Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/632982C478E411F0B36C2173C4F9AE02.roa
File: 632982C478E411F0B36C2173C4F9AE02.roa (raw, json)
Hash identifier: DqMi1I/Izzb5oOVCjzKuAyd4KmWH/EJc0rOqPfPKcVQ=
Subject key identifier: AD:04:1B:BC:12:7C:98:AD:F6:22:10:0D:68:B0:11:C4:DC:FE:2F:59
Certificate issuer: /CN=A9157D7A/serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Certificate serial: 07AB
Authority key identifier: 40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/632982C478E411F0B36C2173C4F9AE02.roa
Signing time: Thu 14 Aug 2025 07:57:56 +0000
ROA not before: Thu 14 Aug 2025 07:57:56 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 55441
IP address blocks: 14.194.192.0/20 maxlen: 24
14.194.224.0/20 maxlen: 24
14.195.64.0/20 maxlen: 24
14.195.80.0/20 maxlen: 23
14.195.80.0/22 maxlen: 24
14.195.84.0/23 maxlen: 24
14.195.88.0/21 maxlen: 24
14.195.200.0/21 maxlen: 24
49.200.64.0/19 maxlen: 24
49.200.112.0/20 maxlen: 24
49.200.128.0/18 maxlen: 24
49.200.240.0/21 maxlen: 24
49.200.248.0/22 maxlen: 24
49.200.252.0/22 maxlen: 24
49.202.168.0/21 maxlen: 24
49.202.176.0/20 maxlen: 24
49.202.212.0/22 maxlen: 24
49.202.224.0/22 maxlen: 24
49.202.228.0/23 maxlen: 24
49.248.224.0/20 maxlen: 24
49.248.240.0/22 maxlen: 24
182.156.96.0/23 maxlen: 24
2407:8c00:90::/44 maxlen: 44
2407:8c00:a0::/44 maxlen: 44
2407:8c00:b0::/44 maxlen: 44
2407:8c00:1b0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 22:47:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1963 (0x7ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D7A, serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Validity
Not Before: Aug 14 07:57:56 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=689d9704-615c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a5:e7:a9:16:79:65:57:53:dd:b0:8f:c5:da:
56:fb:65:ba:ea:09:57:3f:f9:b7:58:ee:76:be:75:
1a:af:96:e1:25:48:d9:df:87:c9:07:4a:e3:f5:12:
d0:0a:70:86:3a:76:9c:41:86:8a:bd:6b:8d:6f:e7:
57:09:8e:33:54:90:14:5c:ac:d2:40:ea:9a:90:3d:
5d:85:92:22:2f:65:b4:8f:e2:3d:c2:bd:3b:ce:a6:
a2:1a:5a:d7:05:0b:4a:14:9e:34:6c:f0:13:e6:8b:
bf:c5:dc:b1:1d:4c:bf:2a:8f:50:b2:55:4b:94:f0:
81:da:1f:df:44:82:0e:f4:db:7b:a2:c1:46:07:81:
7e:de:b6:c1:f6:c7:bf:90:28:14:6c:25:f9:83:92:
2f:eb:39:88:bc:18:60:ad:57:db:0a:07:1b:e3:79:
49:8c:12:57:6d:1b:53:99:11:4d:44:b0:b6:22:e0:
a9:fb:d4:d9:45:cd:b3:7b:94:9d:de:74:f2:96:0e:
e7:d4:68:2e:9d:f1:30:99:7a:ab:7b:52:48:64:31:
17:85:0e:48:7c:30:73:84:9c:69:a0:b9:f7:08:b8:
2f:08:7e:a2:81:65:62:0c:42:2d:a1:9d:a2:e8:21:
93:79:e1:4c:5a:c9:7e:da:47:d0:53:f8:77:69:13:
a6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:04:1B:BC:12:7C:98:AD:F6:22:10:0D:68:B0:11:C4:DC:FE:2F:59
X509v3 Authority Key Identifier:
keyid:40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/632982C478E411F0B36C2173C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.194.192.0/20
14.194.224.0/20
14.195.64.0/19
14.195.200.0/21
49.200.64.0/19
49.200.112.0-49.200.191.255
49.200.240.0/20
49.202.168.0-49.202.191.255
49.202.212.0/22
49.202.224.0-49.202.229.255
49.248.224.0-49.248.243.255
182.156.96.0/23
IPv6:
2407:8c00:90::-2407:8c00:bf:ffff:ffff:ffff:ffff:ffff
2407:8c00:1b0::/44
Signature Algorithm: sha256WithRSAEncryption
6c:18:7b:74:f9:f1:c4:3f:07:e5:40:3d:cf:c5:7a:02:18:73:
80:ee:e9:76:dc:85:be:bd:cf:77:1e:83:5b:9f:ea:7a:67:0d:
d7:cb:85:b1:59:60:6a:62:8b:ec:df:87:dc:fe:21:43:ea:67:
01:43:41:f8:8d:92:41:43:0e:0e:93:da:49:23:c2:1c:1e:89:
e9:9d:c6:0e:31:cc:4d:17:f5:c5:0e:19:a4:57:d5:5d:4d:00:
c6:db:d3:85:74:de:6d:dd:f0:0f:62:e7:2f:e4:33:a1:5a:ed:
37:b8:7a:24:67:fd:26:64:b9:af:d3:04:d7:e8:03:81:46:f6:
76:e3:78:4c:aa:e7:d0:79:70:88:55:8b:11:c1:28:54:cb:c7:
eb:97:c8:4d:f2:a9:b2:74:f7:9a:5e:54:36:9c:f7:07:c0:31:
57:a4:33:3b:5f:7c:8a:8e:2c:3f:c8:ce:8d:26:af:20:83:54:
f6:3f:78:c6:9c:47:10:d3:43:08:28:c1:81:e1:83:4f:96:7c:
69:4f:b9:97:fd:7f:55:0f:85:3e:23:ec:b8:ff:21:b2:a6:a1:
98:20:4b:21:26:97:b3:69:c4:3c:07:d7:95:d6:85:9f:a7:3f:
5a:dc:8c:67:ab:27:56:e0:ef:12:7d:dd:3c:bc:bf:7a:81:67:
95:6b:f4:aa
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgICB6swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdEN0ExMTAvBgNVBAUTKDQwMUI0Mjk5MDZDOTBFQTAzRUNGQzYxQjE1QkE0RUYx
MjM5MDMzNzkwHhcNMjUwODE0MDc1NzU2WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02ODlkOTcwNC02MTVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwKXnqRZ5ZVdT3bCPxdpW+2W66glXP/m3WO52vnUar5bhJUjZ34fJB0rj9RLQ
CnCGOnacQYaKvWuNb+dXCY4zVJAUXKzSQOqakD1dhZIiL2W0j+I9wr07zqaiGlrX
BQtKFJ40bPAT5ou/xdyxHUy/Ko9QslVLlPCB2h/fRIIO9Nt7osFGB4F+3rbB9se/
kCgUbCX5g5Iv6zmIvBhgrVfbCgcb43lJjBJXbRtTmRFNRLC2IuCp+9TZRc2ze5Sd
3nTylg7n1GgunfEwmXqre1JIZDEXhQ5IfDBzhJxpoLn3CLgvCH6igWViDEItoZ2i
6CGTeeFMWsl+2kfQU/h3aROmAQIDAQABo4IDHzCCAxswHQYDVR0OBBYEFK0EG7wS
fJit9iIQDWiwEcTc/i9ZMB8GA1UdIwQYMBaAFEAbQpkGyQ6gPs/GGxW6TvEjkDN5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q3QS81RERDQ0NDNjk5
MTUxMUVCOTY3MjcyNDNDNEY5QUUwMi9RQnRDbVFiSkRxQS16OFliRmJwTzhTT1FN
M2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FCdENtUWJKRHFBLXo4WWJGYnBPOFNPUU0zay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdEN0EvNUREQ0NDQzY5OTE1MTFFQjk2NzI3MjQzQzRGOUFFMDIvNjMyOTgyQzQ3
OEU0MTFGMEIzNkMyMTczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgagGCCsGAQUFBwEHAQH/
BIGYMIGVMG4EAgABMGgDBAQOwsADBAQOwuADBAUOw0ADBAMOw8gDBAUxyEAwDAME
BDHIcAMEBjHIgAMEBDHI8DAMAwQDMcqoAwQGMcqAAwQCMcrUMAwDBAUxyuADBAEx
yuQwDAMEBTH44AMEAjH48AMEAbacYDAjBAIAAjAdMBIDBwQkB4wAAJADBwYkB4wA
AIADBwQkB4wAAbAwDQYJKoZIhvcNAQELBQADggEBAGwYe3T58cQ/B+VAPc/FegIY
c4Du6Xbchb69z3ceg1uf6npnDdfLhbFZYGpii+zfh9z+IUPqZwFDQfiNkkFDDg6T
2kkjwhweiemdxg4xzE0X9cUOGaRX1V1NAMbb04V03m3d8A9i5y/kM6Fa7Te4eiRn
/SZkua/TBNfoA4FG9nbjeEyq59B5cIhVixHBKFTLx+uXyE3yqbJ095peVDac9wfA
MVekMztffIqOLD/Izo0mryCDVPY/eMacRxDTQwgowYHhg0+WfGlPuZf9f1UPhT4j
7Lj/IbKmoZggSyEml7NpxDwH15XWhZ+nP1rcjGerJ1bg7xJ93Ty8v3qBZ5Vr9Ko=
-----END CERTIFICATE-----
Generated at Sun Aug 24 03:15:45 2025 by rpki-client