Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/EE375CF036BD11E7B9B7251EC4F9AE02.roa
File: EE375CF036BD11E7B9B7251EC4F9AE02.roa (raw, json)
Hash identifier: ff+yRWpZGVwQu2/+ce6wo5vQ/4ykM8fNsCLeEkORRWk=
Subject key identifier: A8:FF:7E:EF:EA:A5:2B:7C:F0:78:7E:6C:BA:21:C8:B7:73:70:1E:43
Certificate issuer: /CN=A91EA198/serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Certificate serial: 1F15
Authority key identifier: 9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/EE375CF036BD11E7B9B7251EC4F9AE02.roa
Signing time: Wed 17 Sep 2025 07:17:18 +0000
ROA not before: Wed 17 Sep 2025 07:17:18 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 134963
IP address blocks: 14.1.112.0/22 maxlen: 24
43.96.0.0/16 maxlen: 24
43.97.0.0/16 maxlen: 24
43.98.0.0/16 maxlen: 24
43.99.0.0/16 maxlen: 24
43.100.0.0/16 maxlen: 24
43.101.0.0/16 maxlen: 24
43.102.0.0/16 maxlen: 24
43.103.0.0/16 maxlen: 24
43.104.0.0/16 maxlen: 24
43.105.0.0/16 maxlen: 24
43.106.0.0/16 maxlen: 24
43.107.0.0/16 maxlen: 24
43.108.0.0/16 maxlen: 24
43.109.0.0/16 maxlen: 24
43.110.0.0/16 maxlen: 24
43.111.0.0/16 maxlen: 24
43.112.0.0/16 maxlen: 24
43.113.0.0/16 maxlen: 24
43.114.0.0/16 maxlen: 24
43.115.0.0/16 maxlen: 24
43.116.0.0/16 maxlen: 24
43.117.0.0/16 maxlen: 24
43.118.0.0/16 maxlen: 24
43.119.0.0/16 maxlen: 24
43.120.0.0/16 maxlen: 24
43.121.0.0/16 maxlen: 24
43.122.0.0/16 maxlen: 24
43.123.0.0/16 maxlen: 24
43.124.0.0/16 maxlen: 24
43.125.0.0/16 maxlen: 24
43.126.0.0/16 maxlen: 24
43.127.0.0/16 maxlen: 16
43.127.0.0/16 maxlen: 24
103.206.40.0/22 maxlen: 24
240b:4000::/32 maxlen: 48
240b:4001::/32 maxlen: 48
240b:4002::/32 maxlen: 48
240b:4003::/32 maxlen: 48
240b:4004::/32 maxlen: 48
240b:4005::/32 maxlen: 48
240b:4006::/32 maxlen: 48
240b:4007::/32 maxlen: 48
240b:4008::/32 maxlen: 48
240b:4009::/32 maxlen: 48
240b:400a::/32 maxlen: 48
240b:400b::/32 maxlen: 48
240b:400c::/32 maxlen: 48
240b:400d::/32 maxlen: 48
240b:400e::/32 maxlen: 48
240b:400f::/32 maxlen: 48
240b:4010::/32 maxlen: 48
240b:4011::/32 maxlen: 48
240b:4012::/32 maxlen: 48
240b:4013::/32 maxlen: 48
240b:4014::/32 maxlen: 48
240b:4015::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 16:25:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7957 (0x1f15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA198, serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Validity
Not Before: Sep 17 07:17:18 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=68ca607e-54f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c2:90:7d:3c:b4:66:cd:6d:b8:ad:e1:6c:95:
35:55:eb:48:b3:5d:38:fe:bc:54:aa:75:c2:e7:01:
4d:82:6b:e1:e4:7e:e5:ad:97:10:03:bb:87:33:03:
d5:97:b4:b9:b2:bd:ef:fe:ba:fa:9f:ae:2f:5a:ed:
03:8f:25:74:52:14:a9:70:4e:d2:45:25:9f:8f:0b:
1e:a7:9f:ec:60:f5:8f:8b:d0:54:a6:39:77:a9:7a:
20:ef:d4:19:67:41:dd:a1:a5:40:df:37:9d:a4:8e:
47:56:b2:44:f3:13:c6:21:be:f2:1a:b7:c4:ca:c0:
a6:01:b7:25:ec:46:e6:e4:7c:bb:d5:99:53:4f:e4:
c6:3d:b5:4b:2f:49:f5:28:c5:93:c8:09:41:eb:90:
27:68:45:c2:90:ff:2a:27:14:be:0a:ac:94:f3:08:
8a:d3:e4:1f:03:ed:c3:4d:f9:59:e6:ee:b1:b4:87:
4c:22:84:4e:67:bc:7f:51:3d:ab:a7:07:36:8c:81:
98:cd:f7:99:62:5a:0f:14:51:5d:11:28:d6:4a:aa:
61:37:09:44:56:fd:a3:28:bd:c0:7c:1c:2f:98:05:
39:bf:6c:d3:82:c8:e2:e2:60:12:b6:2e:6c:5a:f4:
ba:26:2d:b8:0f:12:68:eb:e6:70:ee:72:a0:94:aa:
f6:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:FF:7E:EF:EA:A5:2B:7C:F0:78:7E:6C:BA:21:C8:B7:73:70:1E:43
X509v3 Authority Key Identifier:
keyid:9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/EE375CF036BD11E7B9B7251EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.1.112.0/22
43.96.0.0/11
103.206.40.0/22
IPv6:
240b:4000::-240b:4015:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
19:0d:93:04:13:30:38:66:a1:7f:1a:99:44:8f:fb:38:1e:92:
77:20:95:80:e4:eb:19:a0:2e:92:d4:ea:59:b4:10:35:16:50:
9f:9e:4b:ed:be:5b:38:fc:9e:fb:75:91:46:47:9e:e0:b3:91:
4d:65:72:b4:9a:c5:58:cb:cc:c0:a2:65:01:12:77:2e:63:51:
24:2e:79:65:a6:61:79:9a:b2:40:b7:41:53:3b:30:c2:3f:d1:
bd:61:1d:08:42:00:f7:57:df:d8:8c:1d:d4:b3:13:94:59:d4:
8c:87:ad:1c:3b:16:a0:46:41:90:23:88:45:c3:6d:6b:ed:41:
49:6e:1a:61:ca:c9:54:14:a4:ea:cf:5c:d2:38:dc:c9:36:a4:
c8:e7:02:32:35:eb:bf:3e:4a:81:a8:05:66:48:a5:1a:50:d5:
1e:25:43:cc:4b:b1:c7:0e:e8:6f:ee:2d:83:93:96:c1:6a:80:
1f:17:1c:73:14:86:83:c4:21:dd:a9:4d:d4:64:ae:16:a4:5d:
84:62:76:df:89:0c:ac:a1:2f:fb:ba:57:72:78:25:90:cf:dd:
67:48:dd:be:75:d1:72:06:89:2d:66:b5:48:5a:ca:a0:aa:43:
41:38:52:ed:bb:38:cf:9c:7d:8e:21:41:f7:bb:98:b8:ec:3d:
5f:e6:51:d4
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICHxUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUExOTgxMTAvBgNVBAUTKDlFMUMzNTMxRDAwNDVFQTM4OUI2OENGRjkyODZBMDhG
QkNCQkQ4QkQwHhcNMjUwOTE3MDcxNzE4WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGNhNjA3ZS01NGYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq8KQfTy0Zs1tuK3hbJU1VetIs104/rxUqnXC5wFNgmvh5H7lrZcQA7uHMwPV
l7S5sr3v/rr6n64vWu0DjyV0UhSpcE7SRSWfjwsep5/sYPWPi9BUpjl3qXog79QZ
Z0HdoaVA3zedpI5HVrJE8xPGIb7yGrfEysCmAbcl7Ebm5Hy71ZlTT+TGPbVLL0n1
KMWTyAlB65AnaEXCkP8qJxS+CqyU8wiK0+QfA+3DTflZ5u6xtIdMIoROZ7x/UT2r
pwc2jIGYzfeZYloPFFFdESjWSqphNwlEVv2jKL3AfBwvmAU5v2zTgsji4mASti5s
WvS6Ji24DxJo6+Zw7nKglKr2TwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFKj/fu/q
pSt88Hh+bLohyLdzcB5DMB8GA1UdIwQYMBaAFJ4cNTHQBF6jibaM/5KGoI+8u9i9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC85OTNGMjA5MEFC
QzQxMUU2QkQ2QkVEMTRDNEY5QUUwMi9uaHcxTWRBRVhxT0p0b3pfa29hZ2o3eTcy
TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25odzFNZEFFWHFPSnRvel9rb2Fnajd5NzJMMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUExOTgvOTkzRjIwOTBBQkM0MTFFNkJENkJFRDE0QzRGOUFFMDIvRUUzNzVDRjAz
NkJEMTFFN0I5QjcyNTFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMBcEAgABMBEDBAIOAXADAwUrYAMEAmfOKDAVBAIAAjAPMA0DBAYkC0ADBQEk
C0AUMA0GCSqGSIb3DQEBCwUAA4IBAQAZDZMEEzA4ZqF/GplEj/s4HpJ3IJWA5OsZ
oC6S1OpZtBA1FlCfnkvtvls4/J77dZFGR57gs5FNZXK0msVYy8zAomUBEncuY1Ek
LnllpmF5mrJAt0FTOzDCP9G9YR0IQgD3V9/YjB3UsxOUWdSMh60cOxagRkGQI4hF
w21r7UFJbhphyslUFKTqz1zSONzJNqTI5wIyNeu/PkqBqAVmSKUaUNUeJUPMS7HH
Duhv7i2Dk5bBaoAfFxxzFIaDxCHdqU3UZK4WpF2EYnbfiQysoS/7uldyeCWQz91n
SN2+ddFyBoktZrVIWsqgqkNBOFLtuzjPnH2OIUH3u5i47D1f5lHU
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:41:43 2025 by rpki-client