Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/FFFBCAEE9A9511EBB49D7E1AC4F9AE02.roa
File: FFFBCAEE9A9511EBB49D7E1AC4F9AE02.roa (raw, json)
Hash identifier: gryi7fow5ocrp+N/LztoAg8/BLYRCP85MRszc11lYeg=
Subject key identifier: 60:11:E2:20:79:AC:18:66:98:0E:BA:47:37:EE:61:2A:E2:75:BC:52
Certificate issuer: /CN=A917DEA4/serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8
Certificate serial: 06E7
Authority key identifier: B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/FFFBCAEE9A9511EBB49D7E1AC4F9AE02.roa
Signing time: Thu 01 May 2025 09:47:19 +0000
ROA not before: Thu 01 May 2025 09:47:19 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 45820
IP address blocks: 14.96.8.0/21 maxlen: 24
14.96.128.0/21 maxlen: 24
14.96.136.0/21 maxlen: 24
14.96.144.0/21 maxlen: 24
14.96.152.0/21 maxlen: 24
14.96.160.0/21 maxlen: 24
14.96.168.0/24 maxlen: 24
14.96.169.0/24 maxlen: 24
14.96.172.0/23 maxlen: 24
14.96.176.0/23 maxlen: 24
14.96.180.0/23 maxlen: 24
14.96.184.0/23 maxlen: 24
14.96.188.0/23 maxlen: 24
14.97.0.0/21 maxlen: 24
14.97.8.0/21 maxlen: 24
14.97.16.0/21 maxlen: 24
14.97.24.0/21 maxlen: 24
14.97.32.0/21 maxlen: 24
14.97.40.0/21 maxlen: 24
14.97.48.0/21 maxlen: 24
14.97.56.0/21 maxlen: 24
14.97.64.0/21 maxlen: 24
14.97.72.0/21 maxlen: 24
14.97.80.0/21 maxlen: 24
14.97.88.0/21 maxlen: 24
14.97.96.0/21 maxlen: 24
14.97.104.0/21 maxlen: 24
14.97.112.0/21 maxlen: 24
14.97.120.0/21 maxlen: 24
14.97.128.0/21 maxlen: 24
14.97.136.0/21 maxlen: 24
14.97.144.0/21 maxlen: 24
14.97.152.0/21 maxlen: 24
14.97.160.0/21 maxlen: 24
14.97.168.0/21 maxlen: 24
14.97.176.0/21 maxlen: 24
14.97.184.0/21 maxlen: 24
14.97.192.0/21 maxlen: 24
14.97.200.0/21 maxlen: 24
14.97.208.0/21 maxlen: 24
14.97.216.0/21 maxlen: 24
14.97.224.0/21 maxlen: 24
14.97.240.0/21 maxlen: 24
14.97.248.0/21 maxlen: 24
14.99.0.0/21 maxlen: 24
14.99.8.0/21 maxlen: 24
14.99.16.0/21 maxlen: 24
14.99.24.0/21 maxlen: 24
14.99.32.0/20 maxlen: 24
14.99.48.0/21 maxlen: 24
14.99.56.0/21 maxlen: 24
14.99.64.0/21 maxlen: 24
14.99.72.0/21 maxlen: 24
14.99.80.0/21 maxlen: 24
14.99.88.0/21 maxlen: 24
14.99.96.0/20 maxlen: 24
14.99.112.0/21 maxlen: 24
14.99.120.0/21 maxlen: 24
14.99.128.0/21 maxlen: 24
14.99.136.0/21 maxlen: 24
14.99.144.0/21 maxlen: 24
14.99.152.0/21 maxlen: 24
14.99.160.0/21 maxlen: 24
14.99.168.0/21 maxlen: 24
14.99.176.0/21 maxlen: 24
14.99.184.0/21 maxlen: 24
14.99.192.0/21 maxlen: 24
14.99.200.0/21 maxlen: 24
14.99.208.0/21 maxlen: 24
14.99.216.0/21 maxlen: 24
14.99.224.0/21 maxlen: 24
14.99.232.0/21 maxlen: 24
14.99.240.0/21 maxlen: 24
14.99.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.crl
rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 09 May 2025 22:53:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1767 (0x6e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917DEA4, serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8
Validity
Not Before: May 1 09:47:19 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=68134327-7ab5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ab:87:96:bb:ea:da:8b:b3:d1:41:fb:3e:e2:
ee:f4:fb:c3:15:11:7a:2d:ff:9b:27:51:d4:aa:c2:
e3:a0:fe:dc:5a:8e:df:92:c5:57:92:ac:f2:0f:c3:
fb:85:f9:e6:d3:21:12:8e:c3:6b:d3:08:26:cd:0f:
30:a2:2f:47:85:6d:d2:9a:47:f4:a5:98:cc:70:c1:
26:bf:f2:64:9d:11:47:14:d9:a5:b3:b7:96:e0:05:
10:16:b2:aa:40:80:03:43:a7:54:9a:04:96:b0:ea:
34:6e:96:46:48:dd:11:dd:48:71:0f:ee:42:56:4b:
a5:6f:7d:ed:9f:af:99:f5:72:51:30:2b:87:b0:64:
2f:3d:15:f8:b9:23:a8:3d:32:ba:15:0b:a8:77:ca:
9f:05:9d:b6:da:eb:ca:55:82:c8:1a:ae:59:a0:36:
88:f2:a5:24:20:c0:be:a3:6c:5b:61:f1:26:e2:71:
c5:ba:01:2d:6d:5d:60:20:0c:32:09:e6:d4:a6:24:
7e:15:56:ec:5f:dc:c2:3a:00:72:74:94:24:2d:d4:
99:cc:b9:fd:69:64:40:28:0a:79:86:0f:f9:34:1f:
32:5d:94:75:b2:13:cf:88:f2:3a:0d:a9:fc:7a:a8:
6f:14:1b:48:fd:b6:9d:f0:38:75:cf:56:d4:bf:f7:
95:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:11:E2:20:79:AC:18:66:98:0E:BA:47:37:EE:61:2A:E2:75:BC:52
X509v3 Authority Key Identifier:
keyid:B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/FFFBCAEE9A9511EBB49D7E1AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.96.8.0/21
14.96.128.0-14.96.169.255
14.96.172.0/23
14.96.176.0/23
14.96.180.0/23
14.96.184.0/23
14.96.188.0/23
14.97.0.0-14.97.231.255
14.97.240.0/20
14.99.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2d:a4:29:20:ed:9e:2e:3c:dd:bc:0f:5b:4e:95:d9:b3:51:7a:
3e:7b:f0:f2:67:82:7c:1a:13:5e:0a:f8:78:75:cc:0f:3b:dd:
1d:cc:af:1a:6d:11:d4:89:e1:61:ba:6a:2f:b4:bc:3d:02:2e:
3c:29:f2:fc:19:9f:28:90:80:0a:61:4f:39:07:7b:94:55:da:
66:37:5f:43:09:2a:1e:b3:38:75:af:f6:14:a1:54:97:c3:dd:
f4:00:84:93:22:d2:9b:1b:d4:8c:0d:ed:2c:db:f5:52:a9:90:
3d:94:aa:f5:fd:e3:b4:1d:bc:29:62:b8:ee:33:a2:b1:2b:a7:
ef:18:93:e7:93:67:42:ef:ec:93:c9:43:5d:9c:42:63:ae:b0:
c2:43:7d:b1:e7:b8:0e:96:8f:96:5f:3b:d9:d4:ec:90:56:45:
64:75:52:f6:6c:d3:36:14:b0:d2:86:76:90:d0:4c:fa:10:ca:
e2:ff:3a:44:8a:4e:1d:0c:2c:be:b7:83:c2:e0:2f:b1:c2:c2:
79:b3:08:86:7e:f0:1b:90:b0:ba:66:88:34:63:2f:71:58:e4:
4d:88:92:77:d2:ea:34:f0:04:eb:a2:32:2b:45:d7:f4:a4:fe:
db:96:ca:35:d8:bf:fa:3b:40:f8:cd:42:33:ef:60:31:96:02:
8e:c9:55:23
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgICBucwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0RFQTQxMTAvBgNVBAUTKEI0RDZGRkQ1REZGOUVBQzQxM0FCNDQwOEUwOTYzN0Iw
OTQ5NERCQzgwHhcNMjUwNTAxMDk0NzE5WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODEzNDMyNy03YWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA36uHlrvq2ouz0UH7PuLu9PvDFRF6Lf+bJ1HUqsLjoP7cWo7fksVXkqzyD8P7
hfnm0yESjsNr0wgmzQ8woi9HhW3Smkf0pZjMcMEmv/JknRFHFNmls7eW4AUQFrKq
QIADQ6dUmgSWsOo0bpZGSN0R3UhxD+5CVkulb33tn6+Z9XJRMCuHsGQvPRX4uSOo
PTK6FQuod8qfBZ222uvKVYLIGq5ZoDaI8qUkIMC+o2xbYfEm4nHFugEtbV1gIAwy
CebUpiR+FVbsX9zCOgBydJQkLdSZzLn9aWRAKAp5hg/5NB8yXZR1shPPiPI6Dan8
eqhvFBtI/bad8Dh1z1bUv/eVcwIDAQABo4IC2TCCAtUwHQYDVR0OBBYEFGAR4iB5
rBhmmA66RzfuYSridbxSMB8GA1UdIwQYMBaAFLTW/9Xf+erEE6tECOCWN7CUlNvI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REVBNC9BMjQyNkI2MDk4
MjkxMUVCQjc4ODIwODFDNEY5QUUwMi90TmJfMWRfNTZzUVRxMFFJNEpZM3NKU1Uy
OGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ROYl8xZF81NnNRVHEwUUk0Slkzc0pTVTI4Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0RFQTQvQTI0MjZCNjA5ODI5MTFFQkI3ODgyMDgxQzRGOUFFMDIvRkZGQkNBRUU5
QTk1MTFFQkI0OUQ3RTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYwYIKwYBBQUHAQcBAf8E
VDBSMFAEAgABMEoDBAMOYAgwDAMEBw5ggAMEAQ5gqAMEAQ5grAMEAQ5gsAMEAQ5g
tAMEAQ5guAMEAQ5gvDALAwMADmEDBAMOYeADBAQOYfADAwAOYzANBgkqhkiG9w0B
AQsFAAOCAQEALaQpIO2eLjzdvA9bTpXZs1F6Pnvw8meCfBoTXgr4eHXMDzvdHcyv
Gm0R1InhYbpqL7S8PQIuPCny/BmfKJCACmFPOQd7lFXaZjdfQwkqHrM4da/2FKFU
l8Pd9ACEkyLSmxvUjA3tLNv1UqmQPZSq9f3jtB28KWK47jOisSun7xiT55NnQu/s
k8lDXZxCY66wwkN9see4DpaPll872dTskFZFZHVS9mzTNhSw0oZ2kNBM+hDK4v86
RIpOHQwsvreDwuAvscLCebMIhn7wG5CwumaINGMvcVjkTYiSd9LqNPAE66IyK0XX
9KT+25bKNdi/+jtA+M1CM+9gMZYCjslVIw==
-----END CERTIFICATE-----
Generated at Sun May 4 23:52:49 2025 by rpki-client