Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/3BCBA04AE97211ECB2067F31C4F9AE02.roa
File: 3BCBA04AE97211ECB2067F31C4F9AE02.roa (raw, json)
Hash identifier: S20AgwmMD32xuDu5IGHvW4IWHrtUSQ1t37c8fQjNokk=
Subject key identifier: 7D:15:BA:4B:8F:A3:BB:3F:BE:BA:31:CE:72:3E:E7:64:9B:FA:4F:DE
Certificate issuer: /CN=A91871C2/serialNumber=A9EABC2465116ED11D6C8CDAE2011237CF1F59DF
Certificate serial: 0718
Authority key identifier: A9:EA:BC:24:65:11:6E:D1:1D:6C:8C:DA:E2:01:12:37:CF:1F:59:DF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qeq8JGURbtEdbIza4gESN88fWd8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/3BCBA04AE97211ECB2067F31C4F9AE02.roa
Signing time: Mon 03 Feb 2025 16:43:07 +0000
ROA not before: Mon 03 Feb 2025 16:43:07 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 139009
IP address blocks: 14.1.100.0/24 maxlen: 24
14.1.101.0/24 maxlen: 24
14.1.102.0/23 maxlen: 23
14.1.102.0/24 maxlen: 24
14.1.103.0/24 maxlen: 24
103.129.209.0/24 maxlen: 24
103.161.168.0/23 maxlen: 24
202.173.120.0/22 maxlen: 22
202.173.120.0/23 maxlen: 23
202.173.120.0/24 maxlen: 24
202.173.121.0/24 maxlen: 24
202.173.122.0/23 maxlen: 23
202.173.122.0/24 maxlen: 24
202.173.123.0/24 maxlen: 24
2407:d40::/32 maxlen: 32
2407:d40::/36 maxlen: 36
2407:d40::/48 maxlen: 48
2407:d40:f::/48 maxlen: 48
2407:d40:100::/48 maxlen: 48
2407:d40:101::/48 maxlen: 48
2407:d40:102::/48 maxlen: 48
2407:d40:103::/48 maxlen: 48
2407:d40:106::/48 maxlen: 48
2407:d40:107::/48 maxlen: 48
2407:d40:108::/48 maxlen: 48
2407:d40:109::/48 maxlen: 48
2407:d40:10f::/48 maxlen: 48
2407:d40:122::/48 maxlen: 48
2407:d40:126::/48 maxlen: 48
2407:d40:140::/48 maxlen: 48
2407:d40:142::/48 maxlen: 48
2407:d40:201::/48 maxlen: 48
2407:d40:202::/48 maxlen: 48
2407:d40:203::/48 maxlen: 48
2407:d40:204::/48 maxlen: 48
2407:d40:205::/48 maxlen: 48
2407:d40:206::/48 maxlen: 48
2407:d40:207::/48 maxlen: 48
2407:d40:208::/48 maxlen: 48
2407:d40:8000::/48 maxlen: 48
2407:d40:8007::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1816 (0x718)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91871C2
Validity
Not Before: Feb 3 16:43:07 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67a0f21b-8655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:3b:61:2e:6e:78:5b:8e:81:60:23:00:83:3c:
2c:50:bc:21:0d:00:14:19:0a:0f:41:1f:28:ed:d1:
12:da:14:29:e4:cd:eb:a3:d6:12:1e:85:59:4c:40:
57:bb:28:aa:e5:26:7b:21:fb:6c:f9:42:3e:67:79:
16:ca:07:09:6b:63:fb:45:15:8a:e4:7a:d6:12:fa:
6a:87:aa:fd:b6:54:b0:c9:e7:6d:4d:4c:e7:5e:06:
17:be:7a:f4:71:97:42:78:a2:04:02:a1:ae:72:b9:
e8:bf:1f:1d:0d:71:43:6a:ce:a7:25:b2:30:c4:34:
32:81:35:b0:c4:bd:58:d5:a0:ca:af:c6:36:45:79:
dd:b2:69:a7:1b:2c:8b:af:25:7d:a2:98:30:8f:11:
58:c2:9e:b6:43:66:fb:1c:cb:5f:58:72:12:d8:a0:
fd:b5:5f:3f:6f:70:50:d0:80:c3:72:7c:a4:96:f1:
fa:29:b8:a2:c8:a2:56:c6:d8:76:d8:a4:b0:49:ff:
93:5e:71:df:61:24:b3:db:0c:f6:46:9a:df:30:84:
0c:60:6e:3d:df:cb:83:7c:db:5e:63:ed:ee:05:ad:
2e:72:08:9a:f3:d9:4c:23:92:a6:10:c2:0d:00:73:
a9:0c:53:b3:65:5b:2c:ba:26:d0:bf:ad:df:89:03:
f5:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:15:BA:4B:8F:A3:BB:3F:BE:BA:31:CE:72:3E:E7:64:9B:FA:4F:DE
X509v3 Authority Key Identifier:
keyid:A9:EA:BC:24:65:11:6E:D1:1D:6C:8C:DA:E2:01:12:37:CF:1F:59:DF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/qeq8JGURbtEdbIza4gESN88fWd8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qeq8JGURbtEdbIza4gESN88fWd8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/3BCBA04AE97211ECB2067F31C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.1.100.0/22
103.129.209.0/24
103.161.168.0/23
202.173.120.0/22
IPv6:
2407:d40::/32
Signature Algorithm: sha256WithRSAEncryption
33:6b:46:29:7e:83:03:c6:7e:a8:00:53:b3:bc:c2:13:d9:6d:
70:c6:1e:38:5f:eb:dc:b7:c9:b0:ec:8e:24:2e:e2:c3:db:1c:
30:c6:ad:35:bb:d5:96:cf:de:8f:2a:80:6b:b2:e8:c2:36:ec:
85:39:a9:c8:06:b9:50:34:66:10:3c:1d:7c:6b:f7:c3:5d:ce:
f7:e7:f9:95:74:04:75:09:d1:15:39:6a:2e:bc:91:55:f8:80:
27:f4:4d:cc:16:2c:b6:9f:5d:54:26:f5:b2:0f:bc:60:aa:9c:
d3:fd:d2:cb:a2:d4:fa:71:0c:66:5d:e4:4a:fc:cc:31:fe:99:
7b:db:c3:16:9c:28:1a:6d:ca:ee:65:5a:f7:0b:6d:19:fa:34:
2e:07:c0:d2:85:86:60:4d:43:7d:5f:28:f2:3f:24:f9:cf:68:
65:09:3c:97:8b:e6:70:79:fe:ee:d7:56:b5:c1:e2:1d:2c:a1:
44:8a:28:2f:13:1c:32:e4:37:90:a8:ff:ce:73:82:bd:f8:b4:
88:de:25:ae:10:26:1c:ce:11:13:25:ae:56:95:68:1c:c7:32:
0c:8e:db:57:e8:81:ac:0c:9e:75:1d:df:75:75:42:36:dc:11:
e8:ba:9d:1f:ca:6e:99:13:60:53:f0:57:98:a0:fd:f9:d8:f9:
7f:83:10:30
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICBxgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODcxQzIxMTAvBgNVBAUTKEE5RUFCQzI0NjUxMTZFRDExRDZDOENEQUUyMDExMjM3
Q0YxRjU5REYwHhcNMjUwMjAzMTY0MzA3WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EwZjIxYi04NjU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6DthLm54W46BYCMAgzwsULwhDQAUGQoPQR8o7dES2hQp5M3ro9YSHoVZTEBX
uyiq5SZ7Ifts+UI+Z3kWygcJa2P7RRWK5HrWEvpqh6r9tlSwyedtTUznXgYXvnr0
cZdCeKIEAqGucrnovx8dDXFDas6nJbIwxDQygTWwxL1Y1aDKr8Y2RXndsmmnGyyL
ryV9opgwjxFYwp62Q2b7HMtfWHIS2KD9tV8/b3BQ0IDDcnyklvH6KbiiyKJWxth2
2KSwSf+TXnHfYSSz2wz2RprfMIQMYG4938uDfNteY+3uBa0ucgia89lMI5KmEMIN
AHOpDFOzZVssuibQv63fiQP1KwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFH0VukuP
o7s/vroxznI+52Sb+k/eMB8GA1UdIwQYMBaAFKnqvCRlEW7RHWyM2uIBEjfPH1nf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NzFDMi9ERTYxNjY2ODU1
QTkxMUVCOTlBRkRBNURDNEY5QUUwMi9xZXE4SkdVUmJ0RWRiSXphNGdFU044OGZX
ZDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FlcThKR1VSYnRFZGJJemE0Z0VTTjg4ZldkOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODcxQzIvREU2MTY2Njg1NUE5MTFFQjk5QUZEQTVEQzRGOUFFMDIvM0JDQkEwNEFF
OTcyMTFFQ0IyMDY3RjMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAIOAWQDBABngdEDBAFnoagDBALKrXgwDQQCAAIwBwMFACQH
DUAwDQYJKoZIhvcNAQELBQADggEBADNrRil+gwPGfqgAU7O8whPZbXDGHjhf69y3
ybDsjiQu4sPbHDDGrTW71ZbP3o8qgGuy6MI27IU5qcgGuVA0ZhA8HXxr98Ndzvfn
+ZV0BHUJ0RU5ai68kVX4gCf0TcwWLLafXVQm9bIPvGCqnNP90sui1PpxDGZd5Er8
zDH+mXvbwxacKBptyu5lWvcLbRn6NC4HwNKFhmBNQ31fKPI/JPnPaGUJPJeL5nB5
/u7XVrXB4h0soUSKKC8THDLkN5Co/85zgr34tIjeJa4QJhzOERMlrlaVaBzHMgyO
21fogawMnnUd33V1QjbcEei6nR/KbpkTYFPwV5ig/fnY+X+DEDA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:16:56 2025 by rpki-client