Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9147BA3/77EA7A241DA311E292E5CA9808B02CD2/2B2C31BE3B8B11EB8D76362DC4F9AE02.roa
File: 2B2C31BE3B8B11EB8D76362DC4F9AE02.roa (raw, json)
Hash identifier: END/X8NWEnYQqU51TlQvCrkCaUczqULOOoxx1HVtbaM=
Subject key identifier: BE:77:2C:1D:2C:E0:56:93:78:80:F7:3E:A9:18:FB:B5:A5:0D:97:A7
Certificate issuer: /CN=A9147BA3/serialNumber=8DF69B8CF02D4472A0E2D2F4EE6E49326D3DB0C5
Certificate serial: 3453
Authority key identifier: 8D:F6:9B:8C:F0:2D:44:72:A0:E2:D2:F4:EE:6E:49:32:6D:3D:B0:C5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jfabjPAtRHKg4tL07m5JMm09sMU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9147BA3/77EA7A241DA311E292E5CA9808B02CD2/2B2C31BE3B8B11EB8D76362DC4F9AE02.roa
Signing time: Sat 18 Jan 2025 15:10:55 +0000
ROA not before: Sat 18 Jan 2025 15:10:55 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 55344
IP address blocks: 124.109.104.0/22 maxlen: 22
124.109.104.0/23 maxlen: 23
124.109.104.0/24 maxlen: 24
124.109.105.0/24 maxlen: 24
124.109.106.0/23 maxlen: 23
124.109.106.0/24 maxlen: 24
124.109.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13395 (0x3453)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9147BA3
Validity
Not Before: Jan 18 15:10:55 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=678bc47f-a4e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3a:2a:00:46:17:41:e0:3c:bc:ff:3d:f0:54:
3d:1f:51:7e:a0:a2:c2:ef:8a:8b:9f:e2:ab:bb:22:
0d:77:ac:de:e7:54:d9:4b:ee:07:80:40:36:67:5c:
f0:b9:28:39:3b:ca:8f:c1:e8:61:90:38:1b:0d:ef:
06:c9:67:5d:27:ed:9a:77:01:ae:c1:f3:19:f8:74:
28:34:33:ca:9d:68:0c:1f:b3:0e:50:58:8f:e6:eb:
a4:d5:98:d0:9f:90:89:c1:37:88:f6:b5:66:b5:72:
ce:05:c1:6f:16:9a:99:79:62:74:14:0b:83:83:0a:
f2:7c:be:85:3d:61:fa:a4:7e:28:3c:8b:a4:e0:f9:
66:38:28:17:10:2f:9e:ae:92:f1:11:80:08:69:15:
06:10:14:b8:92:71:da:99:b1:c6:2b:9c:75:b7:67:
4a:da:18:ba:f1:60:97:b2:30:3e:c9:ae:dd:66:71:
b5:3e:71:d4:ad:86:e1:9e:a0:73:cc:03:e7:3d:27:
c3:40:74:a0:ef:a2:ac:ce:73:5b:08:21:20:10:32:
6f:36:5f:b5:04:5d:92:83:d9:54:11:ce:e9:63:bd:
4c:81:94:ea:31:a6:6a:64:38:1a:6c:4e:d1:7b:33:
28:c2:52:a1:ba:79:b3:cf:87:2b:77:f8:10:28:b2:
ab:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:77:2C:1D:2C:E0:56:93:78:80:F7:3E:A9:18:FB:B5:A5:0D:97:A7
X509v3 Authority Key Identifier:
keyid:8D:F6:9B:8C:F0:2D:44:72:A0:E2:D2:F4:EE:6E:49:32:6D:3D:B0:C5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9147BA3/77EA7A241DA311E292E5CA9808B02CD2/jfabjPAtRHKg4tL07m5JMm09sMU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jfabjPAtRHKg4tL07m5JMm09sMU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147BA3/77EA7A241DA311E292E5CA9808B02CD2/2B2C31BE3B8B11EB8D76362DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
124.109.104.0/22
Signature Algorithm: sha256WithRSAEncryption
36:61:c7:6f:93:75:47:6f:51:61:58:4c:54:ac:a4:d2:19:dd:
5d:72:76:7a:f8:4a:53:95:46:30:a0:8b:78:9b:4f:82:f6:ce:
7f:7b:c7:05:fe:28:6f:49:6b:8d:d5:27:75:6f:aa:e3:db:25:
4d:94:6c:84:f3:b5:a2:dc:ef:14:b0:39:92:76:b4:fb:59:6b:
ef:d9:8a:62:55:ac:24:a6:65:7e:73:3e:fd:61:64:c0:81:f6:
ac:f2:8b:94:89:93:ff:70:86:8e:1e:0c:27:e0:47:c4:41:83:
45:87:c4:ae:9f:98:7a:2a:b0:64:1e:38:f1:4a:7f:0b:b1:cd:
ec:a2:75:da:a3:4c:a0:9a:1e:32:bf:b1:37:c6:42:82:6e:38:
87:55:04:1b:c9:46:d1:8c:a6:80:83:bd:08:c1:12:6f:c6:cd:
8d:08:9d:40:a0:f4:23:0c:2a:d0:ee:af:d0:04:16:f2:9e:90:
e6:b4:d6:24:89:66:4b:30:4a:43:33:60:29:60:93:57:5c:59:
8d:58:48:10:70:fe:f9:df:0b:be:f5:55:3a:a0:26:d0:f9:1f:
fd:34:5f:83:b0:07:b2:e0:eb:ce:ca:04:01:35:c5:68:d2:09:
35:94:85:8e:bc:35:b2:34:9c:dc:dc:9f:5a:a0:4e:48:f1:c5:
00:db:e2:18
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNFMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDdCQTMxMTAvBgNVBAUTKDhERjY5QjhDRjAyRDQ0NzJBMEUyRDJGNEVFNkU0OTMy
NkQzREIwQzUwHhcNMjUwMTE4MTUxMDU1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhiYzQ3Zi1hNGUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyjoqAEYXQeA8vP898FQ9H1F+oKLC74qLn+KruyINd6ze51TZS+4HgEA2Z1zw
uSg5O8qPwehhkDgbDe8GyWddJ+2adwGuwfMZ+HQoNDPKnWgMH7MOUFiP5uuk1ZjQ
n5CJwTeI9rVmtXLOBcFvFpqZeWJ0FAuDgwryfL6FPWH6pH4oPIuk4PlmOCgXEC+e
rpLxEYAIaRUGEBS4knHambHGK5x1t2dK2hi68WCXsjA+ya7dZnG1PnHUrYbhnqBz
zAPnPSfDQHSg76KsznNbCCEgEDJvNl+1BF2Sg9lUEc7pY71MgZTqMaZqZDgabE7R
ezMowlKhunmzz4crd/gQKLKrvQIDAQABo4IClTCCApEwHQYDVR0OBBYEFL53LB0s
4FaTeID3PqkY+7WlDZenMB8GA1UdIwQYMBaAFI32m4zwLURyoOLS9O5uSTJtPbDF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0N0JBMy83N0VBN0EyNDFE
QTMxMUUyOTJFNUNBOTgwOEIwMkNEMi9qZmFialBBdFJIS2c0dEwwN201Sk1tMDlz
TVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pmYWJqUEF0UkhLZzR0TDA3bTVKTW0wOXNNVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDdCQTMvNzdFQTdBMjQxREEzMTFFMjkyRTVDQTk4MDhCMDJDRDIvMkIyQzMxQkUz
QjhCMTFFQjhENzYzNjJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJ8bWgwDQYJKoZIhvcNAQELBQADggEBADZhx2+TdUdvUWFY
TFSspNIZ3V1ydnr4SlOVRjCgi3ibT4L2zn97xwX+KG9Ja43VJ3VvquPbJU2UbITz
taLc7xSwOZJ2tPtZa+/ZimJVrCSmZX5zPv1hZMCB9qzyi5SJk/9who4eDCfgR8RB
g0WHxK6fmHoqsGQeOPFKfwuxzeyiddqjTKCaHjK/sTfGQoJuOIdVBBvJRtGMpoCD
vQjBEm/GzY0InUCg9CMMKtDur9AEFvKekOa01iSJZkswSkMzYClgk1dcWY1YSBBw
/vnfC771VTqgJtD5H/00X4OwB7Lg687KBAE1xWjSCTWUhY68NbI0nNzcn1qgTkjx
xQDb4hg=
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:30:56 2025 by rpki-client