Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/D4002378F15211EAA1BAB944C4F9AE02.roa
File: D4002378F15211EAA1BAB944C4F9AE02.roa (raw, json)
Hash identifier: Wyi5/LddF842JO/Qup+T+TtnSVCZWmXJ6KXLaRipY9A=
Subject key identifier: AD:D6:DF:EE:70:46:CA:DB:9F:A8:01:C8:3D:C6:C4:2F:86:70:E5:97
Certificate issuer: /CN=A914CE75/serialNumber=49892537D8B2C0325B7BE081FD9286C79BEA6A85
Certificate serial: 31D8
Authority key identifier: 49:89:25:37:D8:B2:C0:32:5B:7B:E0:81:FD:92:86:C7:9B:EA:6A:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SYklN9iywDJbe-CB_ZKGx5vqaoU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/D4002378F15211EAA1BAB944C4F9AE02.roa
Signing time: Wed 30 Apr 2025 15:52:20 +0000
ROA not before: Wed 30 Apr 2025 15:52:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 17908
IP address blocks: 59.163.172.0/23 maxlen: 23
59.165.64.0/20 maxlen: 20
59.165.80.0/20 maxlen: 20
59.165.104.0/21 maxlen: 21
61.11.0.0/24 maxlen: 24
61.11.20.0/24 maxlen: 24
61.11.24.0/22 maxlen: 22
61.11.28.0/24 maxlen: 24
61.11.30.0/23 maxlen: 23
61.17.0.0/21 maxlen: 21
61.17.12.0/22 maxlen: 22
61.17.16.0/21 maxlen: 21
61.17.17.0/24 maxlen: 24
61.17.18.0/24 maxlen: 24
61.17.21.0/24 maxlen: 24
61.17.22.0/24 maxlen: 24
61.17.34.0/24 maxlen: 24
61.17.36.0/22 maxlen: 22
61.17.44.0/22 maxlen: 22
61.17.48.0/21 maxlen: 21
61.17.57.0/24 maxlen: 24
61.17.72.0/22 maxlen: 22
61.17.83.0/24 maxlen: 24
61.17.108.0/24 maxlen: 24
61.17.112.0/20 maxlen: 20
61.17.112.0/21 maxlen: 21
61.17.124.0/22 maxlen: 22
61.17.128.0/19 maxlen: 19
61.17.180.0/22 maxlen: 22
61.17.197.0/24 maxlen: 24
61.17.208.0/21 maxlen: 21
61.17.216.0/21 maxlen: 21
61.17.216.0/22 maxlen: 22
61.17.218.0/24 maxlen: 24
61.17.219.0/24 maxlen: 24
61.17.221.0/24 maxlen: 24
61.17.222.0/24 maxlen: 24
61.17.224.0/22 maxlen: 22
61.17.226.0/24 maxlen: 24
61.17.227.0/24 maxlen: 24
61.17.228.0/23 maxlen: 23
61.17.236.0/23 maxlen: 23
61.17.238.0/24 maxlen: 24
61.17.240.0/20 maxlen: 20
115.109.0.0/17 maxlen: 17
115.109.6.0/23 maxlen: 23
115.109.128.0/21 maxlen: 21
115.109.136.0/23 maxlen: 23
115.109.138.0/24 maxlen: 24
115.109.139.0/24 maxlen: 24
115.109.140.0/24 maxlen: 24
115.109.141.0/24 maxlen: 24
115.109.144.0/22 maxlen: 22
115.109.148.0/23 maxlen: 23
115.109.150.0/24 maxlen: 24
115.109.151.0/24 maxlen: 24
115.109.152.0/22 maxlen: 22
115.109.156.0/22 maxlen: 22
115.109.166.0/23 maxlen: 23
115.109.176.0/20 maxlen: 20
115.109.192.0/21 maxlen: 21
115.109.200.0/21 maxlen: 21
115.109.208.0/20 maxlen: 20
115.109.212.0/23 maxlen: 23
115.109.224.0/21 maxlen: 21
115.109.232.0/21 maxlen: 21
115.109.248.0/21 maxlen: 21
202.54.48.0/23 maxlen: 23
202.54.131.0/24 maxlen: 24
203.199.227.0/24 maxlen: 24
203.199.228.0/24 maxlen: 24
219.64.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/SYklN9iywDJbe-CB_ZKGx5vqaoU.crl
rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/SYklN9iywDJbe-CB_ZKGx5vqaoU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SYklN9iywDJbe-CB_ZKGx5vqaoU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 23 May 2025 15:38:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12760 (0x31d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914CE75, serialNumber=49892537D8B2C0325B7BE081FD9286C79BEA6A85
Validity
Not Before: Apr 30 15:52:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68124734-4348
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:22:25:95:1b:ac:ee:9f:11:c2:9e:9a:b0:59:
0e:f9:d6:74:5c:e9:3c:a2:df:77:77:c0:75:86:c5:
84:7b:38:2d:c8:f7:85:66:29:f2:32:9b:26:2d:b8:
4d:af:5e:6c:77:39:34:ca:1c:fd:37:fa:18:c4:52:
3a:90:14:c9:d1:b3:c3:3b:42:33:9e:8c:0e:98:9f:
e7:dd:89:60:22:27:39:7f:ea:e3:5a:1f:ae:6a:aa:
77:70:54:cd:14:d9:61:55:99:7a:a6:13:05:a4:c8:
54:cd:fc:94:a7:02:81:c3:d3:fb:63:35:26:e6:f8:
12:2a:ae:87:94:f3:19:d7:61:4a:ec:b7:55:69:a8:
50:be:1c:17:59:6d:0f:0e:af:8a:1b:c9:49:d3:35:
29:96:87:45:a4:97:45:9a:95:39:38:81:61:f2:7b:
58:3d:40:b9:53:9f:5e:68:f9:ec:2a:01:a2:b0:3b:
71:bd:ab:74:a4:d0:6d:44:0d:e2:ee:5f:8e:29:e8:
98:d2:06:d5:ef:1c:60:e0:ce:fe:e0:8e:fc:0b:df:
e0:24:09:c5:c6:9a:9e:a1:2c:b7:fc:e5:2a:93:b1:
10:3c:2b:67:86:2e:b6:fe:b2:b4:e4:d8:9c:28:df:
d9:18:2e:21:36:ee:7d:9c:2e:f7:9f:99:ad:0b:f4:
39:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:D6:DF:EE:70:46:CA:DB:9F:A8:01:C8:3D:C6:C4:2F:86:70:E5:97
X509v3 Authority Key Identifier:
keyid:49:89:25:37:D8:B2:C0:32:5B:7B:E0:81:FD:92:86:C7:9B:EA:6A:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/SYklN9iywDJbe-CB_ZKGx5vqaoU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SYklN9iywDJbe-CB_ZKGx5vqaoU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/D4002378F15211EAA1BAB944C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.163.172.0/23
59.165.64.0/19
59.165.104.0/21
61.11.0.0/24
61.11.20.0/24
61.11.24.0-61.11.28.255
61.11.30.0/23
61.17.0.0/21
61.17.12.0-61.17.23.255
61.17.34.0/24
61.17.36.0/22
61.17.44.0-61.17.55.255
61.17.57.0/24
61.17.72.0/22
61.17.83.0/24
61.17.108.0/24
61.17.112.0-61.17.159.255
61.17.180.0/22
61.17.197.0/24
61.17.208.0-61.17.229.255
61.17.236.0-61.17.238.255
61.17.240.0/20
115.109.0.0-115.109.141.255
115.109.144.0/20
115.109.166.0/23
115.109.176.0-115.109.239.255
115.109.248.0/21
202.54.48.0/23
202.54.131.0/24
203.199.227.0-203.199.228.255
219.64.5.0/24
Signature Algorithm: sha256WithRSAEncryption
00:47:4b:78:72:f2:ad:5b:f6:b5:2d:79:89:5d:7b:b7:e0:d7:
1d:90:41:ae:9c:75:e5:65:3d:6a:35:32:57:c0:e2:a7:95:a1:
4e:e8:8e:ec:e0:6b:92:5e:e0:7e:12:76:c9:0c:cb:9e:28:30:
3d:94:55:d5:d1:26:8e:a1:c4:65:a9:5d:87:bf:dd:db:02:96:
3a:21:b5:68:01:4b:9b:9f:ad:6c:89:6d:14:6b:1a:fe:98:0a:
09:f0:d5:45:88:5e:8a:58:fd:1e:31:c9:a4:cf:6b:db:c7:08:
23:34:8c:0e:f3:d6:3d:0d:51:e3:25:eb:f0:b4:c1:c0:36:ef:
9e:f2:7c:c9:69:bc:2e:04:06:d2:ae:fd:2a:99:9a:16:cb:fe:
2d:91:57:53:dd:cc:df:17:6f:48:7c:e0:62:b7:5b:75:37:ec:
64:1b:46:e2:d0:6d:24:95:60:1f:e2:45:1e:da:0e:f4:e4:cb:
97:13:ae:bd:c7:30:96:8d:4b:5d:9e:f6:60:e1:e6:4e:83:d6:
42:56:40:7e:a1:65:90:0a:b4:a2:44:46:d5:15:f8:a4:74:24:
e2:5f:25:a2:d7:ec:1b:52:df:f5:68:f5:76:75:80:fb:af:9c:
ca:d2:c5:01:b8:e7:2b:2e:b5:69:dc:69:be:dc:2c:4d:ab:cc:
6e:4f:45:96
-----BEGIN CERTIFICATE-----
MIIGdjCCBV6gAwIBAgICMdgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NENFNzUxMTAvBgNVBAUTKDQ5ODkyNTM3RDhCMkMwMzI1QjdCRTA4MUZEOTI4NkM3
OUJFQTZBODUwHhcNMjUwNDMwMTU1MjIwWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODEyNDczNC00MzQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6SIllRus7p8Rwp6asFkO+dZ0XOk8ot93d8B1hsWEezgtyPeFZinyMpsmLbhN
r15sdzk0yhz9N/oYxFI6kBTJ0bPDO0IznowOmJ/n3YlgIic5f+rjWh+uaqp3cFTN
FNlhVZl6phMFpMhUzfyUpwKBw9P7YzUm5vgSKq6HlPMZ12FK7LdVaahQvhwXWW0P
Dq+KG8lJ0zUplodFpJdFmpU5OIFh8ntYPUC5U59eaPnsKgGisDtxvat0pNBtRA3i
7l+OKeiY0gbV7xxg4M7+4I78C9/gJAnFxpqeoSy3/OUqk7EQPCtnhi62/rK05Nic
KN/ZGC4hNu59nC73n5mtC/Q5hwIDAQABo4IDmjCCA5YwHQYDVR0OBBYEFK3W3+5w
Rsrbn6gByD3GxC+GcOWXMB8GA1UdIwQYMBaAFEmJJTfYssAyW3vggf2Shseb6mqF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Q0U3NS9EMjJFRjNENkZG
NEIxMUUyODFCRTA2NjI1OTExRUEzMi9TWWtsTjlpeXdESmJlLUNCX1pLR3g1dnFh
b1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NZa2xOOWl5d0RKYmUtQ0JfWktHeDV2cWFvVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NENFNzUvRDIyRUYzRDZGRjRCMTFFMjgxQkUwNjYyNTkxMUVBMzIvRDQwMDIzNzhG
MTUyMTFFQUExQkFCOTQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEiBggrBgEFBQcBBwEB
/wSCAREwggENMIIBCQQCAAEwggEBAwQBO6OsAwQFO6VAAwQDO6VoAwQAPQsAAwQA
PQsUMAwDBAM9CxgDBAA9CxwDBAE9Cx4DBAM9EQAwDAMEAj0RDAMEAz0REAMEAD0R
IgMEAj0RJDAMAwQCPREsAwQDPREwAwQAPRE5AwQCPRFIAwQAPRFTAwQAPRFsMAwD
BAQ9EXADBAU9EYADBAI9EbQDBAA9EcUwDAMEBD0R0AMEAT0R5DAMAwQCPRHsAwQA
PRHuAwQEPRHwMAsDAwBzbQMEAXNtjAMEBHNtkAMEAXNtpjAMAwQEc22wAwQEc23g
AwQDc234AwQByjYwAwQAyjaDMAwDBADLx+MDBADLx+QDBADbQAUwDQYJKoZIhvcN
AQELBQADggEBAABHS3hy8q1b9rUteYlde7fg1x2QQa6cdeVlPWo1MlfA4qeVoU7o
juzga5Je4H4SdskMy54oMD2UVdXRJo6hxGWpXYe/3dsCljohtWgBS5ufrWyJbRRr
Gv6YCgnw1UWIXopY/R4xyaTPa9vHCCM0jA7z1j0NUeMl6/C0wcA2757yfMlpvC4E
BtKu/SqZmhbL/i2RV1PdzN8Xb0h84GK3W3U37GQbRuLQbSSVYB/iRR7aDvTky5cT
rr3HMJaNS12e9mDh5k6D1kJWQH6hZZAKtKJERtUV+KR0JOJfJaLX7BtS3/Vo9XZ1
gPuvnMrSxQG45ysutWncab7cLE2rzG5PRZY=
-----END CERTIFICATE-----
Generated at Sat May 17 06:10:38 2025 by rpki-client