Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/2E96A63A690A11EF9525E980C4F9AE02.roa
File: 2E96A63A690A11EF9525E980C4F9AE02.roa (raw, json)
Hash identifier: Lbz6F4S29Kj7NkHWn077XTtIxG04kaXyzVHN0wAkRO0=
Subject key identifier: 9A:A5:02:E0:C9:66:97:6F:85:A6:B8:3A:7A:A3:75:D3:39:E7:E2:7F
Certificate issuer: /CN=A9157D7A/serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Certificate serial: 0851
Authority key identifier: 40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/2E96A63A690A11EF9525E980C4F9AE02.roa
Signing time: Fri 06 Feb 2026 06:29:03 +0000
ROA not before: Fri 06 Feb 2026 06:29:03 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 45820
IP address blocks: 14.194.0.0/18 maxlen: 24
14.194.64.0/18 maxlen: 24
14.194.128.0/18 maxlen: 24
14.194.208.0/20 maxlen: 24
14.194.240.0/20 maxlen: 24
14.195.0.0/18 maxlen: 24
14.195.64.0/19 maxlen: 24
14.195.96.0/19 maxlen: 24
14.195.128.0/18 maxlen: 24
14.195.192.0/20 maxlen: 24
14.195.208.0/20 maxlen: 24
14.195.240.0/20 maxlen: 24
49.200.0.0/14 maxlen: 14
49.200.0.0/19 maxlen: 24
49.200.40.0/21 maxlen: 24
49.200.48.0/21 maxlen: 24
49.200.56.0/22 maxlen: 24
49.200.60.0/22 maxlen: 24
49.200.96.0/21 maxlen: 24
49.200.104.0/21 maxlen: 24
49.200.112.0/21 maxlen: 24
49.200.120.0/21 maxlen: 24
49.200.128.0/21 maxlen: 24
49.200.136.0/21 maxlen: 24
49.200.144.0/21 maxlen: 24
49.200.152.0/21 maxlen: 24
49.200.160.0/21 maxlen: 24
49.200.168.0/21 maxlen: 24
49.200.176.0/21 maxlen: 24
49.200.184.0/21 maxlen: 24
49.202.208.0/24 maxlen: 24
49.249.0.0/17 maxlen: 24
49.249.128.0/18 maxlen: 24
115.160.217.0/24 maxlen: 24
182.156.0.0/18 maxlen: 22
182.156.0.0/22 maxlen: 24
182.156.4.0/23 maxlen: 24
182.156.8.0/21 maxlen: 24
182.156.16.0/22 maxlen: 24
182.156.22.0/23 maxlen: 24
182.156.24.0/21 maxlen: 23
182.156.24.0/23 maxlen: 24
182.156.28.0/22 maxlen: 24
182.156.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 25 Feb 2026 21:43:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2129 (0x851)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D7A, serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Validity
Not Before: Feb 6 06:29:03 2026 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=69858a2f-314a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2b:8e:6a:03:88:6f:41:d2:55:0d:d8:7e:61:
aa:b5:91:f9:d5:dd:27:b0:f5:0e:35:7c:38:fb:0d:
80:76:6e:39:63:4c:c1:c1:41:85:74:17:48:91:3b:
9d:c4:78:18:51:f1:93:37:97:76:2d:2d:1f:02:bc:
df:ec:16:eb:82:f0:b4:c7:2f:3c:c2:6f:d8:77:4d:
7f:ce:84:5b:0a:d3:11:08:47:d0:f3:40:ce:d8:be:
a8:19:bc:80:7a:48:7e:bc:3f:c7:e2:34:8e:44:85:
5f:c7:cb:3d:7e:90:fa:d0:0d:15:b3:56:b3:3d:7d:
23:e7:5a:be:98:e4:d9:1a:32:52:5e:78:42:07:5e:
bf:17:f1:1c:6a:01:3f:e1:5f:f1:f3:10:10:69:68:
87:a7:22:15:57:f2:d0:09:da:74:15:0b:ff:18:f6:
fb:91:31:15:12:6a:c4:28:d9:a5:a1:96:ee:c0:7f:
60:b5:32:a3:57:de:12:8a:ca:fe:ad:e8:6b:76:b9:
55:06:ef:03:cf:a0:9f:30:75:4f:59:8d:33:39:41:
b0:5d:10:38:55:84:80:95:30:0b:73:da:ac:df:22:
fc:93:c3:8a:d9:43:da:bc:00:74:1b:77:61:ce:06:
4e:70:03:52:67:86:d9:6a:4d:ac:eb:94:90:cc:1b:
25:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:A5:02:E0:C9:66:97:6F:85:A6:B8:3A:7A:A3:75:D3:39:E7:E2:7F
X509v3 Authority Key Identifier:
keyid:40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/2E96A63A690A11EF9525E980C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.194.0.0-14.194.191.255
14.194.208.0/20
14.194.240.0-14.195.223.255
14.195.240.0/20
49.200.0.0/14
49.249.0.0-49.249.191.255
115.160.217.0/24
182.156.0.0/18
Signature Algorithm: sha256WithRSAEncryption
32:79:12:b7:40:a6:e4:38:80:30:16:4a:4d:7b:bc:62:44:2e:
e8:f1:8a:47:4c:6f:f8:b1:cd:51:ab:7f:3d:e2:7c:70:85:82:
fd:5f:21:30:30:da:80:75:a3:16:0a:e4:c8:15:fe:eb:96:86:
29:7d:65:06:df:dc:91:5a:7b:c4:5b:d1:c6:1e:ca:07:40:24:
a8:7a:b9:05:21:3a:66:9c:da:17:5e:6c:02:6f:dc:6f:3c:f3:
2d:a3:d4:7d:ec:80:15:c7:fe:8e:d7:af:96:84:a1:f9:ee:5e:
73:ab:2e:a1:e4:1b:f9:f6:5d:f0:e0:2f:62:bc:cf:4b:10:07:
7f:0c:9f:2d:97:6b:0c:9f:5e:a7:99:80:b6:38:e8:bf:fe:5a:
85:dd:f1:c8:28:60:35:08:72:87:bf:2e:5b:02:44:d0:11:9c:
04:da:22:e9:5e:00:57:a2:b8:b3:f2:32:bf:6c:97:45:88:41:
e5:24:74:1b:22:0c:a3:d7:c2:ac:17:48:16:3b:58:a7:de:25:
5f:59:e2:d5:a1:0c:96:61:0c:eb:4f:82:7c:35:68:42:41:35:
78:06:1e:4d:39:9c:c0:ec:97:f0:2b:3c:c5:dc:77:c4:af:67:
64:46:9f:73:da:b8:33:54:4c:64:25:2c:02:fa:03:c1:87:70:
a7:06:11:50
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgICCFEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdEN0ExMTAvBgNVBAUTKDQwMUI0Mjk5MDZDOTBFQTAzRUNGQzYxQjE1QkE0RUYx
MjM5MDMzNzkwHhcNMjYwMjA2MDYyOTAzWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDDA02OTg1OGEyZi0zMTRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxyuOagOIb0HSVQ3YfmGqtZH51d0nsPUONXw4+w2Adm45Y0zBwUGFdBdIkTud
xHgYUfGTN5d2LS0fArzf7BbrgvC0xy88wm/Yd01/zoRbCtMRCEfQ80DO2L6oGbyA
ekh+vD/H4jSORIVfx8s9fpD60A0Vs1azPX0j51q+mOTZGjJSXnhCB16/F/EcagE/
4V/x8xAQaWiHpyIVV/LQCdp0FQv/GPb7kTEVEmrEKNmloZbuwH9gtTKjV94Sisr+
rehrdrlVBu8Dz6CfMHVPWY0zOUGwXRA4VYSAlTALc9qs3yL8k8OK2UPavAB0G3dh
zgZOcANSZ4bZak2s65SQzBslNQIDAQABo4IC1DCCAtAwHQYDVR0OBBYEFJqlAuDJ
Zpdvhaa4OnqjddM55+J/MB8GA1UdIwQYMBaAFEAbQpkGyQ6gPs/GGxW6TvEjkDN5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q3QS81RERDQ0NDNjk5
MTUxMUVCOTY3MjcyNDNDNEY5QUUwMi9RQnRDbVFiSkRxQS16OFliRmJwTzhTT1FN
M2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FCdENtUWJKRHFBLXo4WWJGYnBPOFNPUU0zay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdEN0EvNUREQ0NDQzY5OTE1MTFFQjk2NzI3MjQzQzRGOUFFMDIvMkU5NkE2M0E2
OTBBMTFFRjk1MjVFOTgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXgYIKwYBBQUHAQcBAf8E
TzBNMEsEAgABMEUwCwMDAQ7CAwQGDsKAAwQEDsLQMAwDBAQOwvADBAUOw8ADBAQO
w/ADAwIxyDALAwMAMfkDBAYx+YADBABzoNkDBAa2nAAwDQYJKoZIhvcNAQELBQAD
ggEBADJ5ErdApuQ4gDAWSk17vGJELujxikdMb/ixzVGrfz3ifHCFgv1fITAw2oB1
oxYK5MgV/uuWhil9ZQbf3JFae8Rb0cYeygdAJKh6uQUhOmac2hdebAJv3G888y2j
1H3sgBXH/o7Xr5aEofnuXnOrLqHkG/n2XfDgL2K8z0sQB38Mny2XawyfXqeZgLY4
6L/+WoXd8cgoYDUIcoe/LlsCRNARnATaIuleAFeiuLPyMr9sl0WIQeUkdBsiDKPX
wqwXSBY7WKfeJV9Z4tWhDJZhDOtPgnw1aEJBNXgGHk05nMDsl/ArPMXcd8SvZ2RG
n3PauDNUTGQlLAL6A8GHcKcGEVA=
-----END CERTIFICATE-----
Generated at Thu Feb 19 23:08:48 2026 by rpki-client