Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/FFFBCAEE9A9511EBB49D7E1AC4F9AE02.roa
File: FFFBCAEE9A9511EBB49D7E1AC4F9AE02.roa (raw, json)
Hash identifier: 37QHYMs5XbAwWAtW6ZOI2Kmu6v/FD7PEpZdq6+cuweg=
Subject key identifier: ED:DA:83:9E:12:63:8B:7C:AE:A1:B1:A5:1F:68:1E:21:8F:AB:80:BE
Certificate issuer: /CN=A917DEA4/serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8
Certificate serial: 0761
Authority key identifier: B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/FFFBCAEE9A9511EBB49D7E1AC4F9AE02.roa
Signing time: Fri 05 Sep 2025 10:50:38 +0000
ROA not before: Fri 05 Sep 2025 10:50:38 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 45820
IP address blocks: 14.96.8.0/21 maxlen: 24
14.96.48.0/21 maxlen: 24
14.96.56.0/22 maxlen: 24
14.96.60.0/22 maxlen: 24
14.96.128.0/21 maxlen: 24
14.96.136.0/21 maxlen: 24
14.96.144.0/21 maxlen: 24
14.96.152.0/21 maxlen: 24
14.96.160.0/21 maxlen: 24
14.96.168.0/24 maxlen: 24
14.96.169.0/24 maxlen: 24
14.96.172.0/23 maxlen: 24
14.96.174.0/23 maxlen: 24
14.96.176.0/23 maxlen: 24
14.96.180.0/23 maxlen: 24
14.96.184.0/23 maxlen: 24
14.96.186.0/23 maxlen: 24
14.96.188.0/23 maxlen: 24
14.96.190.0/23 maxlen: 24
14.96.216.0/21 maxlen: 24
14.96.224.0/21 maxlen: 24
14.96.232.0/21 maxlen: 24
14.96.240.0/21 maxlen: 24
14.97.0.0/21 maxlen: 24
14.97.8.0/21 maxlen: 24
14.97.16.0/21 maxlen: 24
14.97.24.0/21 maxlen: 24
14.97.32.0/21 maxlen: 24
14.97.40.0/21 maxlen: 24
14.97.48.0/21 maxlen: 24
14.97.56.0/21 maxlen: 24
14.97.64.0/21 maxlen: 24
14.97.72.0/21 maxlen: 24
14.97.80.0/21 maxlen: 24
14.97.88.0/21 maxlen: 24
14.97.96.0/21 maxlen: 24
14.97.104.0/21 maxlen: 24
14.97.112.0/21 maxlen: 24
14.97.120.0/21 maxlen: 24
14.97.128.0/21 maxlen: 24
14.97.136.0/21 maxlen: 24
14.97.144.0/21 maxlen: 24
14.97.152.0/21 maxlen: 24
14.97.160.0/21 maxlen: 24
14.97.168.0/21 maxlen: 24
14.97.176.0/21 maxlen: 24
14.97.184.0/21 maxlen: 24
14.97.192.0/21 maxlen: 24
14.97.200.0/21 maxlen: 24
14.97.208.0/21 maxlen: 24
14.97.216.0/21 maxlen: 24
14.97.224.0/21 maxlen: 24
14.97.240.0/21 maxlen: 24
14.97.248.0/21 maxlen: 24
14.99.0.0/21 maxlen: 24
14.99.8.0/21 maxlen: 24
14.99.16.0/21 maxlen: 24
14.99.24.0/21 maxlen: 24
14.99.32.0/20 maxlen: 24
14.99.48.0/21 maxlen: 24
14.99.56.0/21 maxlen: 24
14.99.64.0/21 maxlen: 24
14.99.72.0/21 maxlen: 24
14.99.80.0/21 maxlen: 24
14.99.88.0/21 maxlen: 24
14.99.96.0/20 maxlen: 24
14.99.112.0/21 maxlen: 24
14.99.120.0/21 maxlen: 24
14.99.128.0/21 maxlen: 24
14.99.136.0/21 maxlen: 24
14.99.144.0/21 maxlen: 24
14.99.152.0/21 maxlen: 24
14.99.160.0/21 maxlen: 24
14.99.168.0/21 maxlen: 24
14.99.176.0/21 maxlen: 24
14.99.184.0/21 maxlen: 24
14.99.192.0/21 maxlen: 24
14.99.200.0/21 maxlen: 24
14.99.208.0/21 maxlen: 24
14.99.216.0/21 maxlen: 24
14.99.224.0/21 maxlen: 24
14.99.232.0/21 maxlen: 24
14.99.240.0/21 maxlen: 24
14.99.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.crl
rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Sep 2025 19:50:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1889 (0x761)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917DEA4, serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8
Validity
Not Before: Sep 5 10:50:38 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=68bac07e-8d1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:8c:2e:05:bc:51:c9:bf:e7:c8:d5:ef:e0:2e:
cb:4a:7f:f5:ca:0c:93:6e:f7:da:18:ca:1b:60:bb:
a1:3c:f4:13:a2:f6:38:db:71:c8:cc:09:d6:30:ed:
0d:df:17:60:3d:13:9a:3c:cc:f2:1b:9c:3b:14:ad:
16:c7:c5:d1:6c:bd:a3:34:ee:75:03:16:90:fd:52:
ab:11:ef:62:46:7c:09:af:e6:ed:cb:94:c2:19:90:
e4:1e:d5:17:e4:f3:b4:1d:35:58:cd:0a:4b:b5:68:
91:05:af:f2:da:22:92:73:0c:53:3e:c6:d4:0d:9f:
77:54:61:2a:58:df:4a:96:7a:72:7e:a3:85:b1:d3:
41:1e:f5:0d:7b:58:a0:66:b5:95:98:73:d9:8a:55:
5d:b9:61:e2:70:b4:aa:75:a6:de:24:bd:12:f4:af:
ef:c6:5a:36:45:71:a4:65:30:f1:df:6a:1f:b1:3c:
d3:54:1b:b4:ab:e9:57:a3:b9:ff:33:4e:2b:1d:93:
42:4b:bf:13:6a:5f:9d:e0:e2:49:1e:02:d6:8d:2f:
4a:e8:26:dd:3d:7c:99:a9:71:a7:63:ab:6d:ef:c0:
79:dc:42:c9:1b:65:55:a6:17:96:3b:69:c3:16:2c:
2a:e7:10:97:2c:f1:0e:10:0e:52:d6:46:0c:13:95:
aa:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:DA:83:9E:12:63:8B:7C:AE:A1:B1:A5:1F:68:1E:21:8F:AB:80:BE
X509v3 Authority Key Identifier:
keyid:B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/FFFBCAEE9A9511EBB49D7E1AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.96.8.0/21
14.96.48.0/20
14.96.128.0-14.96.169.255
14.96.172.0-14.96.177.255
14.96.180.0/23
14.96.184.0/21
14.96.216.0-14.96.247.255
14.97.0.0-14.97.231.255
14.97.240.0/20
14.99.0.0/16
Signature Algorithm: sha256WithRSAEncryption
58:04:40:9e:4f:5b:d9:19:e1:c0:f5:f5:c7:00:9c:1b:f1:a8:
30:c3:13:e9:0e:a3:1e:c6:2f:4a:1a:e3:b2:58:29:a8:40:84:
59:ac:50:46:e4:ad:7f:b1:e3:03:41:5f:30:68:95:4f:ee:39:
e4:4b:76:b4:89:b7:dd:8a:87:4b:ea:e1:2f:89:9e:f1:62:ef:
8d:8a:81:6c:94:b8:cb:ae:c2:6c:6f:8c:80:e1:4f:fa:26:68:
48:1c:8d:50:d1:27:ed:f9:c9:85:01:af:a2:7f:0b:17:fa:c1:
1c:bd:32:87:c9:83:43:e9:0e:7d:91:3a:2b:a2:19:4a:91:27:
32:5c:ef:73:27:6d:61:4d:a9:ed:4d:97:98:cd:dc:f5:11:62:
42:cc:36:2f:33:cf:a7:4e:71:d0:6d:89:fa:bf:9e:fe:68:fd:
b3:9f:39:23:29:f1:8c:8b:cf:57:2b:99:41:85:3a:99:89:16:
cc:d2:c8:e5:83:52:3b:eb:86:a8:e1:fa:2c:a2:c1:65:88:1a:
66:67:ac:be:81:ea:11:76:b2:89:84:69:a4:8d:9a:ad:56:72:
bf:11:d4:be:bd:89:02:45:cb:f5:c5:42:09:c8:8c:f1:6b:01:
1a:6b:4e:8a:2d:8b:cc:02:9f:9f:a0:cf:7b:9a:16:6e:22:77:
cb:6f:a2:8e
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgICB2EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0RFQTQxMTAvBgNVBAUTKEI0RDZGRkQ1REZGOUVBQzQxM0FCNDQwOEUwOTYzN0Iw
OTQ5NERCQzgwHhcNMjUwOTA1MTA1MDM4WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGJhYzA3ZS04ZDFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7owuBbxRyb/nyNXv4C7LSn/1ygyTbvfaGMobYLuhPPQTovY423HIzAnWMO0N
3xdgPROaPMzyG5w7FK0Wx8XRbL2jNO51AxaQ/VKrEe9iRnwJr+bty5TCGZDkHtUX
5PO0HTVYzQpLtWiRBa/y2iKScwxTPsbUDZ93VGEqWN9KlnpyfqOFsdNBHvUNe1ig
ZrWVmHPZilVduWHicLSqdabeJL0S9K/vxlo2RXGkZTDx32ofsTzTVBu0q+lXo7n/
M04rHZNCS78Tal+d4OJJHgLWjS9K6CbdPXyZqXGnY6tt78B53ELJG2VVpheWO2nD
Fiwq5xCXLPEOEA5S1kYME5Wq3wIDAQABo4IC6TCCAuUwHQYDVR0OBBYEFO3ag54S
Y4t8rqGxpR9oHiGPq4C+MB8GA1UdIwQYMBaAFLTW/9Xf+erEE6tECOCWN7CUlNvI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REVBNC9BMjQyNkI2MDk4
MjkxMUVCQjc4ODIwODFDNEY5QUUwMi90TmJfMWRfNTZzUVRxMFFJNEpZM3NKU1Uy
OGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ROYl8xZF81NnNRVHEwUUk0Slkzc0pTVTI4Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0RFQTQvQTI0MjZCNjA5ODI5MTFFQkI3ODgyMDgxQzRGOUFFMDIvRkZGQkNBRUU5
QTk1MTFFQkI0OUQ3RTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcwYIKwYBBQUHAQcBAf8E
ZDBiMGAEAgABMFoDBAMOYAgDBAQOYDAwDAMEBw5ggAMEAQ5gqDAMAwQCDmCsAwQB
DmCwAwQBDmC0AwQDDmC4MAwDBAMOYNgDBAMOYPAwCwMDAA5hAwQDDmHgAwQEDmHw
AwMADmMwDQYJKoZIhvcNAQELBQADggEBAFgEQJ5PW9kZ4cD19ccAnBvxqDDDE+kO
ox7GL0oa47JYKahAhFmsUEbkrX+x4wNBXzBolU/uOeRLdrSJt92Kh0vq4S+JnvFi
742KgWyUuMuuwmxvjIDhT/omaEgcjVDRJ+35yYUBr6J/Cxf6wRy9MofJg0PpDn2R
OiuiGUqRJzJc73MnbWFNqe1Nl5jN3PURYkLMNi8zz6dOcdBtifq/nv5o/bOfOSMp
8YyLz1crmUGFOpmJFszSyOWDUjvrhqjh+iyiwWWIGmZnrL6B6hF2somEaaSNmq1W
cr8R1L69iQJFy/XFQgnIjPFrARprTooti8wCn5+gz3uaFm4id8tvoo4=
-----END CERTIFICATE-----
Generated at Sun Sep 7 02:40:36 2025 by rpki-client