Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9164F45/336119C442F611EEA2524D63C4F9AE02/7599519C42F811EEBCBA9981C4F9AE02.roa
File: 7599519C42F811EEBCBA9981C4F9AE02.roa (raw, json)
Hash identifier: O1ci8odveyWb16dTISMFL4I0B+THdeEK/wQxVlAXoG4=
Subject key identifier: DE:D8:C8:6E:88:46:2A:46:C9:E2:BF:B7:29:36:0D:81:B2:70:C3:CF
Certificate issuer: /CN=A9164F45/serialNumber=24320EAFF9A820B8EDA59E03E40555C5F34FEFCC
Certificate serial: D5
Authority key identifier: 24:32:0E:AF:F9:A8:20:B8:ED:A5:9E:03:E4:05:55:C5:F3:4F:EF:CC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JDIOr_moILjtpZ4D5AVVxfNP78w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9164F45/336119C442F611EEA2524D63C4F9AE02/7599519C42F811EEBCBA9981C4F9AE02.roa
Signing time: Thu 29 Aug 2024 05:48:11 +0000
ROA not before: Thu 29 Aug 2024 05:48:11 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 17794
IP address blocks: 203.145.71.0/24 maxlen: 24
203.145.72.0/24 maxlen: 24
203.145.73.0/24 maxlen: 24
203.145.74.0/24 maxlen: 24
203.145.76.0/24 maxlen: 24
203.145.77.0/24 maxlen: 24
203.145.78.0/24 maxlen: 24
203.145.82.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 213 (0xd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9164F45
Validity
Not Before: Aug 29 05:48:11 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d00b9b-4393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:fd:ea:91:05:4b:21:12:71:81:54:20:22:e6:
79:b0:45:33:7e:e8:3f:af:04:e7:c0:1f:62:15:b0:
7a:aa:b4:0a:e7:41:27:4b:13:b6:ba:c7:cb:aa:c6:
b6:ad:bf:e6:02:ee:02:72:87:41:07:9a:e7:ff:63:
bb:e5:6d:19:af:ac:f7:db:5f:6b:a4:ff:de:7a:20:
ec:c2:68:3e:d2:0c:18:8e:0f:59:4a:a7:6c:f2:e2:
0a:55:24:ac:27:56:23:35:ea:b0:0a:36:d0:d5:5a:
c8:aa:81:8a:10:f1:31:9e:52:ed:ad:1e:34:b9:a0:
29:d2:0f:69:4d:aa:6c:83:5d:92:93:a9:31:0c:fc:
86:67:c9:ff:b9:f7:8d:ba:13:fa:a4:28:94:ed:1e:
05:7d:7a:fd:f6:f0:46:70:f6:1d:a5:48:10:33:31:
53:da:89:99:15:0e:40:fb:e1:aa:3e:ae:a3:54:35:
8b:56:6a:9d:d8:8b:1f:3f:f2:45:5a:eb:9d:a0:75:
e4:56:93:ed:6b:c5:d5:03:8f:91:fa:0c:5d:5c:76:
ff:26:20:56:15:a2:2c:0d:83:8f:11:a3:10:65:d8:
4e:c3:01:45:81:a8:97:69:ab:5e:66:7b:05:96:d0:
45:4d:02:9b:95:10:65:93:b8:04:5e:2c:fe:e5:df:
4c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:D8:C8:6E:88:46:2A:46:C9:E2:BF:B7:29:36:0D:81:B2:70:C3:CF
X509v3 Authority Key Identifier:
keyid:24:32:0E:AF:F9:A8:20:B8:ED:A5:9E:03:E4:05:55:C5:F3:4F:EF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9164F45/336119C442F611EEA2524D63C4F9AE02/JDIOr_moILjtpZ4D5AVVxfNP78w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JDIOr_moILjtpZ4D5AVVxfNP78w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9164F45/336119C442F611EEA2524D63C4F9AE02/7599519C42F811EEBCBA9981C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.145.71.0-203.145.74.255
203.145.76.0-203.145.78.255
203.145.82.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:52:94:71:e9:55:d8:41:94:b3:1c:8e:f8:a6:24:8b:12:f0:
71:03:3c:03:2b:52:4c:05:20:b5:32:98:62:5d:8b:8e:06:88:
a5:18:c4:4a:dd:a7:07:53:71:c5:84:00:94:20:4b:ee:d0:9a:
54:25:fb:0a:43:63:47:01:92:fa:8a:c0:5c:be:d5:05:b2:eb:
fd:1d:93:1b:48:cf:6f:bf:d1:1e:0f:35:66:9f:12:45:a5:58:
81:85:bb:13:40:1d:36:2d:4a:6b:ae:a3:c4:5b:1d:b0:68:cf:
70:aa:5e:39:07:0e:e6:fc:2f:d3:77:d4:7b:30:8f:60:fa:d1:
be:4c:ed:e0:91:e2:9f:40:17:d5:54:9a:cd:5c:ff:cc:e5:54:
e1:ed:97:d8:e7:e3:a9:0b:16:d1:ac:2f:4f:88:03:8c:08:8c:
9f:e7:73:d4:bb:ff:10:32:58:63:0d:17:43:0f:89:64:d1:ca:
c4:73:54:3e:cb:04:10:20:7d:38:81:b6:13:fe:ca:bd:a5:46:
32:dc:39:10:0a:dd:25:60:f4:bc:3c:7e:2d:a6:74:32:17:f8:
9f:b8:72:a0:5e:05:c6:2a:ea:e1:73:3c:bb:6e:38:d9:fc:32:
51:0b:e8:3c:06:ad:93:a9:e7:8d:a3:8e:46:cf:d0:15:2c:80:
9b:19:6e:7b
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICANUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjRGNDUxMTAvBgNVBAUTKDI0MzIwRUFGRjlBODIwQjhFREE1OUUwM0U0MDU1NUM1
RjM0RkVGQ0MwHhcNMjQwODI5MDU0ODExWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQwMGI5Yi00MzkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu/3qkQVLIRJxgVQgIuZ5sEUzfug/rwTnwB9iFbB6qrQK50EnSxO2usfLqsa2
rb/mAu4CcodBB5rn/2O75W0Zr6z3219rpP/eeiDswmg+0gwYjg9ZSqds8uIKVSSs
J1YjNeqwCjbQ1VrIqoGKEPExnlLtrR40uaAp0g9pTapsg12Sk6kxDPyGZ8n/ufeN
uhP6pCiU7R4FfXr99vBGcPYdpUgQMzFT2omZFQ5A++GqPq6jVDWLVmqd2IsfP/JF
WuudoHXkVpPta8XVA4+R+gxdXHb/JiBWFaIsDYOPEaMQZdhOwwFFgaiXaateZnsF
ltBFTQKblRBlk7gEXiz+5d9MmwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFN7YyG6I
RipGyeK/tyk2DYGycMPPMB8GA1UdIwQYMBaAFCQyDq/5qCC47aWeA+QFVcXzT+/M
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NEY0NS8zMzYxMTlDNDQy
RjYxMUVFQTI1MjRENjNDNEY5QUUwMi9KRElPcl9tb0lManRwWjRENUFWVnhmTlA3
OHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pESU9yX21vSUxqdHBaNEQ1QVZWeGZOUDc4dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjRGNDUvMzM2MTE5QzQ0MkY2MTFFRUEyNTI0RDYzQzRGOUFFMDIvNzU5OTUxOUM0
MkY4MTFFRUJDQkE5OTgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMCgEAgABMCIwDAMEAMuRRwMEAMuRSjAMAwQCy5FMAwQAy5FOAwQAy5FSMA0G
CSqGSIb3DQEBCwUAA4IBAQCLUpRx6VXYQZSzHI74piSLEvBxAzwDK1JMBSC1Mphi
XYuOBoilGMRK3acHU3HFhACUIEvu0JpUJfsKQ2NHAZL6isBcvtUFsuv9HZMbSM9v
v9EeDzVmnxJFpViBhbsTQB02LUprrqPEWx2waM9wql45Bw7m/C/Td9R7MI9g+tG+
TO3gkeKfQBfVVJrNXP/M5VTh7ZfY5+OpCxbRrC9PiAOMCIyf53PUu/8QMlhjDRdD
D4lk0crEc1Q+ywQQIH04gbYT/sq9pUYy3DkQCt0lYPS8PH4tpnQyF/ifuHKgXgXG
Kurhczy7bjjZ/DJRC+g8Bq2TqeeNo45Gz9AVLICbGW57
-----END CERTIFICATE-----
Generated at Tue Apr 8 16:42:03 2025 by rpki-client