Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/F24431E6240411F0AE5EFB74C4F9AE02.roa
File: F24431E6240411F0AE5EFB74C4F9AE02.roa (raw, json)
Hash identifier: D5TVu62+o2pWXjG2Ad3FZn9P4JRgqvMCkvXJMQGkGsQ=
Subject key identifier: B6:8A:E4:99:93:3A:50:99:D8:08:98:01:EC:55:DB:58:77:8F:1C:15
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0D5E
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/F24431E6240411F0AE5EFB74C4F9AE02.roa
Signing time: Fri 06 Jun 2025 08:50:55 +0000
ROA not before: Fri 06 Jun 2025 08:50:55 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 45814
IP address blocks: 14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.130.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.132.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.138.0/24 maxlen: 24
14.192.139.0/24 maxlen: 24
14.192.140.0/24 maxlen: 24
14.192.141.0/24 maxlen: 24
14.192.142.0/24 maxlen: 24
14.192.143.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.148.0/24 maxlen: 24
14.192.149.0/24 maxlen: 24
14.192.150.0/24 maxlen: 24
14.192.151.0/24 maxlen: 24
14.192.153.0/24 maxlen: 24
14.192.154.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
14.192.156.0/24 maxlen: 24
14.192.157.0/24 maxlen: 24
14.192.158.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.132.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
111.92.131.0/24 maxlen: 24
111.92.132.0/24 maxlen: 24
111.92.133.0/24 maxlen: 24
111.92.134.0/24 maxlen: 24
111.92.136.0/24 maxlen: 24
111.92.137.0/24 maxlen: 24
111.92.138.0/24 maxlen: 24
111.92.139.0/24 maxlen: 24
111.92.141.0/24 maxlen: 24
111.92.142.0/24 maxlen: 24
111.92.143.0/24 maxlen: 24
111.92.144.0/24 maxlen: 24
111.92.145.0/24 maxlen: 24
111.92.146.0/24 maxlen: 24
111.92.147.0/24 maxlen: 24
111.92.148.0/24 maxlen: 24
111.92.149.0/24 maxlen: 24
111.92.150.0/24 maxlen: 24
111.92.151.0/24 maxlen: 24
2403:7980::/32 maxlen: 32
2403:7980::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 21 Jun 2025 19:52:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3422 (0xd5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD, serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: Jun 6 08:50:55 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6842abee-2a8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c1:83:e8:65:43:6d:34:37:20:5f:2a:b5:58:
8b:7b:59:9f:63:4e:de:d3:23:e0:a3:bb:d1:d3:40:
c2:c3:95:d5:ef:cc:8a:2d:34:64:0c:a2:c7:8f:0a:
c3:91:e7:0c:12:78:57:ba:92:8f:30:fc:1b:18:57:
70:44:01:be:f1:a7:d8:53:00:83:5a:c2:01:ab:85:
08:a2:8c:32:17:ce:37:04:4b:cf:a2:3c:ca:e0:b0:
19:13:9c:1b:49:87:c7:e5:d1:1d:45:56:4b:2f:1d:
0c:2d:75:6a:c3:32:0d:cf:9a:78:b1:1d:61:d6:00:
7e:27:f9:3e:ce:41:20:9e:d3:22:83:6b:74:57:91:
16:4e:3e:b3:df:91:92:42:e7:80:5a:38:f2:7d:91:
58:f3:18:a1:86:a1:b2:cd:8d:1c:cb:83:d3:0e:37:
68:10:2c:12:bb:a5:ed:68:a0:13:5c:a8:e7:67:cc:
66:78:d6:81:ea:ec:a5:66:c8:d3:f7:a7:12:64:da:
c1:5b:d8:76:d4:5e:1f:d7:80:2b:27:12:01:d4:74:
6e:5e:6a:4d:6d:42:4c:7c:d1:11:46:99:6e:a5:9b:
77:a9:ec:a7:ca:9f:26:1d:7a:32:5c:73:c9:18:06:
21:52:c9:68:40:c7:88:86:e4:28:71:4b:83:d0:31:
f2:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:8A:E4:99:93:3A:50:99:D8:08:98:01:EC:55:DB:58:77:8F:1C:15
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/F24431E6240411F0AE5EFB74C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0-14.192.132.255
14.192.136.0/24
14.192.138.0-14.192.143.255
14.192.147.0-14.192.151.255
14.192.153.0-14.192.159.255
43.247.120.0/22
103.20.132.0/22
111.92.131.0-111.92.134.255
111.92.136.0/22
111.92.141.0-111.92.151.255
IPv6:
2403:7980::/32
Signature Algorithm: sha256WithRSAEncryption
a3:44:0a:71:60:c6:1b:aa:47:e5:6f:f1:c8:88:21:fd:f8:6c:
eb:87:a0:35:fe:8f:23:05:dc:87:c9:53:5b:96:d6:94:d4:bf:
24:65:20:0b:14:e4:d1:3b:3c:6a:f9:8e:1a:34:08:29:be:f4:
5b:b1:e8:b6:bd:8e:8c:20:32:72:a2:75:b8:7a:ce:a4:4e:42:
60:73:af:0d:7b:52:54:b8:cb:a7:48:83:16:6b:bb:5e:fb:d8:
e2:de:89:42:be:e9:03:ab:a5:93:f6:84:af:ec:ee:8f:da:9e:
29:ff:a6:fe:7a:45:a6:80:32:e4:41:36:73:52:22:b7:7d:04:
b6:1e:36:20:46:e8:11:fe:94:72:56:c1:01:93:ab:1e:da:12:
e5:20:5d:9c:ef:4c:c3:92:6c:ab:38:45:c3:9a:5a:7f:1c:49:
41:03:ad:b5:97:22:01:8c:1b:d7:ac:1a:7b:f6:0b:45:b8:be:
c1:3a:9d:2d:67:23:33:25:f5:81:61:97:7d:d8:0f:77:e5:98:
26:c9:54:b7:b0:fb:13:16:41:51:8d:d3:da:16:b8:f1:5b:c7:
df:2e:88:31:67:e7:6d:76:97:48:ba:d6:7a:40:4d:3c:6e:aa:
2a:61:64:8b:ab:29:af:6b:8d:f1:79:65:6b:f8:51:ef:ec:68:
25:7b:09:8a
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgICDV4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwNjA2MDg1MDU1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODQyYWJlZS0yYThjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApcGD6GVDbTQ3IF8qtViLe1mfY07e0yPgo7vR00DCw5XV78yKLTRkDKLHjwrD
kecMEnhXupKPMPwbGFdwRAG+8afYUwCDWsIBq4UIoowyF843BEvPojzK4LAZE5wb
SYfH5dEdRVZLLx0MLXVqwzINz5p4sR1h1gB+J/k+zkEgntMig2t0V5EWTj6z35GS
QueAWjjyfZFY8xihhqGyzY0cy4PTDjdoECwSu6XtaKATXKjnZ8xmeNaB6uylZsjT
96cSZNrBW9h21F4f14ArJxIB1HRuXmpNbUJMfNERRplupZt3qeynyp8mHXoyXHPJ
GAYhUsloQMeIhuQocUuD0DHy0wIDAQABo4IDDTCCAwkwHQYDVR0OBBYEFLaK5JmT
OlCZ2AiYAexV21h3jxwVMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvRjI0NDMxRTYy
NDA0MTFGMEFFNUVGQjc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZYGCCsGAQUFBwEHAQH/
BIGGMIGDMHIEAgABMGwwDAMEBw7AgAMEAA7AhAMEAA7AiDAMAwQBDsCKAwQEDsCA
MAwDBAAOwJMDBAMOwJAwDAMEAA7AmQMEBQ7AgAMEAiv3eAMEAmcUhDAMAwQAb1yD
AwQAb1yGAwQCb1yIMAwDBABvXI0DBANvXJAwDQQCAAIwBwMFACQDeYAwDQYJKoZI
hvcNAQELBQADggEBAKNECnFgxhuqR+Vv8ciIIf34bOuHoDX+jyMF3IfJU1uW1pTU
vyRlIAsU5NE7PGr5jho0CCm+9Fux6La9jowgMnKidbh6zqROQmBzrw17UlS4y6dI
gxZru1772OLeiUK+6QOrpZP2hK/s7o/anin/pv56RaaAMuRBNnNSIrd9BLYeNiBG
6BH+lHJWwQGTqx7aEuUgXZzvTMOSbKs4RcOaWn8cSUEDrbWXIgGMG9esGnv2C0W4
vsE6nS1nIzMl9YFhl33YD3flmCbJVLew+xMWQVGN09oWuPFbx98uiDFn5212l0i6
1npATTxuqiphZIurKa9rjfF5ZWv4Ue/saCV7CYo=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:51:36 2025 by rpki-client