Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91853D3/6EC0E368000A11EC8C287252C4F9AE02/14A59A26E15B11ECA05C9236C4F9AE02.roa
File: 14A59A26E15B11ECA05C9236C4F9AE02.roa (raw, json)
Hash identifier: Qt+ZMJoprDK28LqGcHvKCLmc3Omlf+abplideksk7Gc=
Subject key identifier: 4C:74:8D:12:DC:34:BB:89:3F:16:15:FF:AE:58:EE:69:A1:C1:1E:F2
Certificate issuer: /CN=A91853D3/serialNumber=FA045C6302B873E88365FA9A021499B4F3C58688
Certificate serial: 0562
Authority key identifier: FA:04:5C:63:02:B8:73:E8:83:65:FA:9A:02:14:99:B4:F3:C5:86:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-gRcYwK4c-iDZfqaAhSZtPPFhog.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91853D3/6EC0E368000A11EC8C287252C4F9AE02/14A59A26E15B11ECA05C9236C4F9AE02.roa
Signing time: Fri 01 Aug 2025 11:30:40 +0000
ROA not before: Fri 01 Aug 2025 11:30:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2697
IP address blocks: 202.41.64.0/18 maxlen: 24
202.141.0.0/17 maxlen: 24
202.141.128.0/19 maxlen: 24
2001:e30:1100::/40 maxlen: 40
2001:e30:1111::/48 maxlen: 48
2001:e30:1200::/40 maxlen: 40
2001:e30:1300::/40 maxlen: 40
2001:e30:1400::/40 maxlen: 40
2001:e30:1500::/40 maxlen: 40
2001:e30:1600::/40 maxlen: 40
2001:e30:1800::/40 maxlen: 40
2001:e30:187c::/48 maxlen: 48
2001:e30:1a00::/40 maxlen: 40
2001:e30:1b00::/40 maxlen: 40
2001:e30:1b06::/48 maxlen: 48
2001:e30:1c1e::/48 maxlen: 48
2001:e30:1e00::/40 maxlen: 40
2001:e30:1f00::/40 maxlen: 40
2001:e30:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91853D3/6EC0E368000A11EC8C287252C4F9AE02/-gRcYwK4c-iDZfqaAhSZtPPFhog.crl
rsync://rpki.apnic.net/member_repository/A91853D3/6EC0E368000A11EC8C287252C4F9AE02/-gRcYwK4c-iDZfqaAhSZtPPFhog.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-gRcYwK4c-iDZfqaAhSZtPPFhog.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1378 (0x562)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91853D3, serialNumber=FA045C6302B873E88365FA9A021499B4F3C58688
Validity
Not Before: Aug 1 11:30:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=688ca560-078c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c5:30:cd:91:32:f5:bc:2a:16:de:58:34:51:
62:0b:23:cd:b8:a3:73:1e:27:ae:43:bb:6a:b5:ac:
67:65:8c:ba:02:36:9b:9f:d5:a4:d9:2b:4c:2e:dd:
2b:5c:7c:3f:8c:c1:21:30:af:91:43:59:65:47:a6:
7d:36:8a:09:96:ec:f1:26:de:c3:ab:44:ed:66:7b:
59:18:3e:7f:12:08:fc:5f:03:f0:3f:bf:d2:e4:9a:
55:8e:4b:81:0d:72:d6:ff:ab:37:47:7c:16:d4:4f:
56:44:ff:59:67:de:ba:8b:3f:ad:7c:2b:32:2e:99:
cf:f0:35:ff:0e:bd:35:10:6b:c9:50:95:af:d8:29:
c2:86:18:02:77:89:49:ed:5d:b7:c6:d8:b9:e5:fc:
0c:17:d9:46:35:63:b1:e2:b7:30:9b:7f:8b:2b:a8:
ad:2c:6f:7f:73:32:7a:91:f4:82:06:22:60:b8:2e:
f9:bf:88:80:0a:8d:52:c3:70:ea:7d:9b:f7:93:9f:
25:53:67:2b:86:ed:d1:0e:4d:f1:71:ce:fe:4e:e7:
32:a5:83:3e:fe:cc:65:b9:eb:11:e9:42:1f:b3:26:
57:fa:e4:f9:34:17:b8:5b:14:09:8e:8a:1e:fb:c7:
4e:33:c3:6d:92:a6:5e:c1:f6:30:22:22:d0:3c:f0:
91:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:74:8D:12:DC:34:BB:89:3F:16:15:FF:AE:58:EE:69:A1:C1:1E:F2
X509v3 Authority Key Identifier:
keyid:FA:04:5C:63:02:B8:73:E8:83:65:FA:9A:02:14:99:B4:F3:C5:86:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91853D3/6EC0E368000A11EC8C287252C4F9AE02/-gRcYwK4c-iDZfqaAhSZtPPFhog.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-gRcYwK4c-iDZfqaAhSZtPPFhog.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91853D3/6EC0E368000A11EC8C287252C4F9AE02/14A59A26E15B11ECA05C9236C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.41.64.0/18
202.141.0.0-202.141.159.255
IPv6:
2001:e30:1100::-2001:e30:16ff:ffff:ffff:ffff:ffff:ffff
2001:e30:1800::/40
2001:e30:1a00::/39
2001:e30:1c1e::/48
2001:e30:1e00::-2001:e30:20ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
30:4f:e0:24:1e:25:1f:2e:c7:d8:3e:33:48:fc:49:bd:b4:e6:
8f:ed:51:17:69:3e:31:6a:64:0e:07:e2:06:1e:a1:62:d7:8c:
a6:47:34:46:5b:bb:af:9a:74:73:a2:8a:e2:ee:c1:7f:9b:fc:
3d:e2:94:2e:b8:9f:3d:e6:24:b7:3f:f6:48:bd:24:5c:d4:2a:
cb:7e:ad:17:bd:1f:d0:5d:0b:01:59:9e:51:50:be:1c:6c:36:
06:11:49:e4:02:4b:aa:43:be:a1:10:be:11:68:fc:f0:5b:ba:
70:62:39:5a:cc:9d:2c:5b:00:09:86:ac:a3:ad:f0:b5:a5:55:
26:fb:f1:83:f3:2d:c7:49:9a:b5:ed:7e:44:72:68:6b:99:b9:
f2:bd:51:eb:bf:fe:a8:8d:f1:a9:8e:81:e2:2a:b9:30:70:0a:
ed:0c:df:e2:e2:7f:5c:5a:3d:51:7e:c5:1c:db:12:85:0e:cc:
0f:01:cf:2f:99:00:24:73:02:73:44:85:77:46:45:d2:0f:ea:
5d:b0:eb:86:6e:92:11:48:5f:cb:72:f6:06:40:fa:97:85:60:
4f:69:4f:d7:d0:35:8b:99:74:b0:b4:0b:a1:f9:26:d5:17:52:
d9:15:47:c3:4a:b8:7a:9d:fa:8e:0b:4b:85:0b:5b:b0:c8:ef:
60:bc:18:6c
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgICBWIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODUzRDMxMTAvBgNVBAUTKEZBMDQ1QzYzMDJCODczRTg4MzY1RkE5QTAyMTQ5OUI0
RjNDNTg2ODgwHhcNMjUwODAxMTEzMDQwWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhjYTU2MC0wNzhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA38UwzZEy9bwqFt5YNFFiCyPNuKNzHieuQ7tqtaxnZYy6Ajabn9Wk2StMLt0r
XHw/jMEhMK+RQ1llR6Z9NooJluzxJt7Dq0TtZntZGD5/Egj8XwPwP7/S5JpVjkuB
DXLW/6s3R3wW1E9WRP9ZZ966iz+tfCsyLpnP8DX/Dr01EGvJUJWv2CnChhgCd4lJ
7V23xti55fwMF9lGNWOx4rcwm3+LK6itLG9/czJ6kfSCBiJguC75v4iACo1Sw3Dq
fZv3k58lU2crhu3RDk3xcc7+TucypYM+/sxluesR6UIfsyZX+uT5NBe4WxQJjooe
+8dOM8NtkqZewfYwIiLQPPCRbQIDAQABo4IC5zCCAuMwHQYDVR0OBBYEFEx0jRLc
NLuJPxYV/65Y7mmhwR7yMB8GA1UdIwQYMBaAFPoEXGMCuHPog2X6mgIUmbTzxYaI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NTNEMy82RUMwRTM2ODAw
MEExMUVDOEMyODcyNTJDNEY5QUUwMi8tZ1JjWXdLNGMtaURaZnFhQWhTWnRQUEZo
b2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1nUmNZd0s0Yy1pRFpmcWFBaFNadFBQRmhvZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODUzRDMvNkVDMEUzNjgwMDBBMTFFQzhDMjg3MjUyQzRGOUFFMDIvMTRBNTlBMjZF
MTVCMTFFQ0EwNUM5MjM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcQYIKwYBBQUHAQcBAf8E
YjBgMBkEAgABMBMDBAbKKUAwCwMDAMqNAwQFyo2AMEMEAgACMD0wEAMGACABDjAR
AwYAIAEOMBYDBgAgAQ4wGAMGASABDjAaAwcAIAEOMBweMBADBgEgAQ4wHgMGACAB
DjAgMA0GCSqGSIb3DQEBCwUAA4IBAQAwT+AkHiUfLsfYPjNI/Em9tOaP7VEXaT4x
amQOB+IGHqFi14ymRzRGW7uvmnRzoori7sF/m/w94pQuuJ895iS3P/ZIvSRc1CrL
fq0XvR/QXQsBWZ5RUL4cbDYGEUnkAkuqQ76hEL4RaPzwW7pwYjlazJ0sWwAJhqyj
rfC1pVUm+/GD8y3HSZq17X5EcmhrmbnyvVHrv/6ojfGpjoHiKrkwcArtDN/i4n9c
Wj1RfsUc2xKFDswPAc8vmQAkcwJzRIV3RkXSD+pdsOuGbpIRSF/LcvYGQPqXhWBP
aU/X0DWLmXSwtAuh+SbVF1LZFUfDSrh6nfqOC0uFC1uwyO9gvBhs
-----END CERTIFICATE-----
Generated at Sun Aug 10 21:11:09 2025 by rpki-client