Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/C61D8A7CF97A11EFA49F1830C4F9AE02.roa
File: C61D8A7CF97A11EFA49F1830C4F9AE02.roa (raw, json)
Hash identifier: nuITOYdIhOArGSoGSt5j2KXEgn3a91gHsJvT7gl/ffo=
Subject key identifier: 26:34:85:3E:B3:93:E3:8F:09:08:DD:1F:C3:A9:55:AA:E1:B7:9D:4B
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0CDC
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/C61D8A7CF97A11EFA49F1830C4F9AE02.roa
Signing time: Tue 11 Mar 2025 06:48:41 +0000
ROA not before: Tue 11 Mar 2025 06:48:41 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 45814
IP address blocks: 14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.130.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.132.0/24 maxlen: 24
14.192.133.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.139.0/24 maxlen: 24
14.192.140.0/24 maxlen: 24
14.192.141.0/24 maxlen: 24
14.192.142.0/24 maxlen: 24
14.192.143.0/24 maxlen: 24
14.192.145.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.148.0/24 maxlen: 24
14.192.149.0/24 maxlen: 24
14.192.150.0/24 maxlen: 24
14.192.151.0/24 maxlen: 24
14.192.153.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
14.192.156.0/24 maxlen: 24
14.192.157.0/24 maxlen: 24
14.192.158.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.132.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
111.92.131.0/24 maxlen: 24
111.92.132.0/24 maxlen: 24
111.92.133.0/24 maxlen: 24
111.92.134.0/24 maxlen: 24
111.92.136.0/24 maxlen: 24
111.92.137.0/24 maxlen: 24
111.92.138.0/24 maxlen: 24
111.92.139.0/24 maxlen: 24
111.92.141.0/24 maxlen: 24
111.92.142.0/24 maxlen: 24
111.92.143.0/24 maxlen: 24
111.92.144.0/24 maxlen: 24
111.92.145.0/24 maxlen: 24
111.92.146.0/24 maxlen: 24
111.92.147.0/24 maxlen: 24
111.92.148.0/24 maxlen: 24
111.92.149.0/24 maxlen: 24
111.92.150.0/24 maxlen: 24
111.92.151.0/24 maxlen: 24
2403:7980::/32 maxlen: 32
2403:7980::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3292 (0xcdc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Mar 11 06:48:41 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67cfdcc8-93e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:a4:e6:30:47:7c:b1:a5:97:f7:9f:fe:97:69:
3e:b6:e5:99:97:b5:08:9c:d1:42:7e:53:70:19:98:
4d:70:79:b5:2a:05:95:27:68:39:23:5b:0f:c7:bc:
95:7e:7b:6b:c4:bf:ac:18:9f:99:a5:f8:5e:bd:37:
63:82:21:c6:a7:84:12:96:06:14:1c:59:52:b6:15:
72:80:24:6b:66:a9:1a:7c:0f:15:23:d3:8c:a5:d5:
02:7c:db:8a:57:72:93:84:fd:e1:e7:1f:9e:5a:df:
86:1a:b2:40:f5:26:62:a6:51:4e:68:05:92:92:46:
6d:f5:07:b4:ab:d0:26:9c:7a:40:1d:83:33:f3:38:
5b:60:8d:52:d6:f8:d6:2f:e7:c2:01:ec:90:a0:8d:
48:9d:40:4d:1d:c2:2e:40:99:2e:42:31:60:6b:b9:
25:50:be:f9:3f:24:cf:12:f9:3d:78:f6:a8:3f:a0:
db:0c:c3:4f:57:35:ed:de:2a:a4:c6:34:71:7c:fa:
54:a3:e1:96:9c:e1:ae:a8:bf:3d:c2:bc:a8:0b:af:
28:34:d1:70:b6:d7:dd:4a:a4:1a:9a:83:1d:6c:25:
aa:b1:cc:0f:ae:f1:2c:9c:a8:c4:15:7f:da:13:1f:
87:ae:ee:1d:84:04:37:94:e1:49:b8:d9:e1:83:2d:
10:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:34:85:3E:B3:93:E3:8F:09:08:DD:1F:C3:A9:55:AA:E1:B7:9D:4B
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/C61D8A7CF97A11EFA49F1830C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0-14.192.133.255
14.192.136.0/24
14.192.139.0-14.192.143.255
14.192.145.0/24
14.192.147.0-14.192.151.255
14.192.153.0/24
14.192.155.0-14.192.159.255
43.247.120.0/22
103.20.132.0/22
111.92.131.0-111.92.134.255
111.92.136.0/22
111.92.141.0-111.92.151.255
IPv6:
2403:7980::/32
Signature Algorithm: sha256WithRSAEncryption
19:d6:18:38:90:db:e0:5e:aa:96:22:12:a3:9c:7d:97:73:c1:
73:96:d8:72:50:35:00:df:27:e9:95:88:cd:9e:5c:a3:f7:b1:
04:fa:9b:cd:0f:01:e7:f4:64:53:3a:c0:86:e8:b9:b2:d2:af:
6f:fb:2c:2c:7a:2b:b0:98:85:2b:61:aa:aa:0c:a1:e7:df:4e:
5c:09:bf:17:71:ef:28:00:bc:99:55:30:b2:61:a9:d4:58:1b:
0f:c4:bc:fb:9a:fc:3a:86:67:19:d2:7c:10:88:b0:14:76:ed:
f7:34:91:86:9c:fd:ff:64:7a:79:d4:3a:4c:7c:24:8b:f1:6f:
67:89:b8:88:03:f1:0e:68:fb:13:ee:bb:dd:05:73:64:c4:64:
10:e5:2d:ae:80:82:f2:60:2b:4f:c0:a3:88:28:d3:11:9a:d0:
20:48:57:87:2f:a7:30:d5:d4:b7:1d:ca:7f:f5:ac:39:36:fb:
16:d8:6b:73:32:da:d0:65:a6:0b:11:18:74:12:4a:c1:ab:b5:
9a:0c:a6:61:ae:4a:26:4f:d3:19:4e:b4:e6:f8:98:54:32:30:
32:30:43:17:5b:c8:c0:eb:3a:56:7c:b3:c1:85:7a:ab:2e:d2:
33:80:c1:b9:e2:1f:2b:34:4d:cd:c1:98:19:74:ce:bd:3c:41:
48:9e:d1:80
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgICDNwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwMzExMDY0ODQxWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NmZGNjOC05M2U5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7qTmMEd8saWX95/+l2k+tuWZl7UInNFCflNwGZhNcHm1KgWVJ2g5I1sPx7yV
fntrxL+sGJ+ZpfhevTdjgiHGp4QSlgYUHFlSthVygCRrZqkafA8VI9OMpdUCfNuK
V3KThP3h5x+eWt+GGrJA9SZiplFOaAWSkkZt9Qe0q9AmnHpAHYMz8zhbYI1S1vjW
L+fCAeyQoI1InUBNHcIuQJkuQjFga7klUL75PyTPEvk9ePaoP6DbDMNPVzXt3iqk
xjRxfPpUo+GWnOGuqL89wryoC68oNNFwttfdSqQamoMdbCWqscwPrvEsnKjEFX/a
Ex+Hru4dhAQ3lOFJuNnhgy0QzwIDAQABo4IDGTCCAxUwHQYDVR0OBBYEFCY0hT6z
k+OPCQjdH8OpVarht51LMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvQzYxRDhBN0NG
OTdBMTFFRkE0OUYxODMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaIGCCsGAQUFBwEHAQH/
BIGSMIGPMH4EAgABMHgwDAMEBw7AgAMEAQ7AhAMEAA7AiDAMAwQADsCLAwQEDsCA
AwQADsCRMAwDBAAOwJMDBAMOwJADBAAOwJkwDAMEAA7AmwMEBQ7AgAMEAiv3eAME
AmcUhDAMAwQAb1yDAwQAb1yGAwQCb1yIMAwDBABvXI0DBANvXJAwDQQCAAIwBwMF
ACQDeYAwDQYJKoZIhvcNAQELBQADggEBABnWGDiQ2+BeqpYiEqOcfZdzwXOW2HJQ
NQDfJ+mViM2eXKP3sQT6m80PAef0ZFM6wIboubLSr2/7LCx6K7CYhSthqqoMoeff
TlwJvxdx7ygAvJlVMLJhqdRYGw/EvPua/DqGZxnSfBCIsBR27fc0kYac/f9kennU
Okx8JIvxb2eJuIgD8Q5o+xPuu90Fc2TEZBDlLa6AgvJgK0/Ao4go0xGa0CBIV4cv
pzDV1Lcdyn/1rDk2+xbYa3My2tBlpgsRGHQSSsGrtZoMpmGuSiZP0xlOtOb4mFQy
MDIwQxdbyMDrOlZ8s8GFeqsu0jOAwbniHys0Tc3BmBl0zr08QUie0YA=
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:32:36 2025 by rpki-client