Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/2955A5F2429011F1BDEA7EE5B1833773.roa
File: 2955A5F2429011F1BDEA7EE5B1833773.roa (raw, json)
Hash identifier: r2dOfSrK2XLBaBp1lSSeJ+uaupx65W337x6yyy8UK1U=
Subject key identifier: 72:32:05:5F:B5:41:BA:84:6F:4E:22:A4:62:8B:04:7B:A9:97:C6:1A
Certificate issuer: /CN=A916C128/serialNumber=B5642732265D40BF75CA94A9EC8119211C1B9B32
Certificate serial: 2CF9
Authority key identifier: B5:64:27:32:26:5D:40:BF:75:CA:94:A9:EC:81:19:21:1C:1B:9B:32
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tWQnMiZdQL91ypSp7IEZIRwbmzI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/2955A5F2429011F1BDEA7EE5B1833773.roa
Signing time: Sun 31 May 2026 17:59:46 +0000
ROA not before: Sun 31 May 2026 17:59:46 +0000
ROA not after: Fri 30 Jul 2027 00:00:00 +0000
asID: 45177
IP address blocks: 14.1.32.0/19 maxlen: 24
45.65.13.0/24 maxlen: 24
45.65.14.0/23 maxlen: 24
103.9.236.0/23 maxlen: 24
103.9.238.0/23 maxlen: 24
103.13.116.0/22 maxlen: 24
103.15.178.0/24 maxlen: 24
103.230.76.0/22 maxlen: 22
103.241.120.0/22 maxlen: 24
103.255.248.0/24 maxlen: 24
113.197.96.0/22 maxlen: 23
116.93.128.0/20 maxlen: 24
119.30.0.0/22 maxlen: 24
119.30.4.0/22 maxlen: 24
120.136.0.0/21 maxlen: 24
150.107.32.0/22 maxlen: 24
163.47.204.0/22 maxlen: 24
202.74.192.0/19 maxlen: 24
203.84.224.0/20 maxlen: 24
203.211.64.0/18 maxlen: 24
2400:ee80::/32 maxlen: 48
2401:7000::/32 maxlen: 32
2401:7000::/32 maxlen: 64
2402:3500::/32 maxlen: 48
2402:3500::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/tWQnMiZdQL91ypSp7IEZIRwbmzI.crl
rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/tWQnMiZdQL91ypSp7IEZIRwbmzI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tWQnMiZdQL91ypSp7IEZIRwbmzI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 19 Jun 2026 15:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11513 (0x2cf9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C128, serialNumber=B5642732265D40BF75CA94A9EC8119211C1B9B32
Validity
Not Before: May 31 17:59:46 2026 GMT
Not After : Jul 30 00:00:00 2027 GMT
Subject: CN=6a1c7712-5384
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:27:4b:da:bf:aa:84:7a:00:a5:46:27:14:57:
4a:b9:95:cc:43:b9:d3:3b:25:ae:af:06:46:10:da:
03:41:da:d0:33:8f:f5:f5:f2:43:4c:76:13:1a:d5:
67:d9:7d:58:2a:d8:3d:d8:04:30:b2:8b:4f:10:cd:
e0:87:d8:de:af:81:e2:fe:a8:9f:17:b3:f0:c1:8f:
84:c6:43:21:d3:6b:cf:1c:ae:75:6a:2c:33:9b:4d:
e6:fc:60:6d:be:6e:76:8b:f7:ae:ee:09:5c:62:4b:
81:3a:c5:2f:ba:38:2a:80:13:09:99:b4:a3:f4:8b:
a0:4b:b8:f2:30:a5:4c:77:59:8d:d4:9f:ab:e1:81:
54:9d:33:4c:72:59:25:2f:80:c8:1b:1c:d0:af:30:
58:0f:f8:ad:45:80:aa:a7:60:62:d7:51:5e:79:5e:
53:d4:81:61:26:61:27:a5:da:2f:cf:89:a7:dd:ca:
ba:f0:4d:97:59:34:e9:e7:73:8e:ee:01:6d:7e:de:
3d:13:b5:33:52:2a:ff:a7:95:72:41:9c:30:01:e9:
d6:75:3f:f1:04:dc:4d:08:9c:80:ea:da:07:a9:2b:
31:16:23:e8:3f:8b:03:ef:1d:ed:27:b1:97:7b:7f:
4a:ad:22:21:23:71:e8:c3:99:29:a0:56:8a:31:1b:
35:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:32:05:5F:B5:41:BA:84:6F:4E:22:A4:62:8B:04:7B:A9:97:C6:1A
X509v3 Authority Key Identifier:
keyid:B5:64:27:32:26:5D:40:BF:75:CA:94:A9:EC:81:19:21:1C:1B:9B:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/tWQnMiZdQL91ypSp7IEZIRwbmzI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tWQnMiZdQL91ypSp7IEZIRwbmzI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/2955A5F2429011F1BDEA7EE5B1833773.roa
sbgp-ipAddrBlock: critical
IPv4:
14.1.32.0/19
45.65.13.0-45.65.15.255
103.9.236.0/22
103.13.116.0/22
103.15.178.0/24
103.230.76.0/22
103.241.120.0/22
103.255.248.0/24
113.197.96.0/22
116.93.128.0/20
119.30.0.0/21
120.136.0.0/21
150.107.32.0/22
163.47.204.0/22
202.74.192.0/19
203.84.224.0/20
203.211.64.0/18
IPv6:
2400:ee80::/32
2401:7000::/32
2402:3500::/32
Signature Algorithm: sha256WithRSAEncryption
46:0f:8f:47:73:c6:e7:49:3c:18:4f:b4:f0:22:c5:7c:92:4f:
b6:8d:cd:a8:e4:07:ad:70:dd:ef:9c:a6:d6:2b:7b:32:e5:ed:
36:8f:d4:75:2c:84:c1:78:24:c0:0e:7b:38:55:f4:30:9c:f0:
a8:5f:6b:3c:87:8b:34:11:54:bc:ac:64:60:43:53:7c:3d:1e:
b8:e1:41:b3:fe:33:a8:eb:ea:8d:07:31:9a:9c:bf:7d:86:82:
7f:27:4a:39:56:c4:57:fe:d9:d7:23:8a:27:7f:e4:eb:04:9b:
7f:e3:a4:c1:44:5a:60:f4:8f:db:b0:0d:b5:64:d6:c1:cf:0b:
05:a6:ce:b7:ce:2c:ff:f2:ba:25:fe:36:de:e0:77:a3:d0:48:
8a:bd:cc:76:34:24:dc:ed:5d:a9:46:70:6c:f2:1d:57:b8:0d:
b5:42:5a:94:b8:fe:03:3a:69:88:d6:ec:88:80:af:8c:4f:3b:
9e:ca:79:98:2d:3f:db:cd:59:5a:10:ac:87:85:5d:6a:bf:df:
95:26:b4:87:1b:3b:f5:91:24:e2:29:3d:b8:58:23:87:fc:92:
d3:92:df:ab:d6:1f:cf:77:33:a8:52:19:cb:93:8f:91:1a:e9:
72:03:9f:3b:65:33:87:99:dc:da:96:9d:24:3f:e3:e7:26:39:
7e:91:9e:d8
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgICLPkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkMxMjgxMTAvBgNVBAUTKEI1NjQyNzMyMjY1RDQwQkY3NUNBOTRBOUVDODExOTIx
MUMxQjlCMzIwHhcNMjYwNTMxMTc1OTQ2WhcNMjcwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTFjNzcxMi01Mzg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7ydL2r+qhHoApUYnFFdKuZXMQ7nTOyWurwZGENoDQdrQM4/19fJDTHYTGtVn
2X1YKtg92AQwsotPEM3gh9jer4Hi/qifF7PwwY+ExkMh02vPHK51aiwzm03m/GBt
vm52i/eu7glcYkuBOsUvujgqgBMJmbSj9IugS7jyMKVMd1mN1J+r4YFUnTNMclkl
L4DIGxzQrzBYD/itRYCqp2Bi11FeeV5T1IFhJmEnpdovz4mn3cq68E2XWTTp53OO
7gFtft49E7UzUir/p5VyQZwwAenWdT/xBNxNCJyA6toHqSsxFiPoP4sD7x3tJ7GX
e39KrSIhI3How5kpoFaKMRs1vQIDAQABo4IC6DCCAuQwHQYDVR0OBBYEFHIyBV+1
QbqEb04ipGKLBHupl8YaMB8GA1UdIwQYMBaAFLVkJzImXUC/dcqUqeyBGSEcG5sy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzEyOC82NjRBOUJDQUZB
NkQxMUUzQjZBQzIzNTA1OTExRUEzMi90V1FuTWlaZFFMOTF5cFNwN0lFWklSd2Jt
ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RXUW5NaVpkUUw5MXlwU3A3SUVaSVJ3Ym16SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkMxMjgvNjY0QTlCQ0FGQTZEMTFFM0I2QUMyMzUwNTkxMUVBMzIvMjk1NUE1RjI0
MjkwMTFGMUJERUE3RUU1QjE4MzM3NzMucm9hMIGmBggrBgEFBQcBBwEB/wSBljCB
kzB0BAIAATBuAwQFDgEgMAwDBAAtQQ0DBAQtQQADBAJnCewDBAJnDXQDBABnD7ID
BAJn5kwDBAJn8XgDBABn//gDBAJxxWADBAR0XYADBAN3HgADBAN4iAADBAKWayAD
BAKjL8wDBAXKSsADBATLVOADBAbL00AwGwQCAAIwFQMFACQA7oADBQAkAXAAAwUA
JAI1ADANBgkqhkiG9w0BAQsFAAOCAQEARg+PR3PG50k8GE+08CLFfJJPto3NqOQH
rXDd75ym1it7MuXtNo/UdSyEwXgkwA57OFX0MJzwqF9rPIeLNBFUvKxkYENTfD0e
uOFBs/4zqOvqjQcxmpy/fYaCfydKOVbEV/7Z1yOKJ3/k6wSbf+OkwURaYPSP27AN
tWTWwc8LBabOt84s//K6Jf423uB3o9BIir3MdjQk3O1dqUZwbPIdV7gNtUJalLj+
AzppiNbsiICvjE87nsp5mC0/281ZWhCsh4Vdar/flSa0hxs79ZEk4ik9uFgjh/yS
05Lfq9Yfz3czqFIZy5OPkRrpcgOfO2Uzh5nc2padJD/j5yY5fpGe2A==
-----END CERTIFICATE-----
Generated at Sun Jun 14 02:24:04 2026 by rpki-client