Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170304/9EF411301D8E11E2B18226ED08B02CD2/83D16ACCF54C11EEB856F155C4F9AE02.roa
File: 83D16ACCF54C11EEB856F155C4F9AE02.roa (raw, json)
Hash identifier: upzOIM0OtjJZBvxFuKzkkHN2DDjrXUpUk51COpQNdIQ=
Subject key identifier: 8C:EB:E8:49:41:D7:E4:41:40:D9:F6:BA:92:01:6E:52:4E:8E:58:A6
Certificate issuer: /CN=A9170304/serialNumber=AD270FDE99B1F1069DAB8EF7A576AA2C2AF2C6F0
Certificate serial: 347E
Authority key identifier: AD:27:0F:DE:99:B1:F1:06:9D:AB:8E:F7:A5:76:AA:2C:2A:F2:C6:F0
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rScP3pmx8Qadq473pXaqLCryxvA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9170304/9EF411301D8E11E2B18226ED08B02CD2/83D16ACCF54C11EEB856F155C4F9AE02.roa
Signing time: Tue 18 Mar 2025 15:00:49 +0000
ROA not before: Tue 18 Mar 2025 15:00:49 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 198949
IP address blocks: 147.41.0.0/17 maxlen: 17
147.41.128.0/17 maxlen: 17
147.41.240.0/20 maxlen: 20
147.109.0.0/16 maxlen: 16
147.109.124.0/24 maxlen: 24
147.109.192.0/21 maxlen: 21
147.109.208.0/21 maxlen: 21
147.109.216.0/21 maxlen: 21
192.26.232.0/24 maxlen: 24
192.107.101.0/24 maxlen: 24
192.190.61.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13438 (0x347e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9170304
Validity
Not Before: Mar 18 15:00:49 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67d98aa1-5667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3c:e6:1e:81:d6:d5:23:fd:01:05:fd:46:a3:
b1:c3:1d:95:07:4f:7b:08:0a:37:f4:97:09:6d:79:
26:a6:e1:2e:e3:ec:0a:1f:85:14:6e:8d:a3:e0:dc:
4e:a6:4a:25:8b:99:69:9c:08:8b:31:3c:a4:ce:0f:
39:0a:86:6b:7c:8b:13:5a:9d:99:a9:af:dd:8a:cf:
60:9e:a8:57:c2:eb:2b:59:71:3e:aa:cd:15:fb:31:
d8:e8:7a:6a:e5:7d:ef:b2:a2:25:a7:42:04:6a:1e:
9d:5c:0a:30:3f:f0:5e:c7:5c:4a:70:97:19:59:f0:
c9:00:29:ee:a7:c8:41:9a:9a:8d:e6:c7:13:53:46:
a4:e0:03:02:9b:f8:26:3c:96:28:81:b2:74:78:a7:
01:5a:b1:cb:7d:ee:87:1d:3e:22:a4:f2:8e:98:55:
27:18:a7:f2:0c:c7:19:fa:b1:7b:77:8e:6c:86:c0:
6c:17:c3:18:d1:5f:5d:31:cd:74:26:06:4f:94:d6:
0e:12:e2:e1:0e:7b:db:43:27:d4:52:c4:2e:72:2b:
90:d6:07:d4:bf:e3:cf:15:4e:7c:3f:f7:a5:e1:ff:
64:13:f4:2d:75:2d:06:b3:7e:d0:3d:b3:96:3f:e1:
ad:ff:1c:31:b5:73:75:2c:b2:c2:96:dc:e0:e7:e8:
c5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:EB:E8:49:41:D7:E4:41:40:D9:F6:BA:92:01:6E:52:4E:8E:58:A6
X509v3 Authority Key Identifier:
keyid:AD:27:0F:DE:99:B1:F1:06:9D:AB:8E:F7:A5:76:AA:2C:2A:F2:C6:F0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9170304/9EF411301D8E11E2B18226ED08B02CD2/rScP3pmx8Qadq473pXaqLCryxvA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rScP3pmx8Qadq473pXaqLCryxvA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170304/9EF411301D8E11E2B18226ED08B02CD2/83D16ACCF54C11EEB856F155C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
147.41.0.0/16
147.109.0.0/16
192.26.232.0/24
192.107.101.0/24
192.190.61.0/24
Signature Algorithm: sha256WithRSAEncryption
23:c3:dd:ac:a8:c4:b4:7e:16:e4:6e:cf:91:49:ad:18:eb:46:
6b:c7:7f:98:90:bd:6f:71:95:71:60:a6:9d:dc:6a:44:30:e3:
bd:bc:40:7f:3b:af:ab:0d:60:d6:74:15:d5:ee:f8:f2:59:67:
4b:4a:0e:5a:00:c4:d3:9e:d9:50:f6:7c:12:08:0f:46:f7:5f:
2e:99:9e:17:1f:70:1b:0f:0f:4b:51:ef:76:25:2c:b5:e2:a6:
77:29:3f:7a:cf:8b:cb:c5:8c:41:81:ea:b0:a0:a7:1e:72:0f:
d3:11:c4:c9:83:2c:ec:c6:e4:82:28:30:f6:c4:37:d0:e3:0b:
e2:69:41:b8:09:52:5f:a7:bb:61:27:ff:84:59:61:ce:8c:18:
43:32:b8:02:1f:00:eb:9f:de:d7:c5:a0:44:c4:09:1a:e6:df:
dc:56:6c:00:ee:84:ce:d8:ca:3e:80:7a:ac:c3:3c:05:3b:17:
1d:f6:d6:bf:2d:66:35:35:25:f5:fe:22:6f:12:b7:b6:1e:4f:
d7:ef:84:2e:e1:01:c1:2a:5f:50:ec:03:25:99:98:c9:05:2d:
65:d7:47:95:46:45:9f:2d:b7:58:78:57:39:c8:37:8b:78:04:
2b:6b:1d:ad:80:b7:da:c1:7d:2b:cd:5c:37:2d:18:57:c7:27:
25:ea:3e:42
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICNH4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzAzMDQxMTAvBgNVBAUTKEFEMjcwRkRFOTlCMUYxMDY5REFCOEVGN0E1NzZBQTJD
MkFGMkM2RjAwHhcNMjUwMzE4MTUwMDQ5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q5OGFhMS01NjY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArTzmHoHW1SP9AQX9RqOxwx2VB097CAo39JcJbXkmpuEu4+wKH4UUbo2j4NxO
pkoli5lpnAiLMTykzg85CoZrfIsTWp2Zqa/dis9gnqhXwusrWXE+qs0V+zHY6Hpq
5X3vsqIlp0IEah6dXAowP/Bex1xKcJcZWfDJACnup8hBmpqN5scTU0ak4AMCm/gm
PJYogbJ0eKcBWrHLfe6HHT4ipPKOmFUnGKfyDMcZ+rF7d45shsBsF8MY0V9dMc10
JgZPlNYOEuLhDnvbQyfUUsQuciuQ1gfUv+PPFU58P/el4f9kE/QtdS0Gs37QPbOW
P+Gt/xwxtXN1LLLCltzg5+jFgwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFIzr6ElB
1+RBQNn2upIBblJOjlimMB8GA1UdIwQYMBaAFK0nD96ZsfEGnauO96V2qiwq8sbw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MDMwNC85RUY0MTEzMDFE
OEUxMUUyQjE4MjI2RUQwOEIwMkNEMi9yU2NQM3BteDhRYWRxNDczcFhhcUxDcnl4
dkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3JTY1AzcG14OFFhZHE0NzNwWGFxTENyeXh2QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzAzMDQvOUVGNDExMzAxRDhFMTFFMkIxODIyNkVEMDhCMDJDRDIvODNEMTZBQ0NG
NTRDMTFFRUI4NTZGMTU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMCIEAgABMBwDAwCTKQMDAJNtAwQAwBroAwQAwGtlAwQAwL49MA0GCSqGSIb3
DQEBCwUAA4IBAQAjw92sqMS0fhbkbs+RSa0Y60Zrx3+YkL1vcZVxYKad3GpEMOO9
vEB/O6+rDWDWdBXV7vjyWWdLSg5aAMTTntlQ9nwSCA9G918umZ4XH3AbDw9LUe92
JSy14qZ3KT96z4vLxYxBgeqwoKcecg/TEcTJgyzsxuSCKDD2xDfQ4wviaUG4CVJf
p7thJ/+EWWHOjBhDMrgCHwDrn97XxaBExAka5t/cVmwA7oTO2Mo+gHqswzwFOxcd
9ta/LWY1NSX1/iJvEre2Hk/X74Qu4QHBKl9Q7AMlmZjJBS1l10eVRkWfLbdYeFc5
yDeLeAQrax2tgLfawX0rzVw3LRhXxycl6j5C
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:49:11 2025 by rpki-client