Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/FFFBCAEE9A9511EBB49D7E1AC4F9AE02.roa
File: FFFBCAEE9A9511EBB49D7E1AC4F9AE02.roa (raw, json)
Hash identifier: iN7rm8Wrk9fgKg1Lh3Xa/tBqsJImmURSqWf77QF7c2M=
Subject key identifier: 41:07:25:0E:CE:69:73:97:51:91:91:FA:55:56:DE:54:54:84:87:62
Certificate issuer: /CN=A917DEA4/serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8
Certificate serial: 0710
Authority key identifier: B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/FFFBCAEE9A9511EBB49D7E1AC4F9AE02.roa
Signing time: Mon 23 Jun 2025 13:18:22 +0000
ROA not before: Mon 23 Jun 2025 13:18:22 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 45820
IP address blocks: 14.96.8.0/21 maxlen: 24
14.96.128.0/21 maxlen: 24
14.96.136.0/21 maxlen: 24
14.96.144.0/21 maxlen: 24
14.96.152.0/21 maxlen: 24
14.96.160.0/21 maxlen: 24
14.96.168.0/24 maxlen: 24
14.96.169.0/24 maxlen: 24
14.96.172.0/23 maxlen: 24
14.96.176.0/23 maxlen: 24
14.96.180.0/23 maxlen: 24
14.96.184.0/23 maxlen: 24
14.96.188.0/23 maxlen: 24
14.96.216.0/21 maxlen: 24
14.96.224.0/21 maxlen: 24
14.97.0.0/21 maxlen: 24
14.97.8.0/21 maxlen: 24
14.97.16.0/21 maxlen: 24
14.97.24.0/21 maxlen: 24
14.97.32.0/21 maxlen: 24
14.97.40.0/21 maxlen: 24
14.97.48.0/21 maxlen: 24
14.97.56.0/21 maxlen: 24
14.97.64.0/21 maxlen: 24
14.97.72.0/21 maxlen: 24
14.97.80.0/21 maxlen: 24
14.97.88.0/21 maxlen: 24
14.97.96.0/21 maxlen: 24
14.97.104.0/21 maxlen: 24
14.97.112.0/21 maxlen: 24
14.97.120.0/21 maxlen: 24
14.97.128.0/21 maxlen: 24
14.97.136.0/21 maxlen: 24
14.97.144.0/21 maxlen: 24
14.97.152.0/21 maxlen: 24
14.97.160.0/21 maxlen: 24
14.97.168.0/21 maxlen: 24
14.97.176.0/21 maxlen: 24
14.97.184.0/21 maxlen: 24
14.97.192.0/21 maxlen: 24
14.97.200.0/21 maxlen: 24
14.97.208.0/21 maxlen: 24
14.97.216.0/21 maxlen: 24
14.97.224.0/21 maxlen: 24
14.97.240.0/21 maxlen: 24
14.97.248.0/21 maxlen: 24
14.99.0.0/21 maxlen: 24
14.99.8.0/21 maxlen: 24
14.99.16.0/21 maxlen: 24
14.99.24.0/21 maxlen: 24
14.99.32.0/20 maxlen: 24
14.99.48.0/21 maxlen: 24
14.99.56.0/21 maxlen: 24
14.99.64.0/21 maxlen: 24
14.99.72.0/21 maxlen: 24
14.99.80.0/21 maxlen: 24
14.99.88.0/21 maxlen: 24
14.99.96.0/20 maxlen: 24
14.99.112.0/21 maxlen: 24
14.99.120.0/21 maxlen: 24
14.99.128.0/21 maxlen: 24
14.99.136.0/21 maxlen: 24
14.99.144.0/21 maxlen: 24
14.99.152.0/21 maxlen: 24
14.99.160.0/21 maxlen: 24
14.99.168.0/21 maxlen: 24
14.99.176.0/21 maxlen: 24
14.99.184.0/21 maxlen: 24
14.99.192.0/21 maxlen: 24
14.99.200.0/21 maxlen: 24
14.99.208.0/21 maxlen: 24
14.99.216.0/21 maxlen: 24
14.99.224.0/21 maxlen: 24
14.99.232.0/21 maxlen: 24
14.99.240.0/21 maxlen: 24
14.99.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.crl
rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 09 Jul 2025 22:58:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1808 (0x710)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917DEA4, serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8
Validity
Not Before: Jun 23 13:18:22 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=6859541d-cac9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:10:0f:9a:45:61:64:2d:c9:b7:ff:7a:fd:c8:
e1:75:4f:52:fa:a2:0d:f6:e6:ae:3c:df:3c:88:28:
d7:10:f9:06:7f:b2:6f:49:45:12:58:4e:18:85:f2:
4e:f0:9f:19:37:5a:eb:9f:7a:a5:08:60:61:ba:f3:
bb:71:46:1f:57:2e:23:4e:e5:32:29:9a:b7:36:65:
70:88:71:b8:1b:61:b5:e7:90:b4:ee:1e:f5:ec:44:
3d:50:2b:8e:db:7d:69:ea:c3:a8:5c:8b:45:95:eb:
ce:25:2a:63:92:2e:2d:8a:a4:49:d3:c2:8f:b2:d5:
2f:7a:be:3c:8e:8c:df:02:0d:e6:48:3c:ec:1d:6f:
f4:a8:a3:f5:2c:bf:d5:10:61:b8:ec:a9:b8:6a:e3:
fd:c9:77:c4:a9:8c:56:6e:0c:c8:8c:a4:fe:14:d4:
4e:22:16:cb:01:b1:ce:e2:2b:96:bb:dd:5c:e3:3b:
af:a3:ac:a2:20:71:9e:c9:a7:65:dc:92:0f:a5:d7:
f7:d5:2f:39:c8:d7:13:2c:a2:c1:da:07:67:d8:ca:
bd:62:5a:fa:4b:f4:d5:b8:b1:74:6c:56:00:82:24:
3a:75:31:65:1b:2a:ab:d2:b2:67:c9:f4:0b:00:2c:
e9:49:9a:dd:4f:f7:0e:ea:6b:81:df:db:42:bb:44:
72:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:07:25:0E:CE:69:73:97:51:91:91:FA:55:56:DE:54:54:84:87:62
X509v3 Authority Key Identifier:
keyid:B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/FFFBCAEE9A9511EBB49D7E1AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.96.8.0/21
14.96.128.0-14.96.169.255
14.96.172.0/23
14.96.176.0/23
14.96.180.0/23
14.96.184.0/23
14.96.188.0/23
14.96.216.0-14.96.231.255
14.97.0.0-14.97.231.255
14.97.240.0/20
14.99.0.0/16
Signature Algorithm: sha256WithRSAEncryption
71:0a:38:fe:46:73:7a:c0:e7:36:20:77:e2:64:23:5e:09:6e:
2d:a7:19:3f:d3:61:96:a9:f2:72:6d:ad:d9:21:b4:f7:81:af:
53:0a:2c:ec:c0:8c:8f:2c:69:0c:36:95:fd:ef:67:49:2b:23:
96:19:86:d6:41:46:95:5f:18:bd:f7:ac:a4:3c:de:3d:91:14:
4e:26:b5:7c:5e:4b:d9:e9:db:27:47:8a:4c:aa:9e:bd:a9:34:
a4:9d:14:df:1f:2f:ad:02:6a:60:bb:7b:aa:d8:d9:0a:72:83:
e4:bf:27:be:5a:de:ca:ef:05:20:39:f6:f4:dd:3c:07:a7:20:
e1:a4:fe:d9:16:34:fb:7f:43:8b:5d:0c:40:2f:91:ca:4f:bc:
b0:0c:7f:ad:1c:32:3c:ed:4a:58:5f:d4:45:71:a0:16:85:a5:
21:f9:2c:76:8e:b4:34:36:e9:31:bd:10:11:83:36:67:c9:03:
e2:83:d5:85:62:a5:cd:c4:a7:b2:d6:f7:ec:b9:34:b0:08:a9:
6c:27:0a:e2:71:45:e7:a9:99:e1:36:f6:9f:35:6f:4f:d8:b3:
de:a0:34:9b:6b:06:c1:25:3d:42:ff:40:6d:1a:4a:26:20:cf:
f1:a0:1d:99:66:ca:cf:71:97:ef:aa:b0:30:f5:50:48:02:62:
4e:92:7d:b5
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgICBxAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0RFQTQxMTAvBgNVBAUTKEI0RDZGRkQ1REZGOUVBQzQxM0FCNDQwOEUwOTYzN0Iw
OTQ5NERCQzgwHhcNMjUwNjIzMTMxODIyWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODU5NTQxZC1jYWM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8BAPmkVhZC3Jt/96/cjhdU9S+qIN9uauPN88iCjXEPkGf7JvSUUSWE4YhfJO
8J8ZN1rrn3qlCGBhuvO7cUYfVy4jTuUyKZq3NmVwiHG4G2G155C07h717EQ9UCuO
231p6sOoXItFlevOJSpjki4tiqRJ08KPstUver48jozfAg3mSDzsHW/0qKP1LL/V
EGG47Km4auP9yXfEqYxWbgzIjKT+FNROIhbLAbHO4iuWu91c4zuvo6yiIHGeyadl
3JIPpdf31S85yNcTLKLB2gdn2Mq9Ylr6S/TVuLF0bFYAgiQ6dTFlGyqr0rJnyfQL
ACzpSZrdT/cO6muB39tCu0RyjwIDAQABo4IC5zCCAuMwHQYDVR0OBBYEFEEHJQ7O
aXOXUZGR+lVW3lRUhIdiMB8GA1UdIwQYMBaAFLTW/9Xf+erEE6tECOCWN7CUlNvI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REVBNC9BMjQyNkI2MDk4
MjkxMUVCQjc4ODIwODFDNEY5QUUwMi90TmJfMWRfNTZzUVRxMFFJNEpZM3NKU1Uy
OGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ROYl8xZF81NnNRVHEwUUk0Slkzc0pTVTI4Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0RFQTQvQTI0MjZCNjA5ODI5MTFFQkI3ODgyMDgxQzRGOUFFMDIvRkZGQkNBRUU5
QTk1MTFFQkI0OUQ3RTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcQYIKwYBBQUHAQcBAf8E
YjBgMF4EAgABMFgDBAMOYAgwDAMEBw5ggAMEAQ5gqAMEAQ5grAMEAQ5gsAMEAQ5g
tAMEAQ5guAMEAQ5gvDAMAwQDDmDYAwQDDmDgMAsDAwAOYQMEAw5h4AMEBA5h8AMD
AA5jMA0GCSqGSIb3DQEBCwUAA4IBAQBxCjj+RnN6wOc2IHfiZCNeCW4tpxk/02GW
qfJyba3ZIbT3ga9TCizswIyPLGkMNpX972dJKyOWGYbWQUaVXxi996ykPN49kRRO
JrV8XkvZ6dsnR4pMqp69qTSknRTfHy+tAmpgu3uq2NkKcoPkvye+Wt7K7wUgOfb0
3TwHpyDhpP7ZFjT7f0OLXQxAL5HKT7ywDH+tHDI87UpYX9RFcaAWhaUh+Sx2jrQ0
NukxvRARgzZnyQPig9WFYqXNxKey1vfsuTSwCKlsJwricUXnqZnhNvafNW9P2LPe
oDSbawbBJT1C/0BtGkomIM/xoB2ZZsrPcZfvqrAw9VBIAmJOkn21
-----END CERTIFICATE-----
Generated at Fri Jul 4 08:00:56 2025 by rpki-client