Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/F24431E6240411F0AE5EFB74C4F9AE02.roa
File: F24431E6240411F0AE5EFB74C4F9AE02.roa (raw, json)
Hash identifier: MclepbIdsggLN8G2fPWVi4DUMCl7aEhSI7CqYD2fOt4=
Subject key identifier: 4A:7A:43:81:BB:8E:49:5C:05:2A:DD:25:70:86:2D:34:D7:85:8F:B4
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0D90
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/F24431E6240411F0AE5EFB74C4F9AE02.roa
Signing time: Sun 06 Jul 2025 07:59:52 +0000
ROA not before: Sun 06 Jul 2025 07:59:52 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 45814
IP address blocks: 14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.130.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.132.0/24 maxlen: 24
14.192.135.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.138.0/24 maxlen: 24
14.192.139.0/24 maxlen: 24
14.192.140.0/24 maxlen: 24
14.192.141.0/24 maxlen: 24
14.192.142.0/24 maxlen: 24
14.192.143.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.148.0/24 maxlen: 24
14.192.149.0/24 maxlen: 24
14.192.150.0/24 maxlen: 24
14.192.151.0/24 maxlen: 24
14.192.153.0/24 maxlen: 24
14.192.154.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
14.192.156.0/24 maxlen: 24
14.192.157.0/24 maxlen: 24
14.192.158.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.132.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
111.92.131.0/24 maxlen: 24
111.92.132.0/24 maxlen: 24
111.92.133.0/24 maxlen: 24
111.92.134.0/24 maxlen: 24
111.92.136.0/24 maxlen: 24
111.92.137.0/24 maxlen: 24
111.92.138.0/24 maxlen: 24
111.92.139.0/24 maxlen: 24
111.92.141.0/24 maxlen: 24
111.92.142.0/24 maxlen: 24
111.92.143.0/24 maxlen: 24
111.92.144.0/24 maxlen: 24
111.92.145.0/24 maxlen: 24
111.92.146.0/24 maxlen: 24
111.92.147.0/24 maxlen: 24
111.92.148.0/24 maxlen: 24
111.92.149.0/24 maxlen: 24
111.92.150.0/24 maxlen: 24
111.92.151.0/24 maxlen: 24
2403:7980::/32 maxlen: 32
2403:7980::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 25 Jul 2025 20:15:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3472 (0xd90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD, serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: Jul 6 07:59:52 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=686a2cf7-2102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:71:ab:68:b7:93:f8:84:e3:48:2e:14:b6:d5:
ce:db:62:09:0c:ba:39:6c:30:60:c8:59:95:25:a2:
2c:3d:9c:85:59:df:9c:fb:c7:81:db:8f:45:6a:47:
98:b6:5d:60:cb:a7:e0:2c:e4:a4:0e:38:73:7e:fe:
13:0c:5d:55:c3:11:32:9b:32:8d:84:dc:d1:5c:a0:
07:90:83:78:e1:c5:f4:04:c5:57:ac:ae:6e:5f:19:
29:29:83:36:0b:4a:96:7a:b9:d7:e5:4f:1b:5e:84:
4f:22:f0:27:91:2f:11:4f:a5:73:43:4e:8c:97:9e:
8d:64:ae:c4:c9:30:db:f5:65:b0:ee:98:55:01:b7:
2e:0c:bf:02:f9:74:db:66:03:e9:56:66:de:71:64:
60:5b:d2:63:35:ab:51:6e:13:01:bc:3c:a2:c0:9f:
13:c1:32:3c:f2:30:68:ea:9a:55:4e:00:f5:40:db:
db:a0:7d:ef:5d:39:b2:3a:9b:fc:08:ef:6f:64:ed:
d0:d8:62:1a:ae:d1:d5:ba:0e:a9:dd:dd:2f:64:7a:
9a:09:96:7b:e4:5a:da:2e:0f:b6:8d:91:0c:20:f9:
d9:59:cb:44:f1:38:99:2c:12:4f:cf:16:63:dc:a9:
d3:14:88:6c:58:5b:99:68:6b:df:85:d0:0d:1e:52:
1e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:7A:43:81:BB:8E:49:5C:05:2A:DD:25:70:86:2D:34:D7:85:8F:B4
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/F24431E6240411F0AE5EFB74C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0-14.192.132.255
14.192.135.0-14.192.136.255
14.192.138.0-14.192.143.255
14.192.146.0-14.192.151.255
14.192.153.0-14.192.159.255
43.247.120.0/22
103.20.132.0/22
111.92.131.0-111.92.134.255
111.92.136.0/22
111.92.141.0-111.92.151.255
IPv6:
2403:7980::/32
Signature Algorithm: sha256WithRSAEncryption
6d:cd:e9:a0:68:5a:94:da:cf:97:c4:90:52:40:bd:7f:2d:8d:
ed:ba:38:35:a1:94:50:7a:ae:df:6e:80:d5:17:0c:34:94:0d:
49:a3:7e:94:11:46:e2:40:aa:3d:68:60:74:2b:07:40:24:08:
d7:49:9a:81:c5:52:01:9b:35:8e:fb:9c:57:f2:7d:9b:5f:8d:
98:f7:ec:f8:de:63:cd:1c:64:d2:29:54:d8:2d:d4:f9:32:c7:
2e:38:50:62:02:44:e6:b3:5a:b7:57:20:00:4c:b7:6e:ad:57:
8e:41:7c:93:47:59:68:1c:24:95:f9:1d:3f:94:10:35:8d:4f:
12:06:a1:5e:66:4e:e0:62:ce:04:e3:3b:25:60:fb:bf:6d:45:
dd:89:1d:b7:4f:9c:e1:65:47:c9:ee:9f:4b:73:40:3f:f4:31:
ef:58:88:d6:7a:9c:6d:73:67:10:ff:6c:0d:ad:bb:39:e9:5b:
af:04:fd:eb:9c:e2:0c:78:b9:6e:d6:da:d7:98:a2:8c:14:b0:
22:77:2f:1b:01:63:6e:0e:fa:1f:ce:22:39:0d:a1:a3:3a:04:
ba:ac:8e:e2:2e:4a:5d:80:97:1b:b4:be:c7:b7:62:0f:4e:7f:
75:3d:a2:0b:4a:38:28:d8:79:e5:80:fa:89:87:a2:1b:5a:b3:
5f:22:78:41
-----BEGIN CERTIFICATE-----
MIIF8TCCBNmgAwIBAgICDZAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwNzA2MDc1OTUyWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODZhMmNmNy0yMTAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnHGraLeT+ITjSC4UttXO22IJDLo5bDBgyFmVJaIsPZyFWd+c+8eB249FakeY
tl1gy6fgLOSkDjhzfv4TDF1VwxEymzKNhNzRXKAHkIN44cX0BMVXrK5uXxkpKYM2
C0qWernX5U8bXoRPIvAnkS8RT6VzQ06Ml56NZK7EyTDb9WWw7phVAbcuDL8C+XTb
ZgPpVmbecWRgW9JjNatRbhMBvDyiwJ8TwTI88jBo6ppVTgD1QNvboH3vXTmyOpv8
CO9vZO3Q2GIartHVug6p3d0vZHqaCZZ75FraLg+2jZEMIPnZWctE8TiZLBJPzxZj
3KnTFIhsWFuZaGvfhdANHlIeLQIDAQABo4IDFTCCAxEwHQYDVR0OBBYEFEp6Q4G7
jklcBSrdJXCGLTTXhY+0MB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvRjI0NDMxRTYy
NDA0MTFGMEFFNUVGQjc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZ4GCCsGAQUFBwEHAQH/
BIGOMIGLMHoEAgABMHQwDAMEBw7AgAMEAA7AhDAMAwQADsCHAwQADsCIMAwDBAEO
wIoDBAQOwIAwDAMEAQ7AkgMEAw7AkDAMAwQADsCZAwQFDsCAAwQCK/d4AwQCZxSE
MAwDBABvXIMDBABvXIYDBAJvXIgwDAMEAG9cjQMEA29ckDANBAIAAjAHAwUAJAN5
gDANBgkqhkiG9w0BAQsFAAOCAQEAbc3poGhalNrPl8SQUkC9fy2N7bo4NaGUUHqu
326A1RcMNJQNSaN+lBFG4kCqPWhgdCsHQCQI10magcVSAZs1jvucV/J9m1+NmPfs
+N5jzRxk0ilU2C3U+TLHLjhQYgJE5rNat1cgAEy3bq1XjkF8k0dZaBwklfkdP5QQ
NY1PEgahXmZO4GLOBOM7JWD7v21F3Ykdt0+c4WVHye6fS3NAP/Qx71iI1nqcbXNn
EP9sDa27OelbrwT965ziDHi5btba15iijBSwIncvGwFjbg76H84iOQ2hozoEuqyO
4i5KXYCXG7S+x7diD05/dT2iC0o4KNh55YD6iYeiG1qzXyJ4QQ==
-----END CERTIFICATE-----
Generated at Sat Jul 19 18:46:57 2025 by rpki-client