128.0/18 maxlen: 24
14.194.208.0/20 maxlen: 24
14.194.240.0/20 maxlen: 24
14.195.0.0/18 maxlen: 24
14.195.64.0/19 maxlen: 24
14.195.96.0/19 maxlen: 24
14.195.128.0/18 maxlen: 24
14.195.192.0/20 maxlen: 24
14.195.208.0/20 maxlen: 24
14.195.240.0/20 maxlen: 24
49.200.0.0/14 maxlen: 14
49.200.0.0/19 maxlen: 24
49.200.40.0/21 maxlen: 24
49.200.48.0/21 maxlen: 24
49.200.56.0/22 maxlen: 24
49.200.60.0/22 maxlen: 24
49.200.96.0/21 maxlen: 24
49.200.104.0/21 maxlen: 24
49.200.112.0/21 maxlen: 24
49.200.120.0/21 maxlen: 24
49.200.128.0/21 maxlen: 24
49.200.136.0/21 maxlen: 24
49.200.144.0/21 maxlen: 24
49.200.152.0/21 maxlen: 24
49.200.160.0/21 maxlen: 24
49.200.168.0/21 maxlen: 24
49.200.176.0/21 maxlen: 24
49.200.184.0/21 maxlen: 24
49.200.192.0/21 maxlen: 24
49.200.224.0/21 maxlen: 24
49.200.232.0/21 maxlen: 24
49.202.208.0/24 maxlen: 24
49.249.0.0/17 maxlen: 24
49.249.128.0/18 maxlen: 24
115.160.217.0/24 maxlen: 24
182.156.0.0/18 maxlen: 22
182.156.0.0/22 maxlen: 24
182.156.4.0/23 maxlen: 24
182.156.8.0/21 maxlen: 24
182.156.16.0/22 maxlen: 24
182.156.22.0/23 maxlen: 24
182.156.24.0/21 maxlen: 23
182.156.24.0/23 maxlen: 24
182.156.28.0/22 maxlen: 24
182.156.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 22:18:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2196 (0x894)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D7A, serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Validity
Not Before: Apr 28 23:29:22 2026 GMT
Not After : Aug 28 00:00:00 2026 GMT
Subject: CN=69f142d2-979e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:02:0d:07:69:f3:a7:35:56:26:71:01:c1:d3:
9f:99:96:74:8c:d4:28:d9:dd:cc:28:b1:c8:64:69:
91:ce:8a:97:5c:a9:53:64:2e:2f:f7:fd:db:e7:ef:
02:67:d2:9c:6a:54:27:41:f7:94:fc:08:7d:54:fb:
53:02:64:14:1f:14:d1:4a:8c:df:8f:a4:2f:ba:56:
f4:cd:b1:1a:9e:03:62:65:4b:a1:bb:ae:11:37:20:
5d:13:d4:8c:f8:18:3b:37:d5:ef:08:5b:8b:25:b8:
05:ed:fc:3f:78:77:22:0e:d1:65:bf:1c:fe:56:eb:
3d:b7:a3:ae:a2:0a:38:6a:d9:f9:a2:98:62:7c:77:
ed:d3:59:68:ef:e2:0d:03:55:f8:91:ad:09:b1:3f:
3b:5d:ee:8c:9d:5d:0f:9c:d5:cc:59:bf:08:49:67:
69:16:cd:57:78:1c:dc:ac:4b:cb:73:e9:ec:93:4f:
ed:fd:ee:35:b6:ad:9b:c2:0f:b5:eb:66:4e:0c:06:
af:bf:c9:d7:1a:59:21:c2:6b:d0:74:c3:da:2d:07:
cb:e2:cb:42:79:39:db:92:4c:0c:fc:2d:28:ec:47:
34:cc:0b:38:b2:51:42:9d:68:3f:7d:ff:66:1f:91:
31:f2:f1:f1:1d:20:3c:83:01:cc:bd:aa:9b:e8:6c:
a4:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:11:27:17:65:E1:CC:21:23:E0:D4:91:F5:F7:FB:79:FF:13:54:53
X509v3 Authority Key Identifier:
keyid:40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/2E96A63A690A11EF9525E980C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
14.194.0.0-14.194.191.255
14.194.208.0/20
14.194.240.0-14.195.223.255
14.195.240.0/20
49.200.0.0/14
49.249.0.0-49.249.191.255
115.160.217.0/24
182.156.0.0/18
Signature Algorithm: sha256WithRSAEncryption
4e:8a:85:c0:b1:e5:9e:88:39:62:bf:f8:76:17:cb:2b:cb:82:
2b:c5:74:ef:86:a0:05:32:a0:91:87:6a:e2:93:79:89:49:a4:
3d:d7:47:c8:f3:5d:a5:9e:38:64:49:eb:39:d3:d6:3c:25:4b:
67:7a:af:8e:6e:e8:82:63:fe:ea:2b:2b:8a:9a:1d:eb:6c:40:
7e:61:8b:93:6f:a3:2b:d8:85:bc:ad:97:15:84:bd:da:4b:dd:
d0:de:99:e4:49:18:f1:19:85:f3:ca:95:40:56:e0:47:c4:6f:
e0:59:74:11:04:8d:90:dc:20:18:70:40:e3:c9:83:a7:75:94:
88:d0:5c:a8:08:9c:6b:60:99:5e:22:49:67:fb:78:82:eb:de:
9f:e8:39:cb:e2:07:e4:41:ce:01:48:d8:48:91:18:38:ed:44:
49:c8:e7:f3:fb:91:1a:78:4e:fc:67:b1:06:b7:01:33:9b:e0:
63:bc:24:04:2e:60:33:e3:8f:14:55:63:2e:8e:01:0b:de:93:
b5:2d:d6:54:ae:00:f3:5f:c3:17:73:e8:6d:38:f5:a2:4d:46:
dd:65:7d:7a:be:be:ee:00:d8:65:f2:53:30:71:3a:c0:40:5a:
d8:f6:f3:25:6c:ea:f5:7c:17:c9:a2:a3:98:84:c2:70:97:35:
37:eb:a9:f5
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgICCJQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdEN0ExMTAvBgNVBAUTKDQwMUI0Mjk5MDZDOTBFQTAzRUNGQzYxQjE1QkE0RUYx
MjM5MDMzNzkwHhcNMjYwNDI4MjMyOTIyWhcNMjYwODI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWYxNDJkMi05NzllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtQINB2nzpzVWJnEBwdOfmZZ0jNQo2d3MKLHIZGmRzoqXXKlTZC4v9/3b5+8C
Z9KcalQnQfeU/Ah9VPtTAmQUHxTRSozfj6Qvulb0zbEangNiZUuhu64RNyBdE9SM
+Bg7N9XvCFuLJbgF7fw/eHciDtFlvxz+Vus9t6Ouogo4atn5ophifHft01lo7+IN
A1X4ka0JsT87Xe6MnV0PnNXMWb8ISWdpFs1XeBzcrEvLc+nsk0/t/e41tq2bwg+1
62ZODAavv8nXGlkhwmvQdMPaLQfL4stCeTnbkkwM/C0o7Ec0zAs4slFCnWg/ff9m
H5Ex8vHxHSA8gwHMvaqb6GykpwIDAQABo4ICnzCCApswHQYDVR0OBBYEFDMRJxdl
4cwhI+DUkfX3+3n/E1RTMB8GA1UdIwQYMBaAFEAbQpkGyQ6gPs/GGxW6TvEjkDN5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q3QS81RERDQ0NDNjk5
MTUxMUVCOTY3MjcyNDNDNEY5QUUwMi9RQnRDbVFiSkRxQS16OFliRmJwTzhTT1FN
M2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FCdENtUWJKRHFBLXo4WWJGYnBPOFNPUU0zay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdEN0EvNUREQ0NDQzY5OTE1MTFFQjk2NzI3MjQzQzRGOUFFMDIvMkU5NkE2M0E2
OTBBMTFFRjk1MjVFOTgwQzRGOUFFMDIucm9hMF4GCCsGAQUFBwEHAQH/BE8wTTBL
BAIAATBFMAsDAwEOwgMEBg7CgAMEBA7C0DAMAwQEDsLwAwQFDsPAAwQEDsPwAwMC
McgwCwMDADH5AwQGMfmAAwQAc6DZAwQGtpwAMA0GCSqGSIb3DQEBCwUAA4IBAQBO
ioXAseWeiDliv/h2F8sry4IrxXTvhqAFMqCRh2rik3mJSaQ910fI812lnjhkSes5
09Y8JUtneq+ObuiCY/7qKyuKmh3rbEB+YYuTb6Mr2IW8rZcVhL3aS93Q3pnkSRjx
GYXzypVAVuBHxG/gWXQRBI2Q3CAYcEDjyYOndZSI0FyoCJxrYJleIkln+3iC696f
6DnL4gfkQc4BSNhIkRg47URJyOfz+5EaeE78Z7EGtwEzm+BjvCQELmAz448UVWMu
jgEL3pO1LdZUrgDzX8MXc+htOPWiTUbdZX16vr7uANhl8lMwcTrAQFrY9vMlbOr1
fBfJoqOYhMJwlzU366n1
-----END CERTIFICATE-----
Generated at Wed May 13 10:37:33 2026 by rpki-client