Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EBD48D1E0F8311F0AB75BC25C4F9AE02.roa
File: EBD48D1E0F8311F0AB75BC25C4F9AE02.roa (raw, json)
Hash identifier: aN+lfEEmg3MnR2nyGwqfIkpW+s+lZbPPyeD2A0iqG9U=
Subject key identifier: 2F:E1:64:D9:E9:0E:0A:07:DC:53:6C:C4:3D:C0:45:17:B8:2F:99:F2
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: C292
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EBD48D1E0F8311F0AB75BC25C4F9AE02.roa
Signing time: Wed 13 Aug 2025 10:49:14 +0000
ROA not before: Wed 13 Aug 2025 10:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133594
IP address blocks: 14.102.1.0/24 maxlen: 24
14.102.2.0/23 maxlen: 24
14.102.3.0/24 maxlen: 24
14.102.12.0/23 maxlen: 24
14.102.15.0/24 maxlen: 24
14.102.22.0/23 maxlen: 24
14.102.24.0/22 maxlen: 24
14.102.32.0/22 maxlen: 24
14.102.36.0/23 maxlen: 24
14.102.38.0/24 maxlen: 24
14.102.40.0/22 maxlen: 24
14.102.43.0/24 maxlen: 24
14.102.44.0/24 maxlen: 24
14.102.45.0/24 maxlen: 24
14.102.48.0/24 maxlen: 24
14.102.50.0/24 maxlen: 24
14.102.56.0/23 maxlen: 24
14.102.57.0/24 maxlen: 24
14.102.59.0/24 maxlen: 24
14.102.64.0/22 maxlen: 24
14.102.66.0/24 maxlen: 24
14.102.68.0/22 maxlen: 24
14.102.72.0/22 maxlen: 24
14.102.76.0/23 maxlen: 24
14.102.78.0/24 maxlen: 24
14.102.80.0/23 maxlen: 24
14.102.82.0/24 maxlen: 24
14.102.88.0/24 maxlen: 24
14.102.92.0/23 maxlen: 24
14.102.95.0/24 maxlen: 24
14.102.96.0/23 maxlen: 24
14.102.100.0/23 maxlen: 24
14.102.103.0/24 maxlen: 24
14.102.104.0/22 maxlen: 24
14.102.108.0/22 maxlen: 24
14.102.112.0/22 maxlen: 24
14.102.116.0/22 maxlen: 24
14.102.120.0/22 maxlen: 24
14.102.123.0/24 maxlen: 24
14.102.125.0/24 maxlen: 24
14.102.126.0/23 maxlen: 24
110.172.136.0/24 maxlen: 24
110.172.150.0/24 maxlen: 24
110.172.168.0/24 maxlen: 24
111.235.64.0/22 maxlen: 24
118.91.176.0/24 maxlen: 24
202.89.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 15:25:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49810 (0xc292)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 13 10:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=689c6daa-d596
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7d:53:11:1e:b6:e1:2a:8f:df:3a:e2:48:97:
70:20:6b:16:11:25:93:99:e2:6e:88:3f:15:0b:c2:
59:8c:52:74:bc:bd:b0:48:72:79:c0:5d:7d:19:6d:
cd:61:4c:d4:4d:28:2f:73:56:bf:41:5f:5a:46:ed:
87:55:f3:8f:79:13:59:7f:c4:4b:a1:e7:be:97:ec:
f8:e7:b7:af:f3:8e:c7:f8:78:90:f7:19:92:ab:8c:
88:50:f5:44:cf:02:78:d1:59:3b:a4:1e:17:f3:3b:
52:c2:df:b3:6d:8a:45:62:61:24:08:af:4c:c7:51:
0b:92:2d:78:c5:89:8e:70:a6:90:5d:32:30:31:02:
d4:f8:c3:3d:1a:0a:55:11:26:fc:f8:9f:0c:43:b5:
a1:fd:e4:b3:ef:24:26:a7:8f:b5:03:e4:60:73:71:
46:29:b9:5f:e5:bc:f6:e5:16:da:f4:61:3d:51:96:
b7:5d:b0:67:9e:3c:d8:76:e8:4e:06:e6:b2:f4:b0:
a6:78:e2:4b:2b:6d:75:90:e5:4e:3c:58:0d:b3:c2:
f4:bb:cf:79:a2:b1:87:3c:9a:e6:e4:5f:1b:35:fe:
b3:61:9f:ff:34:8e:09:7b:91:97:6f:99:e5:22:28:
d7:dc:8d:9a:63:7a:8c:87:2e:8a:4a:f8:49:4a:79:
25:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:E1:64:D9:E9:0E:0A:07:DC:53:6C:C4:3D:C0:45:17:B8:2F:99:F2
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EBD48D1E0F8311F0AB75BC25C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.102.1.0-14.102.3.255
14.102.12.0/23
14.102.15.0/24
14.102.22.0-14.102.27.255
14.102.32.0-14.102.38.255
14.102.40.0-14.102.45.255
14.102.48.0/24
14.102.50.0/24
14.102.56.0/23
14.102.59.0/24
14.102.64.0-14.102.78.255
14.102.80.0-14.102.82.255
14.102.88.0/24
14.102.92.0/23
14.102.95.0-14.102.97.255
14.102.100.0/23
14.102.103.0-14.102.123.255
14.102.125.0-14.102.127.255
110.172.136.0/24
110.172.150.0/24
110.172.168.0/24
111.235.64.0/22
118.91.176.0/24
202.89.70.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:ae:7a:f6:44:ac:32:9d:f9:a3:8e:fc:c4:6c:f8:ae:24:3b:
ce:eb:d4:9f:d3:41:60:9d:27:71:9a:5c:53:8b:6b:d6:13:23:
2e:96:9d:71:be:f3:09:31:0a:0c:0e:f2:08:50:f5:99:2d:24:
6c:90:e1:62:69:39:a8:36:f7:fa:3a:97:8d:7d:27:bc:9b:a4:
35:16:60:1b:79:48:06:5e:9d:f0:4c:fd:73:d8:12:00:90:86:
4b:e1:4c:ff:f3:78:f2:47:66:c0:b6:78:c8:3c:b8:d5:c7:2f:
43:4e:bb:2f:1e:0d:3b:95:b6:6e:26:7f:5e:66:04:8d:91:93:
e7:8b:e1:07:84:9c:82:d0:5e:27:17:00:bd:fb:f4:bc:5a:32:
ed:f9:59:db:0d:66:39:e7:2e:38:b0:be:fb:c9:4c:3c:b6:49:
7f:d5:06:e7:c2:9f:c3:ad:eb:08:ac:00:9f:b5:63:67:6f:3e:
73:44:08:46:e1:53:05:f1:69:21:8a:b3:7d:9c:5d:12:ff:9e:
68:8d:57:ec:14:92:2e:c8:a8:5e:bd:f1:4c:f9:c4:70:0b:48:
6a:b3:32:bb:05:a5:10:12:5b:53:ec:11:ea:79:3b:e8:d5:15:
2d:21:90:af:a3:71:bb:b5:63:32:a9:d3:3e:e6:b6:45:cf:1e:
b2:d5:fe:d8
-----BEGIN CERTIFICATE-----
MIIGSTCCBTGgAwIBAgIDAMKSMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDgxMzEwNDkxNFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjg5YzZkYWEtZDU5NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZ9UxEetuEqj9864kiXcCBrFhElk5nibog/FQvCWYxSdLy9sEhyecBdfRlt
zWFM1E0oL3NWv0FfWkbth1Xzj3kTWX/ES6Hnvpfs+Oe3r/OOx/h4kPcZkquMiFD1
RM8CeNFZO6QeF/M7UsLfs22KRWJhJAivTMdRC5IteMWJjnCmkF0yMDEC1PjDPRoK
VREm/PifDEO1of3ks+8kJqePtQPkYHNxRim5X+W89uUW2vRhPVGWt12wZ5482Hbo
TgbmsvSwpnjiSyttdZDlTjxYDbPC9LvPeaKxhzya5uRfGzX+s2Gf/zSOCXuRl2+Z
5SIo19yNmmN6jIcuikr4SUp5Je0CAwEAAaOCA2wwggNoMB0GA1UdDgQWBBQv4WTZ
6Q4KB9xTbMQ9wEUXuC+Z8jAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0VCRDQ4RDFF
MEY4MzExRjBBQjc1QkMyNUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIH1BggrBgEFBQcBBwEB
/wSB5TCB4jCB3wQCAAEwgdgwDAMEAA5mAQMEAg5mAAMEAQ5mDAMEAA5mDzAMAwQB
DmYWAwQCDmYYMAwDBAUOZiADBAAOZiYwDAMEAw5mKAMEAQ5mLAMEAA5mMAMEAA5m
MgMEAQ5mOAMEAA5mOzAMAwQGDmZAAwQADmZOMAwDBAQOZlADBAAOZlIDBAAOZlgD
BAEOZlwwDAMEAA5mXwMEAQ5mYAMEAQ5mZDAMAwQADmZnAwQCDmZ4MAwDBAAOZn0D
BAcOZgADBABurIgDBABurJYDBABurKgDBAJv60ADBAB2W7ADBADKWUYwDQYJKoZI
hvcNAQELBQADggEBABuuevZErDKd+aOO/MRs+K4kO87r1J/TQWCdJ3GaXFOLa9YT
Iy6WnXG+8wkxCgwO8ghQ9ZktJGyQ4WJpOag29/o6l419J7ybpDUWYBt5SAZenfBM
/XPYEgCQhkvhTP/zePJHZsC2eMg8uNXHL0NOuy8eDTuVtm4mf15mBI2Rk+eL4QeE
nILQXicXAL379LxaMu35WdsNZjnnLjiwvvvJTDy2SX/VBufCn8Ot6wisAJ+1Y2dv
PnNECEbhUwXxaSGKs32cXRL/nmiNV+wUki7IqF698Uz5xHALSGqzMrsFpRASW1Ps
Eep5O+jVFS0hkK+jcbu1YzKp0z7mtkXPHrLV/tg=
-----END CERTIFICATE-----
Generated at Sun Aug 24 02:34:26 2025 by rpki-client