Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912EE4D/523FDA808A0211EEB289032CC4F9AE02/81A901FA8A0411EEA251F746C4F9AE02.roa
File: 81A901FA8A0411EEA251F746C4F9AE02.roa (raw, json)
Hash identifier: JHvhSwDOyCbk05zvE3c35/2oeXE8ikJi+kxwUoPeaf4=
Subject key identifier: BF:CC:16:B6:0F:D9:F0:DA:60:14:5D:F8:B0:41:32:AE:C7:04:4C:47
Certificate issuer: /CN=A912EE4D/serialNumber=9459A07AFEB46F799245FEC2356D3CBAC9BED888
Certificate serial: DE
Authority key identifier: 94:59:A0:7A:FE:B4:6F:79:92:45:FE:C2:35:6D:3C:BA:C9:BE:D8:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lFmgev60b3mSRf7CNW08usm-2Ig.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912EE4D/523FDA808A0211EEB289032CC4F9AE02/81A901FA8A0411EEA251F746C4F9AE02.roa
Signing time: Wed 15 Jan 2025 04:26:48 +0000
ROA not before: Wed 15 Jan 2025 04:26:48 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 38315
IP address blocks: 203.169.24.0/21 maxlen: 21
203.169.24.0/22 maxlen: 22
203.169.24.0/23 maxlen: 23
203.169.24.0/24 maxlen: 24
203.169.25.0/24 maxlen: 24
203.169.26.0/23 maxlen: 23
203.169.26.0/24 maxlen: 24
203.169.27.0/24 maxlen: 24
203.169.28.0/22 maxlen: 22
203.169.28.0/23 maxlen: 23
203.169.28.0/24 maxlen: 24
203.169.29.0/24 maxlen: 24
203.169.30.0/23 maxlen: 23
203.169.30.0/24 maxlen: 24
203.169.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 222 (0xde)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912EE4D
Validity
Not Before: Jan 15 04:26:48 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67873908-751f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:10:38:40:39:53:73:ac:0c:c9:48:f1:58:22:
24:c0:90:e3:f2:d4:65:20:2c:a3:c5:be:68:5a:7b:
46:13:4f:71:6a:42:d7:43:17:7f:b9:20:d9:fb:9b:
83:e8:db:a4:18:6a:4a:ec:57:53:89:57:f7:31:82:
d2:87:9a:63:18:0d:56:01:72:46:6a:d6:00:b2:90:
4a:14:8c:4e:d5:ef:71:e1:1f:f2:0e:32:00:2f:73:
f4:3e:78:c3:d9:d6:23:e9:58:85:80:be:9f:cb:f5:
4b:d9:96:cd:d6:53:5b:22:7d:1f:67:5d:87:cc:55:
d2:24:e1:a4:42:51:41:7d:01:96:af:36:95:c8:7f:
2e:3d:98:3d:49:94:e4:d5:40:03:b4:ac:c3:8a:e6:
8e:dc:51:71:c1:46:7a:ba:79:20:9f:c0:b5:5d:e1:
c4:b2:c8:a1:e9:e8:44:55:73:cf:3c:52:42:b1:04:
42:c9:4b:4f:42:1e:45:db:53:3e:18:07:6c:a3:e8:
0a:9a:96:b8:0c:12:34:46:05:c6:10:ad:6b:81:3b:
57:80:d3:05:52:14:a6:b6:b8:8e:7e:f3:4d:6d:bb:
7b:0f:ec:6e:4e:ae:f5:3c:ec:0a:bd:22:60:ea:21:
85:c9:77:66:85:95:be:20:2f:be:19:7f:db:c5:24:
eb:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:CC:16:B6:0F:D9:F0:DA:60:14:5D:F8:B0:41:32:AE:C7:04:4C:47
X509v3 Authority Key Identifier:
keyid:94:59:A0:7A:FE:B4:6F:79:92:45:FE:C2:35:6D:3C:BA:C9:BE:D8:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912EE4D/523FDA808A0211EEB289032CC4F9AE02/lFmgev60b3mSRf7CNW08usm-2Ig.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lFmgev60b3mSRf7CNW08usm-2Ig.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912EE4D/523FDA808A0211EEB289032CC4F9AE02/81A901FA8A0411EEA251F746C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.169.24.0/21
Signature Algorithm: sha256WithRSAEncryption
99:7f:e5:08:1a:70:df:23:09:a4:82:c9:9a:49:69:4e:cd:7f:
e5:de:b3:bf:7e:57:0d:fe:2b:39:24:e0:5f:c1:cd:bc:c8:6e:
cf:ed:57:65:ed:bc:cc:c2:dd:13:d2:1e:8e:78:c8:6d:c4:c0:
c1:08:fe:db:40:87:d4:f1:1e:0c:c7:1a:df:25:95:e8:05:50:
59:96:ba:0c:ca:10:e8:ed:5c:8a:af:6b:9b:88:c8:6f:e3:88:
ca:60:b5:95:d8:77:ac:20:46:b9:de:8f:51:14:a5:19:1b:b1:
0c:91:85:d8:7e:41:c7:70:11:b5:c9:ff:b7:ed:5b:77:59:17:
9a:25:78:21:4b:d6:41:b2:7a:0d:2b:6d:69:5b:cf:df:da:13:
dc:10:bc:0e:5b:51:c9:4c:8d:e9:9f:74:56:d6:aa:0e:a1:6c:
74:00:7c:f0:de:5e:c5:b6:05:f5:e8:e3:af:71:8c:1b:d0:e7:
33:db:02:6d:97:6c:bc:81:51:dd:bb:14:27:f0:ba:dd:c7:62:
db:22:67:67:0d:0c:52:d7:ff:89:67:75:3b:66:52:18:07:37:
fc:10:de:36:04:3e:1b:cf:c2:05:92:1b:fc:f3:0a:2d:06:41:
9e:0a:d8:5a:1b:ea:c9:26:ca:57:a3:b1:76:6b:ea:16:25:c3:
f1:50:28:60
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAN4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkVFNEQxMTAvBgNVBAUTKDk0NTlBMDdBRkVCNDZGNzk5MjQ1RkVDMjM1NkQzQ0JB
QzlCRUQ4ODgwHhcNMjUwMTE1MDQyNjQ4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg3MzkwOC03NTFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArxA4QDlTc6wMyUjxWCIkwJDj8tRlICyjxb5oWntGE09xakLXQxd/uSDZ+5uD
6NukGGpK7FdTiVf3MYLSh5pjGA1WAXJGatYAspBKFIxO1e9x4R/yDjIAL3P0PnjD
2dYj6ViFgL6fy/VL2ZbN1lNbIn0fZ12HzFXSJOGkQlFBfQGWrzaVyH8uPZg9SZTk
1UADtKzDiuaO3FFxwUZ6unkgn8C1XeHEssih6ehEVXPPPFJCsQRCyUtPQh5F21M+
GAdso+gKmpa4DBI0RgXGEK1rgTtXgNMFUhSmtriOfvNNbbt7D+xuTq71POwKvSJg
6iGFyXdmhZW+IC++GX/bxSTr4QIDAQABo4IClTCCApEwHQYDVR0OBBYEFL/MFrYP
2fDaYBRd+LBBMq7HBExHMB8GA1UdIwQYMBaAFJRZoHr+tG95kkX+wjVtPLrJvtiI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRUU0RC81MjNGREE4MDhB
MDIxMUVFQjI4OTAzMkNDNEY5QUUwMi9sRm1nZXY2MGIzbVNSZjdDTlcwOHVzbS0y
SWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xGbWdldjYwYjNtU1JmN0NOVzA4dXNtLTJJZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkVFNEQvNTIzRkRBODA4QTAyMTFFRUIyODkwMzJDQzRGOUFFMDIvODFBOTAxRkE4
QTA0MTFFRUEyNTFGNzQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAPLqRgwDQYJKoZIhvcNAQELBQADggEBAJl/5QgacN8jCaSC
yZpJaU7Nf+Xes79+Vw3+Kzkk4F/BzbzIbs/tV2XtvMzC3RPSHo54yG3EwMEI/ttA
h9TxHgzHGt8llegFUFmWugzKEOjtXIqva5uIyG/jiMpgtZXYd6wgRrnej1EUpRkb
sQyRhdh+QcdwEbXJ/7ftW3dZF5oleCFL1kGyeg0rbWlbz9/aE9wQvA5bUclMjemf
dFbWqg6hbHQAfPDeXsW2BfXo469xjBvQ5zPbAm2XbLyBUd27FCfwut3HYtsiZ2cN
DFLX/4lndTtmUhgHN/wQ3jYEPhvPwgWSG/zzCi0GQZ4K2Fob6skmylejsXZr6hYl
w/FQKGA=
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:25:04 2025 by rpki-client