Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/0E95C2D8F14211EAA4333775C4F9AE02.roa
File: 0E95C2D8F14211EAA4333775C4F9AE02.roa (raw, json)
Hash identifier: sDukY+4vNyFTdEUh0TFnFVqsNmB2SFOIOqE9443URz8=
Subject key identifier: 99:57:60:0C:9B:59:48:1C:4F:42:AE:D7:C8:62:76:3C:51:CD:A3:ED
Certificate issuer: /CN=A914CE75/serialNumber=49892537D8B2C0325B7BE081FD9286C79BEA6A85
Certificate serial: 330E
Authority key identifier: 49:89:25:37:D8:B2:C0:32:5B:7B:E0:81:FD:92:86:C7:9B:EA:6A:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SYklN9iywDJbe-CB_ZKGx5vqaoU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/0E95C2D8F14211EAA4333775C4F9AE02.roa
Signing time: Sun 01 Mar 2026 19:10:46 +0000
ROA not before: Wed 30 Apr 2025 15:52:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 10199
IP address blocks: 14.141.140.0/24 maxlen: 24
59.161.0.0/16 maxlen: 16
59.161.0.0/20 maxlen: 20
59.161.16.0/20 maxlen: 20
59.161.64.0/18 maxlen: 18
59.161.80.0/21 maxlen: 21
59.161.88.0/22 maxlen: 22
59.161.92.0/22 maxlen: 22
59.161.96.0/21 maxlen: 21
59.161.120.0/21 maxlen: 21
59.161.128.0/20 maxlen: 20
59.161.144.0/20 maxlen: 20
115.117.0.0/16 maxlen: 16
115.117.19.0/24 maxlen: 24
115.117.35.0/24 maxlen: 24
115.117.50.0/23 maxlen: 23
115.117.56.0/22 maxlen: 22
115.117.100.0/22 maxlen: 22
115.117.160.0/22 maxlen: 22
115.117.164.0/22 maxlen: 22
115.117.168.0/22 maxlen: 22
115.117.172.0/22 maxlen: 22
115.117.180.0/22 maxlen: 22
115.117.184.0/21 maxlen: 21
115.117.192.0/18 maxlen: 18
115.117.208.0/20 maxlen: 20
115.118.67.0/24 maxlen: 24
121.244.0.0/21 maxlen: 21
121.244.10.0/23 maxlen: 23
121.244.12.0/23 maxlen: 23
121.244.14.0/23 maxlen: 23
121.244.16.0/23 maxlen: 23
121.244.18.0/23 maxlen: 23
121.244.20.0/23 maxlen: 23
121.245.32.0/20 maxlen: 24
121.245.64.0/20 maxlen: 20
121.245.80.0/20 maxlen: 20
121.245.96.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/SYklN9iywDJbe-CB_ZKGx5vqaoU.crl
rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/SYklN9iywDJbe-CB_ZKGx5vqaoU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SYklN9iywDJbe-CB_ZKGx5vqaoU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 15:32:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13070 (0x330e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914CE75, serialNumber=49892537D8B2C0325B7BE081FD9286C79BEA6A85
Validity
Not Before: Apr 30 15:52:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a48f36-88fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6d:f3:f7:bc:db:27:dc:9d:7f:36:e0:47:13:
92:d4:15:a4:98:fe:6f:f4:5f:3d:36:3d:a5:df:11:
33:fb:8a:c4:46:98:26:3b:4f:c6:f2:4b:f4:e6:4f:
09:16:1a:37:9e:df:56:09:99:a4:ec:3b:d5:1f:6b:
d4:05:93:ab:cb:12:80:91:89:b6:66:b5:6b:e0:da:
04:3e:10:81:9d:cd:84:b7:18:93:65:b0:57:c0:90:
cc:8e:a1:8b:d7:b4:32:a6:9f:af:50:09:8b:fb:6a:
39:a6:58:72:b7:c3:51:fd:fd:5c:e9:e5:81:e9:13:
30:e8:c3:ce:46:d5:e8:41:79:05:e3:64:7f:cd:62:
42:24:a2:07:5c:2f:fa:a8:6e:7b:1b:05:83:d1:6d:
73:e0:d2:7f:df:d1:49:db:62:ba:8f:ed:b2:e5:64:
72:68:e0:a3:72:3c:19:66:b4:a1:bb:ce:ea:8a:50:
d8:8d:91:1d:4a:5b:2c:3e:25:48:f9:df:3d:75:1a:
c8:71:1a:36:39:b1:e3:a7:0a:fc:b4:f0:14:0e:e6:
4e:f2:2b:4c:cb:a9:fd:92:8a:74:82:c4:ce:82:dd:
c7:68:56:43:8a:45:8c:97:4a:d2:72:a1:27:e3:1a:
3d:22:39:86:5d:82:7a:05:68:28:90:b1:59:06:c8:
fc:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:57:60:0C:9B:59:48:1C:4F:42:AE:D7:C8:62:76:3C:51:CD:A3:ED
X509v3 Authority Key Identifier:
keyid:49:89:25:37:D8:B2:C0:32:5B:7B:E0:81:FD:92:86:C7:9B:EA:6A:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/SYklN9iywDJbe-CB_ZKGx5vqaoU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SYklN9iywDJbe-CB_ZKGx5vqaoU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/0E95C2D8F14211EAA4333775C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
14.141.140.0/24
59.161.0.0/16
115.117.0.0/16
115.118.67.0/24
121.244.0.0/21
121.244.10.0-121.244.21.255
121.245.32.0/20
121.245.64.0-121.245.111.255
Signature Algorithm: sha256WithRSAEncryption
91:81:93:8f:0d:2e:3d:0d:b5:87:b4:32:df:e6:63:11:23:ec:
94:db:a0:9e:bf:10:25:40:83:54:ff:52:44:4a:7a:6e:05:99:
b9:d6:3b:e9:bc:10:3f:92:f3:21:24:80:54:e4:e9:e2:4e:05:
b7:a3:d7:d7:5e:f5:c5:72:7f:a4:e8:14:8e:0f:5b:77:e4:d9:
b8:80:70:d7:e4:9d:cc:a6:82:e8:e7:ad:46:6f:ef:9d:8f:86:
41:a5:15:9c:51:c1:85:4d:ef:e8:67:e2:b2:c4:03:b4:eb:e0:
76:2e:80:51:74:f2:ff:34:89:1b:9f:2f:c6:c7:c1:66:2d:c7:
51:b3:0b:dc:23:f4:f5:f4:68:a8:9d:44:80:e2:c6:29:2a:57:
04:4c:de:26:ce:20:ab:e0:88:4e:41:dc:bf:70:73:e7:3d:5a:
0e:ba:46:f9:b5:ec:7d:93:88:a8:5f:72:8d:68:1a:93:01:bf:
ef:4b:dc:1f:84:7a:7f:72:a2:50:94:ad:75:31:f7:34:52:ae:
06:43:e1:be:57:2d:94:02:fe:c4:92:55:de:a7:64:3a:03:a5:
35:36:54:5d:bb:4c:e1:c8:e9:06:cc:15:77:41:d1:8d:f9:b2:
61:29:c2:4c:f1:a0:08:ee:42:56:14:08:4f:d8:43:4b:02:d5:
fd:d7:97:e3
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICMw4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NENFNzUxMTAvBgNVBAUTKDQ5ODkyNTM3RDhCMkMwMzI1QjdCRTA4MUZEOTI4NkM3
OUJFQTZBODUwHhcNMjUwNDMwMTU1MjE3WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0OGYzNi04OGZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApG3z97zbJ9ydfzbgRxOS1BWkmP5v9F89Nj2l3xEz+4rERpgmO0/G8kv05k8J
Fho3nt9WCZmk7DvVH2vUBZOryxKAkYm2ZrVr4NoEPhCBnc2EtxiTZbBXwJDMjqGL
17Qypp+vUAmL+2o5plhyt8NR/f1c6eWB6RMw6MPORtXoQXkF42R/zWJCJKIHXC/6
qG57GwWD0W1z4NJ/39FJ22K6j+2y5WRyaOCjcjwZZrShu87qilDYjZEdSlssPiVI
+d89dRrIcRo2ObHjpwr8tPAUDuZO8itMy6n9kop0gsTOgt3HaFZDikWMl0rScqEn
4xo9IjmGXYJ6BWgokLFZBsj8CwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFJlXYAyb
WUgcT0Ku18hidjxRzaPtMB8GA1UdIwQYMBaAFEmJJTfYssAyW3vggf2Shseb6mqF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Q0U3NS9EMjJFRjNENkZG
NEIxMUUyODFCRTA2NjI1OTExRUEzMi9TWWtsTjlpeXdESmJlLUNCX1pLR3g1dnFh
b1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NZa2xOOWl5d0RKYmUtQ0JfWktHeDV2cWFvVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NENFNzUvRDIyRUYzRDZGRjRCMTFFMjgxQkUwNjYyNTkxMUVBMzIvMEU5NUMyRDhG
MTQyMTFFQUE0MzMzNzc1QzRGOUFFMDIucm9hMFcGCCsGAQUFBwEHAQH/BEgwRjBE
BAIAATA+AwQADo2MAwMAO6EDAwBzdQMEAHN2QwMEA3n0ADAMAwQBefQKAwQBefQU
AwQEefUgMAwDBAZ59UADBAR59WAwDQYJKoZIhvcNAQELBQADggEBAJGBk48NLj0N
tYe0Mt/mYxEj7JTboJ6/ECVAg1T/UkRKem4FmbnWO+m8ED+S8yEkgFTk6eJOBbej
19de9cVyf6ToFI4PW3fk2biAcNfkncymgujnrUZv752PhkGlFZxRwYVN7+hn4rLE
A7Tr4HYugFF08v80iRufL8bHwWYtx1GzC9wj9PX0aKidRIDixikqVwRM3ibOIKvg
iE5B3L9wc+c9Wg66Rvm17H2TiKhfco1oGpMBv+9L3B+Een9yolCUrXUx9zRSrgZD
4b5XLZQC/sSSVd6nZDoDpTU2VF27TOHI6QbMFXdB0Y35smEpwkzxoAjuQlYUCE/Y
Q0sC1f3Xl+M=
-----END CERTIFICATE-----
Generated at Tue Mar 3 04:25:33 2026 by rpki-client