Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/56C8FCACE38011EFBF195482C4F9AE02.roa
File: 56C8FCACE38011EFBF195482C4F9AE02.roa (raw, json)
Hash identifier: YpgFRa2Rul9X6oABfgOzOCogI1xE9k1rvzUQOQyIs6c=
Subject key identifier: 48:A0:FF:19:CA:3D:DA:1B:AF:95:92:10:A2:F8:03:2F:F6:C8:D6:DD
Certificate issuer: /CN=A9172D91/serialNumber=E2EDE4A7EA972668A795B27BA9DC87F4B90DA897
Certificate serial: 163B
Authority key identifier: E2:ED:E4:A7:EA:97:26:68:A7:95:B2:7B:A9:DC:87:F4:B9:0D:A8:97
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4u3kp-qXJminlbJ7qdyH9LkNqJc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/56C8FCACE38011EFBF195482C4F9AE02.roa
Signing time: Wed 05 Feb 2025 05:16:22 +0000
ROA not before: Wed 05 Feb 2025 05:16:22 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 15830
IP address blocks: 27.111.160.0/21 maxlen: 21
27.111.168.0/22 maxlen: 22
27.111.173.0/24 maxlen: 24
27.111.174.0/23 maxlen: 23
27.111.176.0/20 maxlen: 20
27.111.192.0/20 maxlen: 20
45.126.14.0/23 maxlen: 23
103.14.116.0/22 maxlen: 22
113.59.240.0/20 maxlen: 20
113.59.240.0/23 maxlen: 23
113.59.243.0/24 maxlen: 24
113.59.248.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5691 (0x163b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9172D91
Validity
Not Before: Feb 5 05:16:22 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67a2f426-17bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b0:79:fb:e3:1f:08:cf:1a:cd:39:06:bc:91:
c2:17:b5:15:7a:34:ee:97:b0:00:10:24:62:68:4f:
aa:a1:04:5d:26:c9:29:8d:f7:db:99:7d:15:5f:80:
6c:fd:e5:41:ae:b2:e4:ba:96:2a:fb:70:27:19:6e:
44:73:fc:e2:b1:bc:40:1c:84:43:eb:88:e3:aa:fd:
b6:c0:df:41:17:11:67:46:64:37:6a:14:4a:72:4e:
f4:c2:ec:76:5b:ad:4d:60:65:fb:e7:09:5f:59:c4:
8f:9e:50:65:9a:23:8b:6f:96:0c:e8:3c:fb:38:c0:
f6:61:eb:f2:2d:c4:8a:1d:56:50:38:e0:ba:90:54:
f7:2f:25:b6:4e:5f:61:a0:63:a3:c1:81:8e:06:09:
d2:4f:a2:42:1a:34:cc:1f:80:57:17:3e:16:3f:72:
51:44:5c:44:7a:26:da:64:9b:3f:4c:62:29:6b:d1:
b7:75:13:01:e4:21:96:1c:f6:c1:c4:11:3b:48:93:
ac:ea:bf:69:65:5f:2d:ce:72:82:84:ed:0a:f0:2c:
94:a8:39:48:63:84:0f:ba:22:31:ad:d8:30:35:15:
c7:58:8b:42:3c:69:75:7f:2b:3d:e2:e4:11:26:e1:
04:26:34:35:36:c4:af:1c:b8:d6:fd:bd:ad:f0:84:
b8:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:A0:FF:19:CA:3D:DA:1B:AF:95:92:10:A2:F8:03:2F:F6:C8:D6:DD
X509v3 Authority Key Identifier:
keyid:E2:ED:E4:A7:EA:97:26:68:A7:95:B2:7B:A9:DC:87:F4:B9:0D:A8:97
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/4u3kp-qXJminlbJ7qdyH9LkNqJc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4u3kp-qXJminlbJ7qdyH9LkNqJc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/56C8FCACE38011EFBF195482C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.111.160.0-27.111.171.255
27.111.173.0-27.111.207.255
45.126.14.0/23
103.14.116.0/22
113.59.240.0/20
Signature Algorithm: sha256WithRSAEncryption
42:42:e3:1a:19:51:d3:93:5d:cf:3c:cb:98:fe:11:5d:8f:e1:
79:46:3c:d2:a8:bd:fc:5f:0e:cc:91:30:ab:25:08:3c:03:26:
ee:20:28:f6:0e:b0:06:7f:b1:13:38:d4:a8:24:c4:40:79:6f:
e4:75:24:80:a8:f1:fa:54:bf:90:71:da:3a:ca:8a:76:b6:31:
de:08:f2:23:ee:31:70:c3:4e:38:2a:11:d7:3b:25:b1:a0:52:
d7:ed:e3:c0:46:82:f4:c5:c7:68:df:bf:0d:4c:e6:66:1a:50:
61:19:fe:aa:21:f4:2b:7d:60:c5:7a:1f:d7:13:33:ae:3e:67:
5d:13:39:62:29:04:8e:cc:9f:3c:5f:d5:a7:dd:64:06:c3:0e:
65:34:95:a5:d0:0c:d8:47:ea:ad:6e:c2:11:b1:ba:72:79:75:
d0:d4:1d:3e:c9:09:0e:bd:01:c6:19:73:ec:ce:b2:b9:fa:0a:
6b:0b:71:da:1f:6c:74:49:62:8c:35:2a:65:7e:a7:f3:d0:2d:
fd:d0:b6:34:6b:e8:57:45:d2:9f:14:15:a5:44:c3:5f:c6:cf:
70:76:72:67:92:6d:c6:ee:37:3c:ed:f8:71:64:60:bc:a5:b3:
4c:57:f9:35:2f:0a:26:e1:91:c9:5a:6b:88:0a:50:0b:fc:64:
97:20:62:c5
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgICFjswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzJEOTExMTAvBgNVBAUTKEUyRURFNEE3RUE5NzI2NjhBNzk1QjI3QkE5REM4N0Y0
QjkwREE4OTcwHhcNMjUwMjA1MDUxNjIyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EyZjQyNi0xN2JmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA07B5++MfCM8azTkGvJHCF7UVejTul7AAECRiaE+qoQRdJskpjffbmX0VX4Bs
/eVBrrLkupYq+3AnGW5Ec/zisbxAHIRD64jjqv22wN9BFxFnRmQ3ahRKck70wux2
W61NYGX75wlfWcSPnlBlmiOLb5YM6Dz7OMD2YevyLcSKHVZQOOC6kFT3LyW2Tl9h
oGOjwYGOBgnST6JCGjTMH4BXFz4WP3JRRFxEeibaZJs/TGIpa9G3dRMB5CGWHPbB
xBE7SJOs6r9pZV8tznKChO0K8CyUqDlIY4QPuiIxrdgwNRXHWItCPGl1fys94uQR
JuEEJjQ1NsSvHLjW/b2t8IS4tQIDAQABo4ICvTCCArkwHQYDVR0OBBYEFEig/xnK
Pdobr5WSEKL4Ay/2yNbdMB8GA1UdIwQYMBaAFOLt5KfqlyZop5Wye6nch/S5DaiX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MkQ5MS9FQTY3MkE1QzE5
RTcxMUU4QjI0M0Q1N0NDNEY5QUUwMi80dTNrcC1xWEptaW5sYko3cWR5SDlMa05x
SmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzR1M2twLXFYSm1pbmxiSjdxZHlIOUxrTnFKYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzJEOTEvRUE2NzJBNUMxOUU3MTFFOEIyNDNENTdDQzRGOUFFMDIvNTZDOEZDQUNF
MzgwMTFFRkJGMTk1NDgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E
ODA2MDQEAgABMC4wDAMEBRtvoAMEAhtvqDAMAwQAG2+tAwQEG2/AAwQBLX4OAwQC
Zw50AwQEcTvwMA0GCSqGSIb3DQEBCwUAA4IBAQBCQuMaGVHTk13PPMuY/hFdj+F5
RjzSqL38Xw7MkTCrJQg8AybuICj2DrAGf7ETONSoJMRAeW/kdSSAqPH6VL+Qcdo6
yop2tjHeCPIj7jFww044KhHXOyWxoFLX7ePARoL0xcdo378NTOZmGlBhGf6qIfQr
fWDFeh/XEzOuPmddEzliKQSOzJ88X9Wn3WQGww5lNJWl0AzYR+qtbsIRsbpyeXXQ
1B0+yQkOvQHGGXPszrK5+gprC3HaH2x0SWKMNSplfqfz0C390LY0a+hXRdKfFBWl
RMNfxs9wdnJnkm3G7jc87fhxZGC8pbNMV/k1Lwom4ZHJWmuIClAL/GSXIGLF
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:18:29 2025 by rpki-client