Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/F16CF7BC240411F0AE5EFB74C4F9AE02.roa
File: F16CF7BC240411F0AE5EFB74C4F9AE02.roa (raw, json)
Hash identifier: +Ea2Ti+zAX2TAhBWWrhWFCSQ85m6THCREQ3GB2Sb9uQ=
Subject key identifier: 96:91:85:E0:00:11:48:71:1E:2A:DC:6D:88:C1:B1:8D:F8:5E:B8:92
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0D7F
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/F16CF7BC240411F0AE5EFB74C4F9AE02.roa
Signing time: Wed 02 Jul 2025 20:30:04 +0000
ROA not before: Wed 02 Jul 2025 20:30:04 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 133933
IP address blocks: 14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.130.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.132.0/24 maxlen: 24
14.192.135.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.138.0/24 maxlen: 24
14.192.139.0/24 maxlen: 24
14.192.140.0/24 maxlen: 24
14.192.141.0/24 maxlen: 24
14.192.142.0/24 maxlen: 24
14.192.143.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.148.0/24 maxlen: 24
14.192.153.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
14.192.156.0/24 maxlen: 24
14.192.157.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.132.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
111.92.128.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 09 Jul 2025 20:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3455 (0xd7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD, serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: Jul 2 20:30:04 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=686596cb-7195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ba:c1:3c:e0:64:ca:26:1d:28:1d:4c:e7:c3:
00:72:fd:21:55:a5:5d:39:34:01:f2:39:78:19:f6:
b5:02:43:70:0f:95:7c:77:41:ef:bf:22:a0:ce:a1:
bc:a1:11:69:bc:ee:0a:4c:8a:18:66:5a:dc:ae:db:
9f:fa:15:46:4a:f4:9c:ed:59:90:1c:7b:42:63:7c:
bb:ff:ed:8a:a0:73:dc:fc:b8:15:83:39:a4:1f:df:
82:57:28:ee:c0:af:95:df:00:36:dd:39:81:b2:3a:
74:9d:d4:be:60:64:cc:e0:6e:17:b0:e7:47:78:f1:
23:cc:65:59:7a:7b:cf:1b:09:43:6b:d2:6c:1c:0c:
43:17:bd:e7:2b:04:e6:59:d4:90:c4:b2:ff:94:45:
2d:84:2d:11:7f:35:61:c5:49:3e:b3:4c:2d:a3:b0:
ba:40:7d:5d:fe:ac:50:e6:97:bc:8e:0f:e7:cb:96:
a3:cd:dc:10:0c:9c:50:5e:78:39:9f:c2:05:b0:e4:
67:f7:59:d2:73:8f:1f:c7:4d:0e:39:59:e7:51:b7:
cf:26:97:55:00:c6:fa:e0:04:93:01:a5:8b:11:80:
eb:b7:bc:e0:5f:ec:a0:a6:fe:f1:4f:a6:6e:de:47:
84:95:c3:53:f6:0b:61:b7:89:da:72:dc:c1:ec:92:
5a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:91:85:E0:00:11:48:71:1E:2A:DC:6D:88:C1:B1:8D:F8:5E:B8:92
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/F16CF7BC240411F0AE5EFB74C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0-14.192.132.255
14.192.135.0-14.192.136.255
14.192.138.0-14.192.143.255
14.192.147.0-14.192.148.255
14.192.153.0/24
14.192.155.0-14.192.157.255
14.192.159.0/24
43.247.120.0/22
103.20.132.0/22
111.92.128.0/19
Signature Algorithm: sha256WithRSAEncryption
42:86:35:d5:aa:e2:ed:e0:88:bb:e6:a8:0f:0d:ab:ff:d3:3a:
47:fc:cc:02:d7:75:fd:a5:47:66:a0:e9:63:b6:6c:87:61:b7:
02:26:19:67:86:71:2d:54:7a:f3:5b:c5:c7:a1:82:e5:b9:76:
66:99:2f:a2:f9:3c:59:ca:40:87:9b:7c:7a:1b:94:5e:ab:9b:
fb:22:3e:c0:94:ad:db:c2:3b:99:6c:ec:3f:70:1b:69:09:86:
d3:c0:cb:9d:61:c7:5f:df:ad:3a:e0:68:2a:a8:e1:e7:cc:7f:
01:ca:a1:fb:80:57:41:0f:c6:ad:8b:57:69:20:dd:ef:33:48:
f5:98:4f:74:52:ec:2d:ce:88:46:e6:c1:48:f8:7b:a6:aa:c8:
be:85:f7:e3:94:ff:e7:b8:93:be:ce:1c:3d:59:90:dc:71:5c:
34:df:a0:41:a5:02:56:1a:4a:1b:bc:91:6a:c0:8d:be:42:78:
ef:2c:ac:4d:f0:f3:58:d6:1a:f7:46:ab:7d:cc:54:83:14:e0:
02:33:05:8e:58:79:cf:0a:2e:8f:35:a1:6e:16:ec:5b:c6:3a:
35:51:dd:90:77:4a:e6:88:00:df:80:2d:02:0c:dd:61:da:17:
e7:5d:95:44:f1:b8:02:29:aa:52:00:17:09:1b:04:44:29:c8:
23:32:e3:08
-----BEGIN CERTIFICATE-----
MIIFzzCCBLegAwIBAgICDX8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwNzAyMjAzMDA0WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODY1OTZjYi03MTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1brBPOBkyiYdKB1M58MAcv0hVaVdOTQB8jl4Gfa1AkNwD5V8d0HvvyKgzqG8
oRFpvO4KTIoYZlrcrtuf+hVGSvSc7VmQHHtCY3y7/+2KoHPc/LgVgzmkH9+CVyju
wK+V3wA23TmBsjp0ndS+YGTM4G4XsOdHePEjzGVZenvPGwlDa9JsHAxDF73nKwTm
WdSQxLL/lEUthC0RfzVhxUk+s0wto7C6QH1d/qxQ5pe8jg/ny5ajzdwQDJxQXng5
n8IFsORn91nSc48fx00OOVnnUbfPJpdVAMb64ASTAaWLEYDrt7zgX+ygpv7xT6Zu
3keElcNT9gtht4nactzB7JJaaQIDAQABo4IC8zCCAu8wHQYDVR0OBBYEFJaRheAA
EUhxHircbYjBsY34XriSMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvRjE2Q0Y3QkMy
NDA0MTFGMEFFNUVGQjc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfQYIKwYBBQUHAQcBAf8E
bjBsMGoEAgABMGQwDAMEBw7AgAMEAA7AhDAMAwQADsCHAwQADsCIMAwDBAEOwIoD
BAQOwIAwDAMEAA7AkwMEAA7AlAMEAA7AmTAMAwQADsCbAwQBDsCcAwQADsCfAwQC
K/d4AwQCZxSEAwQFb1yAMA0GCSqGSIb3DQEBCwUAA4IBAQBChjXVquLt4Ii75qgP
Dav/0zpH/MwC13X9pUdmoOljtmyHYbcCJhlnhnEtVHrzW8XHoYLluXZmmS+i+TxZ
ykCHm3x6G5Req5v7Ij7AlK3bwjuZbOw/cBtpCYbTwMudYcdf36064GgqqOHnzH8B
yqH7gFdBD8ati1dpIN3vM0j1mE90UuwtzohG5sFI+Humqsi+hffjlP/nuJO+zhw9
WZDccVw036BBpQJWGkobvJFqwI2+QnjvLKxN8PNY1hr3Rqt9zFSDFOACMwWOWHnP
Ci6PNaFuFuxbxjo1Ud2Qd0rmiADfgC0CDN1h2hfnXZVE8bgCKapSABcJGwREKcgj
MuMI
-----END CERTIFICATE-----
Generated at Thu Jul 3 13:53:57 2025 by rpki-client