Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/CB67A9DC8D1311EF9895E61CC4F9AE02.roa
File: CB67A9DC8D1311EF9895E61CC4F9AE02.roa (raw, json)
Hash identifier: 0870kwth+ehjE1/zDBzvVMJBFxK3G1/4oTcvNvPtUE0=
Subject key identifier: D2:07:EB:47:22:26:32:9D:93:99:A7:27:37:02:ED:A9:DD:ED:88:E4
Certificate issuer: /CN=A9158E3F/serialNumber=7E313AB7FF26E783E03C07851612751881AE4918
Certificate serial: 0BB8
Authority key identifier: 7E:31:3A:B7:FF:26:E7:83:E0:3C:07:85:16:12:75:18:81:AE:49:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjE6t_8m54PgPAeFFhJ1GIGuSRg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/CB67A9DC8D1311EF9895E61CC4F9AE02.roa
Signing time: Fri 20 Dec 2024 01:19:37 +0000
ROA not before: Fri 20 Dec 2024 01:19:37 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 15830
IP address blocks: 27.111.128.0/22 maxlen: 22
36.255.39.0/24 maxlen: 24
103.8.176.0/22 maxlen: 22
103.8.180.0/22 maxlen: 22
103.8.180.0/24 maxlen: 24
103.8.182.0/23 maxlen: 23
119.27.0.0/19 maxlen: 19
119.27.32.0/20 maxlen: 20
119.27.50.0/23 maxlen: 23
119.27.52.0/22 maxlen: 22
119.27.56.0/22 maxlen: 22
119.27.60.0/23 maxlen: 23
122.50.64.0/19 maxlen: 19
122.50.104.0/21 maxlen: 21
122.50.112.0/22 maxlen: 22
122.50.120.0/21 maxlen: 21
180.189.0.0/20 maxlen: 20
180.189.0.0/21 maxlen: 21
180.189.8.0/21 maxlen: 21
180.189.8.0/22 maxlen: 22
180.189.13.0/24 maxlen: 24
180.189.14.0/23 maxlen: 23
180.189.32.0/20 maxlen: 20
180.189.48.0/22 maxlen: 22
180.189.56.0/21 maxlen: 21
183.177.0.0/20 maxlen: 20
183.177.16.0/20 maxlen: 20
183.177.32.0/20 maxlen: 20
202.167.224.0/23 maxlen: 23
202.167.227.0/24 maxlen: 24
202.167.230.0/23 maxlen: 23
202.167.232.0/24 maxlen: 24
202.167.234.0/23 maxlen: 23
202.167.236.0/22 maxlen: 22
202.167.240.0/22 maxlen: 22
202.167.244.0/22 maxlen: 22
202.167.248.0/23 maxlen: 23
202.167.252.0/23 maxlen: 23
202.167.254.0/24 maxlen: 24
202.167.255.0/24 maxlen: 24
202.177.192.0/24 maxlen: 24
202.177.193.0/24 maxlen: 24
202.177.195.0/24 maxlen: 24
202.177.196.0/23 maxlen: 23
202.177.198.0/24 maxlen: 24
202.177.199.0/24 maxlen: 24
202.177.200.0/23 maxlen: 23
202.177.202.0/23 maxlen: 23
202.177.204.0/23 maxlen: 23
202.177.207.0/24 maxlen: 24
203.190.224.0/23 maxlen: 23
203.190.232.0/22 maxlen: 22
203.190.232.0/24 maxlen: 24
203.190.236.0/22 maxlen: 22
2407:b000::/32 maxlen: 32
2407:b001::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3000 (0xbb8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158E3F
Validity
Not Before: Dec 20 01:19:37 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=6764c629-341c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:6b:2a:be:02:16:a1:56:28:d7:6b:fc:eb:b5:
13:32:57:17:0a:4e:9b:1b:53:fa:c1:b5:a3:78:7a:
c7:d0:4a:42:aa:23:e5:68:1d:a4:f4:50:3f:f3:45:
65:a7:da:bb:67:26:9f:ba:ed:71:0a:55:96:90:94:
07:62:d4:2a:ab:c9:0e:fa:5b:da:02:ed:9d:e9:ca:
90:45:b6:72:65:f9:02:0a:5f:9b:8e:00:b1:0c:ca:
8a:53:c4:40:f6:ee:75:ee:70:71:13:08:c3:f7:90:
6b:01:dd:af:07:4b:48:cf:7f:93:1b:fb:2f:d4:fb:
4f:16:00:28:f8:eb:f9:c8:58:5b:da:9d:38:ab:81:
80:fb:3a:64:c2:9d:85:a7:81:f1:e5:12:c3:ec:fa:
8d:1b:ec:11:ad:8e:4d:6b:2e:2c:b6:87:4e:0c:d7:
1e:31:1c:d8:2d:2a:ad:43:27:2e:ac:75:83:66:c3:
da:07:b5:ef:cc:6f:b5:29:b1:a9:65:f7:3a:f1:a6:
7b:29:7f:1b:32:7f:a9:53:e6:9f:76:81:f2:44:cc:
eb:1a:c5:59:2c:0e:59:9a:16:6c:71:55:fb:8b:3b:
70:a1:6e:ac:8f:fd:f1:c8:d9:00:7d:64:d1:4e:73:
37:a3:6b:5f:af:e1:f1:fb:f0:86:dd:92:29:07:2e:
b4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:07:EB:47:22:26:32:9D:93:99:A7:27:37:02:ED:A9:DD:ED:88:E4
X509v3 Authority Key Identifier:
keyid:7E:31:3A:B7:FF:26:E7:83:E0:3C:07:85:16:12:75:18:81:AE:49:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/fjE6t_8m54PgPAeFFhJ1GIGuSRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjE6t_8m54PgPAeFFhJ1GIGuSRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/CB67A9DC8D1311EF9895E61CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.111.128.0/22
36.255.39.0/24
103.8.176.0/21
119.27.0.0-119.27.47.255
119.27.50.0-119.27.61.255
122.50.64.0/19
122.50.104.0-122.50.115.255
122.50.120.0/21
180.189.0.0/20
180.189.32.0-180.189.51.255
180.189.56.0/21
183.177.0.0-183.177.47.255
202.167.224.0/23
202.167.227.0/24
202.167.230.0-202.167.232.255
202.167.234.0-202.167.249.255
202.167.252.0/22
202.177.192.0/23
202.177.195.0-202.177.205.255
202.177.207.0/24
203.190.224.0/23
203.190.232.0/21
IPv6:
2407:b000::/31
Signature Algorithm: sha256WithRSAEncryption
ae:63:ed:75:ec:e7:16:05:11:ed:5d:bf:60:4a:70:15:17:7b:
8f:0b:f2:11:c9:a5:58:bf:3b:3d:ec:a1:61:50:fe:42:74:b7:
0e:62:08:c7:24:66:91:a7:48:35:a4:4f:cc:20:5d:6d:df:77:
9c:71:45:8a:e1:29:06:d3:e1:47:07:2f:10:02:79:24:14:89:
96:77:47:31:51:5a:0f:d3:ba:6a:b5:72:71:60:b9:37:e5:29:
b7:17:c8:3b:c0:c9:cc:68:74:22:7f:b8:d3:47:21:a7:ef:ca:
1f:3c:d8:b9:da:71:96:fc:d3:c6:90:dc:e2:a7:f5:d4:20:e4:
f9:89:4d:09:8d:a8:1d:d7:a5:48:bb:52:25:b6:5f:7c:1b:7c:
8f:2b:21:7b:f0:c4:ea:0c:b4:49:16:89:c6:d2:13:3c:e1:a4:
b5:d7:be:1e:ec:04:ff:ca:96:e1:14:ab:3b:0e:7f:d4:4c:ad:
70:21:f6:89:b9:7a:00:ef:ff:b9:90:f6:2c:64:b9:c3:a1:10:
09:ec:48:87:09:02:a9:f7:a3:d4:16:ac:ce:ad:7a:61:4d:df:
34:d0:4f:20:f9:a8:88:5a:7f:44:26:8d:db:e5:09:28:e4:43:
73:20:d9:a2:b4:9f:92:14:3d:32:61:de:01:dc:bc:1d:cf:61:
d9:d5:15:43
-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgICC7gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NThFM0YxMTAvBgNVBAUTKDdFMzEzQUI3RkYyNkU3ODNFMDNDMDc4NTE2MTI3NTE4
ODFBRTQ5MTgwHhcNMjQxMjIwMDExOTM3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY0YzYyOS0zNDFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9GsqvgIWoVYo12v867UTMlcXCk6bG1P6wbWjeHrH0EpCqiPlaB2k9FA/80Vl
p9q7Zyafuu1xClWWkJQHYtQqq8kO+lvaAu2d6cqQRbZyZfkCCl+bjgCxDMqKU8RA
9u517nBxEwjD95BrAd2vB0tIz3+TG/sv1PtPFgAo+Ov5yFhb2p04q4GA+zpkwp2F
p4Hx5RLD7PqNG+wRrY5Nay4stodODNceMRzYLSqtQycurHWDZsPaB7XvzG+1KbGp
Zfc68aZ7KX8bMn+pU+afdoHyRMzrGsVZLA5ZmhZscVX7iztwoW6sj/3xyNkAfWTR
TnM3o2tfr+Hx+/CG3ZIpBy60ZwIDAQABo4IDZTCCA2EwHQYDVR0OBBYEFNIH60ci
JjKdk5mnJzcC7and7YjkMB8GA1UdIwQYMBaAFH4xOrf/JueD4DwHhRYSdRiBrkkY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OEUzRi9DMjQzMjJCQTU0
NDYxMUVBOEMwNTY1MURDNEY5QUUwMi9makU2dF84bTU0UGdQQWVGRmhKMUdJR3VT
UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZqRTZ0XzhtNTRQZ1BBZUZGaEoxR0lHdVNSZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NThFM0YvQzI0MzIyQkE1NDQ2MTFFQThDMDU2NTFEQzRGOUFFMDIvQ0I2N0E5REM4
RDEzMTFFRjk4OTVFNjFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwge4GCCsGAQUFBwEHAQH/
BIHeMIHbMIHJBAIAATCBwgMEAhtvgAMEACT/JwMEA2cIsDALAwMAdxsDBAR3GyAw
DAMEAXcbMgMEAXcbPAMEBXoyQDAMAwQDejJoAwQCejJwAwQDejJ4AwQEtL0AMAwD
BAW0vSADBAK0vTADBAO0vTgwCwMDALexAwQEt7EgAwQByqfgAwQAyqfjMAwDBAHK
p+YDBADKp+gwDAMEAcqn6gMEAcqn+AMEAsqn/AMEAcqxwDAMAwQAyrHDAwQByrHM
AwQAyrHPAwQBy77gAwQDy77oMA0EAgACMAcDBQEkB7AAMA0GCSqGSIb3DQEBCwUA
A4IBAQCuY+117OcWBRHtXb9gSnAVF3uPC/IRyaVYvzs97KFhUP5CdLcOYgjHJGaR
p0g1pE/MIF1t33eccUWK4SkG0+FHBy8QAnkkFImWd0cxUVoP07pqtXJxYLk35Sm3
F8g7wMnMaHQif7jTRyGn78ofPNi52nGW/NPGkNzip/XUIOT5iU0Jjagd16VIu1Il
tl98G3yPKyF78MTqDLRJFonG0hM84aS1174e7AT/ypbhFKs7Dn/UTK1wIfaJuXoA
7/+5kPYsZLnDoRAJ7EiHCQKp96PUFqzOrXphTd800E8g+aiIWn9EJo3b5Qko5ENz
INmitJ+SFD0yYd4B3Lwdz2HZ1RVD
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:05:06 2025 by rpki-client