Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/2029B38A17A511F1B9E8592C333D8C67.roa
File: 2029B38A17A511F1B9E8592C333D8C67.roa (raw, json)
Hash identifier: 6OZZZbl8whE/Bttlvno5EhuNJ6DOVYs+DUuo9kFHzHE=
Subject key identifier: 2F:F9:87:5C:D9:AB:6E:80:96:CC:D0:3D:71:0D:92:2F:38:E0:F9:95
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0FC3
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/2029B38A17A511F1B9E8592C333D8C67.roa
Signing time: Mon 09 Mar 2026 21:20:47 +0000
ROA not before: Mon 09 Mar 2026 21:20:47 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 133933
IP address blocks: 14.192.128.0/19 maxlen: 19
14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.130.0/24 maxlen: 24
14.192.132.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.139.0/24 maxlen: 24
14.192.140.0/24 maxlen: 24
14.192.141.0/24 maxlen: 24
14.192.142.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.148.0/24 maxlen: 24
14.192.157.0/24 maxlen: 24
14.192.158.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
103.20.132.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
111.92.128.0/24 maxlen: 24
111.92.129.0/24 maxlen: 24
111.92.130.0/24 maxlen: 24
111.92.132.0/24 maxlen: 24
111.92.136.0/24 maxlen: 24
111.92.141.0/24 maxlen: 24
111.92.143.0/24 maxlen: 24
111.92.144.0/24 maxlen: 24
111.92.149.0/24 maxlen: 24
111.92.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 20 Mar 2026 14:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4035 (0xfc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD, serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: Mar 9 21:20:47 2026 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=69af39ae-6586
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:94:50:63:ca:f7:9a:1b:36:79:23:36:d2:e8:
e1:13:ed:c7:9c:7c:09:b2:b1:7a:d7:eb:10:f8:10:
35:8f:78:e1:e0:ca:ef:70:d0:c3:e8:b8:2f:3b:76:
10:49:54:7d:84:78:c1:53:2a:02:ca:15:b7:b6:1b:
73:72:ea:72:0f:b2:18:72:6f:85:78:9d:9f:c2:2d:
06:d5:cd:cc:cb:a2:4b:ca:18:b8:31:a6:1b:c5:3f:
ee:49:a3:e9:1c:86:fe:f1:20:ca:d8:4a:b0:b7:08:
32:37:dd:ea:1a:a5:84:d7:d5:56:6a:f9:b4:98:89:
8a:7a:6b:17:de:59:14:db:ce:d7:c6:d2:5a:b1:66:
68:ba:75:91:d1:ef:ee:95:b5:44:06:9c:25:57:21:
87:23:fa:5c:ca:ed:ed:a7:76:00:59:45:27:df:4f:
b7:c3:ff:4a:6c:9d:1f:b3:5c:3f:33:10:90:71:dd:
1b:98:0d:f5:34:c5:8c:09:d2:40:75:ed:d6:45:f6:
ea:1e:e8:d7:89:50:52:54:14:19:73:bb:01:f6:e9:
1e:6e:c1:21:71:14:1d:d4:ac:e6:32:03:3c:4b:59:
7c:35:a6:dc:5b:e5:87:7a:48:68:1d:53:2e:15:7a:
e1:17:3e:a9:5b:f2:80:23:d2:81:c6:aa:89:64:a5:
e1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:F9:87:5C:D9:AB:6E:80:96:CC:D0:3D:71:0D:92:2F:38:E0:F9:95
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/2029B38A17A511F1B9E8592C333D8C67.roa
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0/19
103.20.132.0/24
103.20.134.0/24
111.92.128.0-111.92.130.255
111.92.132.0/24
111.92.136.0/24
111.92.141.0/24
111.92.143.0-111.92.144.255
111.92.149.0-111.92.150.255
Signature Algorithm: sha256WithRSAEncryption
be:37:1d:ac:e1:28:80:d1:77:24:6a:01:15:c7:49:96:1e:57:
c8:d4:f9:65:66:f1:d4:c7:34:16:6c:29:cf:f8:f6:79:f9:21:
04:62:d7:1a:1c:48:15:a8:ea:e6:e8:d3:36:17:61:c7:d2:c4:
4a:cf:ca:f9:d4:1d:44:f8:77:e8:86:54:3a:38:26:75:bd:df:
5e:1b:f9:69:a4:35:fc:f1:51:95:e0:43:67:1f:d2:99:49:12:
90:bb:eb:bc:26:d7:1b:bc:f6:7e:cd:2f:a7:ca:22:57:6e:d1:
14:8f:4b:32:f5:a0:5b:6c:d2:e8:74:89:62:af:aa:23:f5:cc:
81:90:1c:47:58:b8:7e:b0:da:00:0e:8e:32:07:1d:f7:f2:06:
f3:2b:15:98:99:9f:b8:ea:72:4a:5a:55:38:04:86:f9:c4:2c:
1b:43:9c:d3:86:37:6e:54:ab:70:7f:6b:fa:da:c2:6c:fe:ab:
b5:42:ef:c7:8d:03:1a:a5:b4:5f:60:77:90:40:60:1f:86:57:
5c:ad:87:3e:50:a4:f0:56:6b:81:64:2e:bf:2f:cf:94:7c:98:
35:1e:69:91:20:eb:76:51:e6:6b:a0:a9:b6:a8:02:4f:dd:fc:
b1:7a:60:d9:c7:6c:68:d8:c0:3f:70:28:a4:ad:37:e4:c7:7f:
7a:02:12:dc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICD8MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjYwMzA5MjEyMDQ3WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWFmMzlhZS02NTg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0JRQY8r3mhs2eSM20ujhE+3HnHwJsrF61+sQ+BA1j3jh4MrvcNDD6LgvO3YQ
SVR9hHjBUyoCyhW3thtzcupyD7IYcm+FeJ2fwi0G1c3My6JLyhi4MaYbxT/uSaPp
HIb+8SDK2EqwtwgyN93qGqWE19VWavm0mImKemsX3lkU287XxtJasWZounWR0e/u
lbVEBpwlVyGHI/pcyu3tp3YAWUUn30+3w/9KbJ0fs1w/MxCQcd0bmA31NMWMCdJA
de3WRfbqHujXiVBSVBQZc7sB9ukebsEhcRQd1KzmMgM8S1l8NabcW+WHekhoHVMu
FXrhFz6pW/KAI9KBxqqJZKXheQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC/5h1zZ
q26AlszQPXENki844PmVMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvMjAyOUIzOEEx
N0E1MTFGMUI5RTg1OTJDMzMzRDhDNjcucm9hMGcGCCsGAQUFBwEHAQH/BFgwVjBU
BAIAATBOAwQFDsCAAwQAZxSEAwQAZxSGMAwDBAdvXIADBABvXIIDBABvXIQDBABv
XIgDBABvXI0wDAMEAG9cjwMEAG9ckDAMAwQAb1yVAwQAb1yWMA0GCSqGSIb3DQEB
CwUAA4IBAQC+Nx2s4SiA0XckagEVx0mWHlfI1PllZvHUxzQWbCnP+PZ5+SEEYtca
HEgVqOrm6NM2F2HH0sRKz8r51B1E+HfohlQ6OCZ1vd9eG/lppDX88VGV4ENnH9KZ
SRKQu+u8JtcbvPZ+zS+nyiJXbtEUj0sy9aBbbNLodIlir6oj9cyBkBxHWLh+sNoA
Do4yBx338gbzKxWYmZ+46nJKWlU4BIb5xCwbQ5zThjduVKtwf2v62sJs/qu1Qu/H
jQMapbRfYHeQQGAfhldcrYc+UKTwVmuBZC6/L8+UfJg1HmmRIOt2UeZroKm2qAJP
3fyxemDZx2xo2MA/cCikrTfkx396AhLc
-----END CERTIFICATE-----
Generated at Fri Mar 13 22:11:09 2026 by rpki-client