Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9167003/2F93F5CC32BB11EFA83D612FC4F9AE02/27D9C99632C611EFA04EE118C4F9AE02.roa
File: 27D9C99632C611EFA04EE118C4F9AE02.roa (raw, json)
Hash identifier: x/2d3a4iuMVyEl0CLBETXRLfdHnzlHoY8qTBJbPRcVo=
Subject key identifier: 77:41:2A:22:81:6A:39:7A:CB:60:84:6C:8A:3C:EE:82:88:B0:6B:B3
Certificate issuer: /CN=A9167003/serialNumber=559BEFCF34986973D3BE4593516178E4C3ACE28B
Certificate serial: 2C
Authority key identifier: 55:9B:EF:CF:34:98:69:73:D3:BE:45:93:51:61:78:E4:C3:AC:E2:8B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VZvvzzSYaXPTvkWTUWF45MOs4os.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9167003/2F93F5CC32BB11EFA83D612FC4F9AE02/27D9C99632C611EFA04EE118C4F9AE02.roa
Signing time: Thu 05 Sep 2024 07:50:34 +0000
ROA not before: Thu 05 Sep 2024 07:50:34 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 10022
IP address blocks: 103.20.136.0/22 maxlen: 22
202.27.76.0/24 maxlen: 24
202.27.77.0/24 maxlen: 24
202.36.199.0/24 maxlen: 24
202.36.233.0/24 maxlen: 24
202.175.128.0/21 maxlen: 21
202.175.137.0/24 maxlen: 24
202.175.138.0/23 maxlen: 23
202.175.140.0/24 maxlen: 24
202.175.141.0/24 maxlen: 24
202.175.142.0/24 maxlen: 24
202.175.143.0/24 maxlen: 24
203.176.116.0/23 maxlen: 23
203.176.118.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44 (0x2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9167003
Validity
Not Before: Sep 5 07:50:34 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d962ca-c07d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:61:01:6a:d5:39:14:b8:1b:10:ac:f3:46:44:
bc:00:7a:dc:63:3b:0d:89:90:8a:81:ed:39:34:62:
de:fc:6a:ff:1a:22:e3:57:86:33:04:7d:69:70:13:
81:7d:87:6f:7e:f1:b4:46:fd:ee:8a:ee:d6:5f:e4:
64:07:cd:8b:59:79:b1:e8:69:03:82:e6:3c:3b:61:
0b:0a:7c:82:5b:f4:a5:a8:b5:19:d7:50:2d:bc:2e:
96:9d:99:6a:9a:de:c8:98:b3:7b:71:25:8b:be:c0:
3d:4c:88:ff:bc:e5:8b:38:1c:ca:43:b9:2e:fc:f6:
f9:12:c2:f0:03:80:71:6b:2d:44:a7:68:16:0d:62:
98:18:df:f5:4a:d7:4c:f9:a2:19:9c:a6:86:d1:cf:
ed:0a:b1:33:af:1e:e2:55:80:73:ab:3e:aa:90:09:
41:37:94:a5:19:7a:d3:75:7a:58:4b:cd:07:42:f0:
b5:e6:b3:85:6e:d2:11:80:fd:27:d2:63:54:cc:ac:
47:39:55:fb:bc:5f:58:7e:2a:17:bc:88:c9:cf:c4:
90:96:9b:38:63:9e:b7:9e:41:15:83:0f:ef:74:4f:
78:06:0e:c8:b7:0d:7d:13:46:e8:20:6b:d3:3c:77:
59:47:3b:f8:69:a0:e4:46:35:57:0b:ca:37:bd:58:
12:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:41:2A:22:81:6A:39:7A:CB:60:84:6C:8A:3C:EE:82:88:B0:6B:B3
X509v3 Authority Key Identifier:
keyid:55:9B:EF:CF:34:98:69:73:D3:BE:45:93:51:61:78:E4:C3:AC:E2:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9167003/2F93F5CC32BB11EFA83D612FC4F9AE02/VZvvzzSYaXPTvkWTUWF45MOs4os.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VZvvzzSYaXPTvkWTUWF45MOs4os.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167003/2F93F5CC32BB11EFA83D612FC4F9AE02/27D9C99632C611EFA04EE118C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.136.0/22
202.27.76.0/23
202.36.199.0/24
202.36.233.0/24
202.175.128.0/21
202.175.137.0-202.175.143.255
203.176.116.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:10:b7:6f:d2:1e:c2:c0:7b:6c:31:28:14:3b:92:64:41:2a:
75:9d:0a:70:9c:c0:93:56:f6:00:12:90:64:ec:97:0c:d8:12:
6e:2c:34:23:dd:3b:63:f1:eb:77:04:ee:af:d2:50:a9:61:59:
35:92:e6:66:87:bd:cb:85:15:fd:ec:83:08:06:87:ed:b0:4d:
37:d1:b7:a4:de:7d:83:77:f9:54:3f:80:38:ef:10:df:8a:52:
cd:45:61:59:a4:84:6c:bc:a8:67:0f:d0:40:01:c2:63:70:83:
8d:1e:5f:8b:55:f4:dd:3c:c7:14:b2:f2:d7:25:72:5a:7b:43:
2e:14:b0:84:61:65:72:c5:4c:41:95:ca:d6:7f:68:93:4b:ec:
35:86:56:33:a7:cd:44:48:56:8f:3a:71:77:bf:1b:6d:12:c3:
b4:e2:ce:ca:86:b8:09:b1:72:79:99:d9:c5:ae:a4:15:6f:b5:
9c:06:21:3a:4d:23:f7:a7:e4:e8:20:6c:0a:19:ce:a2:0a:ae:
ed:aa:1e:6e:54:ba:95:cf:ba:f6:20:d9:b6:99:32:8c:fc:e7:
b0:da:b5:38:7f:bf:6a:d0:65:92:46:f9:1a:c1:9d:3e:89:e2:
b3:bc:f6:60:b5:a9:19:ee:97:01:24:91:79:f9:f3:29:69:a4:
bb:e4:81:db
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIBLDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
NzAwMzExMC8GA1UEBRMoNTU5QkVGQ0YzNDk4Njk3M0QzQkU0NTkzNTE2MTc4RTRD
M0FDRTI4QjAeFw0yNDA5MDUwNzUwMzRaFw0yNTEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZDk2MmNhLWMwN2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLYQFq1TkUuBsQrPNGRLwAetxjOw2JkIqB7Tk0Yt78av8aIuNXhjMEfWlwE4F9
h29+8bRG/e6K7tZf5GQHzYtZebHoaQOC5jw7YQsKfIJb9KWotRnXUC28LpadmWqa
3siYs3txJYu+wD1MiP+85Ys4HMpDuS789vkSwvADgHFrLUSnaBYNYpgY3/VK10z5
ohmcpobRz+0KsTOvHuJVgHOrPqqQCUE3lKUZetN1elhLzQdC8LXms4Vu0hGA/SfS
Y1TMrEc5Vfu8X1h+Khe8iMnPxJCWmzhjnreeQRWDD+90T3gGDsi3DX0TRugga9M8
d1lHO/hpoORGNVcLyje9WBL5AgMBAAGjggLBMIICvTAdBgNVHQ4EFgQUd0EqIoFq
OXrLYIRsijzugoiwa7MwHwYDVR0jBBgwFoAUVZvvzzSYaXPTvkWTUWF45MOs4osw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY3MDAzLzJGOTNGNUNDMzJC
QjExRUZBODNENjEyRkM0RjlBRTAyL1ZadnZ6elNZYVhQVHZrV1RVV0Y0NU1PczRv
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVlp2dnp6U1lhWFBUdmtXVFVXRjQ1TU9zNG9zLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
NzAwMy8yRjkzRjVDQzMyQkIxMUVGQTgzRDYxMkZDNEY5QUUwMi8yN0Q5Qzk5NjMy
QzYxMUVGQTA0RUUxMThDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBLBggrBgEFBQcBBwEB/wQ8
MDowOAQCAAEwMgMEAmcUiAMEAcobTAMEAMokxwMEAMok6QMEA8qvgDAMAwQAyq+J
AwQEyq+AAwQCy7B0MA0GCSqGSIb3DQEBCwUAA4IBAQAqELdv0h7CwHtsMSgUO5Jk
QSp1nQpwnMCTVvYAEpBk7JcM2BJuLDQj3Ttj8et3BO6v0lCpYVk1kuZmh73LhRX9
7IMIBoftsE030bek3n2Dd/lUP4A47xDfilLNRWFZpIRsvKhnD9BAAcJjcIONHl+L
VfTdPMcUsvLXJXJae0MuFLCEYWVyxUxBlcrWf2iTS+w1hlYzp81ESFaPOnF3vxtt
EsO04s7KhrgJsXJ5mdnFrqQVb7WcBiE6TSP3p+ToIGwKGc6iCq7tqh5uVLqVz7r2
INm2mTKM/Oew2rU4f79q0GWSRvkawZ0+ieKzvPZgtakZ7pcBJJF5+fMpaaS75IHb
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:14:09 2025 by rpki-client