Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/E19826A0EAA511EBA4C1F32CC4F9AE02.roa
File: E19826A0EAA511EBA4C1F32CC4F9AE02.roa (raw, json)
Hash identifier: tG1HGaU5DUimsEMDFRA50jlq68FCzHx0C3arFNqcuaY=
Subject key identifier: 2C:93:25:1E:D9:0E:BD:E5:D3:B6:72:BA:1A:BE:AB:16:C6:66:E3:AC
Certificate issuer: /CN=A9146207/serialNumber=897E02CCD8EB4039A783D02379C55FEE9F0CEE59
Certificate serial: 0832
Authority key identifier: 89:7E:02:CC:D8:EB:40:39:A7:83:D0:23:79:C5:5F:EE:9F:0C:EE:59
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iX4CzNjrQDmng9AjecVf7p8M7lk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/E19826A0EAA511EBA4C1F32CC4F9AE02.roa
Signing time: Mon 04 Aug 2025 16:24:33 +0000
ROA not before: Mon 04 Aug 2025 16:24:33 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 132199
IP address blocks: 64.224.96.0/21 maxlen: 21
64.224.104.0/22 maxlen: 22
64.224.108.0/22 maxlen: 22
64.224.112.0/21 maxlen: 21
64.224.120.0/21 maxlen: 21
64.224.128.0/22 maxlen: 22
64.224.132.0/22 maxlen: 22
64.224.136.0/21 maxlen: 21
138.84.80.0/22 maxlen: 22
138.84.84.0/22 maxlen: 22
138.84.88.0/23 maxlen: 23
138.84.90.0/23 maxlen: 23
138.84.92.0/22 maxlen: 22
138.84.96.0/22 maxlen: 22
138.84.100.0/22 maxlen: 22
138.84.104.0/22 maxlen: 22
138.84.108.0/23 maxlen: 23
138.84.116.0/22 maxlen: 22
138.84.120.0/22 maxlen: 22
138.84.124.0/23 maxlen: 23
158.62.0.0/21 maxlen: 21
158.62.0.0/22 maxlen: 22
158.62.4.0/23 maxlen: 23
158.62.6.0/23 maxlen: 23
158.62.8.0/22 maxlen: 22
158.62.16.0/21 maxlen: 21
158.62.16.0/22 maxlen: 22
158.62.20.0/23 maxlen: 23
158.62.22.0/23 maxlen: 23
158.62.24.0/22 maxlen: 22
158.62.32.0/21 maxlen: 21
158.62.32.0/22 maxlen: 22
158.62.36.0/23 maxlen: 23
158.62.38.0/23 maxlen: 23
158.62.40.0/22 maxlen: 22
158.62.48.0/21 maxlen: 21
158.62.56.0/23 maxlen: 23
158.62.62.0/23 maxlen: 23
158.62.64.0/22 maxlen: 22
158.62.68.0/23 maxlen: 23
158.62.70.0/23 maxlen: 23
158.62.72.0/23 maxlen: 23
158.62.74.0/23 maxlen: 23
158.62.76.0/22 maxlen: 22
158.62.80.0/23 maxlen: 23
158.62.82.0/23 maxlen: 23
158.62.84.0/24 maxlen: 24
158.62.86.0/23 maxlen: 23
158.62.88.0/22 maxlen: 22
158.62.92.0/22 maxlen: 22
158.62.96.0/22 maxlen: 22
158.62.100.0/23 maxlen: 23
158.62.108.0/22 maxlen: 22
158.62.112.0/22 maxlen: 22
158.62.116.0/23 maxlen: 23
158.62.118.0/24 maxlen: 24
158.62.119.0/24 maxlen: 24
158.62.120.0/22 maxlen: 22
158.62.124.0/22 maxlen: 22
216.247.0.0/22 maxlen: 22
216.247.4.0/23 maxlen: 23
216.247.6.0/23 maxlen: 23
216.247.8.0/22 maxlen: 22
216.247.12.0/23 maxlen: 23
216.247.14.0/23 maxlen: 23
216.247.16.0/22 maxlen: 22
216.247.20.0/22 maxlen: 22
216.247.24.0/22 maxlen: 22
216.247.28.0/23 maxlen: 23
216.247.30.0/23 maxlen: 23
216.247.32.0/22 maxlen: 22
216.247.36.0/22 maxlen: 22
216.247.40.0/23 maxlen: 23
216.247.42.0/23 maxlen: 23
216.247.44.0/22 maxlen: 22
216.247.48.0/22 maxlen: 22
216.247.52.0/23 maxlen: 23
216.247.54.0/23 maxlen: 23
216.247.56.0/22 maxlen: 22
216.247.60.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/iX4CzNjrQDmng9AjecVf7p8M7lk.crl
rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/iX4CzNjrQDmng9AjecVf7p8M7lk.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iX4CzNjrQDmng9AjecVf7p8M7lk.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2098 (0x832)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9146207, serialNumber=897E02CCD8EB4039A783D02379C55FEE9F0CEE59
Validity
Not Before: Aug 4 16:24:33 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=6890dec0-85c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4a:27:d9:97:cf:7c:7b:88:7b:70:18:ad:21:
53:dc:2e:4d:df:44:7e:00:ac:7c:52:fc:ef:cb:7b:
3f:eb:a7:b2:73:4e:ca:47:db:42:4e:5a:a1:c1:ee:
67:c3:2a:9e:6b:5d:c7:9c:d0:27:b2:4c:da:96:69:
3b:db:37:cd:11:da:39:91:fc:2a:9f:0b:85:2b:b1:
ed:46:b3:79:d3:d5:22:ca:0c:eb:9d:0f:fb:66:62:
39:a1:3a:36:8b:59:b9:7f:e9:ef:d6:89:7f:5f:80:
d3:76:cc:c1:96:cc:92:6a:ba:1a:c2:e9:19:d7:77:
3e:a5:55:13:f3:80:eb:cc:0f:53:6e:d1:d9:c2:d6:
fe:e4:39:61:8c:c7:6e:62:b2:61:02:b7:37:f7:e2:
3e:df:d3:5a:43:0f:9b:d8:1b:0a:82:8a:88:aa:4f:
ab:70:82:20:fd:41:61:fd:a4:a0:0a:fc:f8:c0:cd:
71:27:60:d7:2e:2a:68:c8:05:6c:65:fe:2b:16:b1:
6d:6a:e3:45:48:41:7b:6c:b4:21:b0:f9:fd:fd:91:
d7:fe:a3:ad:32:fa:83:5d:e9:5e:5f:b9:db:c2:55:
82:2f:70:b4:28:be:f7:cc:e1:9f:15:3e:48:82:de:
4c:8e:0e:81:90:ea:0d:34:92:8d:7a:d3:0b:e6:09:
7d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:93:25:1E:D9:0E:BD:E5:D3:B6:72:BA:1A:BE:AB:16:C6:66:E3:AC
X509v3 Authority Key Identifier:
keyid:89:7E:02:CC:D8:EB:40:39:A7:83:D0:23:79:C5:5F:EE:9F:0C:EE:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/iX4CzNjrQDmng9AjecVf7p8M7lk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iX4CzNjrQDmng9AjecVf7p8M7lk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/E19826A0EAA511EBA4C1F32CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
64.224.96.0-64.224.143.255
138.84.80.0-138.84.109.255
138.84.116.0-138.84.125.255
158.62.0.0-158.62.11.255
158.62.16.0-158.62.27.255
158.62.32.0-158.62.43.255
158.62.48.0-158.62.57.255
158.62.62.0-158.62.84.255
158.62.86.0-158.62.101.255
158.62.108.0-158.62.127.255
216.247.0.0/18
Signature Algorithm: sha256WithRSAEncryption
7b:69:15:e4:fe:a4:07:bc:6e:7e:77:d4:98:5e:a8:6f:30:c5:
a9:b3:bb:90:17:cc:c8:fc:25:65:2d:7e:12:5f:11:8f:a3:39:
45:f0:48:2c:77:aa:f2:20:3d:20:7f:33:61:d6:65:79:1b:57:
b2:4c:32:c6:f4:a5:d7:e8:fc:df:60:d9:3f:be:b2:46:14:8f:
1b:bf:b7:db:80:13:48:31:4d:75:e7:08:7b:38:6e:dc:61:3f:
38:95:1c:9d:5a:a2:5a:de:55:4e:60:3b:e7:05:09:ea:73:20:
98:82:8d:2c:8b:f9:35:1c:a1:14:de:7c:3c:31:86:c1:be:f4:
47:9f:2a:a5:c9:26:75:cf:43:c6:da:1c:8d:d2:b5:db:3d:ff:
b2:62:ac:ae:db:7d:9b:2f:26:13:a6:14:ac:65:9c:16:6a:8e:
66:1f:e8:c0:14:cf:27:6a:ab:d1:77:37:9a:36:13:75:ea:58:
4d:5f:4e:37:83:f9:58:b3:39:88:33:20:52:8a:24:5a:b0:c1:
81:fb:84:d4:b2:52:50:85:7e:c1:f4:2f:2f:ab:48:50:b0:25:
f2:f4:fe:a1:28:1d:9a:10:f9:be:37:97:8e:4b:f5:28:13:42:
6f:24:84:9c:36:59:6b:d7:fc:77:54:ff:5b:8e:ce:22:78:00:
a7:f2:34:10
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgICCDIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDYyMDcxMTAvBgNVBAUTKDg5N0UwMkNDRDhFQjQwMzlBNzgzRDAyMzc5QzU1RkVF
OUYwQ0VFNTkwHhcNMjUwODA0MTYyNDMzWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODkwZGVjMC04NWM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt0on2ZfPfHuIe3AYrSFT3C5N30R+AKx8Uvzvy3s/66eyc07KR9tCTlqhwe5n
wyqea13HnNAnskzalmk72zfNEdo5kfwqnwuFK7HtRrN509UiygzrnQ/7ZmI5oTo2
i1m5f+nv1ol/X4DTdszBlsySaroawukZ13c+pVUT84DrzA9TbtHZwtb+5DlhjMdu
YrJhArc39+I+39NaQw+b2BsKgoqIqk+rcIIg/UFh/aSgCvz4wM1xJ2DXLipoyAVs
Zf4rFrFtauNFSEF7bLQhsPn9/ZHX/qOtMvqDXeleX7nbwlWCL3C0KL73zOGfFT5I
gt5Mjg6BkOoNNJKNetML5gl95QIDAQABo4IDJTCCAyEwHQYDVR0OBBYEFCyTJR7Z
Dr3l07Zyuhq+qxbGZuOsMB8GA1UdIwQYMBaAFIl+AszY60A5p4PQI3nFX+6fDO5Z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NjIwNy84QzY4QjlBMjA5
ODExMUVCOUQ0NjFCMzBDNEY5QUUwMi9pWDRDek5qclFEbW5nOUFqZWNWZjdwOE03
bGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lYNEN6TmpyUURtbmc5QWplY1ZmN3A4TTdsay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDYyMDcvOEM2OEI5QTIwOTgxMTFFQjlENDYxQjMwQzRGOUFFMDIvRTE5ODI2QTBF
QUE1MTFFQkE0QzFGMzJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga4GCCsGAQUFBwEHAQH/
BIGeMIGbMIGYBAIAATCBkTAMAwQFQOBgAwQEQOCAMAwDBASKVFADBAGKVGwwDAME
AopUdAMEAYpUfDALAwMBnj4DBAKePggwDAMEBJ4+EAMEAp4+GDAMAwQFnj4gAwQC
nj4oMAwDBASePjADBAGePjgwDAMEAZ4+PgMEAJ4+VDAMAwQBnj5WAwQBnj5kMAwD
BAKePmwDBAeePgADBAbY9wAwDQYJKoZIhvcNAQELBQADggEBAHtpFeT+pAe8bn53
1JheqG8wxamzu5AXzMj8JWUtfhJfEY+jOUXwSCx3qvIgPSB/M2HWZXkbV7JMMsb0
pdfo/N9g2T++skYUjxu/t9uAE0gxTXXnCHs4btxhPziVHJ1aolreVU5gO+cFCepz
IJiCjSyL+TUcoRTefDwxhsG+9EefKqXJJnXPQ8baHI3Stds9/7JirK7bfZsvJhOm
FKxlnBZqjmYf6MAUzydqq9F3N5o2E3XqWE1fTjeD+VizOYgzIFKKJFqwwYH7hNSy
UlCFfsH0Ly+rSFCwJfL0/qEoHZoQ+b43l45L9SgTQm8khJw2WWvX/HdU/1uOziJ4
AKfyNBA=
-----END CERTIFICATE-----
Generated at Sun Aug 10 18:27:14 2025 by rpki-client