Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/FFFBCAEE9A9511EBB49D7E1AC4F9AE02.roa
File: FFFBCAEE9A9511EBB49D7E1AC4F9AE02.roa (raw, json)
Hash identifier: Cfqrfl0Q7E7E4GhK910Vq8lQBhtl7oKqC1/FgHItAsA=
Subject key identifier: D1:CD:70:F2:6A:A5:E0:86:14:73:E5:1D:17:BB:FA:65:C9:AF:97:9C
Certificate issuer: /CN=A917DEA4/serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8
Certificate serial: 0746
Authority key identifier: B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/FFFBCAEE9A9511EBB49D7E1AC4F9AE02.roa
Signing time: Sat 23 Aug 2025 12:27:54 +0000
ROA not before: Sat 23 Aug 2025 12:27:54 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 45820
IP address blocks: 14.96.8.0/21 maxlen: 24
14.96.48.0/21 maxlen: 24
14.96.128.0/21 maxlen: 24
14.96.136.0/21 maxlen: 24
14.96.144.0/21 maxlen: 24
14.96.152.0/21 maxlen: 24
14.96.160.0/21 maxlen: 24
14.96.168.0/24 maxlen: 24
14.96.169.0/24 maxlen: 24
14.96.172.0/23 maxlen: 24
14.96.174.0/23 maxlen: 24
14.96.176.0/23 maxlen: 24
14.96.180.0/23 maxlen: 24
14.96.184.0/23 maxlen: 24
14.96.186.0/23 maxlen: 24
14.96.188.0/23 maxlen: 24
14.96.190.0/23 maxlen: 24
14.96.216.0/21 maxlen: 24
14.96.224.0/21 maxlen: 24
14.96.232.0/21 maxlen: 24
14.97.0.0/21 maxlen: 24
14.97.8.0/21 maxlen: 24
14.97.16.0/21 maxlen: 24
14.97.24.0/21 maxlen: 24
14.97.32.0/21 maxlen: 24
14.97.40.0/21 maxlen: 24
14.97.48.0/21 maxlen: 24
14.97.56.0/21 maxlen: 24
14.97.64.0/21 maxlen: 24
14.97.72.0/21 maxlen: 24
14.97.80.0/21 maxlen: 24
14.97.88.0/21 maxlen: 24
14.97.96.0/21 maxlen: 24
14.97.104.0/21 maxlen: 24
14.97.112.0/21 maxlen: 24
14.97.120.0/21 maxlen: 24
14.97.128.0/21 maxlen: 24
14.97.136.0/21 maxlen: 24
14.97.144.0/21 maxlen: 24
14.97.152.0/21 maxlen: 24
14.97.160.0/21 maxlen: 24
14.97.168.0/21 maxlen: 24
14.97.176.0/21 maxlen: 24
14.97.184.0/21 maxlen: 24
14.97.192.0/21 maxlen: 24
14.97.200.0/21 maxlen: 24
14.97.208.0/21 maxlen: 24
14.97.216.0/21 maxlen: 24
14.97.224.0/21 maxlen: 24
14.97.240.0/21 maxlen: 24
14.97.248.0/21 maxlen: 24
14.99.0.0/21 maxlen: 24
14.99.8.0/21 maxlen: 24
14.99.16.0/21 maxlen: 24
14.99.24.0/21 maxlen: 24
14.99.32.0/20 maxlen: 24
14.99.48.0/21 maxlen: 24
14.99.56.0/21 maxlen: 24
14.99.64.0/21 maxlen: 24
14.99.72.0/21 maxlen: 24
14.99.80.0/21 maxlen: 24
14.99.88.0/21 maxlen: 24
14.99.96.0/20 maxlen: 24
14.99.112.0/21 maxlen: 24
14.99.120.0/21 maxlen: 24
14.99.128.0/21 maxlen: 24
14.99.136.0/21 maxlen: 24
14.99.144.0/21 maxlen: 24
14.99.152.0/21 maxlen: 24
14.99.160.0/21 maxlen: 24
14.99.168.0/21 maxlen: 24
14.99.176.0/21 maxlen: 24
14.99.184.0/21 maxlen: 24
14.99.192.0/21 maxlen: 24
14.99.200.0/21 maxlen: 24
14.99.208.0/21 maxlen: 24
14.99.216.0/21 maxlen: 24
14.99.224.0/21 maxlen: 24
14.99.232.0/21 maxlen: 24
14.99.240.0/21 maxlen: 24
14.99.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.crl
rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Aug 2025 12:33:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1862 (0x746)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917DEA4, serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8
Validity
Not Before: Aug 23 12:27:54 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=68a9b3ca-a476
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ce:14:08:6f:72:bc:8b:35:66:11:8c:6b:34:
e3:a3:ff:a9:e7:f5:23:bd:15:17:9c:e5:c1:f6:8a:
7c:86:eb:dc:af:01:d9:ef:c7:b3:09:e3:d2:c7:50:
be:6e:1f:04:36:54:44:8c:c5:1e:ca:9a:8d:dd:87:
ca:72:88:96:38:df:a7:67:f9:10:93:02:17:63:7e:
33:f4:8c:8f:5a:8a:1f:2a:1e:39:59:3b:14:25:3b:
ad:1e:7f:65:43:be:1d:cc:dc:db:01:7c:01:4c:ae:
99:2f:65:19:99:a9:ec:a3:7c:09:4d:7a:ce:1b:d9:
9e:55:51:e4:8b:a0:d4:b5:fc:89:6c:78:a5:c3:72:
eb:67:58:6c:35:9d:ae:d7:d9:44:5f:2d:cf:17:e3:
68:0d:81:a1:32:1a:ee:72:03:7d:37:f3:44:ef:2f:
8c:86:33:1a:0a:22:54:66:17:cd:5b:e2:fa:8e:7e:
61:c5:bf:76:88:36:eb:4f:37:56:d2:3b:c3:14:3c:
d0:99:36:26:97:39:ef:bf:e5:6a:b0:53:02:49:73:
04:a7:81:8e:e4:a3:c2:86:96:92:c2:a5:1f:f8:4a:
a4:81:5d:79:d0:06:22:c7:33:7b:64:35:a4:df:9d:
d9:77:b9:fb:76:7a:8d:d6:97:cd:b7:76:06:67:53:
22:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:CD:70:F2:6A:A5:E0:86:14:73:E5:1D:17:BB:FA:65:C9:AF:97:9C
X509v3 Authority Key Identifier:
keyid:B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/FFFBCAEE9A9511EBB49D7E1AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.96.8.0/21
14.96.48.0/21
14.96.128.0-14.96.169.255
14.96.172.0-14.96.177.255
14.96.180.0/23
14.96.184.0/21
14.96.216.0-14.96.239.255
14.97.0.0-14.97.231.255
14.97.240.0/20
14.99.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b0:ca:12:63:4c:c4:2d:d5:75:e0:29:d3:ac:60:19:d7:71:37:
e2:38:a3:3b:d4:f9:72:44:15:5d:72:f0:8e:86:e3:fc:ff:6e:
25:ce:e9:9b:b8:a1:e2:bc:13:2d:06:07:83:fe:86:29:64:3d:
cf:7f:8f:44:46:6e:a1:4c:45:fd:00:6c:32:51:8e:d7:c3:df:
e9:3f:21:f4:db:7d:9e:a6:c0:39:0b:b2:46:aa:26:e0:e0:32:
95:70:a9:a5:1f:1f:c4:96:7e:48:b0:4f:83:32:1c:b6:9e:93:
f8:b3:37:09:63:21:61:f1:5a:ec:f1:2b:3d:16:47:bd:01:bc:
50:cd:76:1e:43:c7:f8:1a:50:3f:bb:c6:95:d6:9f:41:22:2f:
38:80:ce:33:bc:de:de:62:9c:39:97:a1:da:69:85:14:66:54:
76:69:69:cc:ed:68:d7:bb:a0:98:88:1e:e6:2a:77:d7:8a:3e:
27:4b:31:c1:b5:e9:1f:3e:57:71:b8:60:b2:16:4a:32:81:db:
52:b0:46:4c:52:bc:ed:8c:c0:16:c9:94:c5:eb:f5:54:e8:24:
41:e2:e3:01:c6:33:a1:36:56:47:da:c5:57:75:9a:9b:40:1f:
1a:cf:57:1a:89:6d:cf:4d:e4:7f:3b:e3:92:5d:86:c9:c5:2c:
2e:9f:58:ae
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgICB0YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0RFQTQxMTAvBgNVBAUTKEI0RDZGRkQ1REZGOUVBQzQxM0FCNDQwOEUwOTYzN0Iw
OTQ5NERCQzgwHhcNMjUwODIzMTIyNzU0WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGE5YjNjYS1hNDc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvs4UCG9yvIs1ZhGMazTjo/+p5/UjvRUXnOXB9op8huvcrwHZ78ezCePSx1C+
bh8ENlREjMUeypqN3YfKcoiWON+nZ/kQkwIXY34z9IyPWoofKh45WTsUJTutHn9l
Q74dzNzbAXwBTK6ZL2UZmanso3wJTXrOG9meVVHki6DUtfyJbHilw3LrZ1hsNZ2u
19lEXy3PF+NoDYGhMhrucgN9N/NE7y+MhjMaCiJUZhfNW+L6jn5hxb92iDbrTzdW
0jvDFDzQmTYmlznvv+VqsFMCSXMEp4GO5KPChpaSwqUf+EqkgV150AYixzN7ZDWk
353Zd7n7dnqN1pfNt3YGZ1MiMQIDAQABo4IC6TCCAuUwHQYDVR0OBBYEFNHNcPJq
peCGFHPlHRe7+mXJr5ecMB8GA1UdIwQYMBaAFLTW/9Xf+erEE6tECOCWN7CUlNvI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REVBNC9BMjQyNkI2MDk4
MjkxMUVCQjc4ODIwODFDNEY5QUUwMi90TmJfMWRfNTZzUVRxMFFJNEpZM3NKU1Uy
OGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ROYl8xZF81NnNRVHEwUUk0Slkzc0pTVTI4Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0RFQTQvQTI0MjZCNjA5ODI5MTFFQkI3ODgyMDgxQzRGOUFFMDIvRkZGQkNBRUU5
QTk1MTFFQkI0OUQ3RTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcwYIKwYBBQUHAQcBAf8E
ZDBiMGAEAgABMFoDBAMOYAgDBAMOYDAwDAMEBw5ggAMEAQ5gqDAMAwQCDmCsAwQB
DmCwAwQBDmC0AwQDDmC4MAwDBAMOYNgDBAQOYOAwCwMDAA5hAwQDDmHgAwQEDmHw
AwMADmMwDQYJKoZIhvcNAQELBQADggEBALDKEmNMxC3VdeAp06xgGddxN+I4ozvU
+XJEFV1y8I6G4/z/biXO6Zu4oeK8Ey0GB4P+hilkPc9/j0RGbqFMRf0AbDJRjtfD
3+k/IfTbfZ6mwDkLskaqJuDgMpVwqaUfH8SWfkiwT4MyHLaek/izNwljIWHxWuzx
Kz0WR70BvFDNdh5Dx/gaUD+7xpXWn0EiLziAzjO83t5inDmXodpphRRmVHZpaczt
aNe7oJiIHuYqd9eKPidLMcG16R8+V3G4YLIWSjKB21KwRkxSvO2MwBbJlMXr9VTo
JEHi4wHGM6E2VkfaxVd1mptAHxrPVxqJbc9N5H8745JdhsnFLC6fWK4=
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:39:37 2025 by rpki-client