Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/FB4F0F9EF90011EDAEA1FC13C4F9AE02.roa
File: FB4F0F9EF90011EDAEA1FC13C4F9AE02.roa (raw, json)
Hash identifier: ChYD+dNYyCInKmhyHsi0B1wkTq6FHjT+KDylhmMIQaU=
Subject key identifier: 95:76:C2:86:01:D7:C3:78:7D:1B:43:4D:1A:6C:E7:71:E2:F9:03:F1
Certificate issuer: /CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Certificate serial: 390A
Authority key identifier: EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/FB4F0F9EF90011EDAEA1FC13C4F9AE02.roa
Signing time: Fri 04 Jul 2025 14:50:22 +0000
ROA not before: Fri 04 Jul 2025 14:50:22 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 10160
IP address blocks: 119.59.24.0/24 maxlen: 24
119.59.25.0/24 maxlen: 24
119.59.26.0/24 maxlen: 24
119.59.27.0/24 maxlen: 24
119.59.28.0/24 maxlen: 24
119.59.29.0/24 maxlen: 24
119.59.30.0/24 maxlen: 24
119.59.31.0/24 maxlen: 24
119.59.32.0/24 maxlen: 24
119.59.33.0/24 maxlen: 24
119.59.34.0/24 maxlen: 24
119.59.35.0/24 maxlen: 24
119.59.36.0/24 maxlen: 24
119.59.37.0/24 maxlen: 24
119.59.38.0/24 maxlen: 24
119.59.39.0/24 maxlen: 24
119.59.40.0/24 maxlen: 24
119.59.41.0/24 maxlen: 24
119.59.42.0/24 maxlen: 24
119.59.43.0/24 maxlen: 24
119.59.44.0/24 maxlen: 24
119.59.45.0/24 maxlen: 24
119.59.46.0/24 maxlen: 24
119.59.47.0/24 maxlen: 24
119.59.48.0/24 maxlen: 24
119.59.49.0/24 maxlen: 24
119.59.50.0/24 maxlen: 24
119.59.51.0/24 maxlen: 24
119.59.52.0/24 maxlen: 24
119.59.53.0/24 maxlen: 24
119.59.54.0/24 maxlen: 24
119.59.55.0/24 maxlen: 24
119.59.56.0/24 maxlen: 24
119.59.57.0/24 maxlen: 24
119.59.58.0/24 maxlen: 24
119.59.59.0/24 maxlen: 24
119.59.60.0/24 maxlen: 24
119.59.61.0/24 maxlen: 24
119.59.62.0/24 maxlen: 24
119.59.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl
rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 27 Jul 2025 14:22:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14602 (0x390a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9149F3E, serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Validity
Not Before: Jul 4 14:50:22 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=6867ea2e-33af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4d:01:bb:ec:20:f1:19:62:de:e3:f4:88:a8:
a8:af:a4:dc:91:5d:d2:88:4a:7c:99:e9:ae:a0:b2:
29:7c:b2:23:25:66:a7:47:0f:a5:89:3a:eb:70:e0:
ad:ec:31:ab:07:b8:9b:2d:dc:23:80:a9:71:95:f5:
15:da:f5:7d:16:cd:31:a8:1f:fd:96:ec:51:3a:99:
d5:68:8e:b2:24:b2:79:77:dd:0f:29:2b:37:2b:8a:
5c:cb:34:cc:3d:ae:cf:47:a8:18:8e:4d:5d:3a:4f:
b4:f5:a5:93:20:53:de:69:39:32:39:0f:f3:0d:14:
b1:0a:5f:66:0a:26:c2:83:c5:92:28:45:22:4b:27:
19:a4:96:e9:f5:4a:75:e1:a5:76:1a:95:6c:43:56:
28:4b:78:71:17:75:97:03:22:a4:ea:28:fb:2e:16:
93:a8:a3:95:f1:21:a8:19:0b:7c:49:09:b6:82:70:
13:d7:17:be:f1:db:58:61:d8:c5:45:1b:e6:44:1b:
36:1d:f9:0a:07:75:de:ea:b4:ce:13:56:47:f6:c6:
81:be:51:02:00:72:25:93:57:31:12:6f:1c:5b:15:
15:a7:a1:ca:8e:f9:f2:30:b6:24:40:83:5c:e3:04:
00:66:39:ac:a0:a1:be:70:80:3d:c6:c1:b0:5a:41:
37:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:76:C2:86:01:D7:C3:78:7D:1B:43:4D:1A:6C:E7:71:E2:F9:03:F1
X509v3 Authority Key Identifier:
keyid:EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/FB4F0F9EF90011EDAEA1FC13C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
119.59.24.0-119.59.63.255
Signature Algorithm: sha256WithRSAEncryption
c6:8e:b9:c0:b9:0d:db:2e:8e:6c:ef:24:2c:bf:3e:cc:e6:35:
70:8c:5c:e2:ba:98:3c:30:fe:da:54:c9:89:89:08:1e:ed:40:
fd:e1:cf:e0:80:7a:79:54:e5:ab:7d:5e:ca:63:d1:c0:a6:23:
7f:64:25:e1:03:71:4d:d1:60:ef:8d:1b:f7:40:01:bf:18:47:
8d:f9:ae:aa:6b:98:fb:4b:bf:be:be:64:c8:04:35:20:92:2f:
2d:1d:84:ad:98:47:2d:40:da:b2:33:6d:c2:2b:84:50:25:c9:
28:d7:7f:89:e4:7d:2f:85:57:fe:5e:5b:13:25:45:1b:94:9a:
9c:da:72:8b:bb:32:f8:e1:24:e0:13:6b:72:5a:bf:68:e3:92:
7a:0d:9f:ce:d0:5d:3b:b9:13:b3:9b:50:17:ae:dc:46:0e:8e:
7f:ca:24:c5:71:cf:bf:6f:04:ce:c3:f8:b0:12:5d:46:87:42:
d9:b0:7b:36:fb:15:37:70:ef:6d:e9:a1:4f:06:7e:2b:cb:92:
c8:9a:0a:be:b5:f1:e1:c9:40:88:42:7c:5d:06:5f:84:5f:77:
f9:31:5d:b6:90:07:f5:54:1a:19:e0:a7:39:ce:e7:2d:04:b7:
0a:76:0c:d7:90:fe:f3:62:8a:99:32:32:9a:1b:2a:63:37:c4:
e3:ef:3e:1f
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICOQowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDlGM0UxMTAvBgNVBAUTKEVCMzg5RkIzMzlCMzkwOEQ1NDlBNjUzOTBDOTJFMTVG
OURGN0M1NEIwHhcNMjUwNzA0MTQ1MDIyWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODY3ZWEyZS0zM2FmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw00Bu+wg8Rli3uP0iKior6TckV3SiEp8memuoLIpfLIjJWanRw+liTrrcOCt
7DGrB7ibLdwjgKlxlfUV2vV9Fs0xqB/9luxROpnVaI6yJLJ5d90PKSs3K4pcyzTM
Pa7PR6gYjk1dOk+09aWTIFPeaTkyOQ/zDRSxCl9mCibCg8WSKEUiSycZpJbp9Up1
4aV2GpVsQ1YoS3hxF3WXAyKk6ij7LhaTqKOV8SGoGQt8SQm2gnAT1xe+8dtYYdjF
RRvmRBs2HfkKB3Xe6rTOE1ZH9saBvlECAHIlk1cxEm8cWxUVp6HKjvnyMLYkQINc
4wQAZjmsoKG+cIA9xsGwWkE3LQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFJV2woYB
18N4fRtDTRps53Hi+QPxMB8GA1UdIwQYMBaAFOs4n7M5s5CNVJplOQyS4V+d98VL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS9BQzUyQjc0ODFE
ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi82emlmc3ptemtJMVVtbVU1REpMaFg1MzN4
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZ6aWZzem16a0kxVW1tVTVESkxoWDUzM3hVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDlGM0UvQUM1MkI3NDgxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvRkI0RjBGOUVG
OTAwMTFFREFFQTFGQzEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEA3c7GAMEBnc7ADANBgkqhkiG9w0BAQsFAAOCAQEAxo65
wLkN2y6ObO8kLL8+zOY1cIxc4rqYPDD+2lTJiYkIHu1A/eHP4IB6eVTlq31eymPR
wKYjf2Ql4QNxTdFg740b90ABvxhHjfmuqmuY+0u/vr5kyAQ1IJIvLR2ErZhHLUDa
sjNtwiuEUCXJKNd/ieR9L4VX/l5bEyVFG5SanNpyi7sy+OEk4BNrclq/aOOSeg2f
ztBdO7kTs5tQF67cRg6Of8okxXHPv28EzsP4sBJdRodC2bB7NvsVN3DvbemhTwZ+
K8uSyJoKvrXx4clAiEJ8XQZfhF93+TFdtpAH9VQaGeCnOc7nLQS3CnYM15D+82KK
mTIymhsqYzfE4+8+Hw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:56:30 2025 by rpki-client