Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/0774A2C894F211EAB30E7682C4F9AE02.roa
File: 0774A2C894F211EAB30E7682C4F9AE02.roa (raw, json)
Hash identifier: Qe2k4Rmt8cYvrQ25NjhCj6HgTDQ2LTBczeZdX5NMi1Q=
Subject key identifier: D4:6B:67:A5:A1:25:FE:06:ED:DA:6C:0A:3B:BF:C8:2C:76:D5:0E:94
Certificate issuer: /CN=A917F8A9/serialNumber=5C0AB425F2B4235E1C815683BD6C8E8B7B80B727
Certificate serial: 095D
Authority key identifier: 5C:0A:B4:25:F2:B4:23:5E:1C:81:56:83:BD:6C:8E:8B:7B:80:B7:27
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/0774A2C894F211EAB30E7682C4F9AE02.roa
Signing time: Thu 20 Mar 2025 20:30:29 +0000
ROA not before: Thu 20 Mar 2025 20:30:29 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 136384
IP address blocks: 43.251.252.0/24 maxlen: 24
43.251.253.0/24 maxlen: 24
43.251.254.0/24 maxlen: 24
43.251.255.0/24 maxlen: 24
103.86.52.0/22 maxlen: 24
202.165.226.0/24 maxlen: 24
202.165.227.0/24 maxlen: 24
202.165.230.0/24 maxlen: 24
202.165.232.0/24 maxlen: 24
202.165.233.0/24 maxlen: 24
202.165.234.0/24 maxlen: 24
202.165.236.0/24 maxlen: 24
202.165.237.0/24 maxlen: 24
202.165.238.0/24 maxlen: 24
202.165.246.0/24 maxlen: 24
202.165.250.0/24 maxlen: 24
2400:b940:a::/48 maxlen: 48
2400:b940:b::/48 maxlen: 48
2400:b940:c::/48 maxlen: 48
2400:b940:d::/48 maxlen: 48
2400:b940:e::/48 maxlen: 48
2400:b940:f::/48 maxlen: 48
2400:b940:10::/48 maxlen: 48
2400:b940:11::/48 maxlen: 48
2400:b940:12::/48 maxlen: 48
2400:b940:13::/48 maxlen: 48
2400:b940:14::/48 maxlen: 48
2400:b940:15::/48 maxlen: 48
2400:b940:16::/48 maxlen: 48
2400:b940:18::/48 maxlen: 48
2400:b940:19::/48 maxlen: 48
2400:b940:1a::/48 maxlen: 48
2400:b940:1b::/48 maxlen: 48
2400:b940:1c::/48 maxlen: 48
2400:b940:1d::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2397 (0x95d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917F8A9
Validity
Not Before: Mar 20 20:30:29 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67dc7ae4-85ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:12:a3:90:62:45:ae:45:18:8c:a3:03:89:73:
45:90:bd:71:40:af:66:0b:25:c2:9f:28:9e:b4:79:
be:34:01:ae:3e:ea:f1:d3:d4:41:20:59:0c:64:67:
5a:92:fb:23:3c:ba:c8:b8:06:a4:1b:a2:89:72:39:
7d:b1:ed:25:16:c9:ea:b4:65:0f:4b:e8:4d:ea:2b:
b6:2b:0e:96:fa:10:7e:c3:cd:97:e9:a1:78:85:f6:
0a:4f:ca:9f:86:2b:2e:95:eb:a6:6b:b5:cb:fa:5d:
a8:44:62:56:b9:80:77:fb:22:67:34:1c:01:9c:2c:
07:91:17:a3:a2:43:01:0b:08:cd:3d:cf:9f:5d:30:
3a:b6:05:1c:b8:e4:e1:f1:17:28:78:32:09:73:bf:
e2:5f:d6:d7:ef:9f:8a:6c:f3:c6:5c:2f:ac:43:7a:
fb:1e:db:ef:73:4d:01:bc:e3:74:1b:fa:86:7c:7f:
29:5b:0d:a4:91:89:d1:ba:b8:f1:e6:ec:1d:92:c3:
3d:47:2e:fd:97:ec:89:9b:98:a2:5e:85:b3:06:bd:
54:d3:6a:35:d2:79:ed:2f:98:b7:02:0c:35:74:5b:
99:88:66:3d:d2:d4:51:70:7a:f5:2a:f5:9a:2d:5b:
7c:55:d2:e7:e8:10:c2:1e:13:2e:5f:1b:70:c3:e6:
fd:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:6B:67:A5:A1:25:FE:06:ED:DA:6C:0A:3B:BF:C8:2C:76:D5:0E:94
X509v3 Authority Key Identifier:
keyid:5C:0A:B4:25:F2:B4:23:5E:1C:81:56:83:BD:6C:8E:8B:7B:80:B7:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/0774A2C894F211EAB30E7682C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.251.252.0/22
103.86.52.0/22
202.165.226.0/23
202.165.230.0/24
202.165.232.0-202.165.234.255
202.165.236.0-202.165.238.255
202.165.246.0/24
202.165.250.0/24
IPv6:
2400:b940:a::-2400:b940:16:ffff:ffff:ffff:ffff:ffff
2400:b940:18::-2400:b940:1d:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b1:2d:81:42:63:79:c0:95:30:ab:78:08:f7:c0:35:13:d5:ac:
af:59:9c:84:3b:56:bb:22:c7:69:f0:45:10:b9:60:09:d4:9b:
dd:ce:11:f7:97:ab:e5:09:bf:0b:31:0a:18:43:66:93:72:77:
0b:f0:9c:27:45:50:8c:bb:8f:b4:d4:c9:18:b6:75:af:2d:9d:
7f:88:53:33:dd:1e:dd:8a:71:dd:11:b6:a1:36:1f:74:df:54:
b2:d1:c5:5a:2d:87:04:a5:4b:aa:4f:ff:0b:28:04:fb:1d:0c:
81:d4:87:ca:df:a5:2e:c6:19:07:ca:9f:39:5a:3a:d8:12:7b:
23:4c:1a:6c:b0:02:df:3a:fb:e5:41:41:61:c1:04:90:16:35:
f2:26:dc:d2:93:34:d8:ba:35:6e:a8:14:40:1f:cb:96:40:d8:
b4:0f:81:99:2e:07:d6:28:51:ec:4c:a6:ef:e4:aa:53:59:6d:
36:75:f5:69:bd:fd:69:37:6c:a7:40:9f:a5:12:9d:db:a4:09:
8f:23:50:28:e8:6d:17:16:f0:fe:0b:fd:2f:48:a3:74:8c:f5:
d4:82:fb:5e:af:2f:de:ac:b1:8d:b6:96:1a:ca:71:8f:1e:33:
fb:41:b0:02:a3:67:7d:07:82:e9:41:77:6b:5d:79:c8:77:49:
24:14:01:2e
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgICCV0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0Y4QTkxMTAvBgNVBAUTKDVDMEFCNDI1RjJCNDIzNUUxQzgxNTY4M0JENkM4RThC
N0I4MEI3MjcwHhcNMjUwMzIwMjAzMDI5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RjN2FlNC04NWFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAshKjkGJFrkUYjKMDiXNFkL1xQK9mCyXCnyietHm+NAGuPurx09RBIFkMZGda
kvsjPLrIuAakG6KJcjl9se0lFsnqtGUPS+hN6iu2Kw6W+hB+w82X6aF4hfYKT8qf
hisuleuma7XL+l2oRGJWuYB3+yJnNBwBnCwHkRejokMBCwjNPc+fXTA6tgUcuOTh
8RcoeDIJc7/iX9bX75+KbPPGXC+sQ3r7Htvvc00BvON0G/qGfH8pWw2kkYnRurjx
5uwdksM9Ry79l+yJm5iiXoWzBr1U02o10nntL5i3Agw1dFuZiGY90tRRcHr1KvWa
LVt8VdLn6BDCHhMuXxtww+b9BwIDAQABo4IDADCCAvwwHQYDVR0OBBYEFNRrZ6Wh
Jf4G7dpsCju/yCx21Q6UMB8GA1UdIwQYMBaAFFwKtCXytCNeHIFWg71sjot7gLcn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RjhBOS8yQUEwNDMzMDk0
RjAxMUVBODNFRjFFN0RDNEY5QUUwMi9YQXEwSmZLMEkxNGNnVmFEdld5T2kzdUF0
eWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hBcTBKZkswSTE0Y2dWYUR2V3lPaTN1QXR5Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0Y4QTkvMkFBMDQzMzA5NEYwMTFFQTgzRUYxRTdEQzRGOUFFMDIvMDc3NEEyQzg5
NEYyMTFFQUIzMEU3NjgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYkGCCsGAQUFBwEHAQH/
BHoweDBGBAIAATBAAwQCK/v8AwQCZ1Y0AwQByqXiAwQAyqXmMAwDBAPKpegDBADK
peowDAMEAsql7AMEAMql7gMEAMql9gMEAMql+jAuBAIAAjAoMBIDBwEkALlAAAoD
BwAkALlAABYwEgMHAyQAuUAAGAMHASQAuUAAHDANBgkqhkiG9w0BAQsFAAOCAQEA
sS2BQmN5wJUwq3gI98A1E9Wsr1mchDtWuyLHafBFELlgCdSb3c4R95er5Qm/CzEK
GENmk3J3C/CcJ0VQjLuPtNTJGLZ1ry2df4hTM90e3Ypx3RG2oTYfdN9UstHFWi2H
BKVLqk//CygE+x0MgdSHyt+lLsYZB8qfOVo62BJ7I0wabLAC3zr75UFBYcEEkBY1
8ibc0pM02Lo1bqgUQB/LlkDYtA+BmS4H1ihR7Eym7+SqU1ltNnX1ab39aTdsp0Cf
pRKd26QJjyNQKOhtFxbw/gv9L0ijdIz11IL7Xq8v3qyxjbaWGspxjx4z+0GwAqNn
fQeC6UF3a115yHdJJBQBLg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:57:43 2025 by rpki-client