Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915C631/39E4D7A8DC7811ECA4E30617C4F9AE02/63F05DE02F1D11EDA3E29B09C4F9AE02.roa
File: 63F05DE02F1D11EDA3E29B09C4F9AE02.roa (raw, json)
Hash identifier: EK111oJv66SbZhN/iTVxTCcti9ZplvEQJUQavszlmVI=
Subject key identifier: EB:77:84:B8:46:A6:E3:22:1A:92:0E:FC:1C:A8:2E:C6:53:42:24:34
Certificate issuer: /CN=A915C631/serialNumber=7BD3E43D134E5235E97603CE8BA9486B62A9B1E6
Certificate serial: 02E5
Authority key identifier: 7B:D3:E4:3D:13:4E:52:35:E9:76:03:CE:8B:A9:48:6B:62:A9:B1:E6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/e9PkPRNOUjXpdgPOi6lIa2KpseY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915C631/39E4D7A8DC7811ECA4E30617C4F9AE02/63F05DE02F1D11EDA3E29B09C4F9AE02.roa
Signing time: Fri 17 Jan 2025 01:04:13 +0000
ROA not before: Fri 17 Jan 2025 01:04:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 18390
IP address blocks: 27.96.192.0/19 maxlen: 24
115.69.0.0/18 maxlen: 24
202.172.96.0/19 maxlen: 24
203.23.236.0/22 maxlen: 24
203.29.65.0/24 maxlen: 24
203.29.124.0/23 maxlen: 24
203.31.202.0/23 maxlen: 24
203.56.244.0/22 maxlen: 24
203.57.48.0/23 maxlen: 24
210.1.192.0/19 maxlen: 24
2407:e400::/32 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 741 (0x2e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915C631
Validity
Not Before: Jan 17 01:04:13 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6789ac8d-4d9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1d:cf:c9:64:66:06:d1:db:3c:b5:03:c8:f0:
64:df:17:10:87:8b:39:14:20:d8:2e:e9:4e:0b:82:
65:e9:6f:3a:1e:f1:f7:91:98:d6:34:3f:4b:d1:c7:
8a:30:10:17:02:84:5c:08:92:cd:26:59:0b:f1:50:
af:17:a7:a9:55:c7:f9:f6:78:73:f2:a8:ad:4b:8f:
fe:9f:3c:ff:3a:d4:ef:99:16:55:8d:ca:d6:6e:6f:
26:49:cc:4a:05:7e:4d:2b:64:15:f0:49:7d:ba:de:
26:22:16:f0:64:b0:e2:1a:b5:6b:8c:a6:a0:93:d5:
29:a9:38:00:46:82:98:dc:60:88:4c:5d:07:1d:56:
78:b2:70:5e:85:ac:75:52:b8:0a:91:0a:24:77:27:
0a:05:c8:7a:4b:c1:b3:f1:3d:7d:a8:3a:fd:25:67:
04:1e:ed:23:81:f4:e0:3b:80:26:64:ee:1c:ae:7f:
e2:7b:e2:f1:29:69:0f:c8:40:2d:6c:73:10:82:12:
75:3e:e7:24:a8:17:8d:ac:f7:ce:57:56:c0:56:f7:
d7:6b:aa:09:f5:82:ea:43:e9:4a:d5:6b:3e:b3:06:
bb:48:33:31:0d:b7:66:0f:ad:2c:c6:33:35:49:d1:
4a:0d:44:7f:bf:39:63:4e:ea:29:4c:c5:ae:60:bd:
83:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:77:84:B8:46:A6:E3:22:1A:92:0E:FC:1C:A8:2E:C6:53:42:24:34
X509v3 Authority Key Identifier:
keyid:7B:D3:E4:3D:13:4E:52:35:E9:76:03:CE:8B:A9:48:6B:62:A9:B1:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915C631/39E4D7A8DC7811ECA4E30617C4F9AE02/e9PkPRNOUjXpdgPOi6lIa2KpseY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/e9PkPRNOUjXpdgPOi6lIa2KpseY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915C631/39E4D7A8DC7811ECA4E30617C4F9AE02/63F05DE02F1D11EDA3E29B09C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.96.192.0/19
115.69.0.0/18
202.172.96.0/19
203.23.236.0/22
203.29.65.0/24
203.29.124.0/23
203.31.202.0/23
203.56.244.0/22
203.57.48.0/23
210.1.192.0/19
IPv6:
2407:e400::/32
Signature Algorithm: sha256WithRSAEncryption
04:e3:64:cd:21:84:09:24:e8:23:6c:f1:1c:17:e1:ea:00:a6:
69:8e:cd:56:b4:77:96:1d:b8:1b:c2:b4:ad:da:14:99:11:56:
69:d3:a6:49:5c:5b:71:27:ed:3d:37:3e:c0:79:30:d3:58:aa:
c1:fe:e6:f8:69:5e:2a:04:cc:80:c0:1b:67:9b:45:80:57:c8:
a2:ef:55:0b:fb:76:e6:b6:3b:4c:68:40:4f:4a:9c:c0:97:db:
fb:50:5e:c4:f6:d9:97:29:b0:81:d6:45:65:61:e4:98:20:ce:
28:de:45:7a:b3:1a:15:fe:ba:91:73:20:23:8b:d3:17:78:d2:
b2:30:8d:82:78:d8:d4:fc:9b:3e:f0:7f:2b:c1:1d:9a:d0:58:
83:4e:5d:b2:a1:93:5f:a5:ed:4f:af:c6:83:0d:21:ca:66:07:
1f:3c:ea:81:eb:b6:76:90:c8:08:a6:52:e5:f7:52:c1:12:92:
79:54:ca:dd:2a:b6:36:f0:d1:23:c6:ab:ea:cb:a9:eb:16:ce:
6a:a4:e8:db:f3:2d:95:f6:8a:1e:90:8a:ea:d2:7d:11:46:60:
69:60:65:d9:88:5b:d6:ae:8f:cd:db:9e:08:9d:3f:4d:4f:4a:
5d:40:ca:a1:86:f3:c6:a5:20:b0:df:19:a1:0d:c6:b8:05:43:
ee:36:e7:2d
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgICAuUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUM2MzExMTAvBgNVBAUTKDdCRDNFNDNEMTM0RTUyMzVFOTc2MDNDRThCQTk0ODZC
NjJBOUIxRTYwHhcNMjUwMTE3MDEwNDEzWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg5YWM4ZC00ZDliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAux3PyWRmBtHbPLUDyPBk3xcQh4s5FCDYLulOC4Jl6W86HvH3kZjWND9L0ceK
MBAXAoRcCJLNJlkL8VCvF6epVcf59nhz8qitS4/+nzz/OtTvmRZVjcrWbm8mScxK
BX5NK2QV8El9ut4mIhbwZLDiGrVrjKagk9UpqTgARoKY3GCITF0HHVZ4snBehax1
UrgKkQokdycKBch6S8Gz8T19qDr9JWcEHu0jgfTgO4AmZO4crn/ie+LxKWkPyEAt
bHMQghJ1PuckqBeNrPfOV1bAVvfXa6oJ9YLqQ+lK1Ws+swa7SDMxDbdmD60sxjM1
SdFKDUR/vzljTuopTMWuYL2DfQIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFOt3hLhG
puMiGpIO/ByoLsZTQiQ0MB8GA1UdIwQYMBaAFHvT5D0TTlI16XYDzoupSGtiqbHm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QzYzMS8zOUU0RDdBOERD
NzgxMUVDQTRFMzA2MTdDNEY5QUUwMi9lOVBrUFJOT1VqWHBkZ1BPaTZsSWEyS3Bz
ZVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2U5UGtQUk5PVWpYcGRnUE9pNmxJYTJLcHNlWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUM2MzEvMzlFNEQ3QThEQzc4MTFFQ0E0RTMwNjE3QzRGOUFFMDIvNjNGMDVERTAy
RjFEMTFFREEzRTI5QjA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZAYIKwYBBQUHAQcBAf8E
VTBTMEIEAgABMDwDBAUbYMADBAZzRQADBAXKrGADBALLF+wDBADLHUEDBAHLHXwD
BAHLH8oDBALLOPQDBAHLOTADBAXSAcAwDQQCAAIwBwMFACQH5AAwDQYJKoZIhvcN
AQELBQADggEBAATjZM0hhAkk6CNs8RwX4eoApmmOzVa0d5YduBvCtK3aFJkRVmnT
pklcW3En7T03PsB5MNNYqsH+5vhpXioEzIDAG2ebRYBXyKLvVQv7dua2O0xoQE9K
nMCX2/tQXsT22ZcpsIHWRWVh5JggzijeRXqzGhX+upFzICOL0xd40rIwjYJ42NT8
mz7wfyvBHZrQWINOXbKhk1+l7U+vxoMNIcpmBx886oHrtnaQyAimUuX3UsESknlU
yt0qtjbw0SPGq+rLqesWzmqk6NvzLZX2ih6QiurSfRFGYGlgZdmIW9auj83bngid
P01PSl1AyqGG88alILDfGaENxrgFQ+425y0=
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:25:02 2025 by rpki-client