Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EBD48D1E0F8311F0AB75BC25C4F9AE02.roa
File: EBD48D1E0F8311F0AB75BC25C4F9AE02.roa (raw, json)
Hash identifier: PiL5yqkV/NRTg02cbraqh95ZfPV7xVGPb/qkS2BjQhA=
Subject key identifier: 72:C5:CD:2B:AA:27:2D:4F:32:9C:81:6A:A3:B1:4B:57:C9:F3:6D:88
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: E032
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EBD48D1E0F8311F0AB75BC25C4F9AE02.roa
Signing time: Thu 07 May 2026 07:52:36 +0000
ROA not before: Thu 07 May 2026 07:52:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133594
IP address blocks: 14.102.1.0/24 maxlen: 24
14.102.2.0/23 maxlen: 24
14.102.3.0/24 maxlen: 24
14.102.12.0/23 maxlen: 24
14.102.15.0/24 maxlen: 24
14.102.22.0/23 maxlen: 24
14.102.24.0/22 maxlen: 24
14.102.32.0/22 maxlen: 24
14.102.36.0/23 maxlen: 24
14.102.38.0/24 maxlen: 24
14.102.40.0/22 maxlen: 24
14.102.43.0/24 maxlen: 24
14.102.44.0/24 maxlen: 24
14.102.45.0/24 maxlen: 24
14.102.48.0/24 maxlen: 24
14.102.50.0/24 maxlen: 24
14.102.56.0/23 maxlen: 24
14.102.57.0/24 maxlen: 24
14.102.59.0/24 maxlen: 24
14.102.64.0/22 maxlen: 24
14.102.66.0/24 maxlen: 24
14.102.68.0/22 maxlen: 24
14.102.72.0/22 maxlen: 24
14.102.76.0/23 maxlen: 24
14.102.78.0/24 maxlen: 24
14.102.80.0/23 maxlen: 24
14.102.82.0/24 maxlen: 24
14.102.88.0/24 maxlen: 24
14.102.92.0/23 maxlen: 24
14.102.95.0/24 maxlen: 24
14.102.96.0/23 maxlen: 24
14.102.100.0/23 maxlen: 24
14.102.103.0/24 maxlen: 24
14.102.104.0/22 maxlen: 24
14.102.108.0/22 maxlen: 24
14.102.112.0/22 maxlen: 24
14.102.116.0/22 maxlen: 24
14.102.120.0/22 maxlen: 24
14.102.123.0/24 maxlen: 24
14.102.125.0/24 maxlen: 24
14.102.126.0/23 maxlen: 24
103.5.200.0/24 maxlen: 24
103.5.201.0/24 maxlen: 24
103.5.202.0/24 maxlen: 24
103.160.72.0/23 maxlen: 24
110.172.136.0/24 maxlen: 24
110.172.150.0/24 maxlen: 24
110.172.168.0/24 maxlen: 24
111.235.64.0/22 maxlen: 24
118.91.176.0/24 maxlen: 24
202.89.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 20 May 2026 08:09:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57394 (0xe032)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 7 07:52:36 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69fc44c4-adae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e8:1c:5b:57:2e:3f:34:5b:fa:7c:4e:17:4b:
06:b6:62:9d:d5:38:4b:16:3b:98:d2:c6:ed:b3:1b:
58:d5:f0:fc:1d:70:57:42:f7:34:65:cd:f3:95:51:
4e:df:d4:1a:70:e4:9c:7d:c9:25:a8:08:35:53:e2:
81:80:7a:05:4d:04:ef:7c:bd:fd:48:51:91:42:69:
f3:33:ea:02:51:89:e0:9d:34:a6:81:3c:f2:19:c3:
62:0f:a6:65:c7:fe:85:cd:02:aa:01:df:a8:eb:14:
97:5e:de:72:40:d5:20:bb:7b:88:67:68:12:64:3e:
f0:51:fc:62:64:27:3d:d3:31:cf:c4:b0:f4:64:f9:
aa:9a:e4:76:4d:01:e9:9d:78:e2:cc:65:50:3e:67:
7c:c2:ee:cc:d7:d2:25:4c:e9:bb:eb:a9:8d:c8:03:
47:65:72:59:36:45:9d:04:8b:fc:86:87:70:bb:33:
79:bb:bd:0d:6d:46:91:6d:70:38:8b:54:cf:21:c2:
4a:a9:84:7d:68:f9:30:2e:51:09:9e:fd:4e:af:35:
b9:6f:71:32:be:77:4c:2f:57:26:c9:8e:63:72:ab:
67:c1:39:8c:27:68:28:80:f6:0e:70:e2:19:aa:03:
f6:b7:43:31:45:bd:59:f2:49:f3:3a:ad:ff:33:88:
96:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:C5:CD:2B:AA:27:2D:4F:32:9C:81:6A:A3:B1:4B:57:C9:F3:6D:88
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EBD48D1E0F8311F0AB75BC25C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
14.102.1.0-14.102.3.255
14.102.12.0/23
14.102.15.0/24
14.102.22.0-14.102.27.255
14.102.32.0-14.102.38.255
14.102.40.0-14.102.45.255
14.102.48.0/24
14.102.50.0/24
14.102.56.0/23
14.102.59.0/24
14.102.64.0-14.102.78.255
14.102.80.0-14.102.82.255
14.102.88.0/24
14.102.92.0/23
14.102.95.0-14.102.97.255
14.102.100.0/23
14.102.103.0-14.102.123.255
14.102.125.0-14.102.127.255
103.5.200.0-103.5.202.255
103.160.72.0/23
110.172.136.0/24
110.172.150.0/24
110.172.168.0/24
111.235.64.0/22
118.91.176.0/24
202.89.70.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:a9:8d:ff:a4:e6:b8:cd:38:a9:0e:ae:3f:56:93:c3:0c:36:
c1:44:ff:fa:9f:49:bf:21:26:38:85:05:9f:ba:86:11:9a:80:
bf:8d:90:9a:b5:f0:c7:f3:85:1a:b7:77:34:cc:6a:e8:bb:21:
ca:d2:74:f5:a7:60:2f:59:8c:04:fe:6d:f6:68:c0:42:a5:a5:
1e:58:34:ee:89:14:c1:2e:78:11:70:44:81:ff:ed:5e:e0:02:
19:32:a9:8d:73:c2:c6:7f:d3:1e:60:d2:c1:cc:97:a7:ab:59:
c4:b1:60:78:1b:07:ea:0a:31:b2:0d:c5:71:71:06:87:a2:e7:
b7:59:41:52:30:c1:84:0c:1a:00:0b:03:c2:75:f2:a6:f4:d2:
84:f9:b3:79:3e:64:8d:34:3d:85:49:09:dd:1d:f5:62:91:05:
17:48:6b:e9:41:46:b9:53:dd:3a:e6:a3:99:15:d4:d8:8c:d7:
ef:38:1e:34:9a:f6:f2:e5:49:cc:56:3c:80:1a:de:59:df:0a:
02:6c:dd:8c:31:da:50:4f:ea:38:60:4c:c2:c4:df:56:67:25:
d3:5f:d1:51:13:3a:f3:08:02:1f:73:a4:ce:8d:94:6a:70:3d:
37:45:f7:05:35:26:63:2d:01:ca:0f:c6:a7:88:e2:0b:bb:2a:
8a:00:71:56
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAOAyMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDUwNzA3NTIzNloXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjlmYzQ0YzQtYWRhZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMHoHFtXLj80W/p8ThdLBrZindU4SxY7mNLG7bMbWNXw/B1wV0L3NGXN85VR
Tt/UGnDknH3JJagINVPigYB6BU0E73y9/UhRkUJp8zPqAlGJ4J00poE88hnDYg+m
Zcf+hc0CqgHfqOsUl17eckDVILt7iGdoEmQ+8FH8YmQnPdMxz8Sw9GT5qprkdk0B
6Z144sxlUD5nfMLuzNfSJUzpu+upjcgDR2VyWTZFnQSL/IaHcLszebu9DW1GkW1w
OItUzyHCSqmEfWj5MC5RCZ79Tq81uW9xMr53TC9XJsmOY3KrZ8E5jCdoKID2DnDi
GaoD9rdDMUW9WfJJ8zqt/zOIlikCAwEAAaOCA0wwggNIMB0GA1UdDgQWBBRyxc0r
qictTzKcgWqjsUtXyfNtiDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0VCRDQ4RDFF
MEY4MzExRjBBQjc1QkMyNUM0RjlBRTAyLnJvYTCCAQkGCCsGAQUFBwEHAQH/BIH5
MIH2MIHzBAIAATCB7DAMAwQADmYBAwQCDmYAAwQBDmYMAwQADmYPMAwDBAEOZhYD
BAIOZhgwDAMEBQ5mIAMEAA5mJjAMAwQDDmYoAwQBDmYsAwQADmYwAwQADmYyAwQB
DmY4AwQADmY7MAwDBAYOZkADBAAOZk4wDAMEBA5mUAMEAA5mUgMEAA5mWAMEAQ5m
XDAMAwQADmZfAwQBDmZgAwQBDmZkMAwDBAAOZmcDBAIOZngwDAMEAA5mfQMEBw5m
ADAMAwQDZwXIAwQAZwXKAwQBZ6BIAwQAbqyIAwQAbqyWAwQAbqyoAwQCb+tAAwQA
dluwAwQAyllGMA0GCSqGSIb3DQEBCwUAA4IBAQAtqY3/pOa4zTipDq4/VpPDDDbB
RP/6n0m/ISY4hQWfuoYRmoC/jZCatfDH84Uat3c0zGrouyHK0nT1p2AvWYwE/m32
aMBCpaUeWDTuiRTBLngRcESB/+1e4AIZMqmNc8LGf9MeYNLBzJenq1nEsWB4Gwfq
CjGyDcVxcQaHoue3WUFSMMGEDBoACwPCdfKm9NKE+bN5PmSNND2FSQndHfVikQUX
SGvpQUa5U9065qOZFdTYjNfvOB40mvby5UnMVjyAGt5Z3woCbN2MMdpQT+o4YEzC
xN9WZyXTX9FREzrzCAIfc6TOjZRqcD03RfcFNSZjLQHKD8aniOILuyqKAHFW
-----END CERTIFICATE-----
Generated at Wed May 13 12:48:10 2026 by rpki-client