Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/632982C478E411F0B36C2173C4F9AE02.roa
File: 632982C478E411F0B36C2173C4F9AE02.roa (raw, json)
Hash identifier: UtqQafx0h06qwOypkuCDjZ74Np/tgEr24FgtNODhVKE=
Subject key identifier: 4F:3E:09:C2:FD:0F:3F:42:5F:E8:9C:ED:9A:21:25:1C:FF:FF:ED:41
Certificate issuer: /CN=A9157D7A/serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Certificate serial: 0867
Authority key identifier: 40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/632982C478E411F0B36C2173C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:54:56 +0000
ROA not before: Thu 14 Aug 2025 07:57:56 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 55441
IP address blocks: 14.194.192.0/20 maxlen: 24
14.194.224.0/20 maxlen: 24
14.195.64.0/20 maxlen: 24
14.195.80.0/20 maxlen: 23
14.195.80.0/22 maxlen: 24
14.195.84.0/23 maxlen: 24
14.195.88.0/21 maxlen: 24
14.195.200.0/21 maxlen: 24
49.200.64.0/19 maxlen: 24
49.200.112.0/20 maxlen: 24
49.200.128.0/18 maxlen: 24
49.200.240.0/21 maxlen: 24
49.200.248.0/22 maxlen: 24
49.200.252.0/22 maxlen: 24
49.202.168.0/21 maxlen: 24
49.202.176.0/20 maxlen: 24
49.202.212.0/22 maxlen: 24
49.202.224.0/22 maxlen: 24
49.202.228.0/23 maxlen: 24
49.248.224.0/20 maxlen: 24
49.248.240.0/22 maxlen: 24
182.156.96.0/23 maxlen: 24
2407:8c00:90::/44 maxlen: 44
2407:8c00:a0::/44 maxlen: 44
2407:8c00:b0::/44 maxlen: 44
2407:8c00:1b0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 Apr 2026 06:19:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2151 (0x867)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D7A, serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Validity
Not Before: Aug 14 07:57:56 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=69a48b80-89c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:94:7f:38:86:42:34:50:ea:92:36:4b:1d:0c:
02:4c:09:e1:f8:f2:50:6e:c8:08:d8:1c:71:e1:fa:
1d:5d:5d:bb:67:89:c0:dd:90:4c:00:81:7c:7f:ba:
f9:b0:9b:79:ef:73:d6:ec:75:47:3d:83:8e:8e:92:
5b:61:2a:20:b7:8a:6e:a8:97:1f:96:81:54:40:29:
7d:bb:80:5a:08:c7:83:e4:8e:9b:79:ca:ac:0f:79:
e6:89:e1:7f:25:13:bf:7f:22:87:aa:e9:5f:ce:67:
21:79:67:7d:c5:a2:89:4d:1c:b3:0e:1e:5e:ec:9f:
cb:ae:a5:80:f6:ae:e2:6c:60:5a:fe:0c:fe:d0:42:
63:1e:65:ca:d0:80:c4:bb:d7:8b:79:b3:b1:3b:36:
da:45:ba:2a:96:63:20:f7:a3:47:1b:c0:63:a8:9c:
6f:54:62:4a:1c:1a:a5:96:74:d5:40:0d:57:c9:06:
1d:01:f7:97:9a:09:84:07:44:9b:1d:48:c4:10:d4:
ae:cb:cc:1c:e9:29:0a:f7:74:47:59:08:90:82:98:
82:f2:97:bf:f6:f9:15:56:f6:da:62:8d:b6:98:ef:
d2:ce:d7:28:5d:95:72:72:f3:d9:7f:30:0a:c8:84:
08:05:7f:84:4b:d6:0f:7f:5d:a8:4e:98:5d:dd:42:
85:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:3E:09:C2:FD:0F:3F:42:5F:E8:9C:ED:9A:21:25:1C:FF:FF:ED:41
X509v3 Authority Key Identifier:
keyid:40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/632982C478E411F0B36C2173C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
14.194.192.0/20
14.194.224.0/20
14.195.64.0/19
14.195.200.0/21
49.200.64.0/19
49.200.112.0-49.200.191.255
49.200.240.0/20
49.202.168.0-49.202.191.255
49.202.212.0/22
49.202.224.0-49.202.229.255
49.248.224.0-49.248.243.255
182.156.96.0/23
IPv6:
2407:8c00:90::-2407:8c00:bf:ffff:ffff:ffff:ffff:ffff
2407:8c00:1b0::/44
Signature Algorithm: sha256WithRSAEncryption
a2:70:4f:d4:90:7b:4b:22:c1:2d:10:c3:92:e6:17:d0:b6:fc:
0c:0d:41:6e:65:12:d8:4a:a1:a7:ac:b5:a9:9a:8a:4f:c1:39:
66:81:9d:7f:4c:d5:f3:e1:68:b4:cb:03:b5:7d:36:28:4d:e2:
74:8a:5d:62:28:0c:40:92:03:60:d4:ae:da:90:aa:a8:c5:8f:
97:f7:68:c9:e5:e1:fc:fb:d9:40:9c:9e:2c:e6:21:48:a8:93:
ac:8f:1c:15:a6:65:4f:01:29:a3:92:a5:ff:14:53:cf:e4:14:
b6:e6:fd:7c:ea:d9:bc:41:4f:32:0e:e7:4f:e0:4f:87:71:59:
d2:7b:ce:fe:c5:ce:2c:13:1c:f3:be:45:9f:ce:0a:be:89:c3:
4f:70:d2:ff:bf:d5:42:c5:9f:98:39:5f:6c:f0:dd:0a:0b:05:
5d:50:e9:d7:ae:fe:55:f4:21:f0:a1:17:f8:f5:9a:ca:ea:dc:
ab:e2:aa:8b:9e:1d:72:16:7b:54:26:4c:c4:04:92:84:a2:89:
4b:a3:bf:74:ea:c0:78:a9:4d:94:a9:6f:a9:72:fa:23:8e:f5:
d6:a4:18:dc:24:e2:ab:71:e1:7b:1b:b6:01:96:e1:0a:82:d3:
4c:f2:50:28:29:ef:cf:91:66:c6:e3:d7:a9:42:10:36:96:31:
cf:9f:4d:57
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgICCGcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdEN0ExMTAvBgNVBAUTKDQwMUI0Mjk5MDZDOTBFQTAzRUNGQzYxQjE1QkE0RUYx
MjM5MDMzNzkwHhcNMjUwODE0MDc1NzU2WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0OGI4MC04OWMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnZR/OIZCNFDqkjZLHQwCTAnh+PJQbsgI2Bxx4fodXV27Z4nA3ZBMAIF8f7r5
sJt573PW7HVHPYOOjpJbYSogt4puqJcfloFUQCl9u4BaCMeD5I6becqsD3nmieF/
JRO/fyKHqulfzmcheWd9xaKJTRyzDh5e7J/LrqWA9q7ibGBa/gz+0EJjHmXK0IDE
u9eLebOxOzbaRboqlmMg96NHG8BjqJxvVGJKHBqllnTVQA1XyQYdAfeXmgmEB0Sb
HUjEENSuy8wc6SkK93RHWQiQgpiC8pe/9vkVVvbaYo22mO/SztcoXZVycvPZfzAK
yIQIBX+ES9YPf12oTphd3UKFOQIDAQABo4IC6jCCAuYwHQYDVR0OBBYEFE8+CcL9
Dz9CX+ic7ZohJRz//+1BMB8GA1UdIwQYMBaAFEAbQpkGyQ6gPs/GGxW6TvEjkDN5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q3QS81RERDQ0NDNjk5
MTUxMUVCOTY3MjcyNDNDNEY5QUUwMi9RQnRDbVFiSkRxQS16OFliRmJwTzhTT1FN
M2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FCdENtUWJKRHFBLXo4WWJGYnBPOFNPUU0zay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdEN0EvNUREQ0NDQzY5OTE1MTFFQjk2NzI3MjQzQzRGOUFFMDIvNjMyOTgyQzQ3
OEU0MTFGMEIzNkMyMTczQzRGOUFFMDIucm9hMIGoBggrBgEFBQcBBwEB/wSBmDCB
lTBuBAIAATBoAwQEDsLAAwQEDsLgAwQFDsNAAwQDDsPIAwQFMchAMAwDBAQxyHAD
BAYxyIADBAQxyPAwDAMEAzHKqAMEBjHKgAMEAjHK1DAMAwQFMcrgAwQBMcrkMAwD
BAUx+OADBAIx+PADBAG2nGAwIwQCAAIwHTASAwcEJAeMAACQAwcGJAeMAACAAwcE
JAeMAAGwMA0GCSqGSIb3DQEBCwUAA4IBAQCicE/UkHtLIsEtEMOS5hfQtvwMDUFu
ZRLYSqGnrLWpmopPwTlmgZ1/TNXz4Wi0ywO1fTYoTeJ0il1iKAxAkgNg1K7akKqo
xY+X92jJ5eH8+9lAnJ4s5iFIqJOsjxwVpmVPASmjkqX/FFPP5BS25v186tm8QU8y
DudP4E+HcVnSe87+xc4sExzzvkWfzgq+icNPcNL/v9VCxZ+YOV9s8N0KCwVdUOnX
rv5V9CHwoRf49ZrK6tyr4qqLnh1yFntUJkzEBJKEoolLo7906sB4qU2UqW+pcvoj
jvXWpBjcJOKrceF7G7YBluEKgtNM8lAoKe/PkWbG49epQhA2ljHPn01X
-----END CERTIFICATE-----
Generated at Thu Mar 26 22:26:09 2026 by rpki-client