Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/FFCDED80FFE111EFB1C18E52C4F9AE02.roa
File: FFCDED80FFE111EFB1C18E52C4F9AE02.roa (raw, json)
Hash identifier: mU82c9UsN7aMzC4DMeuqqygQy0O+yLmNqhxj9poHsyI=
Subject key identifier: 46:D2:03:78:77:AD:B3:F7:41:99:3C:31:00:5B:B9:EF:4A:53:85:30
Certificate issuer: /CN=A912F17E/serialNumber=1F3E8B01D841CBE6220D02D2CD111354F19C47B2
Certificate serial: 3463
Authority key identifier: 1F:3E:8B:01:D8:41:CB:E6:22:0D:02:D2:CD:11:13:54:F1:9C:47:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/FFCDED80FFE111EFB1C18E52C4F9AE02.roa
Signing time: Thu 13 Mar 2025 08:09:06 +0000
ROA not before: Thu 13 Mar 2025 08:09:06 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 10102
IP address blocks: 27.0.8.0/22 maxlen: 22
27.0.8.0/24 maxlen: 24
27.0.9.0/24 maxlen: 24
27.0.10.0/24 maxlen: 24
27.0.11.0/24 maxlen: 24
103.4.108.0/22 maxlen: 24
114.141.208.0/21 maxlen: 24
182.16.140.0/22 maxlen: 24
2404:a100::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13411 (0x3463)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912F17E
Validity
Not Before: Mar 13 08:09:06 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67d292a2-2a63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:81:09:1d:f0:bc:92:45:de:1e:e8:ae:90:6c:
d6:00:9f:3a:62:41:1b:4b:23:c0:f6:ec:e8:6e:9b:
8a:0d:de:41:37:b2:fd:a0:7a:9c:3b:d1:a2:61:58:
f6:ac:b5:81:6a:c8:09:d5:36:15:aa:b1:65:54:59:
56:7b:ea:f9:e1:99:56:88:ea:58:0e:42:a1:eb:7f:
bd:31:54:a3:fd:68:2e:38:7b:92:2c:09:44:6b:44:
31:ad:89:e1:28:10:42:46:31:7d:51:61:d2:ea:f7:
00:61:6f:85:e5:ac:bc:04:8a:fc:70:80:2b:21:f1:
4c:94:87:8a:4a:1c:60:98:79:3c:ef:27:5c:01:84:
2f:18:85:23:6c:b4:67:1e:e9:3c:cb:1e:bc:aa:9d:
ea:21:91:76:59:7a:14:0e:0c:fb:e4:87:d5:b3:2e:
50:b5:48:ec:76:f8:8d:28:fc:41:c9:f8:cc:bc:be:
33:36:e4:a2:af:cb:5b:54:93:c7:4d:19:87:6a:e3:
1b:bc:cf:11:01:5c:0c:fc:4d:66:ca:a7:54:aa:ac:
26:25:71:92:bc:93:b3:77:a2:30:aa:4d:27:ad:3b:
e9:b1:04:75:31:72:f0:da:07:72:89:96:89:f3:25:
95:80:8f:68:c1:8d:2a:03:ee:4e:b8:41:75:07:8f:
7a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:D2:03:78:77:AD:B3:F7:41:99:3C:31:00:5B:B9:EF:4A:53:85:30
X509v3 Authority Key Identifier:
keyid:1F:3E:8B:01:D8:41:CB:E6:22:0D:02:D2:CD:11:13:54:F1:9C:47:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/FFCDED80FFE111EFB1C18E52C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.0.8.0/22
103.4.108.0/22
114.141.208.0/21
182.16.140.0/22
IPv6:
2404:a100::/32
Signature Algorithm: sha256WithRSAEncryption
57:87:db:63:5a:2d:e0:e5:00:b2:88:06:03:4a:03:c7:d9:39:
89:b6:ba:a0:ad:6b:f6:9b:a4:98:3d:46:65:26:e6:b5:c2:fb:
4a:9e:0c:5e:2c:ce:83:f3:3d:e0:a0:89:88:91:47:08:19:f6:
ce:a8:7f:60:5b:70:c2:55:a0:a1:db:a3:b6:8a:7c:60:0f:77:
0e:31:e6:37:46:f2:6a:9d:33:28:99:59:38:28:0c:81:09:79:
b3:10:61:cc:cc:25:89:69:af:f3:62:3e:02:fb:8c:85:a9:59:
2d:7b:39:cc:41:94:ab:4b:c6:34:45:12:33:38:84:11:6b:f1:
00:eb:33:1b:4d:78:52:f0:b8:34:fd:a7:bd:98:9e:c2:ee:15:
59:00:70:9f:ee:8c:d7:33:ed:24:8e:48:1f:df:42:24:a6:25:
5e:35:09:5e:c1:05:48:54:01:a0:c3:56:2d:1c:d4:76:62:a3:
e4:f4:90:42:ad:10:19:42:a1:3f:0e:fd:5a:d3:39:cb:bd:4b:
fa:88:df:fd:c2:13:35:4e:ba:7d:95:c5:3c:b4:be:87:26:0f:
52:a0:5d:b6:ba:9f:7e:fb:d5:41:23:12:74:99:18:d9:90:fe:
4a:eb:11:56:e0:ac:33:5c:e9:9d:a7:0c:85:e7:45:0c:9f:47:
30:46:92:dc
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICNGMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkYxN0UxMTAvBgNVBAUTKDFGM0U4QjAxRDg0MUNCRTYyMjBEMDJEMkNEMTExMzU0
RjE5QzQ3QjIwHhcNMjUwMzEzMDgwOTA2WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2QyOTJhMi0yYTYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0oEJHfC8kkXeHuiukGzWAJ86YkEbSyPA9uzobpuKDd5BN7L9oHqcO9GiYVj2
rLWBasgJ1TYVqrFlVFlWe+r54ZlWiOpYDkKh63+9MVSj/WguOHuSLAlEa0QxrYnh
KBBCRjF9UWHS6vcAYW+F5ay8BIr8cIArIfFMlIeKShxgmHk87ydcAYQvGIUjbLRn
Huk8yx68qp3qIZF2WXoUDgz75IfVsy5QtUjsdviNKPxByfjMvL4zNuSir8tbVJPH
TRmHauMbvM8RAVwM/E1myqdUqqwmJXGSvJOzd6Iwqk0nrTvpsQR1MXLw2gdyiZaJ
8yWVgI9owY0qA+5OuEF1B496vwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFEbSA3h3
rbP3QZk8MQBbue9KU4UwMB8GA1UdIwQYMBaAFB8+iwHYQcvmIg0C0s0RE1TxnEey
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRjE3RS9GQ0ZGODQ2NjFE
QTMxMUUyODFFQUFGOTkwOEIwMkNEMi9IejZMQWRoQnktWWlEUUxTelJFVFZQR2NS
N0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0h6NkxBZGhCeS1ZaURRTFN6UkVUVlBHY1I3SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkYxN0UvRkNGRjg0NjYxREEzMTFFMjgxRUFBRjk5MDhCMDJDRDIvRkZDREVEODBG
RkUxMTFFRkIxQzE4RTUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAIbAAgDBAJnBGwDBANyjdADBAK2EIwwDQQCAAIwBwMFACQE
oQAwDQYJKoZIhvcNAQELBQADggEBAFeH22NaLeDlALKIBgNKA8fZOYm2uqCta/ab
pJg9RmUm5rXC+0qeDF4szoPzPeCgiYiRRwgZ9s6of2BbcMJVoKHbo7aKfGAPdw4x
5jdG8mqdMyiZWTgoDIEJebMQYczMJYlpr/NiPgL7jIWpWS17OcxBlKtLxjRFEjM4
hBFr8QDrMxtNeFLwuDT9p72YnsLuFVkAcJ/ujNcz7SSOSB/fQiSmJV41CV7BBUhU
AaDDVi0c1HZio+T0kEKtEBlCoT8O/VrTOcu9S/qI3/3CEzVOun2VxTy0vocmD1Kg
Xba6n3771UEjEnSZGNmQ/krrEVbgrDNc6Z2nDIXnRQyfRzBGktw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:13:58 2025 by rpki-client