Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/81B16BEA690211F09A1AA882C4F9AE02.roa
File: 81B16BEA690211F09A1AA882C4F9AE02.roa (raw, json)
Hash identifier: g27cRj4q0UCtWpn1HNSx1aPrLAidJ1tGq+D7ABQVSw0=
Subject key identifier: 27:2E:4C:06:89:9F:76:76:29:4F:8A:DF:0A:28:51:15:6F:1E:61:6E
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0E51
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/81B16BEA690211F09A1AA882C4F9AE02.roa
Signing time: Fri 22 Aug 2025 17:38:18 +0000
ROA not before: Fri 22 Aug 2025 17:38:18 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 133933
IP address blocks: 14.192.128.0/19 maxlen: 19
14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.130.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.132.0/24 maxlen: 24
14.192.134.0/24 maxlen: 24
14.192.135.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.137.0/24 maxlen: 24
14.192.138.0/24 maxlen: 24
14.192.139.0/24 maxlen: 24
14.192.140.0/24 maxlen: 24
14.192.141.0/24 maxlen: 24
14.192.142.0/24 maxlen: 24
14.192.143.0/24 maxlen: 24
14.192.144.0/24 maxlen: 24
14.192.145.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.151.0/24 maxlen: 24
14.192.152.0/24 maxlen: 24
14.192.153.0/24 maxlen: 24
14.192.154.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
14.192.156.0/24 maxlen: 24
14.192.157.0/24 maxlen: 24
14.192.158.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.132.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
111.92.128.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 20:07:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3665 (0xe51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD, serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: Aug 22 17:38:18 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=68a8ab0a-776c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ce:6d:32:cc:1a:fb:3c:66:2d:7b:3a:f8:c3:
28:17:a0:74:38:ac:6b:ce:db:97:ab:ae:b7:c2:91:
c8:ae:c5:65:8e:59:6e:be:e9:48:fd:01:bb:f8:10:
d5:7c:ca:ba:75:14:d9:91:ee:8b:82:24:77:c7:e0:
97:17:2c:4b:37:ff:9e:10:73:6c:2a:64:ab:94:78:
33:05:e8:ab:5b:67:0c:5f:ff:58:0d:cb:1f:4f:05:
8a:4a:c2:60:b0:30:b8:bc:6a:d6:7f:87:e3:2b:da:
3d:db:f9:47:08:ab:31:07:32:32:9e:83:b3:12:69:
b7:af:90:de:47:b5:36:ec:c5:1f:54:37:6e:b6:cb:
42:a9:c6:35:de:a0:d2:f8:b6:e5:fa:40:2d:fb:7e:
34:e8:7a:9c:fc:18:82:1d:58:35:6e:7a:e4:68:08:
f8:cc:0a:cf:e6:02:b8:65:0d:48:aa:6b:c8:2d:b8:
b1:48:f1:66:6d:00:06:81:d3:6d:65:05:8e:74:33:
bd:d9:e9:79:72:96:e7:e8:ce:c5:6d:cb:10:eb:ea:
c3:bc:99:e6:2b:72:54:8a:c7:1d:67:cb:46:e1:c6:
d3:be:1f:fc:2d:f3:bd:e6:40:db:53:93:de:c7:77:
0a:b7:d6:48:17:fa:ed:a9:a4:52:07:b1:aa:9f:bc:
f5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:2E:4C:06:89:9F:76:76:29:4F:8A:DF:0A:28:51:15:6F:1E:61:6E
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/81B16BEA690211F09A1AA882C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0/19
43.247.120.0/22
103.20.132.0/22
111.92.128.0/19
Signature Algorithm: sha256WithRSAEncryption
14:6e:ad:d2:9b:19:72:42:2d:be:d3:9b:07:39:ca:d8:06:25:
59:4a:73:9a:e7:20:2f:7d:0d:fc:b6:20:02:b6:2d:d1:37:2f:
f4:d4:87:0f:c9:54:26:92:6c:cc:cd:10:5d:68:e5:f6:d8:00:
9b:7d:fb:24:6c:04:f1:23:77:74:02:71:7d:92:36:b6:fd:ff:
e8:7c:d7:8b:47:f0:03:02:6b:ae:fa:53:fa:49:37:55:f5:ff:
c4:62:b4:a6:e2:40:e5:06:30:67:1c:c3:db:37:ce:22:ba:11:
8f:82:8c:09:03:94:98:f4:ad:64:bc:8d:1f:3a:03:d5:d9:d8:
38:8d:09:38:d9:70:6e:60:e3:4c:0f:ff:88:74:8d:41:f4:5c:
e5:a5:06:36:34:97:67:a8:e8:10:e3:05:94:71:73:b0:91:99:
40:b8:78:90:a2:b3:d9:e3:93:d2:8b:3e:d1:02:54:66:2d:56:
b2:5a:e8:2a:c4:82:4e:fe:d8:3d:8a:2d:6e:fb:9c:1b:15:f8:
27:8d:09:9d:46:9c:49:3e:c7:f5:65:3f:b9:99:76:24:5f:a8:
87:17:de:6c:ff:ec:4e:f7:b4:29:24:2b:12:71:ae:a5:36:0e:
12:6a:76:6e:79:45:f1:28:2a:cb:8b:19:c8:6e:a1:fc:7d:7f:
85:f1:ab:2b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDlEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwODIyMTczODE4WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGE4YWIwYS03NzZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt85tMswa+zxmLXs6+MMoF6B0OKxrztuXq663wpHIrsVljlluvulI/QG7+BDV
fMq6dRTZke6LgiR3x+CXFyxLN/+eEHNsKmSrlHgzBeirW2cMX/9YDcsfTwWKSsJg
sDC4vGrWf4fjK9o92/lHCKsxBzIynoOzEmm3r5DeR7U27MUfVDdutstCqcY13qDS
+Lbl+kAt+3406Hqc/BiCHVg1bnrkaAj4zArP5gK4ZQ1IqmvILbixSPFmbQAGgdNt
ZQWOdDO92el5cpbn6M7FbcsQ6+rDvJnmK3JUiscdZ8tG4cbTvh/8LfO95kDbU5Pe
x3cKt9ZIF/rtqaRSB7Gqn7z1AwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFCcuTAaJ
n3Z2KU+K3wooURVvHmFuMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvODFCMTZCRUE2
OTAyMTFGMDlBMUFBODgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAUOwIADBAIr93gDBAJnFIQDBAVvXIAwDQYJKoZIhvcNAQEL
BQADggEBABRurdKbGXJCLb7Tmwc5ytgGJVlKc5rnIC99Dfy2IAK2LdE3L/TUhw/J
VCaSbMzNEF1o5fbYAJt9+yRsBPEjd3QCcX2SNrb9/+h814tH8AMCa676U/pJN1X1
/8RitKbiQOUGMGccw9s3ziK6EY+CjAkDlJj0rWS8jR86A9XZ2DiNCTjZcG5g40wP
/4h0jUH0XOWlBjY0l2eo6BDjBZRxc7CRmUC4eJCis9njk9KLPtECVGYtVrJa6CrE
gk7+2D2KLW77nBsV+CeNCZ1GnEk+x/VlP7mZdiRfqIcX3mz/7E73tCkkKxJxrqU2
DhJqdm55RfEoKsuLGchuofx9f4Xxqys=
-----END CERTIFICATE-----
Generated at Sun Aug 24 07:02:48 2025 by rpki-client