Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A9FD/A95618B6137711EBA4436F30C4F9AE02/FEA470A4137911EBA3A5F233C4F9AE02.roa
File: FEA470A4137911EBA3A5F233C4F9AE02.roa (raw, json)
Hash identifier: QjiKcxVrNmXXSljrmXhzSyRwgcgVY4JB5CT1DEPPeEk=
Subject key identifier: B9:FF:22:40:6B:D6:2E:37:85:07:2B:29:89:AA:9F:3C:A8:51:D9:40
Certificate issuer: /CN=A915A9FD/serialNumber=CC6AF20750F8DE39FB75C0A1D0A441997CAD37B8
Certificate serial: 0756
Authority key identifier: CC:6A:F2:07:50:F8:DE:39:FB:75:C0:A1:D0:A4:41:99:7C:AD:37:B8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zGryB1D43jn7dcCh0KRBmXytN7g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A9FD/A95618B6137711EBA4436F30C4F9AE02/FEA470A4137911EBA3A5F233C4F9AE02.roa
Signing time: Tue 04 Mar 2025 22:49:56 +0000
ROA not before: Tue 04 Mar 2025 22:49:56 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 131583
IP address blocks: 202.174.160.0/20 maxlen: 20
202.174.160.0/24 maxlen: 24
202.174.161.0/24 maxlen: 24
202.174.162.0/24 maxlen: 24
202.174.163.0/24 maxlen: 24
202.174.164.0/24 maxlen: 24
202.174.165.0/24 maxlen: 24
202.174.166.0/24 maxlen: 24
202.174.167.0/24 maxlen: 24
202.174.168.0/24 maxlen: 24
202.174.169.0/24 maxlen: 24
202.174.170.0/24 maxlen: 24
202.174.171.0/24 maxlen: 24
202.174.172.0/24 maxlen: 24
202.174.173.0/24 maxlen: 24
202.174.174.0/24 maxlen: 24
202.174.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1878 (0x756)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A9FD
Validity
Not Before: Mar 4 22:49:56 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67c78394-8488
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:14:ed:16:74:1c:22:3b:08:90:77:a7:44:af:
36:f4:eb:50:f4:ed:63:23:88:6d:b2:94:4b:21:02:
d5:11:69:04:02:81:9b:9b:65:1a:65:11:1d:c0:1e:
36:55:4d:a3:33:e3:72:bb:6f:54:11:98:3c:d6:0a:
26:55:0c:f5:75:16:91:6f:f7:e0:70:06:2c:4c:c1:
93:0f:e3:e6:8e:c1:8f:23:37:bd:85:01:38:74:30:
45:6d:60:08:01:92:05:79:5c:3b:33:a4:05:50:f5:
0a:88:a6:2a:0d:98:10:7a:2d:eb:bd:1d:51:a1:62:
c6:bf:ca:d2:a7:22:cb:95:d0:5c:34:c9:31:0a:e6:
39:ad:68:3b:a8:6c:19:ff:de:68:8c:b8:81:e6:c8:
db:1b:0f:9b:b8:c9:dd:a6:fd:7f:6a:6a:8f:0a:20:
59:8d:d8:8d:a7:1f:44:c2:32:48:82:ba:0b:22:64:
af:2b:43:bc:ce:ba:25:60:e0:99:4f:a2:0b:8b:95:
a2:03:6c:61:99:70:00:f1:9d:89:3e:4a:6e:e0:76:
44:64:0f:14:a4:89:a4:ac:6d:17:56:46:b8:7b:ba:
38:1a:99:45:eb:0d:55:bf:06:09:33:0c:82:b7:59:
41:80:9a:fb:24:e5:15:69:e8:3d:0f:ea:c8:4a:87:
b2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:FF:22:40:6B:D6:2E:37:85:07:2B:29:89:AA:9F:3C:A8:51:D9:40
X509v3 Authority Key Identifier:
keyid:CC:6A:F2:07:50:F8:DE:39:FB:75:C0:A1:D0:A4:41:99:7C:AD:37:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A9FD/A95618B6137711EBA4436F30C4F9AE02/zGryB1D43jn7dcCh0KRBmXytN7g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zGryB1D43jn7dcCh0KRBmXytN7g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A9FD/A95618B6137711EBA4436F30C4F9AE02/FEA470A4137911EBA3A5F233C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.174.160.0/20
Signature Algorithm: sha256WithRSAEncryption
2c:93:fb:dc:df:4d:be:27:19:d1:40:04:ef:7d:b7:fc:a2:8c:
46:69:66:61:a1:63:31:a9:f8:ae:00:d0:d1:24:b1:17:75:be:
e1:3a:ac:7b:10:2b:b6:ba:a9:49:14:d6:c7:85:6d:91:a0:27:
06:b0:50:c8:64:c9:e5:1d:48:ef:e9:9c:8b:7a:09:b8:53:6f:
42:6e:58:6c:e5:38:5e:53:81:94:d4:a7:4d:a9:74:9e:84:7c:
a4:4c:b6:17:d9:a6:3e:61:15:13:b4:6c:2d:31:f5:a9:7c:bd:
30:2a:d0:98:41:8c:2e:2a:b4:09:7d:2f:6d:29:3a:c0:01:73:
87:cf:48:dc:62:5b:56:44:79:c9:06:1f:88:d0:dd:d8:fe:f6:
da:3f:02:95:0d:4f:d6:a9:7c:50:c6:cd:41:c2:57:54:11:d9:
f4:8e:ff:78:8d:00:8e:32:df:08:07:87:3c:69:29:38:0c:21:
ec:fd:5f:66:45:f2:64:e6:25:18:4d:5a:1c:6e:d0:c8:33:23:
dd:93:37:eb:1d:3d:d9:b9:36:59:49:5b:0e:b8:93:b0:f5:5e:
d6:c7:d8:a2:d8:62:3a:eb:6e:a9:a6:bf:a5:c1:db:dc:1b:79:
85:de:e4:02:15:c2:91:48:10:7f:f7:24:be:ad:db:42:a5:67:
28:8f:10:89
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB1YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUE5RkQxMTAvBgNVBAUTKENDNkFGMjA3NTBGOERFMzlGQjc1QzBBMUQwQTQ0MTk5
N0NBRDM3QjgwHhcNMjUwMzA0MjI0OTU2WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M3ODM5NC04NDg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnhTtFnQcIjsIkHenRK829OtQ9O1jI4htspRLIQLVEWkEAoGbm2UaZREdwB42
VU2jM+Nyu29UEZg81gomVQz1dRaRb/fgcAYsTMGTD+PmjsGPIze9hQE4dDBFbWAI
AZIFeVw7M6QFUPUKiKYqDZgQei3rvR1RoWLGv8rSpyLLldBcNMkxCuY5rWg7qGwZ
/95ojLiB5sjbGw+buMndpv1/amqPCiBZjdiNpx9EwjJIgroLImSvK0O8zrolYOCZ
T6ILi5WiA2xhmXAA8Z2JPkpu4HZEZA8UpImkrG0XVka4e7o4GplF6w1VvwYJMwyC
t1lBgJr7JOUVaeg9D+rISoeytQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLn/IkBr
1i43hQcrKYmqnzyoUdlAMB8GA1UdIwQYMBaAFMxq8gdQ+N45+3XAodCkQZl8rTe4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTlGRC9BOTU2MThCNjEz
NzcxMUVCQTQ0MzZGMzBDNEY5QUUwMi96R3J5QjFENDNqbjdkY0NoMEtSQm1YeXRO
N2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pHcnlCMUQ0M2puN2RjQ2gwS1JCbVh5dE43Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUE5RkQvQTk1NjE4QjYxMzc3MTFFQkE0NDM2RjMwQzRGOUFFMDIvRkVBNDcwQTQx
Mzc5MTFFQkEzQTVGMjMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBATKrqAwDQYJKoZIhvcNAQELBQADggEBACyT+9zfTb4nGdFA
BO99t/yijEZpZmGhYzGp+K4A0NEksRd1vuE6rHsQK7a6qUkU1seFbZGgJwawUMhk
yeUdSO/pnIt6CbhTb0JuWGzlOF5TgZTUp02pdJ6EfKRMthfZpj5hFRO0bC0x9al8
vTAq0JhBjC4qtAl9L20pOsABc4fPSNxiW1ZEeckGH4jQ3dj+9to/ApUNT9apfFDG
zUHCV1QR2fSO/3iNAI4y3wgHhzxpKTgMIez9X2ZF8mTmJRhNWhxu0MgzI92TN+sd
Pdm5NllJWw64k7D1XtbH2KLYYjrrbqmmv6XB29wbeYXe5AIVwpFIEH/3JL6t20Kl
ZyiPEIk=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:33:26 2025 by rpki-client