Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1323/084D88D495B711EABB824F1BC4F9AE02/01A59B2EB72111EC9885AF51C4F9AE02.roa
File: 01A59B2EB72111EC9885AF51C4F9AE02.roa (raw, json)
Hash identifier: +rlcUMm8POsp5BKqhighiJHS2nIHbH6yN3pwq3SdcDg=
Subject key identifier: 26:D8:E8:40:05:3A:19:E3:EA:44:7F:E8:A0:8C:E3:93:A4:4A:FF:B5
Certificate issuer: /CN=A91C1323/serialNumber=412A6511CFEDCFECB5590C96C8C361E2FED44857
Certificate serial: 618D
Authority key identifier: 41:2A:65:11:CF:ED:CF:EC:B5:59:0C:96:C8:C3:61:E2:FE:D4:48:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSplEc_tz-y1WQyWyMNh4v7USFc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C1323/084D88D495B711EABB824F1BC4F9AE02/01A59B2EB72111EC9885AF51C4F9AE02.roa
Signing time: Tue 05 May 2026 09:56:53 +0000
ROA not before: Tue 05 May 2026 09:56:53 +0000
ROA not after: Fri 30 Jul 2027 00:00:00 +0000
asID: 24462
IP address blocks: 118.143.60.0/24 maxlen: 24
118.143.96.96/32 maxlen: 32
118.143.96.97/32 maxlen: 32
118.143.96.98/32 maxlen: 32
118.143.96.99/32 maxlen: 32
118.143.96.108/32 maxlen: 32
118.143.96.109/32 maxlen: 32
118.143.96.110/32 maxlen: 32
118.143.96.111/32 maxlen: 32
118.143.96.152/32 maxlen: 32
118.143.96.153/32 maxlen: 32
118.143.96.154/32 maxlen: 32
118.143.119.0/24 maxlen: 24
118.143.137.0/24 maxlen: 24
118.143.138.0/24 maxlen: 24
118.143.142.0/24 maxlen: 24
118.143.159.0/24 maxlen: 24
118.143.160.0/24 maxlen: 24
118.143.170.0/24 maxlen: 24
210.0.224.0/24 maxlen: 24
218.188.80.0/24 maxlen: 24
218.189.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C1323/084D88D495B711EABB824F1BC4F9AE02/QSplEc_tz-y1WQyWyMNh4v7USFc.crl
rsync://rpki.apnic.net/member_repository/A91C1323/084D88D495B711EABB824F1BC4F9AE02/QSplEc_tz-y1WQyWyMNh4v7USFc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSplEc_tz-y1WQyWyMNh4v7USFc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 19:51:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24973 (0x618d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C1323, serialNumber=412A6511CFEDCFECB5590C96C8C361E2FED44857
Validity
Not Before: May 5 09:56:53 2026 GMT
Not After : Jul 30 00:00:00 2027 GMT
Subject: CN=69f9bee5-c5fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7a:40:85:16:58:e3:e6:e0:4f:19:4b:93:42:
33:67:30:74:18:9d:8e:0f:70:ec:6f:13:d4:b9:aa:
f5:f2:37:64:57:33:51:f2:33:24:ef:36:79:53:0d:
86:0a:9e:b4:8c:d5:b6:65:c5:7f:10:f9:79:6a:08:
8b:ab:65:f6:ac:00:e8:bc:00:8e:33:da:30:5c:65:
c3:6d:46:43:34:61:df:37:35:51:38:f2:96:f4:02:
60:74:04:7e:20:43:3f:98:a5:43:91:fa:07:39:31:
3a:8a:88:1a:95:d3:d5:5a:60:d7:cf:d3:4e:3e:dd:
04:75:66:1f:43:e2:b2:42:75:6a:70:b3:10:27:85:
27:6a:6b:c5:1b:0f:2b:7c:66:79:80:95:2f:64:6d:
25:96:77:48:1e:6c:9d:75:17:7c:a6:15:e5:87:9e:
02:f1:6e:db:80:d1:1f:08:b0:f0:c5:f4:78:99:f8:
71:c6:b3:a3:f4:90:25:05:16:64:0c:6d:00:97:dd:
f5:3c:70:f8:8d:bc:da:c4:be:6a:ee:42:02:ad:d2:
28:7b:35:80:52:57:17:6b:32:e6:29:f9:2d:25:54:
1d:05:a6:d6:10:cc:4a:77:40:23:75:c7:7a:1a:8d:
56:c5:1d:96:b7:6f:77:bb:09:ec:59:f4:e7:77:99:
80:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:D8:E8:40:05:3A:19:E3:EA:44:7F:E8:A0:8C:E3:93:A4:4A:FF:B5
X509v3 Authority Key Identifier:
keyid:41:2A:65:11:CF:ED:CF:EC:B5:59:0C:96:C8:C3:61:E2:FE:D4:48:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C1323/084D88D495B711EABB824F1BC4F9AE02/QSplEc_tz-y1WQyWyMNh4v7USFc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSplEc_tz-y1WQyWyMNh4v7USFc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1323/084D88D495B711EABB824F1BC4F9AE02/01A59B2EB72111EC9885AF51C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
118.143.60.0/24
118.143.96.96/30
118.143.96.108/30
118.143.96.152-118.143.96.154
118.143.119.0/24
118.143.137.0-118.143.138.255
118.143.142.0/24
118.143.159.0-118.143.160.255
118.143.170.0/24
210.0.224.0/24
218.188.80.0/24
218.189.74.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:55:63:6d:c9:05:22:70:b6:97:0d:62:7d:bf:56:a3:fe:89:
64:15:8c:3d:64:e1:9f:01:ce:ed:64:3e:f0:a4:f6:55:3b:81:
de:e2:4c:a9:34:cd:90:25:2e:07:06:a1:b3:d4:b0:89:64:61:
3c:d4:0d:a0:22:17:25:c9:44:72:8f:96:ea:54:9e:d0:b5:ff:
e1:4e:56:55:4f:b2:19:56:ab:8f:42:8f:5f:83:4e:bc:5b:d0:
84:d0:0c:2b:2f:0b:e3:2e:d1:ca:ca:61:03:eb:18:b2:bb:34:
8c:68:d9:42:6e:34:3e:e6:26:75:45:d6:95:c4:30:19:b3:92:
13:8e:92:49:75:19:0d:b5:53:d7:4c:1a:89:f5:77:75:b8:fa:
af:43:09:05:83:9c:1e:a7:5d:23:9f:b4:28:48:1c:c0:fe:83:
43:d4:2e:69:f9:34:02:ee:c2:b3:96:bd:ef:06:05:9d:b5:c4:
67:2e:0b:be:de:cc:0e:c8:3e:69:df:5d:82:d5:29:9f:f2:3e:
84:06:37:29:09:ef:58:5f:e5:e7:c4:6e:7a:cc:89:b0:9f:21:
ab:55:1d:ed:26:1b:98:30:27:20:63:19:c9:b4:f5:01:9a:52:
03:cc:b2:f5:42:df:21:7d:3a:47:d0:e0:b5:d7:8a:77:fa:67:
3d:51:98:82
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgICYY0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzEzMjMxMTAvBgNVBAUTKDQxMkE2NTExQ0ZFRENGRUNCNTU5MEM5NkM4QzM2MUUy
RkVENDQ4NTcwHhcNMjYwNTA1MDk1NjUzWhcNMjcwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWY5YmVlNS1jNWZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0XpAhRZY4+bgTxlLk0IzZzB0GJ2OD3DsbxPUuar18jdkVzNR8jMk7zZ5Uw2G
Cp60jNW2ZcV/EPl5agiLq2X2rADovACOM9owXGXDbUZDNGHfNzVROPKW9AJgdAR+
IEM/mKVDkfoHOTE6iogaldPVWmDXz9NOPt0EdWYfQ+KyQnVqcLMQJ4UnamvFGw8r
fGZ5gJUvZG0llndIHmyddRd8phXlh54C8W7bgNEfCLDwxfR4mfhxxrOj9JAlBRZk
DG0Al931PHD4jbzaxL5q7kICrdIoezWAUlcXazLmKfktJVQdBabWEMxKd0Ajdcd6
Go1WxR2Wt293uwnsWfTnd5mAfwIDAQABo4ICvjCCArowHQYDVR0OBBYEFCbY6EAF
Ohnj6kR/6KCM45OkSv+1MB8GA1UdIwQYMBaAFEEqZRHP7c/stVkMlsjDYeL+1EhX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMTMyMy8wODREODhENDk1
QjcxMUVBQkI4MjRGMUJDNEY5QUUwMi9RU3BsRWNfdHoteTFXUXlXeU1OaDR2N1VT
RmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FTcGxFY190ei15MVdReVd5TU5oNHY3VVNGYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzEzMjMvMDg0RDg4RDQ5NUI3MTFFQUJCODI0RjFCQzRGOUFFMDIvMDFBNTlCMkVC
NzIxMTFFQzk4ODVBRjUxQzRGOUFFMDIucm9hMH0GCCsGAQUFBwEHAQH/BG4wbDBq
BAIAATBkAwQAdo88AwUCdo9gYAMFAnaPYGwwDgMFA3aPYJgDBQB2j2CaAwQAdo93
MAwDBAB2j4kDBAB2j4oDBAB2j44wDAMEAHaPnwMEAHaPoAMEAHaPqgMEANIA4AME
ANq8UAMEANq9SjANBgkqhkiG9w0BAQsFAAOCAQEAWlVjbckFInC2lw1ifb9Wo/6J
ZBWMPWThnwHO7WQ+8KT2VTuB3uJMqTTNkCUuBwahs9SwiWRhPNQNoCIXJclEco+W
6lSe0LX/4U5WVU+yGVarj0KPX4NOvFvQhNAMKy8L4y7RysphA+sYsrs0jGjZQm40
PuYmdUXWlcQwGbOSE46SSXUZDbVT10waifV3dbj6r0MJBYOcHqddI5+0KEgcwP6D
Q9Quafk0Au7Cs5a97wYFnbXEZy4Lvt7MDsg+ad9dgtUpn/I+hAY3KQnvWF/l58Ru
esyJsJ8hq1Ud7SYbmDAnIGMZybT1AZpSA8yy9ULfIX06R9DgtdeKd/pnPVGYgg==
-----END CERTIFICATE-----
Generated at Wed May 13 07:42:45 2026 by rpki-client