Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912F190/57B405943A8411EFA5731584C4F9AE02/23CFDCD244BE11EF8FA8A37FC4F9AE02.roa
File: 23CFDCD244BE11EF8FA8A37FC4F9AE02.roa (raw, json)
Hash identifier: vUDH2ZK5OJcy3mBbkdGoudlGrWh6Xv2GZJY44SeKbcc=
Subject key identifier: 19:06:C8:EB:45:F8:62:F1:68:54:3A:7E:D9:6D:73:D7:70:63:0E:C9
Certificate issuer: /CN=A912F190/serialNumber=D6BF3DE16441ED7D87506DE09E4DD5D638E0BA69
Certificate serial: A1
Authority key identifier: D6:BF:3D:E1:64:41:ED:7D:87:50:6D:E0:9E:4D:D5:D6:38:E0:BA:69
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1r894WRB7X2HUG3gnk3V1jjgumk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912F190/57B405943A8411EFA5731584C4F9AE02/23CFDCD244BE11EF8FA8A37FC4F9AE02.roa
Signing time: Mon 03 Feb 2025 05:29:20 +0000
ROA not before: Mon 03 Feb 2025 05:29:20 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 24007
IP address blocks: 180.188.204.0/22 maxlen: 22
180.188.205.0/24 maxlen: 24
180.188.206.0/24 maxlen: 24
180.188.207.0/24 maxlen: 24
202.12.24.0/23 maxlen: 23
202.12.24.0/24 maxlen: 24
202.12.25.0/24 maxlen: 24
203.3.130.0/24 maxlen: 24
203.4.232.0/24 maxlen: 24
203.4.233.0/24 maxlen: 24
203.4.234.0/24 maxlen: 24
203.4.235.0/24 maxlen: 24
203.4.236.0/24 maxlen: 24
203.4.237.0/24 maxlen: 24
203.4.238.0/24 maxlen: 24
203.4.239.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 161 (0xa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912F190
Validity
Not Before: Feb 3 05:29:20 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67a05430-1a6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f2:a3:a5:b5:52:b4:ba:90:09:00:22:6c:bc:
b2:10:bb:b8:3e:37:a9:16:4c:0e:44:87:fc:39:64:
1e:2a:09:f7:fb:67:90:2a:a9:c6:6a:53:89:a5:bf:
aa:7e:6d:9b:1d:67:7f:8a:b5:e4:93:a8:23:3b:8d:
1d:9a:16:06:d0:ca:19:02:c4:11:82:71:57:8f:43:
63:ba:84:50:9f:de:4c:bc:43:af:24:b1:88:b4:30:
b2:41:d3:5b:19:e1:9a:00:11:99:01:da:60:75:c7:
b9:3c:43:ad:19:cb:44:fb:29:5b:12:8e:08:b7:e8:
f2:6d:b0:a1:73:99:fa:bc:9c:79:ba:22:c1:dd:95:
2b:a5:36:ca:a0:c0:58:20:93:bb:9f:e5:4b:ca:1d:
fd:dc:14:9b:a4:3e:84:49:41:7d:3a:44:f5:f1:d5:
f7:0a:30:07:ec:0e:ee:be:09:a1:3b:37:ee:1b:bf:
93:2e:5b:41:0b:d0:2f:92:17:33:67:35:c1:5a:10:
3b:f6:4a:e0:e7:98:a4:ed:10:98:40:db:72:6c:2e:
f6:3c:00:dc:06:a8:06:dd:7b:a7:92:6e:ca:e0:36:
2e:b7:66:95:32:ad:30:1e:9d:cb:b9:b1:e5:e9:86:
78:3f:ed:c0:a2:60:1f:5e:e0:62:3a:ce:47:a5:bc:
fb:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:06:C8:EB:45:F8:62:F1:68:54:3A:7E:D9:6D:73:D7:70:63:0E:C9
X509v3 Authority Key Identifier:
keyid:D6:BF:3D:E1:64:41:ED:7D:87:50:6D:E0:9E:4D:D5:D6:38:E0:BA:69
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912F190/57B405943A8411EFA5731584C4F9AE02/1r894WRB7X2HUG3gnk3V1jjgumk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1r894WRB7X2HUG3gnk3V1jjgumk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912F190/57B405943A8411EFA5731584C4F9AE02/23CFDCD244BE11EF8FA8A37FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
180.188.204.0/22
202.12.24.0/23
203.3.130.0/24
203.4.232.0/21
Signature Algorithm: sha256WithRSAEncryption
50:56:c1:9c:38:ec:d7:ae:c1:02:c8:ad:6e:1e:73:1c:49:f6:
2a:29:a8:a9:a2:68:f7:89:44:34:ed:07:df:92:84:b7:55:7c:
fd:18:3e:06:e9:63:a3:6a:eb:ac:cf:bf:76:e4:34:4f:e9:fe:
e1:96:79:26:4a:35:fe:45:b4:f2:f6:2a:38:85:29:92:0f:20:
31:5c:46:f2:39:7f:1b:ae:db:43:47:f9:13:a7:02:d9:d0:54:
08:cb:24:59:54:d4:23:8f:7c:c9:62:52:59:10:a4:21:b8:31:
a1:59:7d:96:ad:86:9c:2c:30:3e:a1:c5:a4:e4:2e:e8:59:60:
a6:c1:81:f4:aa:4b:fb:ac:08:ba:b3:88:6b:22:13:79:4d:cf:
4d:58:19:e6:aa:66:0e:7f:de:8b:17:1b:68:9e:29:9b:ae:60:
fa:19:47:c8:5e:13:2e:76:16:b9:93:15:d5:65:66:ab:a5:f2:
f5:a1:0d:47:85:a8:bc:5f:52:e8:9c:45:5c:06:9a:44:a9:5a:
ce:a1:10:91:d6:ae:be:4e:2c:31:7a:c6:9f:8a:d0:4a:84:4f:
03:87:3e:07:a4:95:7f:a8:8d:77:a1:ba:eb:6a:d1:69:43:c0:
a5:d0:63:56:88:8b:fb:4b:dc:48:84:52:3a:ae:22:c7:5d:d1:
4b:31:a0:7e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAKEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkYxOTAxMTAvBgNVBAUTKEQ2QkYzREUxNjQ0MUVEN0Q4NzUwNkRFMDlFNERENUQ2
MzhFMEJBNjkwHhcNMjUwMjAzMDUyOTIwWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EwNTQzMC0xYTZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq/KjpbVStLqQCQAibLyyELu4PjepFkwORIf8OWQeKgn3+2eQKqnGalOJpb+q
fm2bHWd/irXkk6gjO40dmhYG0MoZAsQRgnFXj0NjuoRQn95MvEOvJLGItDCyQdNb
GeGaABGZAdpgdce5PEOtGctE+ylbEo4It+jybbChc5n6vJx5uiLB3ZUrpTbKoMBY
IJO7n+VLyh393BSbpD6ESUF9OkT18dX3CjAH7A7uvgmhOzfuG7+TLltBC9Avkhcz
ZzXBWhA79krg55ik7RCYQNtybC72PADcBqgG3Xunkm7K4DYut2aVMq0wHp3LubHl
6YZ4P+3AomAfXuBiOs5Hpbz7FwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFBkGyOtF
+GLxaFQ6ftltc9dwYw7JMB8GA1UdIwQYMBaAFNa/PeFkQe19h1Bt4J5N1dY44Lpp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRjE5MC81N0I0MDU5NDNB
ODQxMUVGQTU3MzE1ODRDNEY5QUUwMi8xcjg5NFdSQjdYMkhVRzNnbmszVjFqamd1
bWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFyODk0V1JCN1gySFVHM2duazNWMWpqZ3Vtay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkYxOTAvNTdCNDA1OTQzQTg0MTFFRkE1NzMxNTg0QzRGOUFFMDIvMjNDRkRDRDI0
NEJFMTFFRjhGQThBMzdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAK0vMwDBAHKDBgDBADLA4IDBAPLBOgwDQYJKoZIhvcNAQEL
BQADggEBAFBWwZw47NeuwQLIrW4ecxxJ9iopqKmiaPeJRDTtB9+ShLdVfP0YPgbp
Y6Nq66zPv3bkNE/p/uGWeSZKNf5FtPL2KjiFKZIPIDFcRvI5fxuu20NH+ROnAtnQ
VAjLJFlU1COPfMliUlkQpCG4MaFZfZathpwsMD6hxaTkLuhZYKbBgfSqS/usCLqz
iGsiE3lNz01YGeaqZg5/3osXG2ieKZuuYPoZR8heEy52FrmTFdVlZqul8vWhDUeF
qLxfUuicRVwGmkSpWs6hEJHWrr5OLDF6xp+K0EqETwOHPgeklX+ojXehuutq0WlD
wKXQY1aIi/tL3EiEUjquIsdd0UsxoH4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:03:17 2025 by rpki-client