Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/1B31B0E4270E11EC97471F53C4F9AE02.roa
File: 1B31B0E4270E11EC97471F53C4F9AE02.roa (raw, json)
Hash identifier: xC7nBd8pI6c9PQRaAQO5yqbAMZfqhv7lX5ydLTiKM78=
Subject key identifier: 2E:3E:15:AF:DC:B8:C5:74:0C:CB:55:4A:FD:12:91:72:16:6D:44:F3
Certificate issuer: /CN=A91514B1/serialNumber=6171432D5594CB3F608D3BE0F52600BBEC46E5FB
Certificate serial: 05F9
Authority key identifier: 61:71:43:2D:55:94:CB:3F:60:8D:3B:E0:F5:26:00:BB:EC:46:E5:FB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YXFDLVWUyz9gjTvg9SYAu-xG5fs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/1B31B0E4270E11EC97471F53C4F9AE02.roa
Signing time: Sun 03 Aug 2025 00:06:27 +0000
ROA not before: Sun 03 Aug 2025 00:06:27 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 198949
IP address blocks: 61.88.1.0/24 maxlen: 24
61.88.29.0/24 maxlen: 24
61.88.116.0/24 maxlen: 24
61.88.182.0/24 maxlen: 24
61.88.183.0/24 maxlen: 24
61.88.223.0/24 maxlen: 24
119.225.2.0/24 maxlen: 24
119.225.44.0/24 maxlen: 24
119.225.45.0/24 maxlen: 24
119.225.128.0/24 maxlen: 24
119.225.210.0/24 maxlen: 24
119.225.222.0/24 maxlen: 24
124.19.48.0/24 maxlen: 24
124.19.56.0/24 maxlen: 24
124.19.72.0/24 maxlen: 24
124.19.98.0/24 maxlen: 24
124.19.103.0/24 maxlen: 24
124.19.111.0/24 maxlen: 24
202.139.138.0/24 maxlen: 24
202.139.144.0/24 maxlen: 24
203.13.96.0/24 maxlen: 24
203.13.98.0/24 maxlen: 24
203.13.123.0/24 maxlen: 24
203.13.125.0/24 maxlen: 24
203.13.126.0/24 maxlen: 24
203.13.127.0/24 maxlen: 24
203.13.128.0/24 maxlen: 24
203.13.129.0/24 maxlen: 24
220.101.13.0/24 maxlen: 24
220.101.27.0/24 maxlen: 24
220.101.72.0/24 maxlen: 24
220.101.83.0/24 maxlen: 24
220.101.99.0/24 maxlen: 24
220.101.101.0/24 maxlen: 24
220.101.111.0/24 maxlen: 24
220.101.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/YXFDLVWUyz9gjTvg9SYAu-xG5fs.crl
rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/YXFDLVWUyz9gjTvg9SYAu-xG5fs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YXFDLVWUyz9gjTvg9SYAu-xG5fs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1529 (0x5f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91514B1, serialNumber=6171432D5594CB3F608D3BE0F52600BBEC46E5FB
Validity
Not Before: Aug 3 00:06:27 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=688ea803-e2d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3a:3b:92:84:fc:1f:a8:49:a8:b5:2e:10:8f:
05:98:d3:81:55:30:16:f4:bc:17:a9:a8:06:79:e9:
4c:69:17:5b:44:41:5d:33:97:e2:5e:a2:25:ad:ff:
1c:83:3e:f8:3b:2a:6c:d6:70:02:68:be:8a:3d:f4:
e3:22:aa:b9:aa:bd:7a:85:91:81:14:23:8b:22:2e:
ac:df:db:00:bf:61:0a:2e:0c:b6:06:ef:24:76:54:
4b:f0:76:13:f9:21:68:0c:7a:49:84:8b:90:21:db:
96:5b:15:79:95:92:90:3c:73:74:3f:1b:f2:79:d5:
0c:f0:cf:56:b6:e7:75:74:41:20:47:bb:6b:cd:57:
6c:69:60:77:89:fe:3c:17:ef:77:6f:f5:c8:02:ee:
5c:91:ba:ba:df:7b:6a:91:8e:cb:94:54:14:b5:92:
d4:aa:46:55:65:77:99:30:cc:86:a1:65:c4:b8:a5:
93:7c:b0:db:7a:d5:74:72:ae:6f:55:22:e7:94:de:
9b:df:3d:13:a6:7a:90:6b:e7:1a:ee:57:92:e6:92:
c2:e2:1f:19:cc:ed:8b:16:f7:98:90:fa:4a:22:f2:
1c:79:91:95:19:63:48:11:70:bb:32:47:6c:c1:80:
a1:eb:ed:98:a0:44:29:6f:3d:ce:3f:29:3c:e5:97:
ac:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:3E:15:AF:DC:B8:C5:74:0C:CB:55:4A:FD:12:91:72:16:6D:44:F3
X509v3 Authority Key Identifier:
keyid:61:71:43:2D:55:94:CB:3F:60:8D:3B:E0:F5:26:00:BB:EC:46:E5:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/YXFDLVWUyz9gjTvg9SYAu-xG5fs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YXFDLVWUyz9gjTvg9SYAu-xG5fs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/1B31B0E4270E11EC97471F53C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.88.1.0/24
61.88.29.0/24
61.88.116.0/24
61.88.182.0/23
61.88.223.0/24
119.225.2.0/24
119.225.44.0/23
119.225.128.0/24
119.225.210.0/24
119.225.222.0/24
124.19.48.0/24
124.19.56.0/24
124.19.72.0/24
124.19.98.0/24
124.19.103.0/24
124.19.111.0/24
202.139.138.0/24
202.139.144.0/24
203.13.96.0/24
203.13.98.0/24
203.13.123.0/24
203.13.125.0-203.13.129.255
220.101.13.0/24
220.101.27.0/24
220.101.72.0/24
220.101.83.0/24
220.101.99.0/24
220.101.101.0/24
220.101.111.0/24
220.101.121.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:03:23:61:6f:77:09:cd:6f:79:56:e7:cb:52:63:5f:65:fb:
a0:9a:1f:66:a4:7b:19:b5:11:64:6f:db:e0:80:3e:33:d5:74:
ab:50:92:2c:94:92:c5:68:22:68:64:fa:99:a5:41:d5:ed:91:
74:be:4d:ca:a5:eb:70:72:44:2b:8c:0c:0d:ec:49:7b:44:8c:
bf:df:20:ba:91:0e:cf:b5:98:df:08:f0:e8:d2:23:fd:c1:53:
0e:20:1f:ea:04:33:e8:d3:b3:8f:8c:e7:a6:9a:ce:b6:5c:c9:
66:19:8f:e5:dc:b8:e8:21:2d:0a:84:01:f9:27:3e:3e:69:20:
16:63:2e:5c:42:d4:26:d9:0b:c7:2e:04:19:66:62:3a:44:06:
6e:a9:1a:9d:0e:95:91:32:d5:37:7a:11:47:d6:11:83:9c:e8:
db:ac:0e:84:6e:5b:a6:7e:be:94:67:b3:fb:92:af:b2:e1:1f:
fa:ac:28:b0:e5:24:33:7b:c4:32:01:50:15:a9:f2:ca:9e:fb:
b3:17:39:1c:85:85:86:e5:bd:37:61:0c:34:2b:c0:cb:3d:0f:
d6:e9:94:8d:57:34:77:69:eb:38:3d:a9:4b:66:d6:a7:29:23:
d9:01:77:ea:c6:03:99:0a:3c:aa:a1:eb:61:21:ee:7e:3f:65:
fd:40:c8:b8
-----BEGIN CERTIFICATE-----
MIIGLDCCBRSgAwIBAgICBfkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTE0QjExMTAvBgNVBAUTKDYxNzE0MzJENTU5NENCM0Y2MDhEM0JFMEY1MjYwMEJC
RUM0NkU1RkIwHhcNMjUwODAzMDAwNjI3WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhlYTgwMy1lMmQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtzo7koT8H6hJqLUuEI8FmNOBVTAW9LwXqagGeelMaRdbREFdM5fiXqIlrf8c
gz74Oyps1nACaL6KPfTjIqq5qr16hZGBFCOLIi6s39sAv2EKLgy2Bu8kdlRL8HYT
+SFoDHpJhIuQIduWWxV5lZKQPHN0PxvyedUM8M9Wtud1dEEgR7trzVdsaWB3if48
F+93b/XIAu5ckbq633tqkY7LlFQUtZLUqkZVZXeZMMyGoWXEuKWTfLDbetV0cq5v
VSLnlN6b3z0TpnqQa+ca7leS5pLC4h8ZzO2LFveYkPpKIvIceZGVGWNIEXC7Mkds
wYCh6+2YoEQpbz3OPyk85ZesQQIDAQABo4IDUDCCA0wwHQYDVR0OBBYEFC4+Fa/c
uMV0DMtVSv0SkXIWbUTzMB8GA1UdIwQYMBaAFGFxQy1VlMs/YI074PUmALvsRuX7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTRCMS84NDE4OTIyNkZC
RTQxMUVCODJCNjI2NEZDNEY5QUUwMi9ZWEZETFZXVXl6OWdqVHZnOVNZQXUteEc1
ZnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lYRkRMVldVeXo5Z2pUdmc5U1lBdS14RzVmcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTE0QjEvODQxODkyMjZGQkU0MTFFQjgyQjYyNjRGQzRGOUFFMDIvMUIzMUIwRTQy
NzBFMTFFQzk3NDcxRjUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdkGCCsGAQUFBwEHAQH/
BIHJMIHGMIHDBAIAATCBvAMEAD1YAQMEAD1YHQMEAD1YdAMEAT1YtgMEAD1Y3wME
AHfhAgMEAXfhLAMEAHfhgAMEAHfh0gMEAHfh3gMEAHwTMAMEAHwTOAMEAHwTSAME
AHwTYgMEAHwTZwMEAHwTbwMEAMqLigMEAMqLkAMEAMsNYAMEAMsNYgMEAMsNezAM
AwQAyw19AwQByw2AAwQA3GUNAwQA3GUbAwQA3GVIAwQA3GVTAwQA3GVjAwQA3GVl
AwQA3GVvAwQA3GV5MA0GCSqGSIb3DQEBCwUAA4IBAQAaAyNhb3cJzW95VufLUmNf
Zfugmh9mpHsZtRFkb9vggD4z1XSrUJIslJLFaCJoZPqZpUHV7ZF0vk3KpetwckQr
jAwN7El7RIy/3yC6kQ7PtZjfCPDo0iP9wVMOIB/qBDPo07OPjOemms62XMlmGY/l
3LjoIS0KhAH5Jz4+aSAWYy5cQtQm2QvHLgQZZmI6RAZuqRqdDpWRMtU3ehFH1hGD
nOjbrA6Eblumfr6UZ7P7kq+y4R/6rCiw5SQze8QyAVAVqfLKnvuzFzkchYWG5b03
YQw0K8DLPQ/W6ZSNVzR3aes4PalLZtanKSPZAXfqxgOZCjyqoethIe5+P2X9QMi4
-----END CERTIFICATE-----
Generated at Sun Aug 10 19:02:04 2025 by rpki-client