Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/E8976FF0928211EF8D2A551EC4F9AE02.roa
File: E8976FF0928211EF8D2A551EC4F9AE02.roa (raw, json)
Hash identifier: KaXP6yLqLy6u16YQgUTkal+kksEzHmImjnWX4XyyF9s=
Subject key identifier: 67:9C:0C:81:9D:32:43:C3:3E:23:D4:40:97:B7:9E:5A:7B:C9:22:45
Certificate issuer: /CN=A91D1691/serialNumber=7AC0C00F0FCA479EE465E4F7F545E8C94993D61C
Certificate serial: 2477
Authority key identifier: 7A:C0:C0:0F:0F:CA:47:9E:E4:65:E4:F7:F5:45:E8:C9:49:93:D6:1C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esDADw_KR57kZeT39UXoyUmT1hw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/E8976FF0928211EF8D2A551EC4F9AE02.roa
Signing time: Tue 26 Aug 2025 16:23:18 +0000
ROA not before: Tue 26 Aug 2025 16:23:18 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 45352
IP address blocks: 14.102.144.0/22 maxlen: 24
14.102.148.0/24 maxlen: 24
14.102.149.0/24 maxlen: 24
14.102.150.0/24 maxlen: 24
14.102.151.0/24 maxlen: 24
14.192.64.0/24 maxlen: 24
14.192.65.0/24 maxlen: 24
14.192.66.0/24 maxlen: 24
14.192.70.0/23 maxlen: 24
43.252.152.0/22 maxlen: 24
45.64.168.0/22 maxlen: 22
45.64.168.0/23 maxlen: 23
45.64.168.0/24 maxlen: 24
45.64.169.0/24 maxlen: 24
45.64.170.0/24 maxlen: 24
45.64.171.0/24 maxlen: 24
58.84.8.0/22 maxlen: 22
58.84.8.0/24 maxlen: 24
58.84.9.0/24 maxlen: 24
58.84.10.0/24 maxlen: 24
58.84.11.0/24 maxlen: 24
103.3.172.0/24 maxlen: 24
103.3.173.0/24 maxlen: 24
103.3.174.0/23 maxlen: 24
103.10.156.0/23 maxlen: 24
103.10.158.0/23 maxlen: 24
103.23.45.0/24 maxlen: 24
103.40.204.0/22 maxlen: 24
118.107.200.0/21 maxlen: 24
118.107.208.0/24 maxlen: 24
118.107.209.0/24 maxlen: 24
118.107.210.0/24 maxlen: 24
118.107.211.0/24 maxlen: 24
118.107.232.0/24 maxlen: 24
118.107.233.0/24 maxlen: 24
118.107.234.0/23 maxlen: 23
118.107.235.0/24 maxlen: 24
118.107.236.0/24 maxlen: 24
118.107.237.0/24 maxlen: 24
118.107.238.0/24 maxlen: 24
118.107.239.0/24 maxlen: 24
118.107.240.0/24 maxlen: 24
118.107.241.0/24 maxlen: 24
118.107.242.0/24 maxlen: 24
118.107.243.0/24 maxlen: 24
183.81.160.0/21 maxlen: 24
192.82.56.0/21 maxlen: 21
192.82.56.0/24 maxlen: 24
192.82.57.0/24 maxlen: 24
192.82.58.0/24 maxlen: 24
192.82.59.0/24 maxlen: 24
192.82.60.0/24 maxlen: 24
192.82.61.0/24 maxlen: 24
192.82.62.0/24 maxlen: 24
192.82.63.0/24 maxlen: 24
210.5.40.0/22 maxlen: 24
210.5.44.0/22 maxlen: 24
2401:3400::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/esDADw_KR57kZeT39UXoyUmT1hw.crl
rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/esDADw_KR57kZeT39UXoyUmT1hw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esDADw_KR57kZeT39UXoyUmT1hw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 15 Sep 2025 15:47:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9335 (0x2477)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D1691, serialNumber=7AC0C00F0FCA479EE465E4F7F545E8C94993D61C
Validity
Not Before: Aug 26 16:23:18 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=68addf76-c763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:cd:97:08:c2:f0:75:a2:ac:55:5d:fd:8e:f4:
4e:06:2f:b9:9a:9d:f8:24:e8:0d:9c:6f:f2:14:f3:
8b:95:20:d3:08:52:24:1a:db:64:18:d9:a1:3c:e6:
c8:5b:a1:71:83:90:9c:1b:1b:05:38:ac:cf:e0:59:
85:88:ea:9b:21:a6:a2:01:b9:84:9a:4c:c9:e1:b6:
34:69:4f:aa:14:b6:2b:9f:6d:97:a3:c1:cf:1f:d9:
fc:1a:89:e0:db:f9:0a:7b:67:f5:a1:8a:98:99:14:
be:99:e6:89:0b:ab:b2:67:79:3e:ac:82:87:b1:9d:
96:2a:ac:60:10:04:f4:d9:fb:63:8d:ce:e0:ac:0b:
d8:ba:d8:bb:4b:7f:23:5d:9b:e3:5f:ad:5e:d3:ec:
79:ec:58:45:83:ec:90:87:e7:68:17:2b:f1:4e:fc:
26:93:35:3e:40:35:a4:93:ac:b0:54:03:61:2b:fa:
00:c8:72:42:5e:6a:eb:68:2a:ca:76:19:a4:33:c8:
62:07:66:16:0c:1f:45:cd:d2:5c:ce:44:75:d5:87:
b2:7d:1b:49:bd:58:71:73:96:d1:ab:b3:87:d8:90:
0b:b1:64:08:a4:0e:f0:d2:ef:57:12:b5:5e:09:cc:
66:a2:40:2f:46:2c:c3:0c:6d:47:d6:4f:57:95:15:
a6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:9C:0C:81:9D:32:43:C3:3E:23:D4:40:97:B7:9E:5A:7B:C9:22:45
X509v3 Authority Key Identifier:
keyid:7A:C0:C0:0F:0F:CA:47:9E:E4:65:E4:F7:F5:45:E8:C9:49:93:D6:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/esDADw_KR57kZeT39UXoyUmT1hw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esDADw_KR57kZeT39UXoyUmT1hw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/E8976FF0928211EF8D2A551EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.102.144.0/21
14.192.64.0-14.192.66.255
14.192.70.0/23
43.252.152.0/22
45.64.168.0/22
58.84.8.0/22
103.3.172.0/22
103.10.156.0/22
103.23.45.0/24
103.40.204.0/22
118.107.200.0-118.107.211.255
118.107.232.0-118.107.243.255
183.81.160.0/21
192.82.56.0/21
210.5.40.0/21
IPv6:
2401:3400::/32
Signature Algorithm: sha256WithRSAEncryption
09:37:47:ed:45:41:d2:26:27:59:d2:81:82:61:bb:d4:e1:25:
b5:7c:15:e0:f7:30:b6:e7:8f:33:c7:20:0b:5e:63:21:c3:da:
28:d1:e2:f8:74:52:35:9c:fc:bc:e8:62:f1:d8:f9:43:ec:9a:
84:cd:93:dd:37:e7:76:8c:a9:cf:f9:45:4d:1e:c3:4d:7d:f0:
ec:9a:7a:e1:21:1e:f7:39:6d:c3:14:11:c3:75:bd:6e:09:ba:
13:31:e5:4a:57:95:ed:c4:0d:fb:58:18:57:60:88:20:56:d9:
f4:55:f7:e8:fd:df:82:6c:d0:18:05:0d:76:eb:ac:d3:b4:1e:
05:41:1d:52:32:1f:d9:06:2a:e3:ea:ae:91:71:14:9b:8d:0a:
41:37:4b:b7:63:8a:a0:d8:52:7a:35:4b:ec:b4:46:e6:1e:0f:
6c:21:c1:25:10:8a:35:4c:16:cd:05:4d:fc:3d:73:9d:a7:f0:
b3:f8:a3:f3:b2:ec:c7:63:1e:66:e1:59:b2:5a:48:db:19:58:
c1:0c:14:a9:f3:4a:91:3b:1f:d3:06:4c:17:b7:a3:cd:a5:36:
96:67:0f:34:49:e1:96:3e:77:e1:7d:94:a8:45:45:56:cd:06:
69:50:62:25:76:0f:4c:9d:4f:6d:4c:5b:60:f4:fb:e7:74:48:
4a:c0:89:03
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgICJHcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE2OTExMTAvBgNVBAUTKDdBQzBDMDBGMEZDQTQ3OUVFNDY1RTRGN0Y1NDVFOEM5
NDk5M0Q2MUMwHhcNMjUwODI2MTYyMzE4WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGFkZGY3Ni1jNzYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw82XCMLwdaKsVV39jvROBi+5mp34JOgNnG/yFPOLlSDTCFIkGttkGNmhPObI
W6Fxg5CcGxsFOKzP4FmFiOqbIaaiAbmEmkzJ4bY0aU+qFLYrn22Xo8HPH9n8Gong
2/kKe2f1oYqYmRS+meaJC6uyZ3k+rIKHsZ2WKqxgEAT02ftjjc7grAvYuti7S38j
XZvjX61e0+x57FhFg+yQh+doFyvxTvwmkzU+QDWkk6ywVANhK/oAyHJCXmrraCrK
dhmkM8hiB2YWDB9FzdJczkR11YeyfRtJvVhxc5bRq7OH2JALsWQIpA7w0u9XErVe
CcxmokAvRizDDG1H1k9XlRWmYwIDAQABo4IDEzCCAw8wHQYDVR0OBBYEFGecDIGd
MkPDPiPUQJe3nlp7ySJFMB8GA1UdIwQYMBaAFHrAwA8Pykee5GXk9/VF6MlJk9Yc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTY5MS81QUZDMjY5MjY1
MkIxMUU1OTdBODY4ODFDNEY5QUUwMi9lc0RBRHdfS1I1N2taZVQzOVVYb3lVbVQx
aHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VzREFEd19LUjU3a1plVDM5VVhveVVtVDFody5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE2OTEvNUFGQzI2OTI2NTJCMTFFNTk3QTg2ODgxQzRGOUFFMDIvRTg5NzZGRjA5
MjgyMTFFRjhEMkE1NTFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZwGCCsGAQUFBwEHAQH/
BIGMMIGJMHgEAgABMHIDBAMOZpAwDAMEBg7AQAMEAA7AQgMEAQ7ARgMEAiv8mAME
Ai1AqAMEAjpUCAMEAmcDrAMEAmcKnAMEAGcXLQMEAmcozDAMAwQDdmvIAwQCdmvQ
MAwDBAN2a+gDBAJ2a/ADBAO3UaADBAPAUjgDBAPSBSgwDQQCAAIwBwMFACQBNAAw
DQYJKoZIhvcNAQELBQADggEBAAk3R+1FQdImJ1nSgYJhu9ThJbV8FeD3MLbnjzPH
IAteYyHD2ijR4vh0UjWc/LzoYvHY+UPsmoTNk90353aMqc/5RU0ew0198OyaeuEh
Hvc5bcMUEcN1vW4JuhMx5UpXle3EDftYGFdgiCBW2fRV9+j934Js0BgFDXbrrNO0
HgVBHVIyH9kGKuPqrpFxFJuNCkE3S7djiqDYUno1S+y0RuYeD2whwSUQijVMFs0F
Tfw9c52n8LP4o/Oy7MdjHmbhWbJaSNsZWMEMFKnzSpE7H9MGTBe3o82lNpZnDzRJ
4ZY+d+F9lKhFRVbNBmlQYiV2D0ydT21MW2D0++d0SErAiQM=
-----END CERTIFICATE-----
Generated at Mon Sep 8 17:37:59 2025 by rpki-client