Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914C33A/FEC77C9A073611E8AB7DCB4AC4F9AE02/F9B55ECA922111EAB5138581C4F9AE02.roa
File: F9B55ECA922111EAB5138581C4F9AE02.roa (raw, json)
Hash identifier: tVNdNXfs/JUEf9PTu4jhJoFAKzZsZXMOgAYfuqbbB74=
Subject key identifier: DB:03:DA:32:E5:A8:D4:83:1A:A4:8B:B0:4B:44:73:D9:5A:60:84:A3
Certificate issuer: /CN=A914C33A/serialNumber=54411D9070E20C9FFCFFC414FD09320BF39AB6E8
Certificate serial: 1721
Authority key identifier: 54:41:1D:90:70:E2:0C:9F:FC:FF:C4:14:FD:09:32:0B:F3:9A:B6:E8
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/VEEdkHDiDJ_8_8QU_QkyC_Oatug.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914C33A/FEC77C9A073611E8AB7DCB4AC4F9AE02/F9B55ECA922111EAB5138581C4F9AE02.roa
Signing time: Sun 01 Mar 2026 14:32:02 +0000
ROA not before: Tue 30 Sep 2025 15:42:31 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 7642
IP address blocks: 69.94.32.0/20 maxlen: 20
69.94.32.0/23 maxlen: 24
69.94.34.0/23 maxlen: 24
69.94.36.0/23 maxlen: 24
69.94.38.0/23 maxlen: 24
69.94.40.0/23 maxlen: 24
69.94.42.0/23 maxlen: 24
69.94.44.0/23 maxlen: 24
69.94.46.0/23 maxlen: 24
69.94.80.0/20 maxlen: 20
69.94.80.0/23 maxlen: 24
69.94.82.0/23 maxlen: 24
69.94.84.0/23 maxlen: 24
69.94.86.0/23 maxlen: 24
69.94.88.0/23 maxlen: 24
69.94.90.0/23 maxlen: 24
69.94.92.0/23 maxlen: 24
69.94.94.0/23 maxlen: 24
209.212.192.0/19 maxlen: 19
209.212.192.0/23 maxlen: 24
209.212.194.0/23 maxlen: 24
209.212.196.0/23 maxlen: 24
209.212.198.0/23 maxlen: 24
209.212.200.0/23 maxlen: 24
209.212.202.0/23 maxlen: 24
209.212.204.0/23 maxlen: 24
209.212.206.0/23 maxlen: 24
209.212.208.0/23 maxlen: 24
209.212.210.0/23 maxlen: 24
209.212.212.0/23 maxlen: 24
209.212.214.0/23 maxlen: 24
209.212.216.0/23 maxlen: 24
209.212.218.0/23 maxlen: 24
209.212.220.0/23 maxlen: 24
209.212.222.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914C33A/FEC77C9A073611E8AB7DCB4AC4F9AE02/VEEdkHDiDJ_8_8QU_QkyC_Oatug.crl
rsync://rpki.apnic.net/member_repository/A914C33A/FEC77C9A073611E8AB7DCB4AC4F9AE02/VEEdkHDiDJ_8_8QU_QkyC_Oatug.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/VEEdkHDiDJ_8_8QU_QkyC_Oatug.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 02:05:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5921 (0x1721)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914C33A, serialNumber=54411D9070E20C9FFCFFC414FD09320BF39AB6E8
Validity
Not Before: Sep 30 15:42:31 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=69a44de2-6d49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fc:64:d9:c4:9a:0e:54:8d:94:06:67:62:81:
60:cf:97:46:17:87:72:a1:d6:58:d9:76:30:c7:b9:
3a:36:d3:e3:b2:14:75:84:63:50:d5:89:ba:b6:4c:
cc:ee:96:2c:be:07:57:f1:2f:46:05:81:72:1f:0f:
19:a6:44:e8:f5:54:78:ba:6f:7b:57:ad:72:ef:ec:
84:2b:a2:e9:89:34:63:ff:8f:7e:e2:46:ee:1a:d9:
de:74:00:17:77:92:c2:0d:70:29:76:b8:7d:f1:1a:
1f:a2:f6:8a:9c:75:d6:1c:75:dc:4a:03:9a:2b:4c:
b6:dc:ec:fa:fe:7c:77:a9:41:37:6c:54:90:c6:9d:
e6:2c:a3:7c:ed:60:da:48:e4:30:24:ab:8d:f9:84:
c1:d0:00:a4:4e:ab:6f:24:20:e1:50:82:d3:6b:77:
db:b9:4a:9a:90:f1:da:e0:5f:de:90:32:cd:66:0a:
05:8a:30:db:a3:1f:5f:ea:50:ff:4a:54:73:af:26:
5b:d7:b7:44:56:32:2f:42:78:e4:4f:59:ea:ed:b7:
a0:f7:db:7f:80:e9:23:0e:a3:87:56:8e:fb:40:4d:
62:a1:74:11:4a:ad:b6:70:53:57:b6:6c:0b:a2:fb:
9e:6b:12:de:cb:13:61:35:87:97:a7:bd:7b:20:f7:
4a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:03:DA:32:E5:A8:D4:83:1A:A4:8B:B0:4B:44:73:D9:5A:60:84:A3
X509v3 Authority Key Identifier:
keyid:54:41:1D:90:70:E2:0C:9F:FC:FF:C4:14:FD:09:32:0B:F3:9A:B6:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914C33A/FEC77C9A073611E8AB7DCB4AC4F9AE02/VEEdkHDiDJ_8_8QU_QkyC_Oatug.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/VEEdkHDiDJ_8_8QU_QkyC_Oatug.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C33A/FEC77C9A073611E8AB7DCB4AC4F9AE02/F9B55ECA922111EAB5138581C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
69.94.32.0/20
69.94.80.0/20
209.212.192.0/19
Signature Algorithm: sha256WithRSAEncryption
05:7a:4a:37:f9:50:4f:92:93:2f:0d:3a:c5:34:7d:3a:f5:19:
4d:50:b2:7e:fb:16:21:97:4f:5b:98:b0:9e:48:58:ea:73:fb:
dc:2f:96:c8:4e:6c:91:44:36:13:ab:73:e9:1d:f5:37:95:a9:
42:01:20:0c:07:38:4e:87:7b:f6:de:ae:df:08:f3:f4:02:8a:
cd:60:aa:5c:78:66:72:2c:ac:e7:86:9f:4f:ad:13:4f:7c:4b:
0a:34:d4:45:9b:c3:25:67:46:bd:d7:2e:0c:8d:a6:58:f9:08:
71:ce:4f:ee:ef:6e:03:1b:68:71:dc:70:9f:bb:47:62:a2:e9:
31:b6:44:c2:9b:06:6c:04:65:6b:01:5a:07:34:ac:56:de:73:
9c:0d:f2:71:bd:9c:dd:7b:ec:22:30:98:c2:40:fb:47:31:d1:
14:fd:e2:13:7f:f1:df:df:5f:16:33:57:6b:23:1b:d2:98:42:
ed:0b:f4:48:86:16:bb:a7:e0:67:85:18:15:0b:ec:53:52:a9:
79:bf:01:c2:c2:69:3b:86:00:42:c8:4d:af:60:98:b6:68:8d:
ae:f5:f0:98:54:87:f5:d6:04:4a:44:bd:d5:4b:88:dd:a4:8b:
14:b9:2a:34:1b:89:ac:62:50:d1:2e:88:37:53:98:a5:69:bb:
84:29:9b:f3
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgICFyEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEMzM0ExMTAvBgNVBAUTKDU0NDExRDkwNzBFMjBDOUZGQ0ZGQzQxNEZEMDkzMjBC
RjM5QUI2RTgwHhcNMjUwOTMwMTU0MjMxWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NGRlMi02ZDQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqPxk2cSaDlSNlAZnYoFgz5dGF4dyodZY2XYwx7k6NtPjshR1hGNQ1Ym6tkzM
7pYsvgdX8S9GBYFyHw8ZpkTo9VR4um97V61y7+yEK6LpiTRj/49+4kbuGtnedAAX
d5LCDXApdrh98RofovaKnHXWHHXcSgOaK0y23Oz6/nx3qUE3bFSQxp3mLKN87WDa
SOQwJKuN+YTB0ACkTqtvJCDhUILTa3fbuUqakPHa4F/ekDLNZgoFijDbox9f6lD/
SlRzryZb17dEVjIvQnjkT1nq7beg99t/gOkjDqOHVo77QE1ioXQRSq22cFNXtmwL
ovueaxLeyxNhNYeXp717IPdKkQIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFNsD2jLl
qNSDGqSLsEtEc9laYISjMB8GA1UdIwQYMBaAFFRBHZBw4gyf/P/EFP0JMgvzmrbo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QzMzQS9GRUM3N0M5QTA3
MzYxMUU4QUI3RENCNEFDNEY5QUUwMi9WRUVka0hEaURKXzhfOFFVX1FreUNfT2F0
dWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1ZFRWRrSERpREpfOF84UVVfUWt5Q19PYXR1Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEMzM0EvRkVDNzdDOUEwNzM2MTFFOEFCN0RDQjRBQzRGOUFFMDIvRjlCNTVFQ0E5
MjIxMTFFQUI1MTM4NTgxQzRGOUFFMDIucm9hMCsGCCsGAQUFBwEHAQH/BBwwGjAY
BAIAATASAwQERV4gAwQERV5QAwQF0dTAMA0GCSqGSIb3DQEBCwUAA4IBAQAFeko3
+VBPkpMvDTrFNH069RlNULJ++xYhl09bmLCeSFjqc/vcL5bITmyRRDYTq3PpHfU3
lalCASAMBzhOh3v23q7fCPP0AorNYKpceGZyLKznhp9PrRNPfEsKNNRFm8MlZ0a9
1y4MjaZY+Qhxzk/u724DG2hx3HCfu0dioukxtkTCmwZsBGVrAVoHNKxW3nOcDfJx
vZzde+wiMJjCQPtHMdEU/eITf/Hf318WM1drIxvSmELtC/RIhha7p+BnhRgVC+xT
Uql5vwHCwmk7hgBCyE2vYJi2aI2u9fCYVIf11gRKRL3VS4jdpIsUuSo0G4msYlDR
Log3U5ilabuEKZvz
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:05:00 2026 by rpki-client