Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/632982C478E411F0B36C2173C4F9AE02.roa
File: 632982C478E411F0B36C2173C4F9AE02.roa (raw, json)
Hash identifier: cFCH+NfdcPbE/C4X/bhECB2fPxHMgBj4PKDN/L6jhnI=
Subject key identifier: 85:D4:01:88:8E:DF:82:34:F7:DD:17:E0:35:A7:4B:3B:70:2B:E3:D8
Certificate issuer: /CN=A9157D7A/serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Certificate serial: 0895
Authority key identifier: 40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/632982C478E411F0B36C2173C4F9AE02.roa
Signing time: Tue 28 Apr 2026 23:29:25 +0000
ROA not before: Tue 28 Apr 2026 23:29:25 +0000
ROA not after: Fri 28 Aug 2026 00:00:00 +0000
asID: 55441
IP address blocks: 14.194.192.0/20 maxlen: 24
14.194.224.0/20 maxlen: 24
14.195.64.0/20 maxlen: 24
14.195.80.0/20 maxlen: 23
14.195.80.0/22 maxlen: 24
14.195.84.0/23 maxlen: 24
14.195.88.0/21 maxlen: 24
14.195.200.0/21 maxlen: 24
49.200.64.0/19 maxlen: 24
49.200.112.0/20 maxlen: 24
49.200.128.0/18 maxlen: 24
49.200.240.0/21 maxlen: 24
49.200.248.0/22 maxlen: 24
49.200.252.0/22 maxlen: 24
49.202.168.0/21 maxlen: 24
49.202.176.0/20 maxlen: 24
49.202.212.0/22 maxlen: 24
49.202.224.0/22 maxlen: 24
49.202.228.0/23 maxlen: 24
49.248.224.0/20 maxlen: 24
49.248.240.0/22 maxlen: 24
182.156.96.0/23 maxlen: 24
2407:8c00:90::/44 maxlen: 44
2407:8c00:a0::/44 maxlen: 44
2407:8c00:b0::/44 maxlen: 44
2407:8c00:1b0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 22:18:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2197 (0x895)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D7A, serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Validity
Not Before: Apr 28 23:29:25 2026 GMT
Not After : Aug 28 00:00:00 2026 GMT
Subject: CN=69f142d5-2326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e5:bd:12:52:b5:af:c5:24:94:a5:81:cc:57:
24:71:0f:c2:63:7e:89:7a:76:50:81:7b:31:be:2c:
2d:ea:ba:a7:60:2d:13:b3:06:dc:a9:6f:d2:a1:17:
af:b6:09:cc:76:bc:c5:95:ab:8c:9e:90:33:95:1c:
dd:c2:c8:3f:2a:88:25:c5:2d:8b:5b:59:b2:6d:b1:
15:96:a5:1a:d2:0a:df:9d:39:59:14:81:27:13:85:
f0:5a:3a:ce:26:82:0e:e8:6b:a9:f2:72:65:04:82:
d7:bf:26:4c:c3:ed:74:00:cd:a2:c8:2e:59:92:16:
a0:39:85:bd:88:42:c1:44:49:b6:e3:cc:52:88:73:
84:d1:8e:48:f3:9f:52:dc:c5:0b:96:53:da:e5:73:
6d:37:02:f0:7d:62:cb:34:78:96:98:82:5c:74:f4:
5c:93:a5:40:a6:10:c0:c6:33:a6:b8:b4:49:1b:9e:
69:2b:6e:a6:f7:c0:b6:f5:be:27:98:5a:03:60:f0:
ec:24:6a:30:73:ae:05:40:f7:30:83:15:e7:1f:a5:
d7:a8:35:90:34:bd:69:b9:e6:6e:9f:19:5c:a8:7c:
7b:f3:cf:1e:bf:8c:76:13:61:bb:f9:43:e2:13:4a:
6b:82:2b:29:63:81:7e:9f:43:8e:15:19:98:f2:c2:
72:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:D4:01:88:8E:DF:82:34:F7:DD:17:E0:35:A7:4B:3B:70:2B:E3:D8
X509v3 Authority Key Identifier:
keyid:40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/632982C478E411F0B36C2173C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
14.194.192.0/20
14.194.224.0/20
14.195.64.0/19
14.195.200.0/21
49.200.64.0/19
49.200.112.0-49.200.191.255
49.200.240.0/20
49.202.168.0-49.202.191.255
49.202.212.0/22
49.202.224.0-49.202.229.255
49.248.224.0-49.248.243.255
182.156.96.0/23
IPv6:
2407:8c00:90::-2407:8c00:bf:ffff:ffff:ffff:ffff:ffff
2407:8c00:1b0::/44
Signature Algorithm: sha256WithRSAEncryption
b3:3b:d5:5e:2d:05:e1:11:66:7f:3a:7f:bd:23:9f:cd:4b:35:
53:8f:3d:c8:9a:eb:b5:8e:8c:65:21:a7:84:b4:4f:8e:65:44:
d4:31:8b:53:ac:1a:29:22:42:b7:11:e5:96:c2:60:e1:75:83:
b5:4c:d4:ef:d7:74:08:8b:bd:97:09:77:8f:0c:49:47:4a:f6:
43:11:21:fd:73:b1:0e:c6:f9:01:f6:0a:a6:77:73:5e:83:66:
25:d2:23:11:6d:73:ab:7c:f6:89:fa:76:1e:29:e1:9d:f3:f3:
7e:45:c5:3a:39:e8:58:6b:ab:a1:1e:f0:28:d7:f5:81:22:86:
64:43:96:d7:12:55:c5:7f:47:3c:ac:a9:bc:90:64:cc:5d:90:
37:1a:4a:f0:15:17:02:91:6c:48:eb:13:ce:97:d0:8c:01:8e:
70:40:40:54:98:bf:c2:04:29:f5:3c:19:0a:4f:ea:77:2d:f5:
8b:48:2c:3a:fd:f1:71:8c:dd:2b:44:a9:e5:92:ec:81:1a:69:
cc:0c:07:df:0f:dd:a4:79:6f:80:25:c8:00:41:11:81:c2:a3:
3f:c4:ff:c0:ca:0c:c4:b4:d8:2f:e7:50:65:a4:b9:df:c2:76:
0c:88:5a:88:a0:65:14:55:20:96:87:fd:42:a2:d3:bd:7b:49:
ca:aa:e5:05
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgICCJUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdEN0ExMTAvBgNVBAUTKDQwMUI0Mjk5MDZDOTBFQTAzRUNGQzYxQjE1QkE0RUYx
MjM5MDMzNzkwHhcNMjYwNDI4MjMyOTI1WhcNMjYwODI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWYxNDJkNS0yMzI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqOW9ElK1r8UklKWBzFckcQ/CY36JenZQgXsxviwt6rqnYC0TswbcqW/SoRev
tgnMdrzFlauMnpAzlRzdwsg/KoglxS2LW1mybbEVlqUa0grfnTlZFIEnE4XwWjrO
JoIO6Gup8nJlBILXvyZMw+10AM2iyC5ZkhagOYW9iELBREm248xSiHOE0Y5I859S
3MULllPa5XNtNwLwfWLLNHiWmIJcdPRck6VAphDAxjOmuLRJG55pK26m98C29b4n
mFoDYPDsJGowc64FQPcwgxXnH6XXqDWQNL1pueZunxlcqHx7888ev4x2E2G7+UPi
E0prgispY4F+n0OOFRmY8sJyZwIDAQABo4IC6jCCAuYwHQYDVR0OBBYEFIXUAYiO
34I0990X4DWnSztwK+PYMB8GA1UdIwQYMBaAFEAbQpkGyQ6gPs/GGxW6TvEjkDN5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q3QS81RERDQ0NDNjk5
MTUxMUVCOTY3MjcyNDNDNEY5QUUwMi9RQnRDbVFiSkRxQS16OFliRmJwTzhTT1FN
M2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FCdENtUWJKRHFBLXo4WWJGYnBPOFNPUU0zay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdEN0EvNUREQ0NDQzY5OTE1MTFFQjk2NzI3MjQzQzRGOUFFMDIvNjMyOTgyQzQ3
OEU0MTFGMEIzNkMyMTczQzRGOUFFMDIucm9hMIGoBggrBgEFBQcBBwEB/wSBmDCB
lTBuBAIAATBoAwQEDsLAAwQEDsLgAwQFDsNAAwQDDsPIAwQFMchAMAwDBAQxyHAD
BAYxyIADBAQxyPAwDAMEAzHKqAMEBjHKgAMEAjHK1DAMAwQFMcrgAwQBMcrkMAwD
BAUx+OADBAIx+PADBAG2nGAwIwQCAAIwHTASAwcEJAeMAACQAwcGJAeMAACAAwcE
JAeMAAGwMA0GCSqGSIb3DQEBCwUAA4IBAQCzO9VeLQXhEWZ/On+9I5/NSzVTjz3I
muu1joxlIaeEtE+OZUTUMYtTrBopIkK3EeWWwmDhdYO1TNTv13QIi72XCXePDElH
SvZDESH9c7EOxvkB9gqmd3Neg2Yl0iMRbXOrfPaJ+nYeKeGd8/N+RcU6OehYa6uh
HvAo1/WBIoZkQ5bXElXFf0c8rKm8kGTMXZA3GkrwFRcCkWxI6xPOl9CMAY5wQEBU
mL/CBCn1PBkKT+p3LfWLSCw6/fFxjN0rRKnlkuyBGmnMDAffD92keW+AJcgAQRGB
wqM/xP/AygzEtNgv51BlpLnfwnYMiFqIoGUUVSCWh/1CotO9e0nKquUF
-----END CERTIFICATE-----
Generated at Wed May 13 07:25:32 2026 by rpki-client