Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/0BF08A149F8311F0A408C363C4F9AE02.roa
File: 0BF08A149F8311F0A408C363C4F9AE02.roa (raw, json)
Hash identifier: RUhEIgZP33Il919uCgBWXbTJ8ssUQgqlgvLzN3g9JA4=
Subject key identifier: 00:CA:74:23:0F:9E:61:99:B9:34:B7:43:F1:F7:09:A9:BD:9D:95:D4
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0EB8
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/0BF08A149F8311F0A408C363C4F9AE02.roa
Signing time: Sun 12 Oct 2025 06:57:17 +0000
ROA not before: Sun 12 Oct 2025 06:57:17 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 133933
IP address blocks: 14.192.128.0/19 maxlen: 19
14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.130.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.132.0/24 maxlen: 24
14.192.133.0/24 maxlen: 24
14.192.134.0/24 maxlen: 24
14.192.135.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.137.0/24 maxlen: 24
14.192.138.0/24 maxlen: 24
14.192.139.0/24 maxlen: 24
14.192.140.0/24 maxlen: 24
14.192.141.0/24 maxlen: 24
14.192.142.0/24 maxlen: 24
14.192.143.0/24 maxlen: 24
14.192.144.0/24 maxlen: 24
14.192.145.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.148.0/24 maxlen: 24
14.192.151.0/24 maxlen: 24
14.192.152.0/24 maxlen: 24
14.192.153.0/24 maxlen: 24
14.192.154.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
14.192.156.0/24 maxlen: 24
14.192.157.0/24 maxlen: 24
14.192.158.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.132.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
111.92.128.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 20:56:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3768 (0xeb8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD, serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: Oct 12 06:57:17 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=68eb514d-4085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bd:c6:80:66:18:2a:fc:1b:b6:11:2f:c3:8d:
ed:e8:7e:42:eb:f8:a1:3a:8f:54:51:33:5b:56:eb:
11:ce:ad:ca:0d:7a:da:17:6b:bb:e9:dc:e0:32:1b:
78:c1:48:72:1b:b1:e6:bd:20:07:00:37:0a:23:9c:
73:7b:f9:b2:14:a8:e9:ef:2f:54:be:cf:5c:3d:98:
7a:77:6d:9e:ee:12:a0:a8:d9:19:06:e5:9e:5d:52:
6e:a2:dc:c5:fc:08:68:98:06:82:7f:e7:09:81:2e:
39:74:f7:b7:d4:7a:ff:f1:50:42:b6:24:9f:01:4a:
67:f5:13:5b:10:34:1a:49:c3:15:3b:9e:00:ed:99:
3e:de:d6:78:5c:54:6d:51:d4:c1:b0:92:52:4e:dd:
68:b0:43:91:73:4b:65:13:20:0f:6a:db:fd:e0:32:
d4:6f:b7:fc:51:7a:f7:c0:7e:e0:72:86:8d:19:f8:
ff:8c:3f:0e:58:0e:97:db:fa:36:99:c8:86:34:e5:
b5:8c:7e:11:5f:4e:a7:09:e5:52:41:a8:20:c0:55:
55:8f:42:91:0b:db:8e:3b:3a:d2:98:93:4e:23:a3:
73:2c:5d:5f:f7:df:35:20:58:7c:83:b1:6a:7e:ff:
11:83:03:52:17:80:d8:44:30:b8:ae:6c:34:1c:d7:
0b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:CA:74:23:0F:9E:61:99:B9:34:B7:43:F1:F7:09:A9:BD:9D:95:D4
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/0BF08A149F8311F0A408C363C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0/19
43.247.120.0/22
103.20.132.0/22
111.92.128.0/21
Signature Algorithm: sha256WithRSAEncryption
5e:5a:25:a4:e1:8d:e4:df:d3:c3:d8:44:16:11:4d:19:a5:e6:
ce:d5:6b:16:9d:bc:d6:27:59:6f:95:31:c0:35:b7:77:cf:97:
69:d0:a0:a7:5b:ab:fb:4b:f6:81:c2:81:88:d6:c7:ac:47:c0:
cf:22:7b:89:86:d1:a3:bf:3d:72:fb:e3:0f:82:69:62:27:ed:
94:9e:92:b0:fb:0a:e6:e0:af:a1:7a:57:f4:06:5b:92:a7:47:
80:28:28:84:17:38:ec:13:c4:84:7c:ee:39:cd:9e:28:ab:d6:
f6:d3:7d:90:01:d0:23:c2:97:a1:ab:e9:e4:59:4b:7d:a6:7e:
4a:9e:b5:8f:94:d7:d9:ec:88:4e:b5:bd:c2:d3:6f:c9:64:f3:
43:16:0d:09:4c:ea:36:4e:f0:19:b1:60:60:73:d4:07:bc:0a:
22:8a:4a:95:a0:e5:c4:64:af:e0:ba:55:8c:65:29:b0:9d:87:
59:58:48:9c:65:ae:9c:b9:1a:77:40:9e:05:c9:99:6d:3e:2e:
53:0b:8a:21:83:3c:bd:73:80:cc:62:0e:21:68:03:70:d6:12:
ba:f6:fa:87:f7:72:e3:87:26:8f:5c:d0:7e:82:7b:84:ce:58:
31:7c:51:6c:d0:eb:f9:a8:17:cb:96:d7:48:a7:d8:1d:9d:90:
73:40:98:64
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDrgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUxMDEyMDY1NzE3WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGViNTE0ZC00MDg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAur3GgGYYKvwbthEvw43t6H5C6/ihOo9UUTNbVusRzq3KDXraF2u76dzgMht4
wUhyG7HmvSAHADcKI5xze/myFKjp7y9Uvs9cPZh6d22e7hKgqNkZBuWeXVJuotzF
/AhomAaCf+cJgS45dPe31Hr/8VBCtiSfAUpn9RNbEDQaScMVO54A7Zk+3tZ4XFRt
UdTBsJJSTt1osEORc0tlEyAPatv94DLUb7f8UXr3wH7gcoaNGfj/jD8OWA6X2/o2
mciGNOW1jH4RX06nCeVSQaggwFVVj0KRC9uOOzrSmJNOI6NzLF1f9981IFh8g7Fq
fv8RgwNSF4DYRDC4rmw0HNcLTwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFADKdCMP
nmGZuTS3Q/H3Cam9nZXUMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvMEJGMDhBMTQ5
RjgzMTFGMEE0MDhDMzYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAUOwIADBAIr93gDBAJnFIQDBANvXIAwDQYJKoZIhvcNAQEL
BQADggEBAF5aJaThjeTf08PYRBYRTRml5s7VaxadvNYnWW+VMcA1t3fPl2nQoKdb
q/tL9oHCgYjWx6xHwM8ie4mG0aO/PXL74w+CaWIn7ZSekrD7Cubgr6F6V/QGW5Kn
R4AoKIQXOOwTxIR87jnNniir1vbTfZAB0CPCl6Gr6eRZS32mfkqetY+U19nsiE61
vcLTb8lk80MWDQlM6jZO8BmxYGBz1Ae8CiKKSpWg5cRkr+C6VYxlKbCdh1lYSJxl
rpy5GndAngXJmW0+LlMLiiGDPL1zgMxiDiFoA3DWErr2+of3cuOHJo9c0H6Ce4TO
WDF8UWzQ6/moF8uW10in2B2dkHNAmGQ=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:24:35 2025 by rpki-client