Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915F89C/6907C3E21D8311E29B35A5D808B02CD2/387ABD22614211F0AED25E68C4F9AE02.roa
File: 387ABD22614211F0AED25E68C4F9AE02.roa (raw, json)
Hash identifier: OTFLC+xsLqw75trai6CwqErooVjsc/BgFHuDOUQCFzo=
Subject key identifier: 92:BB:C0:6B:00:05:BE:88:C7:D9:AD:3D:91:A1:17:D2:34:B3:7F:9B
Certificate issuer: /CN=A915F89C/serialNumber=AF8F0CFB47FBFCC7C4933C473CDB36442B5051CE
Certificate serial: 3844
Authority key identifier: AF:8F:0C:FB:47:FB:FC:C7:C4:93:3C:47:3C:DB:36:44:2B:50:51:CE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r48M-0f7_MfEkzxHPNs2RCtQUc4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915F89C/6907C3E21D8311E29B35A5D808B02CD2/387ABD22614211F0AED25E68C4F9AE02.roa
Signing time: Mon 18 Aug 2025 14:50:33 +0000
ROA not before: Mon 18 Aug 2025 14:50:33 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 9506
IP address blocks: 14.100.0.0/17 maxlen: 24
42.60.0.0/16 maxlen: 24
42.61.128.0/17 maxlen: 24
101.78.64.0/18 maxlen: 24
115.66.0.0/16 maxlen: 24
116.14.0.0/15 maxlen: 15
116.14.0.0/16 maxlen: 24
116.15.0.0/16 maxlen: 24
118.200.0.0/16 maxlen: 24
118.201.0.0/17 maxlen: 24
118.201.192.0/18 maxlen: 18
118.201.224.0/19 maxlen: 24
119.74.0.0/16 maxlen: 24
119.234.128.0/18 maxlen: 24
119.234.192.0/19 maxlen: 24
121.6.0.0/16 maxlen: 24
121.7.0.0/16 maxlen: 24
180.255.64.0/18 maxlen: 24
219.74.0.0/16 maxlen: 24
219.75.0.0/17 maxlen: 24
220.255.0.0/22 maxlen: 22
220.255.0.0/24 maxlen: 24
220.255.1.0/24 maxlen: 24
220.255.2.0/24 maxlen: 24
220.255.3.0/24 maxlen: 24
220.255.4.0/22 maxlen: 22
220.255.4.0/24 maxlen: 24
220.255.5.0/24 maxlen: 24
220.255.6.0/24 maxlen: 24
220.255.7.0/24 maxlen: 24
220.255.16.0/20 maxlen: 24
220.255.32.0/19 maxlen: 19
220.255.64.0/18 maxlen: 18
220.255.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915F89C/6907C3E21D8311E29B35A5D808B02CD2/r48M-0f7_MfEkzxHPNs2RCtQUc4.crl
rsync://rpki.apnic.net/member_repository/A915F89C/6907C3E21D8311E29B35A5D808B02CD2/r48M-0f7_MfEkzxHPNs2RCtQUc4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r48M-0f7_MfEkzxHPNs2RCtQUc4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 14:22:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14404 (0x3844)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915F89C, serialNumber=AF8F0CFB47FBFCC7C4933C473CDB36442B5051CE
Validity
Not Before: Aug 18 14:50:33 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=68a33db9-edfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:be:5c:94:16:3f:db:2b:54:c2:b3:43:e3:df:
62:fa:0b:ec:b1:40:0a:3e:2c:ed:1a:36:14:03:8f:
9a:40:31:6f:89:e4:48:60:92:4a:25:2e:c3:fb:f2:
f0:a0:70:af:a0:4a:60:ee:7f:15:fa:ab:d9:72:a4:
66:98:ea:1c:97:7e:0a:9c:8e:c4:35:a0:93:2e:73:
3a:8f:bf:bb:28:5a:58:af:88:54:bd:55:8b:87:3e:
90:f8:13:72:f7:26:04:1e:3c:80:76:77:21:3e:ba:
34:71:19:c2:98:e0:a9:47:3e:20:b8:c5:7f:8e:7b:
82:a1:34:3a:4c:aa:a6:3d:23:b8:0b:1f:6b:cf:fc:
83:12:79:fa:1d:cf:16:7c:13:5a:07:67:08:ef:4c:
78:50:eb:5f:a5:ec:52:8c:98:e7:2f:dc:1e:cf:be:
c7:09:38:30:2c:8a:ab:9c:3e:d6:f9:f5:5e:b0:f7:
63:8f:13:a0:6f:8b:93:b0:52:bf:e0:27:c5:67:27:
c8:ad:c9:40:68:a8:e5:b9:54:90:85:2a:ae:bb:68:
7e:00:36:9c:58:17:79:6d:8a:d1:5a:c3:c5:78:30:
f8:8a:36:47:6d:e4:ab:83:65:22:2b:33:66:ab:da:
0e:a3:2b:ff:c8:1b:4e:f3:eb:9f:b6:20:c2:d5:e9:
cd:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:BB:C0:6B:00:05:BE:88:C7:D9:AD:3D:91:A1:17:D2:34:B3:7F:9B
X509v3 Authority Key Identifier:
keyid:AF:8F:0C:FB:47:FB:FC:C7:C4:93:3C:47:3C:DB:36:44:2B:50:51:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915F89C/6907C3E21D8311E29B35A5D808B02CD2/r48M-0f7_MfEkzxHPNs2RCtQUc4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r48M-0f7_MfEkzxHPNs2RCtQUc4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915F89C/6907C3E21D8311E29B35A5D808B02CD2/387ABD22614211F0AED25E68C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.100.0.0/17
42.60.0.0/16
42.61.128.0/17
101.78.64.0/18
115.66.0.0/16
116.14.0.0/15
118.200.0.0-118.201.127.255
118.201.192.0/18
119.74.0.0/16
119.234.128.0-119.234.223.255
121.6.0.0/15
180.255.64.0/18
219.74.0.0-219.75.127.255
220.255.0.0/21
220.255.16.0-220.255.255.255
Signature Algorithm: sha256WithRSAEncryption
37:63:a8:f6:28:29:65:52:19:11:76:ce:d1:7d:81:5f:7b:06:
91:4c:9e:a9:6e:f2:4f:f1:c8:1c:53:c9:f8:ae:7d:b9:ba:bb:
0f:6c:ef:ee:a3:bf:fe:ce:ea:14:88:40:27:78:d1:9e:bd:f6:
81:29:a8:d0:53:29:3b:4f:d3:ee:5b:c7:48:26:eb:70:92:29:
53:56:28:bb:85:04:eb:6b:65:4a:da:06:9e:d0:f6:a2:15:c5:
c3:af:b5:c8:f2:00:ff:4f:a7:e3:d1:60:03:87:7f:57:88:e8:
71:bd:f0:a2:26:af:d4:40:16:68:f7:ec:91:4d:87:8e:1e:63:
7d:48:6a:e1:13:d0:c6:1e:6a:8c:73:d1:c7:92:c5:dd:1d:d6:
ff:f0:5f:64:cf:53:94:35:db:b9:40:08:fb:c0:dc:95:07:05:
e2:5c:a1:b7:f8:db:20:b2:b2:f9:09:b4:c1:96:22:a9:d9:36:
bc:9a:4b:a6:d3:04:5b:02:9b:d5:e3:c3:17:75:57:33:74:bd:
30:55:9f:c3:51:b6:ac:18:90:ad:53:f7:eb:f0:d0:46:f8:55:
41:42:a2:b0:bd:02:2a:fb:07:58:65:50:29:76:44:17:18:e4:
9a:28:42:2c:50:47:63:dc:30:38:fe:c6:01:a8:bb:4a:e5:46:
59:88:2f:b9
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgICOEQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUY4OUMxMTAvBgNVBAUTKEFGOEYwQ0ZCNDdGQkZDQzdDNDkzM0M0NzNDREIzNjQ0
MkI1MDUxQ0UwHhcNMjUwODE4MTQ1MDMzWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGEzM2RiOS1lZGZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxL5clBY/2ytUwrND499i+gvssUAKPiztGjYUA4+aQDFvieRIYJJKJS7D+/Lw
oHCvoEpg7n8V+qvZcqRmmOocl34KnI7ENaCTLnM6j7+7KFpYr4hUvVWLhz6Q+BNy
9yYEHjyAdnchPro0cRnCmOCpRz4guMV/jnuCoTQ6TKqmPSO4Cx9rz/yDEnn6Hc8W
fBNaB2cI70x4UOtfpexSjJjnL9wez77HCTgwLIqrnD7W+fVesPdjjxOgb4uTsFK/
4CfFZyfIrclAaKjluVSQhSquu2h+ADacWBd5bYrRWsPFeDD4ijZHbeSrg2UiKzNm
q9oOoyv/yBtO8+uftiDC1enNFwIDAQABo4IDATCCAv0wHQYDVR0OBBYEFJK7wGsA
Bb6Ix9mtPZGhF9I0s3+bMB8GA1UdIwQYMBaAFK+PDPtH+/zHxJM8RzzbNkQrUFHO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Rjg5Qy82OTA3QzNFMjFE
ODMxMUUyOUIzNUE1RDgwOEIwMkNEMi9yNDhNLTBmN19NZkVrenhIUE5zMlJDdFFV
YzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3I0OE0tMGY3X01mRWt6eEhQTnMyUkN0UVVjNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUY4OUMvNjkwN0MzRTIxRDgzMTFFMjlCMzVBNUQ4MDhCMDJDRDIvMzg3QUJEMjI2
MTQyMTFGMEFFRDI1RTY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYoGCCsGAQUFBwEHAQH/
BHsweTB3BAIAATBxAwQHDmQAAwMAKjwDBAcqPYADBAZlTkADAwBzQgMDAXQOMAsD
AwN2yAMEB3bJAAMEBnbJwAMDAHdKMAwDBAd36oADBAV36sADAwF5BgMEBrT/QDAL
AwMB20oDBAfbSwADBAPc/wAwCgMEBNz/EAMCANwwDQYJKoZIhvcNAQELBQADggEB
ADdjqPYoKWVSGRF2ztF9gV97BpFMnqlu8k/xyBxTyfiufbm6uw9s7+6jv/7O6hSI
QCd40Z699oEpqNBTKTtP0+5bx0gm63CSKVNWKLuFBOtrZUraBp7Q9qIVxcOvtcjy
AP9Pp+PRYAOHf1eI6HG98KImr9RAFmj37JFNh44eY31IauET0MYeaoxz0ceSxd0d
1v/wX2TPU5Q127lACPvA3JUHBeJcobf42yCysvkJtMGWIqnZNryaS6bTBFsCm9Xj
wxd1VzN0vTBVn8NRtqwYkK1T9+vw0Eb4VUFCorC9Air7B1hlUCl2RBcY5JooQixQ
R2PcMDj+xgGou0rlRlmIL7k=
-----END CERTIFICATE-----
Generated at Sun Aug 24 06:48:15 2025 by rpki-client