Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/EE375CF036BD11E7B9B7251EC4F9AE02.roa
File: EE375CF036BD11E7B9B7251EC4F9AE02.roa (raw, json)
Hash identifier: wQsPHV6x/USj/C30qX7ocLzNE1hOKIXglDcWSSVxT9s=
Subject key identifier: CB:CA:32:05:E5:BB:31:7E:3C:32:45:7F:5F:B4:A2:A4:17:B6:AF:F8
Certificate issuer: /CN=A91EA198/serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Certificate serial: 1ECE
Authority key identifier: 9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/EE375CF036BD11E7B9B7251EC4F9AE02.roa
Signing time: Mon 19 May 2025 03:43:39 +0000
ROA not before: Mon 19 May 2025 03:43:39 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 134963
IP address blocks: 14.1.112.0/22 maxlen: 24
43.96.0.0/16 maxlen: 24
43.97.0.0/16 maxlen: 24
43.98.0.0/16 maxlen: 24
43.99.0.0/16 maxlen: 24
43.100.0.0/16 maxlen: 24
43.101.0.0/16 maxlen: 24
43.102.0.0/16 maxlen: 24
43.103.0.0/16 maxlen: 24
43.104.0.0/16 maxlen: 24
43.105.0.0/16 maxlen: 24
43.106.0.0/16 maxlen: 24
43.107.0.0/16 maxlen: 24
43.108.0.0/16 maxlen: 24
43.109.0.0/16 maxlen: 24
43.110.0.0/16 maxlen: 24
43.111.0.0/16 maxlen: 24
43.112.0.0/16 maxlen: 24
43.113.0.0/16 maxlen: 24
43.114.0.0/16 maxlen: 24
43.115.0.0/16 maxlen: 24
43.116.0.0/16 maxlen: 24
43.117.0.0/16 maxlen: 24
43.118.0.0/16 maxlen: 24
43.119.0.0/16 maxlen: 24
43.120.0.0/16 maxlen: 24
43.121.0.0/16 maxlen: 24
43.122.0.0/16 maxlen: 24
43.123.0.0/16 maxlen: 24
43.124.0.0/16 maxlen: 24
43.125.0.0/16 maxlen: 24
43.126.0.0/16 maxlen: 24
43.127.0.0/16 maxlen: 16
43.127.0.0/16 maxlen: 24
103.206.40.0/22 maxlen: 24
240b:4000::/32 maxlen: 48
240b:4001::/32 maxlen: 48
240b:4002::/32 maxlen: 48
240b:4003::/32 maxlen: 48
240b:4004::/32 maxlen: 48
240b:4005::/32 maxlen: 48
240b:4006::/32 maxlen: 48
240b:4007::/32 maxlen: 48
240b:4008::/32 maxlen: 48
240b:4009::/32 maxlen: 48
240b:400a::/32 maxlen: 48
240b:400b::/32 maxlen: 48
240b:400c::/32 maxlen: 48
240b:400d::/32 maxlen: 48
240b:400e::/32 maxlen: 48
240b:400f::/32 maxlen: 48
240b:4010::/32 maxlen: 48
240b:4011::/32 maxlen: 48
240b:4012::/32 maxlen: 48
240b:4013::/32 maxlen: 48
240b:4014::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Jun 2025 16:18:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7886 (0x1ece)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA198, serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Validity
Not Before: May 19 03:43:39 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=682aa8ea-1d07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:df:42:d2:0b:8c:54:33:ce:f0:88:1e:5b:a3:
3d:7d:7f:d2:29:d6:4f:6f:3c:a0:26:45:31:b9:fe:
0d:2d:a8:53:79:f1:f7:6c:42:1c:1a:ec:80:56:9a:
61:4d:df:38:b6:72:91:64:b7:51:ac:88:8e:02:60:
4c:fe:f2:a8:49:02:41:09:e6:46:6f:75:25:16:15:
2a:70:97:1b:6a:76:75:bd:a7:68:cb:61:bb:c6:a0:
6e:2d:95:58:c6:6e:90:08:bc:d1:ca:cd:6c:e6:b6:
63:ec:5e:ee:f9:6c:97:d5:34:c6:7a:ee:a9:8c:c4:
ee:41:3b:ea:1f:23:eb:3b:81:01:16:2e:5d:c1:dc:
f6:52:c7:0a:c5:a9:d0:1a:ec:73:42:3c:f8:ab:5d:
ec:55:2c:5a:2f:93:d0:2c:50:c4:2d:5a:50:88:d1:
22:f8:df:23:c6:2d:df:38:0e:fd:50:75:0f:77:03:
43:50:2d:ed:7a:ad:1b:96:bd:5b:54:e9:18:15:a1:
24:94:b3:94:36:9d:84:65:e0:be:dd:bb:00:6e:9c:
b5:fc:fe:5e:ec:b5:27:6f:b6:95:60:db:4c:db:5e:
96:21:7f:f1:bb:6f:c7:40:07:4b:25:16:0e:b5:dd:
61:11:3b:8d:0c:f3:b7:a5:05:2d:22:88:12:07:28:
f7:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:CA:32:05:E5:BB:31:7E:3C:32:45:7F:5F:B4:A2:A4:17:B6:AF:F8
X509v3 Authority Key Identifier:
keyid:9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/EE375CF036BD11E7B9B7251EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.1.112.0/22
43.96.0.0/11
103.206.40.0/22
IPv6:
240b:4000::-240b:4014:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
29:67:aa:73:2e:49:5d:25:de:c1:6b:3c:17:c4:99:10:cc:d3:
64:51:0a:ca:28:e9:4d:9f:fe:ba:68:5b:a7:dc:23:e8:f8:ef:
df:2a:45:85:84:f2:c7:be:a3:c1:81:9e:b4:72:98:1c:24:29:
31:f1:9c:b3:da:d9:d5:d5:c6:82:80:a4:ff:27:2d:ad:d6:4f:
8a:a9:3a:1e:0c:7a:cd:16:39:01:86:bb:10:00:d2:7f:be:fb:
db:2e:6a:d4:53:4a:a0:a3:3f:ab:97:ec:c8:11:97:f5:4b:87:
73:55:a9:23:0d:d9:3e:b6:b5:a1:51:2b:fd:c4:d5:20:dd:cc:
40:3d:fb:a2:de:b9:01:b8:71:b2:3d:27:59:ca:6d:00:5c:a7:
0e:56:78:a8:9b:a9:bf:3c:51:22:e5:36:54:20:61:9e:16:7b:
0a:ff:63:4e:97:c2:11:69:3a:f7:2b:cf:e4:b2:b8:92:47:b8:
d4:05:9b:19:5e:b4:7e:a4:92:a6:fc:52:94:d4:fd:86:86:e0:
21:09:75:8f:6a:59:49:36:ab:ed:3b:40:41:4f:d7:46:e0:47:
79:06:5d:00:cf:aa:4f:8d:2d:5a:d7:12:97:73:70:2c:25:2a:
de:50:8e:67:ba:7b:f4:5d:2e:18:59:48:dd:fd:2c:db:c9:8a:
7b:d9:0f:1a
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICHs4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUExOTgxMTAvBgNVBAUTKDlFMUMzNTMxRDAwNDVFQTM4OUI2OENGRjkyODZBMDhG
QkNCQkQ4QkQwHhcNMjUwNTE5MDM0MzM5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODJhYThlYS0xZDA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqt9C0guMVDPO8IgeW6M9fX/SKdZPbzygJkUxuf4NLahTefH3bEIcGuyAVpph
Td84tnKRZLdRrIiOAmBM/vKoSQJBCeZGb3UlFhUqcJcbanZ1vadoy2G7xqBuLZVY
xm6QCLzRys1s5rZj7F7u+WyX1TTGeu6pjMTuQTvqHyPrO4EBFi5dwdz2UscKxanQ
GuxzQjz4q13sVSxaL5PQLFDELVpQiNEi+N8jxi3fOA79UHUPdwNDUC3teq0blr1b
VOkYFaEklLOUNp2EZeC+3bsAbpy1/P5e7LUnb7aVYNtM216WIX/xu2/HQAdLJRYO
td1hETuNDPO3pQUtIogSByj3KQIDAQABo4ICtzCCArMwHQYDVR0OBBYEFMvKMgXl
uzF+PDJFf1+0oqQXtq/4MB8GA1UdIwQYMBaAFJ4cNTHQBF6jibaM/5KGoI+8u9i9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC85OTNGMjA5MEFC
QzQxMUU2QkQ2QkVEMTRDNEY5QUUwMi9uaHcxTWRBRVhxT0p0b3pfa29hZ2o3eTcy
TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25odzFNZEFFWHFPSnRvel9rb2Fnajd5NzJMMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUExOTgvOTkzRjIwOTBBQkM0MTFFNkJENkJFRDE0QzRGOUFFMDIvRUUzNzVDRjAz
NkJEMTFFN0I5QjcyNTFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMBcEAgABMBEDBAIOAXADAwUrYAMEAmfOKDAVBAIAAjAPMA0DBAYkC0ADBQAk
C0AUMA0GCSqGSIb3DQEBCwUAA4IBAQApZ6pzLkldJd7BazwXxJkQzNNkUQrKKOlN
n/66aFun3CPo+O/fKkWFhPLHvqPBgZ60cpgcJCkx8Zyz2tnV1caCgKT/Jy2t1k+K
qToeDHrNFjkBhrsQANJ/vvvbLmrUU0qgoz+rl+zIEZf1S4dzVakjDdk+trWhUSv9
xNUg3cxAPfui3rkBuHGyPSdZym0AXKcOVniom6m/PFEi5TZUIGGeFnsK/2NOl8IR
aTr3K8/ksriSR7jUBZsZXrR+pJKm/FKU1P2GhuAhCXWPallJNqvtO0BBT9dG4Ed5
Bl0Az6pPjS1a1xKXc3AsJSreUI5nunv0XS4YWUjd/SzbyYp72Q8a
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:17:31 2025 by rpki-client