Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/2E96A63A690A11EF9525E980C4F9AE02.roa
File: 2E96A63A690A11EF9525E980C4F9AE02.roa (raw, json)
Hash identifier: H79PEFMJti2eCbH5qDs5IbBYhaCqR5BDE8cm+73DxvA=
Subject key identifier: 83:0A:90:CD:27:64:F8:4F:42:82:B0:ED:74:E5:82:F2:59:6C:00:B2
Certificate issuer: /CN=A9157D7A/serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Certificate serial: 0869
Authority key identifier: 40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/2E96A63A690A11EF9525E980C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:54:58 +0000
ROA not before: Thu 26 Feb 2026 08:38:13 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 45820
IP address blocks: 14.194.0.0/18 maxlen: 24
14.194.64.0/18 maxlen: 24
14.194.128.0/18 maxlen: 24
14.194.208.0/20 maxlen: 24
14.194.240.0/20 maxlen: 24
14.195.0.0/18 maxlen: 24
14.195.64.0/19 maxlen: 24
14.195.96.0/19 maxlen: 24
14.195.128.0/18 maxlen: 24
14.195.192.0/20 maxlen: 24
14.195.208.0/20 maxlen: 24
14.195.240.0/20 maxlen: 24
49.200.0.0/14 maxlen: 14
49.200.0.0/19 maxlen: 24
49.200.40.0/21 maxlen: 24
49.200.48.0/21 maxlen: 24
49.200.56.0/22 maxlen: 24
49.200.60.0/22 maxlen: 24
49.200.96.0/21 maxlen: 24
49.200.104.0/21 maxlen: 24
49.200.112.0/21 maxlen: 24
49.200.120.0/21 maxlen: 24
49.200.128.0/21 maxlen: 24
49.200.136.0/21 maxlen: 24
49.200.144.0/21 maxlen: 24
49.200.152.0/21 maxlen: 24
49.200.160.0/21 maxlen: 24
49.200.168.0/21 maxlen: 24
49.200.176.0/21 maxlen: 24
49.200.184.0/21 maxlen: 24
49.200.192.0/21 maxlen: 24
49.202.208.0/24 maxlen: 24
49.249.0.0/17 maxlen: 24
49.249.128.0/18 maxlen: 24
115.160.217.0/24 maxlen: 24
182.156.0.0/18 maxlen: 22
182.156.0.0/22 maxlen: 24
182.156.4.0/23 maxlen: 24
182.156.8.0/21 maxlen: 24
182.156.16.0/22 maxlen: 24
182.156.22.0/23 maxlen: 24
182.156.24.0/21 maxlen: 23
182.156.24.0/23 maxlen: 24
182.156.28.0/22 maxlen: 24
182.156.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 02:15:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2153 (0x869)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D7A, serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Validity
Not Before: Feb 26 08:38:13 2026 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=69a48b82-0e45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c6:c5:16:72:90:c6:3e:46:92:ff:7b:fa:4e:
83:f2:76:37:f6:89:ca:87:b3:07:b0:a9:67:8d:89:
0d:8c:b5:50:ad:fa:fc:27:66:d0:14:32:03:ec:6f:
14:3b:68:ab:44:29:d5:a4:94:0e:16:a1:a2:27:3b:
cf:b8:62:1c:69:31:fe:5f:ba:da:ef:87:4c:2b:07:
8c:ec:f6:dd:bb:79:c5:fb:d4:fb:94:f2:50:cd:0a:
e8:ac:35:3e:ec:c0:74:df:c8:54:72:67:bc:c5:d8:
bb:85:58:23:62:d6:cd:46:e4:93:20:94:93:1e:76:
a0:12:12:3e:f7:f6:35:31:46:8d:69:3a:26:7e:1f:
a3:a9:d7:43:51:50:62:58:20:15:ff:61:0e:ce:e4:
9b:09:7f:d0:6a:3d:38:61:b6:61:3e:23:f7:74:f1:
e9:e4:0a:8e:da:67:1f:cf:1c:ef:ca:b9:cf:ce:bb:
25:75:cb:b7:2c:4e:7d:cb:0c:52:fe:ca:25:54:87:
b9:4b:0c:07:6a:5d:12:36:9a:67:c6:72:96:80:99:
2c:76:b9:25:54:30:15:34:34:08:3d:6e:22:80:a4:
90:a8:9a:91:33:c6:9c:9d:1e:6f:db:17:d6:ce:30:
60:9a:bb:d1:9e:c1:35:60:26:44:48:0c:11:1f:4c:
7d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:0A:90:CD:27:64:F8:4F:42:82:B0:ED:74:E5:82:F2:59:6C:00:B2
X509v3 Authority Key Identifier:
keyid:40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/2E96A63A690A11EF9525E980C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
14.194.0.0-14.194.191.255
14.194.208.0/20
14.194.240.0-14.195.223.255
14.195.240.0/20
49.200.0.0/14
49.249.0.0-49.249.191.255
115.160.217.0/24
182.156.0.0/18
Signature Algorithm: sha256WithRSAEncryption
7d:54:0d:d1:28:33:ca:b9:0c:9b:fe:8f:65:61:fb:09:a7:1c:
ce:06:fd:bc:c1:34:96:90:72:d6:1c:84:22:c7:18:f9:ea:7c:
73:27:43:0f:5c:e7:67:c3:23:49:a5:75:33:07:de:ab:01:63:
eb:69:2a:75:bc:0f:bd:b4:f9:1e:f5:87:9c:7a:0d:fa:2e:b5:
fb:7d:8b:24:88:0c:20:28:12:3f:8b:ca:ad:e6:b9:16:2c:d3:
de:75:be:9a:4c:98:a2:90:c8:26:7d:65:f8:f8:df:93:0c:e2:
d2:e3:8b:59:94:cf:89:a8:81:84:0b:a2:8b:f4:ec:9e:84:14:
4e:3c:7b:7f:cd:7f:5b:65:48:a7:ff:66:27:4b:b8:3e:6b:55:
b2:4b:8a:fb:7c:b3:7f:11:35:48:3b:7f:73:cf:5f:a5:41:51:
6a:c2:01:e6:b1:19:4f:9f:52:a5:a9:dd:f4:b3:59:eb:8b:f9:
0e:d6:a8:7a:e9:73:7c:a2:14:60:9b:16:a1:cd:23:7f:94:37:
2b:73:6e:87:ef:6a:e8:b2:04:2b:f0:91:f1:3b:67:70:87:dd:
5a:41:7f:da:3d:9c:6a:2a:bf:62:d7:f8:40:36:94:90:1c:cd:
7d:bf:58:d6:65:45:08:6f:ee:e8:ca:e5:f8:4a:a2:85:20:d6:
c2:b5:19:4c
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgICCGkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdEN0ExMTAvBgNVBAUTKDQwMUI0Mjk5MDZDOTBFQTAzRUNGQzYxQjE1QkE0RUYx
MjM5MDMzNzkwHhcNMjYwMjI2MDgzODEzWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0OGI4Mi0wZTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA08bFFnKQxj5Gkv97+k6D8nY39onKh7MHsKlnjYkNjLVQrfr8J2bQFDID7G8U
O2irRCnVpJQOFqGiJzvPuGIcaTH+X7ra74dMKweM7Pbdu3nF+9T7lPJQzQrorDU+
7MB038hUcme8xdi7hVgjYtbNRuSTIJSTHnagEhI+9/Y1MUaNaTomfh+jqddDUVBi
WCAV/2EOzuSbCX/Qaj04YbZhPiP3dPHp5AqO2mcfzxzvyrnPzrsldcu3LE59ywxS
/solVIe5SwwHal0SNppnxnKWgJksdrklVDAVNDQIPW4igKSQqJqRM8acnR5v2xfW
zjBgmrvRnsE1YCZESAwRH0x9DQIDAQABo4ICnzCCApswHQYDVR0OBBYEFIMKkM0n
ZPhPQoKw7XTlgvJZbACyMB8GA1UdIwQYMBaAFEAbQpkGyQ6gPs/GGxW6TvEjkDN5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q3QS81RERDQ0NDNjk5
MTUxMUVCOTY3MjcyNDNDNEY5QUUwMi9RQnRDbVFiSkRxQS16OFliRmJwTzhTT1FN
M2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FCdENtUWJKRHFBLXo4WWJGYnBPOFNPUU0zay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdEN0EvNUREQ0NDQzY5OTE1MTFFQjk2NzI3MjQzQzRGOUFFMDIvMkU5NkE2M0E2
OTBBMTFFRjk1MjVFOTgwQzRGOUFFMDIucm9hMF4GCCsGAQUFBwEHAQH/BE8wTTBL
BAIAATBFMAsDAwEOwgMEBg7CgAMEBA7C0DAMAwQEDsLwAwQFDsPAAwQEDsPwAwMC
McgwCwMDADH5AwQGMfmAAwQAc6DZAwQGtpwAMA0GCSqGSIb3DQEBCwUAA4IBAQB9
VA3RKDPKuQyb/o9lYfsJpxzOBv28wTSWkHLWHIQixxj56nxzJ0MPXOdnwyNJpXUz
B96rAWPraSp1vA+9tPke9Yeceg36LrX7fYskiAwgKBI/i8qt5rkWLNPedb6aTJii
kMgmfWX4+N+TDOLS44tZlM+JqIGEC6KL9OyehBROPHt/zX9bZUin/2YnS7g+a1Wy
S4r7fLN/ETVIO39zz1+lQVFqwgHmsRlPn1Klqd30s1nri/kO1qh66XN8ohRgmxah
zSN/lDcrc26H72rosgQr8JHxO2dwh91aQX/aPZxqKr9i1/hANpSQHM19v1jWZUUI
b+7oyuX4SqKFINbCtRlM
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:24:00 2026 by rpki-client