Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158635/A9977956CFB011EAA86BEC27C4F9AE02/EB96EEB2CFB111EA8E6F7029C4F9AE02.roa
File: EB96EEB2CFB111EA8E6F7029C4F9AE02.roa (raw, json)
Hash identifier: Mx6TdeWb7xQYRiw4RSx4+mjl75r/TBUYOnLqpN3UBjM=
Subject key identifier: F3:C8:FB:FA:FF:64:B8:74:40:B0:91:AD:8E:28:17:86:B7:91:B8:72
Certificate issuer: /CN=A9158635/serialNumber=18519E2BC4A64F7BD589CD963DF074B1A3305DF5
Certificate serial: 0812
Authority key identifier: 18:51:9E:2B:C4:A6:4F:7B:D5:89:CD:96:3D:F0:74:B1:A3:30:5D:F5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GFGeK8SmT3vVic2WPfB0saMwXfU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158635/A9977956CFB011EAA86BEC27C4F9AE02/EB96EEB2CFB111EA8E6F7029C4F9AE02.roa
Signing time: Mon 10 Mar 2025 21:11:45 +0000
ROA not before: Mon 10 Mar 2025 21:11:45 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 135415
IP address blocks: 203.21.200.0/24 maxlen: 24
203.21.201.0/24 maxlen: 24
203.21.202.0/24 maxlen: 24
203.21.203.0/24 maxlen: 24
2404:6080::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2066 (0x812)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158635
Validity
Not Before: Mar 10 21:11:45 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67cf5591-67f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e2:25:5b:24:07:ff:60:46:16:a3:e8:3c:35:
a1:b6:68:81:75:d0:d6:40:8e:ee:72:2a:4f:22:82:
94:13:97:fb:02:9a:26:29:3b:79:21:b7:31:4c:b6:
7a:ac:7c:50:98:1c:aa:ba:aa:33:ae:90:ff:23:23:
08:1f:37:f2:55:35:98:4d:26:34:61:92:74:78:9e:
2a:77:a5:b7:3b:f4:b6:13:b9:bc:d8:45:a2:3b:a3:
fa:3b:64:eb:b5:54:9a:25:00:62:c6:0f:09:bc:a7:
a5:4a:b1:05:f3:dd:34:63:2e:be:35:a0:d6:26:21:
59:84:28:df:4f:3e:71:4e:35:53:0c:3e:9f:a9:af:
17:90:9b:e3:63:9b:6f:ae:eb:8f:a2:6e:40:72:fd:
c8:c1:5d:73:46:e2:1e:48:f5:f7:6c:88:04:41:09:
ae:f9:a7:6a:26:a9:31:a5:d2:51:c6:cb:cc:9b:08:
1a:f9:d8:3c:10:82:72:79:e3:7c:c9:c7:9c:c0:ac:
cf:81:eb:20:6e:e5:e4:6a:da:05:a4:94:40:51:a0:
22:09:d0:e7:9b:2e:57:1d:11:b1:f4:cb:30:52:26:
c1:d0:16:cf:58:f4:b1:b3:9e:fa:4e:33:dc:f4:c6:
ae:8c:72:53:8d:80:59:e8:4e:37:19:a1:51:5f:8b:
b3:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:C8:FB:FA:FF:64:B8:74:40:B0:91:AD:8E:28:17:86:B7:91:B8:72
X509v3 Authority Key Identifier:
keyid:18:51:9E:2B:C4:A6:4F:7B:D5:89:CD:96:3D:F0:74:B1:A3:30:5D:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158635/A9977956CFB011EAA86BEC27C4F9AE02/GFGeK8SmT3vVic2WPfB0saMwXfU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GFGeK8SmT3vVic2WPfB0saMwXfU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158635/A9977956CFB011EAA86BEC27C4F9AE02/EB96EEB2CFB111EA8E6F7029C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.21.200.0/22
IPv6:
2404:6080::/32
Signature Algorithm: sha256WithRSAEncryption
9d:06:92:fe:f5:cd:8b:3c:6c:7d:95:3f:2f:8d:2f:ee:59:88:
b7:b6:2b:b0:31:d9:ad:29:9d:3b:8f:e7:63:0c:d9:96:5b:f8:
de:15:d0:3b:12:84:de:2f:57:a7:e8:2b:5b:25:88:2c:7b:c5:
5d:c0:99:e0:c7:85:3f:bb:ef:e5:64:2f:af:83:a1:05:08:04:
bd:ba:0c:6a:e4:c4:31:3b:b8:11:e5:a6:21:ed:88:d3:31:20:
a7:fc:1e:dd:37:94:8a:74:b6:41:3b:a0:f7:cc:67:9b:ef:eb:
53:84:3e:c0:66:e6:0d:17:9e:5c:dc:79:fd:46:70:75:b2:b8:
fa:08:aa:c0:80:af:f9:b2:57:ed:b4:36:7e:50:71:01:d9:d0:
34:92:af:8e:15:f2:b4:15:a2:5d:92:23:26:05:34:fd:6c:90:
88:17:44:74:19:c2:9a:ef:6a:3d:63:85:c7:d9:36:b8:7d:98:
ee:45:9c:cb:92:b8:3d:36:10:1f:4d:94:e7:24:77:5b:c3:43:
f5:8e:e0:bf:2a:27:27:5c:c6:77:f0:d3:fa:41:e2:12:22:b7:
83:71:58:50:fc:c4:f4:e9:c6:87:b9:73:aa:eb:67:7f:69:95:
2e:bc:7a:0c:fb:d9:6b:22:a3:a9:10:69:23:ab:e1:7a:7f:b7:
35:ca:99:40
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCBIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTg2MzUxMTAvBgNVBAUTKDE4NTE5RTJCQzRBNjRGN0JENTg5Q0Q5NjNERjA3NEIx
QTMzMDVERjUwHhcNMjUwMzEwMjExMTQ1WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NmNTU5MS02N2Y1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzeIlWyQH/2BGFqPoPDWhtmiBddDWQI7ucipPIoKUE5f7ApomKTt5IbcxTLZ6
rHxQmByquqozrpD/IyMIHzfyVTWYTSY0YZJ0eJ4qd6W3O/S2E7m82EWiO6P6O2Tr
tVSaJQBixg8JvKelSrEF8900Yy6+NaDWJiFZhCjfTz5xTjVTDD6fqa8XkJvjY5tv
ruuPom5Acv3IwV1zRuIeSPX3bIgEQQmu+adqJqkxpdJRxsvMmwga+dg8EIJyeeN8
ycecwKzPgesgbuXkatoFpJRAUaAiCdDnmy5XHRGx9MswUibB0BbPWPSxs576TjPc
9MaujHJTjYBZ6E43GaFRX4uzywIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFPPI+/r/
ZLh0QLCRrY4oF4a3kbhyMB8GA1UdIwQYMBaAFBhRnivEpk971YnNlj3wdLGjMF31
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODYzNS9BOTk3Nzk1NkNG
QjAxMUVBQTg2QkVDMjdDNEY5QUUwMi9HRkdlSzhTbVQzdlZpYzJXUGZCMHNhTXdY
ZlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dGR2VLOFNtVDN2VmljMldQZkIwc2FNd1hmVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTg2MzUvQTk5Nzc5NTZDRkIwMTFFQUE4NkJFQzI3QzRGOUFFMDIvRUI5NkVFQjJD
RkIxMTFFQThFNkY3MDI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBALLFcgwDQQCAAIwBwMFACQEYIAwDQYJKoZIhvcNAQELBQAD
ggEBAJ0Gkv71zYs8bH2VPy+NL+5ZiLe2K7Ax2a0pnTuP52MM2ZZb+N4V0DsShN4v
V6foK1sliCx7xV3AmeDHhT+77+VkL6+DoQUIBL26DGrkxDE7uBHlpiHtiNMxIKf8
Ht03lIp0tkE7oPfMZ5vv61OEPsBm5g0Xnlzcef1GcHWyuPoIqsCAr/myV+20Nn5Q
cQHZ0DSSr44V8rQVol2SIyYFNP1skIgXRHQZwprvaj1jhcfZNrh9mO5FnMuSuD02
EB9NlOckd1vDQ/WO4L8qJydcxnfw0/pB4hIit4NxWFD8xPTpxoe5c6rrZ39plS68
egz72Wsio6kQaSOr4Xp/tzXKmUA=
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:37:02 2025 by rpki-client