Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/997B7CFADEA011ED84E5D17BC4F9AE02.roa
File: 997B7CFADEA011ED84E5D17BC4F9AE02.roa (raw, json)
Hash identifier: YpHnGald+tUXWOHiLdrxtwMGKIMtsU2LryOXgoLOgKw=
Subject key identifier: 78:D7:D1:9C:62:04:2B:61:07:35:2A:F6:28:27:83:50:E9:CB:76:0F
Certificate issuer: /CN=A914CE75/serialNumber=49892537D8B2C0325B7BE081FD9286C79BEA6A85
Certificate serial: 31E6
Authority key identifier: 49:89:25:37:D8:B2:C0:32:5B:7B:E0:81:FD:92:86:C7:9B:EA:6A:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SYklN9iywDJbe-CB_ZKGx5vqaoU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/997B7CFADEA011ED84E5D17BC4F9AE02.roa
Signing time: Wed 30 Apr 2025 15:52:36 +0000
ROA not before: Wed 30 Apr 2025 15:52:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9238
IP address blocks: 59.160.33.0/24 maxlen: 24
59.162.7.0/24 maxlen: 24
59.163.47.0/24 maxlen: 24
59.163.63.0/24 maxlen: 24
115.112.212.0/22 maxlen: 22
121.241.230.0/24 maxlen: 24
203.124.192.0/18 maxlen: 18
203.124.192.0/24 maxlen: 24
203.124.217.0/24 maxlen: 24
203.124.218.0/24 maxlen: 24
203.124.225.0/24 maxlen: 24
203.124.232.0/24 maxlen: 24
203.124.248.0/22 maxlen: 22
203.124.248.0/24 maxlen: 24
203.196.194.0/24 maxlen: 24
203.196.200.0/24 maxlen: 24
203.196.201.0/24 maxlen: 24
203.196.202.0/24 maxlen: 24
203.196.203.0/24 maxlen: 24
203.196.204.0/24 maxlen: 24
203.196.233.0/24 maxlen: 24
203.196.240.0/24 maxlen: 24
203.196.241.0/24 maxlen: 24
203.196.250.0/24 maxlen: 24
203.201.208.0/24 maxlen: 24
203.201.209.0/24 maxlen: 24
203.201.212.0/24 maxlen: 24
203.201.213.0/24 maxlen: 24
203.201.220.0/24 maxlen: 24
203.201.222.0/24 maxlen: 24
203.201.224.0/24 maxlen: 24
203.201.225.0/24 maxlen: 24
203.201.226.0/24 maxlen: 24
203.201.227.0/24 maxlen: 24
203.201.231.0/24 maxlen: 24
203.201.248.0/24 maxlen: 24
203.201.250.0/24 maxlen: 24
203.201.251.0/24 maxlen: 24
203.201.254.0/24 maxlen: 24
219.64.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/SYklN9iywDJbe-CB_ZKGx5vqaoU.crl
rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/SYklN9iywDJbe-CB_ZKGx5vqaoU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SYklN9iywDJbe-CB_ZKGx5vqaoU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 23 May 2025 15:38:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12774 (0x31e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914CE75, serialNumber=49892537D8B2C0325B7BE081FD9286C79BEA6A85
Validity
Not Before: Apr 30 15:52:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68124743-b035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:75:4f:56:4d:08:a4:4d:00:32:52:b3:1a:6b:
13:ed:fa:b4:c7:0b:9b:ef:97:32:6e:42:ca:60:73:
5e:8f:0d:f8:25:c1:b7:bf:ed:87:33:8f:ec:4a:d7:
09:c5:47:85:15:f5:82:d4:34:cb:2d:49:81:1d:f3:
0a:c0:6b:6b:c7:46:90:02:c1:3a:0d:33:99:f4:c6:
de:73:e7:c4:37:1f:af:03:ca:32:ad:41:49:1c:74:
b2:40:67:d7:1a:6c:e7:4b:f5:ac:ca:8e:09:2c:61:
c3:ae:e5:38:f1:b6:9d:07:1a:66:68:99:6a:98:77:
7a:7d:19:c7:e8:df:35:93:f1:c3:3e:03:b8:4b:43:
99:8f:f1:1c:a9:42:15:59:24:23:e7:79:0d:ea:16:
b4:69:84:f7:2a:a9:05:14:5b:35:bb:d7:9f:52:08:
ac:2a:a5:0f:d6:7c:b6:00:d8:09:78:e1:69:68:1c:
a2:01:4c:23:04:0e:af:97:d6:10:29:0d:77:3b:98:
d8:af:d0:91:93:1d:99:1c:9f:11:45:02:b7:d1:c0:
e8:ec:4d:6e:41:25:10:3a:3e:cc:4d:e7:2b:b8:a9:
7a:76:bf:ab:6d:16:89:80:f7:99:06:b8:c2:a8:dd:
6b:22:a7:be:ff:f8:b8:73:4b:a3:93:c8:0d:27:76:
ff:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:D7:D1:9C:62:04:2B:61:07:35:2A:F6:28:27:83:50:E9:CB:76:0F
X509v3 Authority Key Identifier:
keyid:49:89:25:37:D8:B2:C0:32:5B:7B:E0:81:FD:92:86:C7:9B:EA:6A:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/SYklN9iywDJbe-CB_ZKGx5vqaoU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SYklN9iywDJbe-CB_ZKGx5vqaoU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/997B7CFADEA011ED84E5D17BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.160.33.0/24
59.162.7.0/24
59.163.47.0/24
59.163.63.0/24
115.112.212.0/22
121.241.230.0/24
203.124.192.0/18
203.196.194.0/24
203.196.200.0-203.196.204.255
203.196.233.0/24
203.196.240.0/23
203.196.250.0/24
203.201.208.0/23
203.201.212.0/23
203.201.220.0/24
203.201.222.0/24
203.201.224.0/22
203.201.231.0/24
203.201.248.0/24
203.201.250.0/23
203.201.254.0/24
219.64.5.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:05:be:88:69:9a:2c:2a:d6:be:be:e6:22:f8:6c:d5:e4:d0:
84:18:03:38:21:e0:6d:2d:d8:02:f0:29:86:1e:70:2c:89:e1:
dc:f3:c4:be:ff:60:99:15:8e:1f:63:b2:24:b4:34:1b:0b:f7:
a7:5c:5e:58:38:e1:51:b1:2b:89:0e:9f:29:8e:46:bf:bf:51:
f6:87:70:2c:74:81:b1:4d:43:1b:d9:7b:4b:f7:f6:b6:85:df:
d8:a4:41:6a:d4:8f:fe:46:f9:4c:3c:52:37:9b:a9:0a:cc:e2:
92:d9:50:54:6d:bb:57:00:d9:a1:ea:e0:86:c8:36:5a:f6:f2:
6c:d9:f0:44:f8:7b:f1:3b:5f:e4:2d:5d:a0:38:e3:9d:e6:be:
4d:26:6b:da:a0:b8:ab:e8:a1:e7:d4:56:f6:c5:a3:80:86:c8:
93:dc:d2:74:e6:89:6d:2a:9f:43:0f:15:d6:3d:d8:be:04:52:
09:36:fe:54:c2:d0:9c:ab:7e:ec:8d:38:17:0b:6c:15:0b:7a:
0c:28:c3:4f:aa:65:ac:11:32:0a:d7:13:60:d3:0a:3b:95:1e:
a4:ac:ec:6a:59:4f:05:ac:ed:53:d6:2f:f2:9c:0d:3f:2c:ac:
45:22:8a:fb:53:91:72:83:1f:8c:7d:b9:62:85:16:ab:c8:62:
73:39:7a:fa
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgICMeYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NENFNzUxMTAvBgNVBAUTKDQ5ODkyNTM3RDhCMkMwMzI1QjdCRTA4MUZEOTI4NkM3
OUJFQTZBODUwHhcNMjUwNDMwMTU1MjM2WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODEyNDc0My1iMDM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvHVPVk0IpE0AMlKzGmsT7fq0xwub75cybkLKYHNejw34JcG3v+2HM4/sStcJ
xUeFFfWC1DTLLUmBHfMKwGtrx0aQAsE6DTOZ9Mbec+fENx+vA8oyrUFJHHSyQGfX
GmznS/Wsyo4JLGHDruU48badBxpmaJlqmHd6fRnH6N81k/HDPgO4S0OZj/EcqUIV
WSQj53kN6ha0aYT3KqkFFFs1u9efUgisKqUP1ny2ANgJeOFpaByiAUwjBA6vl9YQ
KQ13O5jYr9CRkx2ZHJ8RRQK30cDo7E1uQSUQOj7MTecruKl6dr+rbRaJgPeZBrjC
qN1rIqe+//i4c0ujk8gNJ3b/mwIDAQABo4IDIDCCAxwwHQYDVR0OBBYEFHjX0Zxi
BCthBzUq9igng1Dpy3YPMB8GA1UdIwQYMBaAFEmJJTfYssAyW3vggf2Shseb6mqF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Q0U3NS9EMjJFRjNENkZG
NEIxMUUyODFCRTA2NjI1OTExRUEzMi9TWWtsTjlpeXdESmJlLUNCX1pLR3g1dnFh
b1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NZa2xOOWl5d0RKYmUtQ0JfWktHeDV2cWFvVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NENFNzUvRDIyRUYzRDZGRjRCMTFFMjgxQkUwNjYyNTkxMUVBMzIvOTk3QjdDRkFE
RUEwMTFFRDg0RTVEMTdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgakGCCsGAQUFBwEHAQH/
BIGZMIGWMIGTBAIAATCBjAMEADugIQMEADuiBwMEADujLwMEADujPwMEAnNw1AME
AHnx5gMEBst8wAMEAMvEwjAMAwQDy8TIAwQAy8TMAwQAy8TpAwQBy8TwAwQAy8T6
AwQBy8nQAwQBy8nUAwQAy8ncAwQAy8neAwQCy8ngAwQAy8nnAwQAy8n4AwQBy8n6
AwQAy8n+AwQA20AFMA0GCSqGSIb3DQEBCwUAA4IBAQBsBb6IaZosKta+vuYi+GzV
5NCEGAM4IeBtLdgC8CmGHnAsieHc88S+/2CZFY4fY7IktDQbC/enXF5YOOFRsSuJ
Dp8pjka/v1H2h3AsdIGxTUMb2XtL9/a2hd/YpEFq1I/+RvlMPFI3m6kKzOKS2VBU
bbtXANmh6uCGyDZa9vJs2fBE+HvxO1/kLV2gOOOd5r5NJmvaoLir6KHn1Fb2xaOA
hsiT3NJ05oltKp9DDxXWPdi+BFIJNv5UwtCcq37sjTgXC2wVC3oMKMNPqmWsETIK
1xNg0wo7lR6krOxqWU8FrO1T1i/ynA0/LKxFIor7U5Fygx+MfblihRaryGJzOXr6
-----END CERTIFICATE-----
Generated at Sat May 17 05:50:57 2025 by rpki-client