Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/398C15006B8711EF96847F5FC4F9AE02.roa
File: 398C15006B8711EF96847F5FC4F9AE02.roa (raw, json)
Hash identifier: /yvn8ijOa8FBDJ5ASQ/Lery7dqjE4HE5gFGgvkPmpE0=
Subject key identifier: 66:73:FF:0B:0E:BC:45:6C:00:56:BA:2B:40:40:96:91:6D:94:2E:D0
Certificate issuer: /CN=A918AA78/serialNumber=09CFFE467F3B09C3D06F24919CFAC7E003E4BB75
Certificate serial: 1BC1
Authority key identifier: 09:CF:FE:46:7F:3B:09:C3:D0:6F:24:91:9C:FA:C7:E0:03:E4:BB:75
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Cc_-Rn87CcPQbySRnPrH4APku3U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/398C15006B8711EF96847F5FC4F9AE02.roa
Signing time: Thu 20 Feb 2025 16:53:54 +0000
ROA not before: Thu 20 Feb 2025 16:53:54 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 0
IP address blocks: 203.144.49.0/24 maxlen: 24
203.144.51.0/24 maxlen: 24
203.144.52.0/24 maxlen: 24
203.144.54.0/23 maxlen: 23
203.144.56.0/23 maxlen: 23
203.144.60.0/24 maxlen: 24
203.144.62.0/23 maxlen: 23
2402:79c0::/47 maxlen: 47
2402:79c0:4::/46 maxlen: 46
2402:79c0:8::/45 maxlen: 45
2402:79c0:10::/44 maxlen: 44
2402:79c0:20::/43 maxlen: 43
2402:79c0:40::/42 maxlen: 42
2402:79c0:80::/41 maxlen: 41
2402:79c0:10b::/48 maxlen: 48
2402:79c0:10c::/46 maxlen: 46
2402:79c0:110::/44 maxlen: 44
2402:79c0:120::/43 maxlen: 43
2402:79c0:140::/42 maxlen: 42
2402:79c0:180::/41 maxlen: 41
2402:79c0:200::/39 maxlen: 39
2402:79c0:400::/38 maxlen: 38
2402:79c0:800::/37 maxlen: 37
2402:79c0:1000::/40 maxlen: 40
2402:79c0:1100::/43 maxlen: 43
2402:79c0:1120::/46 maxlen: 46
2402:79c0:1124::/47 maxlen: 47
2402:79c0:1127::/48 maxlen: 48
2402:79c0:1128::/45 maxlen: 45
2402:79c0:1130::/44 maxlen: 44
2402:79c0:1140::/42 maxlen: 42
2402:79c0:1180::/41 maxlen: 41
2402:79c0:1200::/39 maxlen: 39
2402:79c0:1400::/38 maxlen: 38
2402:79c0:1800::/37 maxlen: 37
2402:79c0:2000::/35 maxlen: 35
2402:79c0:4000::/34 maxlen: 34
2402:79c0:8000::/34 maxlen: 34
2402:79c0:c000::/35 maxlen: 35
2402:79c0:e000::/36 maxlen: 36
2402:79c0:f000::/45 maxlen: 45
2402:79c0:f009::/48 maxlen: 48
2402:79c0:f00c::/46 maxlen: 46
2402:79c0:f010::/44 maxlen: 44
2402:79c0:f020::/43 maxlen: 43
2402:79c0:f040::/42 maxlen: 42
2402:79c0:f080::/42 maxlen: 42
2402:79c0:f0c0::/43 maxlen: 43
2402:79c0:f0e0::/44 maxlen: 44
2402:79c0:f0f0::/45 maxlen: 45
2402:79c0:f0f8::/48 maxlen: 48
2402:79c0:f0fa::/47 maxlen: 47
2402:79c0:f0fc::/46 maxlen: 46
2402:79c0:f100::/40 maxlen: 40
2402:79c0:f200::/39 maxlen: 39
2402:79c0:f400::/38 maxlen: 38
2402:79c0:f800::/37 maxlen: 37
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7105 (0x1bc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918AA78
Validity
Not Before: Feb 20 16:53:54 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67b75e21-6265
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9e:84:21:80:05:19:99:33:65:0b:8e:fa:15:
6c:0b:d5:5b:56:97:82:61:72:4c:8d:fb:ee:fa:dd:
22:50:a6:35:a4:49:df:88:e1:7d:6e:86:37:b5:88:
d8:bf:11:87:5a:9a:e4:ce:2a:12:0a:17:15:b4:b0:
d9:08:a7:8f:c6:cc:05:e0:23:83:47:00:aa:14:50:
79:5f:c2:37:c0:c2:33:e4:3a:a2:04:4e:e9:4f:c0:
4a:10:f1:5f:82:f0:41:17:56:72:b2:d2:31:f5:32:
a5:ae:2f:bc:5a:83:dc:e5:83:89:8b:b7:5f:6f:2e:
75:b7:64:05:f4:0a:75:da:2f:1e:35:1e:50:25:b9:
bf:e9:77:e4:b7:fb:cd:0a:a2:de:59:bd:f8:f6:47:
12:64:15:f6:4f:e2:db:41:68:9f:aa:6b:45:c4:3e:
82:f0:e4:28:34:af:f0:fc:c0:10:4a:03:b3:f5:9f:
8d:29:30:21:b6:ce:c7:5d:10:7b:35:50:3f:95:a3:
41:41:ae:82:b8:55:93:7c:68:7a:bd:16:a0:b0:07:
8a:74:6f:ee:7c:e1:22:80:36:c9:ae:4a:bd:1c:ee:
b1:2e:52:8c:36:ab:ba:23:40:a3:88:36:32:9e:97:
1d:69:a1:80:d2:fd:df:00:d5:3c:87:83:a8:9a:8b:
dd:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:73:FF:0B:0E:BC:45:6C:00:56:BA:2B:40:40:96:91:6D:94:2E:D0
X509v3 Authority Key Identifier:
keyid:09:CF:FE:46:7F:3B:09:C3:D0:6F:24:91:9C:FA:C7:E0:03:E4:BB:75
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/Cc_-Rn87CcPQbySRnPrH4APku3U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Cc_-Rn87CcPQbySRnPrH4APku3U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/398C15006B8711EF96847F5FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.144.49.0/24
203.144.51.0-203.144.52.255
203.144.54.0-203.144.57.255
203.144.60.0/24
203.144.62.0/23
IPv6:
2402:79c0::/47
2402:79c0:4::-2402:79c0:ff:ffff:ffff:ffff:ffff:ffff
2402:79c0:10b::-2402:79c0:1125:ffff:ffff:ffff:ffff:ffff
2402:79c0:1127::-2402:79c0:f007:ffff:ffff:ffff:ffff:ffff
2402:79c0:f009::/48
2402:79c0:f00c::-2402:79c0:f0f8:ffff:ffff:ffff:ffff:ffff
2402:79c0:f0fa::-2402:79c0:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0b:f0:fe:21:71:7c:d7:ac:58:cd:52:eb:7b:ff:ea:81:37:3f:
44:5d:3c:dd:08:ee:23:e6:ce:48:a9:58:59:ef:8a:31:b9:89:
3b:47:6c:d0:f9:28:ee:47:55:df:4e:ec:c5:37:b5:5d:08:7e:
06:82:dd:66:f9:6a:e7:4c:7c:eb:ea:20:b5:ba:83:3b:dc:5d:
7f:69:dd:6c:9f:03:5b:fb:de:0b:50:ec:b7:5e:64:de:ac:39:
b0:40:d9:b1:62:b4:cc:60:f0:04:65:87:d1:bd:8f:b7:bc:7b:
63:25:9c:d3:71:5e:c8:93:31:fe:58:6f:5a:c2:62:14:57:e9:
2a:a2:d5:f3:65:f9:d2:0b:b7:8f:f0:77:3e:87:b7:84:3d:b6:
ad:8f:ec:b4:21:77:db:df:16:1a:7a:da:02:b9:15:d1:dd:69:
10:51:68:a4:fe:5e:3f:66:7f:e7:6c:e4:94:16:99:4e:91:6d:
47:67:c9:41:f4:54:31:a3:09:5d:29:3d:57:e3:89:c1:e6:4a:
5d:2c:56:64:12:9e:71:50:8a:56:1c:2e:20:35:41:18:fb:bd:
4e:c6:5b:37:84:87:91:37:ec:fd:c3:f4:df:cc:d5:c0:f0:a9:
cc:ad:32:e9:dd:2d:29:90:34:bc:d0:88:6b:6b:55:3b:bb:f0:
f2:5c:6c:f5
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgICG8EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEFBNzgxMTAvBgNVBAUTKDA5Q0ZGRTQ2N0YzQjA5QzNEMDZGMjQ5MTlDRkFDN0Uw
MDNFNEJCNzUwHhcNMjUwMjIwMTY1MzU0WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I3NWUyMS02MjY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx56EIYAFGZkzZQuO+hVsC9VbVpeCYXJMjfvu+t0iUKY1pEnfiOF9boY3tYjY
vxGHWprkzioSChcVtLDZCKePxswF4CODRwCqFFB5X8I3wMIz5DqiBE7pT8BKEPFf
gvBBF1ZystIx9TKlri+8WoPc5YOJi7dfby51t2QF9Ap12i8eNR5QJbm/6Xfkt/vN
CqLeWb349kcSZBX2T+LbQWifqmtFxD6C8OQoNK/w/MAQSgOz9Z+NKTAhts7HXRB7
NVA/laNBQa6CuFWTfGh6vRagsAeKdG/ufOEigDbJrkq9HO6xLlKMNqu6I0CjiDYy
npcdaaGA0v3fANU8h4OomovdswIDAQABo4IDOzCCAzcwHQYDVR0OBBYEFGZz/wsO
vEVsAFa6K0BAlpFtlC7QMB8GA1UdIwQYMBaAFAnP/kZ/OwnD0G8kkZz6x+AD5Lt1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QUE3OC82OEQzMzQ5MEZE
NjQxMUU2QTEwOTU0ODNDNEY5QUUwMi9DY18tUm44N0NjUFFieVNSblBySDRBUGt1
M1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NjXy1Sbjg3Q2NQUWJ5U1JuUHJINEFQa3UzVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEFBNzgvNjhEMzM0OTBGRDY0MTFFNkExMDk1NDgzQzRGOUFFMDIvMzk4QzE1MDA2
Qjg3MTFFRjk2ODQ3RjVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgcQGCCsGAQUFBwEHAQH/
BIG0MIGxMDQEAgABMC4DBADLkDEwDAMEAMuQMwMEAMuQNDAMAwQBy5A2AwQBy5A4
AwQAy5A8AwQBy5A+MHkEAgACMHMDBwEkAnnAAAAwEQMHAiQCecAABAMGACQCecAA
MBIDBwAkAnnAAQsDBwEkAnnAESQwEgMHACQCecARJwMHAyQCecDwAAMHACQCecDw
CTASAwcCJAJ5wPAMAwcAJAJ5wPD4MBADBwEkAnnA8PoDBQAkAnnAMA0GCSqGSIb3
DQEBCwUAA4IBAQAL8P4hcXzXrFjNUut7/+qBNz9EXTzdCO4j5s5IqVhZ74oxuYk7
R2zQ+SjuR1XfTuzFN7VdCH4Ggt1m+WrnTHzr6iC1uoM73F1/ad1snwNb+94LUOy3
XmTerDmwQNmxYrTMYPAEZYfRvY+3vHtjJZzTcV7IkzH+WG9awmIUV+kqotXzZfnS
C7eP8Hc+h7eEPbatj+y0IXfb3xYaetoCuRXR3WkQUWik/l4/Zn/nbOSUFplOkW1H
Z8lB9FQxowldKT1X44nB5kpdLFZkEp5xUIpWHC4gNUEY+71Oxls3hIeRN+z9w/Tf
zNXA8KnMrTLp3S0pkDS80Ihra1U7u/DyXGz1
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:07:52 2025 by rpki-client