Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/A9B6556E064311F0BA61C549C4F9AE02.roa
File: A9B6556E064311F0BA61C549C4F9AE02.roa (raw, json)
Hash identifier: mrU8KGa9vRKneCJ+qshobXiYhxcrHfbX93WdWbCVAW8=
Subject key identifier: B6:41:5D:C0:6B:9D:0B:6E:C8:7E:72:88:16:49:32:AC:14:74:E4:4E
Certificate issuer: /CN=A911C5B0/serialNumber=7A961769549E0AAD0A9BF9925683BAEF733A2F1A
Certificate serial: 34BD
Authority key identifier: 7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/A9B6556E064311F0BA61C549C4F9AE02.roa
Signing time: Fri 21 Mar 2025 11:00:13 +0000
ROA not before: Fri 21 Mar 2025 11:00:13 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 4741
IP address blocks: 203.149.0.0/18 maxlen: 18
203.149.0.0/19 maxlen: 19
203.149.0.0/20 maxlen: 20
203.149.0.0/22 maxlen: 22
203.149.0.0/24 maxlen: 24
203.149.6.0/24 maxlen: 24
203.149.8.0/24 maxlen: 24
203.149.10.0/24 maxlen: 24
203.149.16.0/20 maxlen: 20
203.149.20.0/24 maxlen: 24
203.149.21.0/24 maxlen: 24
203.149.29.0/24 maxlen: 24
203.149.31.0/24 maxlen: 24
203.149.32.0/19 maxlen: 19
203.149.32.0/24 maxlen: 24
203.149.37.0/24 maxlen: 24
203.149.38.0/24 maxlen: 24
203.149.44.0/24 maxlen: 24
203.149.45.0/24 maxlen: 24
203.149.46.0/23 maxlen: 23
203.149.48.0/20 maxlen: 20
203.149.62.0/24 maxlen: 24
210.246.64.0/18 maxlen: 18
210.246.64.0/19 maxlen: 19
210.246.64.0/20 maxlen: 20
210.246.80.0/20 maxlen: 20
210.246.96.0/19 maxlen: 19
210.246.96.0/20 maxlen: 20
210.246.112.0/20 maxlen: 20
210.246.128.0/17 maxlen: 17
210.246.128.0/18 maxlen: 18
210.246.128.0/20 maxlen: 20
210.246.144.0/20 maxlen: 20
210.246.150.0/24 maxlen: 24
210.246.151.0/24 maxlen: 24
210.246.152.0/24 maxlen: 24
210.246.154.0/24 maxlen: 24
210.246.155.0/24 maxlen: 24
210.246.176.0/20 maxlen: 20
210.246.176.0/21 maxlen: 21
210.246.184.0/21 maxlen: 21
210.246.192.0/18 maxlen: 18
210.246.192.0/20 maxlen: 20
210.246.253.0/24 maxlen: 24
2403:c000::/32 maxlen: 32
2403:c000:1000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13501 (0x34bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C5B0
Validity
Not Before: Mar 21 11:00:13 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67dd46bd-0d4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6c:69:3f:04:a9:f2:80:8e:0b:b1:5f:8d:5e:
da:b0:99:a1:46:1e:2c:31:fb:f5:78:fe:14:59:24:
7f:0c:b9:ef:1b:13:b0:25:42:80:67:d8:37:b0:10:
70:7a:9e:76:84:e5:e5:67:c8:c3:7b:5e:5f:ea:36:
af:0c:34:7c:21:01:92:12:33:b1:13:21:67:81:03:
62:55:f5:c5:b9:28:eb:27:d8:9d:6c:e2:b4:f1:bd:
cd:e7:6c:4b:bd:63:cb:82:ca:6a:2b:66:d8:cf:a4:
79:5b:1c:b3:d7:be:1c:f6:64:04:bc:76:43:73:db:
56:51:a3:fb:6e:96:55:46:6a:12:da:1a:7a:41:61:
57:a6:3a:d8:a2:58:62:c5:71:ad:01:fe:6f:9a:f3:
64:37:1d:38:30:e4:37:41:21:fb:dc:75:44:a6:c6:
97:77:0f:26:d3:bf:1b:26:dc:6c:82:53:02:a9:f1:
0c:45:65:ea:69:e3:b5:62:a0:b5:9b:55:8c:36:75:
b6:a4:99:c8:8e:cd:02:f4:a7:e7:53:b1:14:4b:99:
55:2e:8b:9a:0b:db:2c:4c:e5:c0:28:c0:92:1f:62:
e6:f1:c8:b0:4f:6e:f8:f5:ab:2c:f5:02:7e:95:ea:
d8:f5:15:b1:a6:73:98:b4:87:49:f6:aa:f1:c3:f1:
46:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:41:5D:C0:6B:9D:0B:6E:C8:7E:72:88:16:49:32:AC:14:74:E4:4E
X509v3 Authority Key Identifier:
keyid:7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/A9B6556E064311F0BA61C549C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.149.0.0/18
210.246.64.0-210.246.255.255
IPv6:
2403:c000::/32
Signature Algorithm: sha256WithRSAEncryption
6f:e0:41:e1:93:49:00:d6:de:b1:a6:e7:b6:bd:1c:d4:c6:c4:
31:10:1e:ca:2e:5c:03:5c:0d:1d:82:15:9c:42:6a:1a:bb:09:
c4:5a:4f:50:16:84:89:02:dc:40:15:03:99:74:2f:ff:e1:04:
38:88:db:b3:17:9e:d4:d5:7d:d2:2d:bf:e8:ff:76:cb:3f:99:
2d:bc:d4:37:08:bb:91:e5:05:a6:80:fc:37:eb:82:86:d6:88:
26:be:af:3b:1d:3b:18:b9:61:7e:41:3a:0e:f3:63:41:fb:ff:
ad:3c:b6:6a:f5:ed:ec:aa:1b:b9:9f:bd:40:8c:d2:a4:55:92:
81:b6:57:3e:c6:66:08:f4:7d:d9:a1:7f:90:8a:a9:70:64:32:
45:d2:cd:c2:21:04:5c:b7:28:07:a3:f7:22:c8:2a:3d:31:e7:
48:c9:b0:89:89:db:97:d4:4b:d4:09:72:d9:fd:d0:3b:00:0e:
c5:16:be:6e:bd:ee:b9:91:ce:17:06:44:d9:44:3a:18:fe:80:
93:64:d7:70:3c:c5:5b:44:e7:45:bf:8d:0b:fd:25:b1:ba:15:
70:92:a4:4b:40:3c:5e:5a:cd:23:24:31:cb:ed:53:e9:68:8f:
f6:29:0c:04:2b:d4:ad:2d:13:00:c3:0d:8f:45:be:4b:3e:68:
c0:f7:99:30
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICNL0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUM1QjAxMTAvBgNVBAUTKDdBOTYxNzY5NTQ5RTBBQUQwQTlCRjk5MjU2ODNCQUVG
NzMzQTJGMUEwHhcNMjUwMzIxMTEwMDEzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RkNDZiZC0wZDRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnWxpPwSp8oCOC7FfjV7asJmhRh4sMfv1eP4UWSR/DLnvGxOwJUKAZ9g3sBBw
ep52hOXlZ8jDe15f6javDDR8IQGSEjOxEyFngQNiVfXFuSjrJ9idbOK08b3N52xL
vWPLgspqK2bYz6R5Wxyz174c9mQEvHZDc9tWUaP7bpZVRmoS2hp6QWFXpjrYolhi
xXGtAf5vmvNkNx04MOQ3QSH73HVEpsaXdw8m078bJtxsglMCqfEMRWXqaeO1YqC1
m1WMNnW2pJnIjs0C9KfnU7EUS5lVLouaC9ssTOXAKMCSH2Lm8ciwT2749ass9QJ+
lerY9RWxpnOYtIdJ9qrxw/FG6wIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFLZBXcBr
nQtuyH5yiBZJMqwUdOROMB8GA1UdIwQYMBaAFHqWF2lUngqtCpv5klaDuu9zOi8a
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzVCMC80MEM4RDVBNjFE
ODMxMUUyODIzQTVGRDgwOEIwMkNEMi9lcFlYYVZTZUNxMEttX21TVm9PNjczTTZM
eG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VwWVhhVlNlQ3EwS21fbVNWb082NzNNNkx4by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUM1QjAvNDBDOEQ1QTYxRDgzMTFFMjgyM0E1RkQ4MDhCMDJDRDIvQTlCNjU1NkUw
NjQzMTFGMEJBNjFDNTQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMBkEAgABMBMDBAbLlQAwCwMEBtL2QAMDANL2MA0EAgACMAcDBQAkA8AAMA0G
CSqGSIb3DQEBCwUAA4IBAQBv4EHhk0kA1t6xpue2vRzUxsQxEB7KLlwDXA0dghWc
QmoauwnEWk9QFoSJAtxAFQOZdC//4QQ4iNuzF57U1X3SLb/o/3bLP5ktvNQ3CLuR
5QWmgPw364KG1ogmvq87HTsYuWF+QToO82NB+/+tPLZq9e3sqhu5n71AjNKkVZKB
tlc+xmYI9H3ZoX+QiqlwZDJF0s3CIQRctygHo/ciyCo9MedIybCJiduX1EvUCXLZ
/dA7AA7FFr5uve65kc4XBkTZRDoY/oCTZNdwPMVbROdFv40L/SWxuhVwkqRLQDxe
Ws0jJDHL7VPpaI/2KQwEK9StLRMAww2PRb5LPmjA95kw
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:33:29 2025 by rpki-client