Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1323/084D88D495B711EABB824F1BC4F9AE02/01A59B2EB72111EC9885AF51C4F9AE02.roa
File: 01A59B2EB72111EC9885AF51C4F9AE02.roa (raw, json)
Hash identifier: QXOvaeyadC+IjVM/H/1Pd8FcAqgTmn15ISptpyoOx48=
Subject key identifier: 25:0F:AD:2C:A3:76:6C:C3:8D:3C:A9:16:0F:51:0F:37:E5:D7:64:CC
Certificate issuer: /CN=A91C1323/serialNumber=412A6511CFEDCFECB5590C96C8C361E2FED44857
Certificate serial: 6063
Authority key identifier: 41:2A:65:11:CF:ED:CF:EC:B5:59:0C:96:C8:C3:61:E2:FE:D4:48:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSplEc_tz-y1WQyWyMNh4v7USFc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C1323/084D88D495B711EABB824F1BC4F9AE02/01A59B2EB72111EC9885AF51C4F9AE02.roa
Signing time: Sat 17 May 2025 20:23:59 +0000
ROA not before: Sat 17 May 2025 20:23:59 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 24462
IP address blocks: 118.143.60.0/24 maxlen: 24
118.143.96.96/32 maxlen: 32
118.143.96.97/32 maxlen: 32
118.143.96.98/32 maxlen: 32
118.143.96.99/32 maxlen: 32
118.143.96.108/32 maxlen: 32
118.143.96.109/32 maxlen: 32
118.143.96.110/32 maxlen: 32
118.143.96.111/32 maxlen: 32
118.143.96.152/32 maxlen: 32
118.143.96.153/32 maxlen: 32
118.143.96.154/32 maxlen: 32
118.143.119.0/24 maxlen: 24
118.143.137.0/24 maxlen: 24
118.143.138.0/24 maxlen: 24
118.143.142.0/24 maxlen: 24
118.143.159.0/24 maxlen: 24
118.143.170.0/24 maxlen: 24
210.0.224.0/24 maxlen: 24
218.188.80.0/24 maxlen: 24
218.189.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C1323/084D88D495B711EABB824F1BC4F9AE02/QSplEc_tz-y1WQyWyMNh4v7USFc.crl
rsync://rpki.apnic.net/member_repository/A91C1323/084D88D495B711EABB824F1BC4F9AE02/QSplEc_tz-y1WQyWyMNh4v7USFc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSplEc_tz-y1WQyWyMNh4v7USFc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 07 Jun 2025 20:16:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24675 (0x6063)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C1323, serialNumber=412A6511CFEDCFECB5590C96C8C361E2FED44857
Validity
Not Before: May 17 20:23:59 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=6828f05e-70a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:83:d8:8c:17:23:54:3c:3b:60:2c:3f:b4:8e:
59:4d:66:2c:2a:80:ee:c5:e3:8c:c6:51:54:96:aa:
d9:ab:13:8e:d2:1e:9b:01:70:fc:cc:f8:8e:e2:72:
78:80:2a:3e:6f:3d:c7:25:f5:1a:c5:d7:39:6f:23:
3e:23:ce:6f:3d:b6:bd:e0:0c:cc:bb:80:c5:93:e6:
bd:01:08:94:f2:28:2c:71:3f:11:0f:0e:59:88:c5:
2e:94:f9:61:81:cd:08:ab:13:4c:63:d1:5c:c3:ef:
70:fc:dc:aa:20:da:14:c5:5c:30:a3:c0:b8:8e:b8:
91:79:a6:6b:18:ef:03:b7:c1:1a:21:d0:66:14:45:
45:0e:59:c8:ec:8f:d4:0d:b9:a6:40:7a:8e:77:cf:
83:0e:59:4c:75:6c:09:02:52:57:59:ae:a0:df:d4:
85:18:1a:22:26:1e:c8:b3:9e:f2:e6:4c:b6:07:1a:
a5:5f:a9:8a:3c:fa:6a:ac:e7:92:b1:24:f5:1e:33:
b2:c1:d6:29:23:9a:b5:06:17:e1:79:5f:b0:e2:26:
6d:60:62:b3:1a:c5:b9:60:39:ef:4a:6d:e9:65:8c:
cf:ff:0b:cc:12:9f:3a:1d:71:4d:e8:fd:6b:a6:20:
2c:e9:2d:15:b6:48:fe:84:09:23:c3:44:fb:57:d6:
b0:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:0F:AD:2C:A3:76:6C:C3:8D:3C:A9:16:0F:51:0F:37:E5:D7:64:CC
X509v3 Authority Key Identifier:
keyid:41:2A:65:11:CF:ED:CF:EC:B5:59:0C:96:C8:C3:61:E2:FE:D4:48:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C1323/084D88D495B711EABB824F1BC4F9AE02/QSplEc_tz-y1WQyWyMNh4v7USFc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSplEc_tz-y1WQyWyMNh4v7USFc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1323/084D88D495B711EABB824F1BC4F9AE02/01A59B2EB72111EC9885AF51C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
118.143.60.0/24
118.143.96.96/30
118.143.96.108/30
118.143.96.152-118.143.96.154
118.143.119.0/24
118.143.137.0-118.143.138.255
118.143.142.0/24
118.143.159.0/24
118.143.170.0/24
210.0.224.0/24
218.188.80.0/24
218.189.74.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:0e:a2:f4:0d:6c:14:4c:be:27:f1:d5:aa:c6:18:7a:80:f9:
52:f8:df:6c:80:5b:e3:fa:10:f4:a0:1e:b7:c6:de:44:e0:45:
6c:87:da:91:a0:11:c3:7f:48:66:db:3d:38:da:b6:45:09:66:
72:82:46:f7:69:84:93:81:e6:55:d2:3a:58:ce:46:5a:c6:6a:
63:c1:8a:a9:cd:24:64:8b:75:dd:e2:cc:7e:57:93:21:55:dc:
0f:f7:68:04:b4:88:05:97:59:f6:30:97:30:cc:3a:07:d2:6e:
92:3e:07:c4:a5:33:99:11:7b:b3:7d:04:b3:69:ec:c1:e5:45:
80:be:dc:fc:5d:4a:42:2c:a3:9b:cc:17:51:75:51:e5:5c:11:
5e:81:49:7a:6b:df:42:61:95:65:29:a9:0d:50:f1:b7:d1:ec:
44:51:b3:c1:0c:3e:1a:07:ff:ed:b5:73:97:15:56:da:19:3a:
7f:dd:61:07:d7:d9:12:83:39:47:c0:97:96:f0:86:1e:27:cd:
42:2e:67:eb:98:81:5b:e0:2e:92:9d:74:30:67:e2:d7:59:6e:
bb:d5:d2:49:82:c9:62:42:ad:7f:2c:94:34:7c:59:39:10:40:
50:9a:d5:97:2a:71:0b:fb:5b:81:1e:07:c0:14:aa:a0:75:7e:
60:82:67:4e
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgICYGMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzEzMjMxMTAvBgNVBAUTKDQxMkE2NTExQ0ZFRENGRUNCNTU5MEM5NkM4QzM2MUUy
RkVENDQ4NTcwHhcNMjUwNTE3MjAyMzU5WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODI4ZjA1ZS03MGE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzIPYjBcjVDw7YCw/tI5ZTWYsKoDuxeOMxlFUlqrZqxOO0h6bAXD8zPiO4nJ4
gCo+bz3HJfUaxdc5byM+I85vPba94AzMu4DFk+a9AQiU8igscT8RDw5ZiMUulPlh
gc0IqxNMY9Fcw+9w/NyqINoUxVwwo8C4jriReaZrGO8Dt8EaIdBmFEVFDlnI7I/U
DbmmQHqOd8+DDllMdWwJAlJXWa6g39SFGBoiJh7Is57y5ky2BxqlX6mKPPpqrOeS
sST1HjOywdYpI5q1BhfheV+w4iZtYGKzGsW5YDnvSm3pZYzP/wvMEp86HXFN6P1r
piAs6S0Vtkj+hAkjw0T7V9aw0wIDAQABo4IC6zCCAucwHQYDVR0OBBYEFCUPrSyj
dmzDjTypFg9RDzfl12TMMB8GA1UdIwQYMBaAFEEqZRHP7c/stVkMlsjDYeL+1EhX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMTMyMy8wODREODhENDk1
QjcxMUVBQkI4MjRGMUJDNEY5QUUwMi9RU3BsRWNfdHoteTFXUXlXeU1OaDR2N1VT
RmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FTcGxFY190ei15MVdReVd5TU5oNHY3VVNGYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzEzMjMvMDg0RDg4RDQ5NUI3MTFFQUJCODI0RjFCQzRGOUFFMDIvMDFBNTlCMkVC
NzIxMTFFQzk4ODVBRjUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdQYIKwYBBQUHAQcBAf8E
ZjBkMGIEAgABMFwDBAB2jzwDBQJ2j2BgAwUCdo9gbDAOAwUDdo9gmAMFAHaPYJoD
BAB2j3cwDAMEAHaPiQMEAHaPigMEAHaPjgMEAHaPnwMEAHaPqgMEANIA4AMEANq8
UAMEANq9SjANBgkqhkiG9w0BAQsFAAOCAQEAfQ6i9A1sFEy+J/HVqsYYeoD5Uvjf
bIBb4/oQ9KAet8beROBFbIfakaARw39IZts9ONq2RQlmcoJG92mEk4HmVdI6WM5G
WsZqY8GKqc0kZIt13eLMfleTIVXcD/doBLSIBZdZ9jCXMMw6B9Jukj4HxKUzmRF7
s30Es2nsweVFgL7c/F1KQiyjm8wXUXVR5VwRXoFJemvfQmGVZSmpDVDxt9HsRFGz
wQw+Ggf/7bVzlxVW2hk6f91hB9fZEoM5R8CXlvCGHifNQi5n65iBW+Aukp10MGfi
11luu9XSSYLJYkKtfyyUNHxZORBAUJrVlypxC/tbgR4HwBSqoHV+YIJnTg==
-----END CERTIFICATE-----
Generated at Mon Jun 2 06:30:42 2025 by rpki-client