Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/826F7220690211F09A1AA882C4F9AE02.roa
File: 826F7220690211F09A1AA882C4F9AE02.roa (raw, json)
Hash identifier: 9FwOpF+CEExhkrWPUtlIKPKg2Nt1EzmH0++EbV0x54s=
Subject key identifier: 3F:E8:7A:4D:87:0F:84:F6:2A:98:CF:7C:03:15:96:1C:96:D0:A5:0F
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0E52
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/826F7220690211F09A1AA882C4F9AE02.roa
Signing time: Fri 22 Aug 2025 17:38:19 +0000
ROA not before: Fri 22 Aug 2025 17:38:19 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 45814
IP address blocks: 14.192.131.0/24 maxlen: 24
14.192.132.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.148.0/24 maxlen: 24
14.192.149.0/24 maxlen: 24
14.192.150.0/24 maxlen: 24
14.192.151.0/24 maxlen: 24
14.192.152.0/24 maxlen: 24
14.192.153.0/24 maxlen: 24
14.192.154.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
14.192.156.0/24 maxlen: 24
14.192.157.0/24 maxlen: 24
14.192.158.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.132.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
111.92.128.0/19 maxlen: 19
2403:7980::/32 maxlen: 32
2403:7980::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 20:07:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3666 (0xe52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD, serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: Aug 22 17:38:19 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=68a8ab0b-00b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:db:c8:de:a1:e6:b0:72:33:b3:c4:72:62:2d:
07:71:2d:5a:61:11:2c:73:00:8d:cc:f9:19:1f:b7:
6d:14:02:56:ae:3b:09:5f:43:f9:92:73:7c:69:14:
b0:7b:90:4e:58:fb:51:5a:d0:ee:ad:eb:76:79:53:
c6:a9:d7:ba:65:c6:7a:70:7f:e7:5b:13:33:cd:2f:
09:c1:ac:9e:68:51:09:59:09:01:45:a9:8c:59:88:
9c:93:66:7c:e5:3a:84:ee:f4:86:6f:ee:e5:94:85:
df:02:57:35:bd:90:75:df:5e:b6:4b:a7:b8:77:29:
9c:48:19:3d:80:1d:eb:d4:f7:47:16:ba:26:4d:78:
f7:22:ff:61:88:8e:b5:30:4b:a4:02:65:ea:d3:04:
49:5e:ad:21:02:e4:8a:5a:f2:6a:4d:c5:83:38:67:
73:d2:99:b9:bd:20:25:c3:00:44:c2:7c:ab:fd:c1:
61:80:b1:5b:69:34:99:fe:b0:00:e3:c1:17:e3:b5:
37:8f:91:ab:7f:1d:48:8f:b1:d3:63:10:8b:6d:bf:
0d:3f:3b:31:2b:83:d0:03:33:bf:13:ee:bb:2f:3e:
3a:26:5c:36:af:e8:4c:0c:e3:99:3a:51:a0:7b:50:
17:1f:04:f0:99:eb:da:3f:1b:e4:d5:88:96:eb:46:
43:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:E8:7A:4D:87:0F:84:F6:2A:98:CF:7C:03:15:96:1C:96:D0:A5:0F
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/826F7220690211F09A1AA882C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.131.0-14.192.132.255
14.192.146.0/24
14.192.148.0-14.192.159.255
43.247.122.0/23
103.20.132.0/22
111.92.128.0/19
IPv6:
2403:7980::/32
Signature Algorithm: sha256WithRSAEncryption
a5:ef:fc:02:66:34:d2:69:0d:8e:45:0e:13:31:85:1f:6e:5a:
e7:56:0a:01:d3:f1:ca:f1:f3:05:5f:ed:65:1d:bc:27:75:d3:
d5:98:24:1f:b8:8e:a8:90:55:66:8b:c6:8d:b4:5b:5a:4a:79:
dc:ce:ad:09:ad:ef:2e:a0:d4:03:56:77:c7:a2:7a:a2:e5:5b:
b1:11:f3:ea:65:fc:21:cf:53:f3:22:24:6b:6e:4e:06:b8:b6:
a1:0a:5e:8a:e9:41:50:cb:42:df:7f:cb:f1:24:ff:cb:a7:9c:
e5:a1:1a:7c:66:7a:90:4d:f9:f6:99:00:2f:30:0e:d7:29:5c:
39:04:53:b4:7c:b0:6b:f4:dc:7a:7f:73:cf:11:09:56:19:e8:
58:ce:35:19:b1:7c:05:f2:be:e2:fc:dd:37:aa:21:4f:fa:5c:
c9:23:83:89:b1:4d:f8:29:51:31:a8:c0:d4:80:4c:1e:d8:67:
55:e1:26:38:de:99:be:38:cc:f4:ed:ea:94:c2:ea:86:a3:00:
3f:bd:9b:dd:b1:c6:ef:45:0e:e6:38:ac:e0:78:ba:38:b4:23:
9c:cd:d0:a1:b5:d1:1f:c0:71:9b:1a:7e:8a:f5:64:28:1d:b4:
ed:61:bf:57:08:6b:0a:55:55:19:5e:9f:b6:48:f7:d0:b9:e6:
48:fe:76:d4
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgICDlIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwODIyMTczODE5WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGE4YWIwYi0wMGI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzdvI3qHmsHIzs8RyYi0HcS1aYREscwCNzPkZH7dtFAJWrjsJX0P5knN8aRSw
e5BOWPtRWtDuret2eVPGqde6ZcZ6cH/nWxMzzS8JwayeaFEJWQkBRamMWYick2Z8
5TqE7vSGb+7llIXfAlc1vZB13162S6e4dymcSBk9gB3r1PdHFromTXj3Iv9hiI61
MEukAmXq0wRJXq0hAuSKWvJqTcWDOGdz0pm5vSAlwwBEwnyr/cFhgLFbaTSZ/rAA
48EX47U3j5Grfx1Ij7HTYxCLbb8NPzsxK4PQAzO/E+67Lz46Jlw2r+hMDOOZOlGg
e1AXHwTwmevaPxvk1YiW60ZDYQIDAQABo4IC0jCCAs4wHQYDVR0OBBYEFD/oek2H
D4T2KpjPfAMVlhyW0KUPMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvODI2RjcyMjA2
OTAyMTFGMDlBMUFBODgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXAYIKwYBBQUHAQcBAf8E
TTBLMDoEAgABMDQwDAMEAA7AgwMEAA7AhAMEAA7AkjAMAwQCDsCUAwQFDsCAAwQB
K/d6AwQCZxSEAwQFb1yAMA0EAgACMAcDBQAkA3mAMA0GCSqGSIb3DQEBCwUAA4IB
AQCl7/wCZjTSaQ2ORQ4TMYUfblrnVgoB0/HK8fMFX+1lHbwnddPVmCQfuI6okFVm
i8aNtFtaSnnczq0Jre8uoNQDVnfHonqi5VuxEfPqZfwhz1PzIiRrbk4GuLahCl6K
6UFQy0Lff8vxJP/Lp5zloRp8ZnqQTfn2mQAvMA7XKVw5BFO0fLBr9Nx6f3PPEQlW
GehYzjUZsXwF8r7i/N03qiFP+lzJI4OJsU34KVExqMDUgEwe2GdV4SY43pm+OMz0
7eqUwuqGowA/vZvdscbvRQ7mOKzgeLo4tCOczdChtdEfwHGbGn6K9WQoHbTtYb9X
CGsKVVUZXp+2SPfQueZI/nbU
-----END CERTIFICATE-----
Generated at Sun Aug 24 09:02:40 2025 by rpki-client