Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/2955A5F2429011F1BDEA7EE5B1833773.roa
File: 2955A5F2429011F1BDEA7EE5B1833773.roa (raw, json)
Hash identifier: 26ECdVpdj8dXBxE622dvqMXTzHxDm5CPdIi73+HTGRs=
Subject key identifier: BE:E2:9B:1E:1F:7C:AF:3E:B2:D8:5F:13:93:47:A5:F2:0B:CE:51:DB
Certificate issuer: /CN=A916C128/serialNumber=B5642732265D40BF75CA94A9EC8119211C1B9B32
Certificate serial: 2CE0
Authority key identifier: B5:64:27:32:26:5D:40:BF:75:CA:94:A9:EC:81:19:21:1C:1B:9B:32
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tWQnMiZdQL91ypSp7IEZIRwbmzI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/2955A5F2429011F1BDEA7EE5B1833773.roa
Signing time: Mon 27 Apr 2026 23:23:56 +0000
ROA not before: Mon 27 Apr 2026 23:23:56 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 45177
IP address blocks: 14.1.32.0/19 maxlen: 24
45.65.13.0/24 maxlen: 24
45.65.14.0/23 maxlen: 24
103.9.236.0/23 maxlen: 24
103.9.238.0/23 maxlen: 24
103.13.116.0/22 maxlen: 24
103.15.178.0/24 maxlen: 24
103.230.76.0/22 maxlen: 22
103.241.120.0/22 maxlen: 24
103.255.248.0/24 maxlen: 24
113.197.96.0/22 maxlen: 23
116.93.128.0/20 maxlen: 24
119.30.0.0/22 maxlen: 24
119.30.4.0/22 maxlen: 24
120.136.0.0/21 maxlen: 24
150.107.32.0/22 maxlen: 24
163.47.204.0/22 maxlen: 24
202.74.192.0/19 maxlen: 24
203.84.224.0/20 maxlen: 24
203.211.64.0/18 maxlen: 24
2400:ee80::/32 maxlen: 48
2401:7000::/32 maxlen: 32
2401:7000::/32 maxlen: 64
2402:3500::/32 maxlen: 48
2402:3500::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/tWQnMiZdQL91ypSp7IEZIRwbmzI.crl
rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/tWQnMiZdQL91ypSp7IEZIRwbmzI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tWQnMiZdQL91ypSp7IEZIRwbmzI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 05 May 2026 15:34:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11488 (0x2ce0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C128, serialNumber=B5642732265D40BF75CA94A9EC8119211C1B9B32
Validity
Not Before: Apr 27 23:23:56 2026 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=69eff00c-8e1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:84:5a:3c:a7:43:a4:48:94:20:fa:3e:d8:d2:
65:04:6a:1b:8a:b6:8b:89:fb:b1:c2:4c:79:a2:9a:
20:7d:d4:f4:10:58:93:9b:9b:1c:02:cd:c2:f3:3c:
32:f8:1f:12:ba:bc:f7:f7:9c:1b:98:b7:a4:48:dd:
35:8d:ba:f5:ea:7f:1a:54:c9:2b:70:f2:79:da:74:
ad:bf:86:7e:84:5a:0b:c2:4d:96:e9:24:02:32:dd:
d0:1b:5c:77:ca:45:f2:2f:92:53:16:b1:16:d5:de:
90:68:92:3b:59:ad:32:28:72:4a:88:f6:5a:b2:56:
9e:4a:12:8b:1c:b3:72:53:1d:f0:a8:07:5a:13:b5:
1d:9f:90:70:d9:18:ff:c8:d7:40:8a:06:28:74:1c:
5c:77:d6:a3:7a:a8:ba:1a:fb:b7:cb:ae:6b:db:e6:
6e:d9:f0:f7:c7:29:81:22:4e:b4:72:c7:09:1d:f6:
31:fc:b9:6b:00:5a:49:67:df:c7:1a:80:f7:e7:ce:
57:3d:35:c6:6e:c8:19:13:9d:68:0b:2c:a4:1d:e5:
67:e3:21:4c:ef:ac:c6:d9:71:a7:be:16:6e:cc:88:
d5:49:1a:c5:23:3c:0e:33:6e:5d:1d:71:a1:2a:72:
55:ba:63:af:ff:fd:ef:6a:b1:21:d8:fa:c0:e0:6a:
1e:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:E2:9B:1E:1F:7C:AF:3E:B2:D8:5F:13:93:47:A5:F2:0B:CE:51:DB
X509v3 Authority Key Identifier:
keyid:B5:64:27:32:26:5D:40:BF:75:CA:94:A9:EC:81:19:21:1C:1B:9B:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/tWQnMiZdQL91ypSp7IEZIRwbmzI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tWQnMiZdQL91ypSp7IEZIRwbmzI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/2955A5F2429011F1BDEA7EE5B1833773.roa
sbgp-ipAddrBlock: critical
IPv4:
14.1.32.0/19
45.65.13.0-45.65.15.255
103.9.236.0/22
103.13.116.0/22
103.15.178.0/24
103.230.76.0/22
103.241.120.0/22
103.255.248.0/24
113.197.96.0/22
116.93.128.0/20
119.30.0.0/21
120.136.0.0/21
150.107.32.0/22
163.47.204.0/22
202.74.192.0/19
203.84.224.0/20
203.211.64.0/18
IPv6:
2400:ee80::/32
2401:7000::/32
2402:3500::/32
Signature Algorithm: sha256WithRSAEncryption
c3:49:34:ec:f2:b4:6d:22:3a:2f:03:de:ea:d5:34:fd:19:ec:
3d:88:5d:87:f4:e4:60:d2:37:60:0d:8f:88:4c:3a:1f:ad:38:
b0:e2:83:54:bf:70:4c:e6:ef:ab:08:89:16:d9:fd:56:71:3a:
84:e3:ec:5e:44:ba:1d:01:78:58:51:85:4d:1d:60:09:a1:dd:
56:3d:8b:8e:94:ac:0c:84:c6:85:38:f2:ca:8b:fe:2d:96:c1:
e5:2f:b8:fc:fe:d3:13:0d:24:aa:2c:57:29:a0:88:77:1a:5a:
42:47:b5:4c:41:95:97:52:5b:bc:a5:f9:e3:0b:9f:4e:16:ec:
cf:47:62:f7:e7:8c:c6:b0:69:ad:6e:6f:da:0e:44:bc:02:5b:
5c:8b:3e:29:91:ec:cc:dc:40:72:ff:f7:82:0f:8d:39:41:c7:
8e:91:1b:9b:af:12:2b:53:e4:db:e8:46:72:45:9e:42:65:48:
e2:fa:22:e3:e4:32:26:5d:ef:11:c2:78:d6:6c:af:f2:aa:61:
20:b9:56:de:9c:3e:ad:61:2e:0a:ea:af:01:cb:a4:ec:9d:e4:
5d:cf:ba:32:7b:26:30:c0:de:8e:6d:a1:30:7b:a0:4b:f9:66:
13:d3:00:14:91:38:3f:3f:c2:70:f9:d7:f9:a2:80:35:81:35:
13:04:72:b0
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgICLOAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkMxMjgxMTAvBgNVBAUTKEI1NjQyNzMyMjY1RDQwQkY3NUNBOTRBOUVDODExOTIx
MUMxQjlCMzIwHhcNMjYwNDI3MjMyMzU2WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWVmZjAwYy04ZTFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxoRaPKdDpEiUIPo+2NJlBGobiraLifuxwkx5opogfdT0EFiTm5scAs3C8zwy
+B8Surz395wbmLekSN01jbr16n8aVMkrcPJ52nStv4Z+hFoLwk2W6SQCMt3QG1x3
ykXyL5JTFrEW1d6QaJI7Wa0yKHJKiPZaslaeShKLHLNyUx3wqAdaE7Udn5Bw2Rj/
yNdAigYodBxcd9ajeqi6Gvu3y65r2+Zu2fD3xymBIk60cscJHfYx/LlrAFpJZ9/H
GoD3585XPTXGbsgZE51oCyykHeVn4yFM76zG2XGnvhZuzIjVSRrFIzwOM25dHXGh
KnJVumOv//3varEh2PrA4GoerQIDAQABo4IC6DCCAuQwHQYDVR0OBBYEFL7imx4f
fK8+sthfE5NHpfILzlHbMB8GA1UdIwQYMBaAFLVkJzImXUC/dcqUqeyBGSEcG5sy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzEyOC82NjRBOUJDQUZB
NkQxMUUzQjZBQzIzNTA1OTExRUEzMi90V1FuTWlaZFFMOTF5cFNwN0lFWklSd2Jt
ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RXUW5NaVpkUUw5MXlwU3A3SUVaSVJ3Ym16SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkMxMjgvNjY0QTlCQ0FGQTZEMTFFM0I2QUMyMzUwNTkxMUVBMzIvMjk1NUE1RjI0
MjkwMTFGMUJERUE3RUU1QjE4MzM3NzMucm9hMIGmBggrBgEFBQcBBwEB/wSBljCB
kzB0BAIAATBuAwQFDgEgMAwDBAAtQQ0DBAQtQQADBAJnCewDBAJnDXQDBABnD7ID
BAJn5kwDBAJn8XgDBABn//gDBAJxxWADBAR0XYADBAN3HgADBAN4iAADBAKWayAD
BAKjL8wDBAXKSsADBATLVOADBAbL00AwGwQCAAIwFQMFACQA7oADBQAkAXAAAwUA
JAI1ADANBgkqhkiG9w0BAQsFAAOCAQEAw0k07PK0bSI6LwPe6tU0/RnsPYhdh/Tk
YNI3YA2PiEw6H604sOKDVL9wTObvqwiJFtn9VnE6hOPsXkS6HQF4WFGFTR1gCaHd
Vj2LjpSsDITGhTjyyov+LZbB5S+4/P7TEw0kqixXKaCIdxpaQke1TEGVl1JbvKX5
4wufThbsz0di9+eMxrBprW5v2g5EvAJbXIs+KZHszNxAcv/3gg+NOUHHjpEbm68S
K1Pk2+hGckWeQmVI4voi4+QyJl3vEcJ41myv8qphILlW3pw+rWEuCuqvAcuk7J3k
Xc+6MnsmMMDejm2hMHugS/lmE9MAFJE4Pz/CcPnX+aKANYE1EwRysA==
-----END CERTIFICATE-----
Generated at Wed Apr 29 14:32:31 2026 by rpki-client