Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EBB2/F37F246E329511EF9A482F55C4F9AE02/F7EF268E397011EF954B1B39C4F9AE02.roa
File: F7EF268E397011EF954B1B39C4F9AE02.roa (raw, json)
Hash identifier: S1rJk8tPlaRTQ6ujdNIJB/8UUz7bvB7KVwT/vfOSxG8=
Subject key identifier: F2:6A:84:7C:88:6A:41:5C:DE:C5:C4:A3:54:1C:75:6E:AD:BC:E2:21
Certificate issuer: /CN=A914EBB2/serialNumber=CD3DF53AA0E9A398595E957015155BCCAC568D15
Certificate serial: 7D
Authority key identifier: CD:3D:F5:3A:A0:E9:A3:98:59:5E:95:70:15:15:5B:CC:AC:56:8D:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zT31OqDpo5hZXpVwFRVbzKxWjRU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EBB2/F37F246E329511EF9A482F55C4F9AE02/F7EF268E397011EF954B1B39C4F9AE02.roa
Signing time: Fri 24 Jan 2025 13:52:39 +0000
ROA not before: Fri 24 Jan 2025 13:52:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 17476
IP address blocks: 183.90.185.0/24 maxlen: 24
202.36.160.0/23 maxlen: 24
2401:ada0::/32 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125 (0x7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EBB2
Validity
Not Before: Jan 24 13:52:39 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67939b27-c065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c3:f9:24:b2:84:ff:f2:9a:38:16:55:ea:fc:
91:41:6a:6a:41:3e:fd:21:74:00:6e:38:40:29:d1:
c9:39:52:65:78:0c:c0:7a:66:35:a8:92:a7:f9:53:
3d:89:94:92:7d:12:da:06:52:ff:83:66:14:2b:65:
e0:1d:6a:b3:94:11:8d:fe:cb:0d:08:70:94:c9:9c:
fc:02:67:db:e7:12:54:93:22:70:b8:0a:67:e3:3e:
f4:87:2e:ac:ad:9a:ef:97:be:5f:bc:c5:b1:90:29:
d0:27:44:c3:8a:f8:c3:18:9d:cf:04:ec:bb:54:dc:
03:76:75:a8:3f:b8:26:69:21:65:76:ce:ee:38:c2:
9c:1c:44:66:4c:ee:9e:3f:c8:54:fb:11:62:1e:22:
63:ad:4d:6d:3b:35:0d:9e:68:01:3d:d0:90:e1:07:
33:49:2d:55:40:a5:a3:7a:08:70:3f:4e:8f:99:d6:
20:7d:0c:4c:5b:bd:a4:45:4d:20:d2:7b:32:84:ba:
cf:19:d1:94:da:2b:bf:53:1b:72:9b:c6:d7:38:b9:
02:f8:b5:92:cc:77:1b:5f:f5:f2:36:da:77:04:b6:
a5:0e:a6:71:46:89:6f:0b:10:4c:44:bd:02:79:dc:
2b:8f:ab:fb:f2:4b:ec:e8:cd:97:bb:fa:81:33:ab:
1f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:6A:84:7C:88:6A:41:5C:DE:C5:C4:A3:54:1C:75:6E:AD:BC:E2:21
X509v3 Authority Key Identifier:
keyid:CD:3D:F5:3A:A0:E9:A3:98:59:5E:95:70:15:15:5B:CC:AC:56:8D:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EBB2/F37F246E329511EF9A482F55C4F9AE02/zT31OqDpo5hZXpVwFRVbzKxWjRU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zT31OqDpo5hZXpVwFRVbzKxWjRU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EBB2/F37F246E329511EF9A482F55C4F9AE02/F7EF268E397011EF954B1B39C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
183.90.185.0/24
202.36.160.0/23
IPv6:
2401:ada0::/32
Signature Algorithm: sha256WithRSAEncryption
79:45:60:03:46:27:af:c6:d7:5e:5b:27:be:54:aa:57:00:54:
d6:79:94:2e:5f:b1:ff:05:42:8a:fc:cc:20:41:d0:4e:97:f7:
65:58:08:a4:6f:90:64:91:f2:1a:99:4e:e5:48:99:5a:f8:9a:
52:73:ae:74:8f:60:08:e4:c7:6a:e4:2c:53:34:f5:ba:03:be:
37:ae:05:0d:3b:b3:15:06:67:52:19:88:7b:4f:c8:27:ea:0e:
62:c5:d6:11:01:68:e4:a9:c2:26:64:40:5a:b7:b7:94:3e:09:
06:0f:27:fb:70:b0:38:ac:c8:50:45:3e:1a:b2:9c:42:05:c6:
bc:bf:69:73:db:b2:fd:55:b9:70:4d:be:2b:ad:08:f3:3d:2e:
3a:1e:d7:02:c8:31:44:09:2e:66:d8:1d:65:ee:74:eb:e3:7b:
b6:dc:72:f2:99:59:08:c5:cb:85:ba:89:b2:2b:c6:db:c2:03:
02:af:ab:18:4f:0e:f9:30:30:44:f5:c5:25:2b:eb:06:3e:12:
10:d6:ec:3b:78:37:a1:9e:ce:0d:f6:45:fa:ed:45:01:1b:c7:
4c:10:68:04:cc:10:90:c5:a8:be:61:a6:6b:e0:96:c9:a0:04:
ff:92:ce:ee:0b:ee:6c:45:0b:b8:4f:37:fd:de:3a:63:e1:d6:
26:d9:c6:e6
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIBfTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
RUJCMjExMC8GA1UEBRMoQ0QzREY1M0FBMEU5QTM5ODU5NUU5NTcwMTUxNTVCQ0NB
QzU2OEQxNTAeFw0yNTAxMjQxMzUyMzlaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3OTM5YjI3LWMwNjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCw/kksoT/8po4FlXq/JFBampBPv0hdABuOEAp0ck5UmV4DMB6ZjWokqf5Uz2J
lJJ9EtoGUv+DZhQrZeAdarOUEY3+yw0IcJTJnPwCZ9vnElSTInC4CmfjPvSHLqyt
mu+Xvl+8xbGQKdAnRMOK+MMYnc8E7LtU3AN2dag/uCZpIWV2zu44wpwcRGZM7p4/
yFT7EWIeImOtTW07NQ2eaAE90JDhBzNJLVVApaN6CHA/To+Z1iB9DExbvaRFTSDS
ezKEus8Z0ZTaK79TG3Kbxtc4uQL4tZLMdxtf9fI22ncEtqUOpnFGiW8LEExEvQJ5
3CuPq/vyS+zozZe7+oEzqx8rAgMBAAGjggKqMIICpjAdBgNVHQ4EFgQU8mqEfIhq
QVzexcSjVBx1bq284iEwHwYDVR0jBBgwFoAUzT31OqDpo5hZXpVwFRVbzKxWjRUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRFQkIyL0YzN0YyNDZFMzI5
NTExRUY5QTQ4MkY1NUM0RjlBRTAyL3pUMzFPcURwbzVoWlhwVndGUlZiekt4V2pS
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvelQzMU9xRHBvNWhaWHBWd0ZSVmJ6S3hXalJVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
RUJCMi9GMzdGMjQ2RTMyOTUxMUVGOUE0ODJGNTVDNEY5QUUwMi9GN0VGMjY4RTM5
NzAxMUVGOTU0QjFCMzlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA0BggrBgEFBQcBBwEB/wQl
MCMwEgQCAAEwDAMEALdauQMEAcokoDANBAIAAjAHAwUAJAGtoDANBgkqhkiG9w0B
AQsFAAOCAQEAeUVgA0Ynr8bXXlsnvlSqVwBU1nmULl+x/wVCivzMIEHQTpf3ZVgI
pG+QZJHyGplO5UiZWviaUnOudI9gCOTHauQsUzT1ugO+N64FDTuzFQZnUhmIe0/I
J+oOYsXWEQFo5KnCJmRAWre3lD4JBg8n+3CwOKzIUEU+GrKcQgXGvL9pc9uy/VW5
cE2+K60I8z0uOh7XAsgxRAkuZtgdZe506+N7ttxy8plZCMXLhbqJsivG28IDAq+r
GE8O+TAwRPXFJSvrBj4SENbsO3g3oZ7ODfZF+u1FARvHTBBoBMwQkMWovmGma+CW
yaAE/5LO7gvubEULuE83/d46Y+HWJtnG5g==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:20:48 2025 by rpki-client