Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/795DEE70073111EA993EC663C4F9AE02.roa
File: 795DEE70073111EA993EC663C4F9AE02.roa (raw, json)
Hash identifier: an7/ATp9m2FH7/Oaqy/kFs8hFPzCVSeYxRj+XQGNM1o=
Subject key identifier: 7E:6E:67:7D:9A:01:92:DB:83:F0:61:CA:7F:B9:2F:AA:A7:07:81:35
Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A
Certificate serial: 0F78
Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/795DEE70073111EA993EC663C4F9AE02.roa
Signing time: Fri 28 Feb 2025 19:29:50 +0000
ROA not before: Fri 28 Feb 2025 19:29:50 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 397218
IP address blocks: 120.29.252.0/24 maxlen: 24
120.29.253.0/24 maxlen: 24
120.29.254.0/24 maxlen: 24
203.17.72.0/24 maxlen: 24
2001:dcd:1::/48 maxlen: 48
2001:dcd:2::/48 maxlen: 48
2001:dcd:3::/48 maxlen: 48
2001:dcd:4::/48 maxlen: 48
2001:dcd:5::/48 maxlen: 48
2001:dcd:6::/48 maxlen: 48
2001:dcd:7::/48 maxlen: 48
2001:dcd:dd05::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3960 (0xf78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91919EA
Validity
Not Before: Feb 28 19:29:50 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67c20ead-c363
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3b:4b:68:b8:ef:8c:1d:f7:5f:7c:54:f7:8e:
e7:61:34:ae:91:56:b9:c6:b3:7b:a9:a4:8c:29:c9:
64:3f:ab:fa:4b:9c:ba:a7:b1:2f:af:f9:90:cc:46:
75:48:c3:9c:53:3d:3a:94:b2:3c:14:e1:78:50:22:
f8:55:29:4b:09:02:b2:62:90:7b:5f:28:9e:2a:14:
8c:7a:d2:d8:9d:67:c8:b9:9e:53:04:1b:2f:3a:eb:
67:f4:b5:4e:f6:b9:fd:68:da:14:c5:17:12:d9:05:
36:0e:a9:c8:9b:a6:e9:6e:4d:83:08:7d:13:eb:72:
e3:4c:e1:8b:cc:03:9a:0f:40:d1:0e:1c:74:45:a6:
31:1a:11:44:c9:24:f3:51:0b:ee:60:02:d4:ce:0a:
02:d6:ce:2e:fb:c8:0d:ea:48:b5:13:49:02:4c:10:
c0:4b:b7:43:84:53:a2:5b:89:d1:6c:fc:c6:96:05:
34:99:8f:64:56:01:bb:af:18:e9:40:9f:ac:7b:91:
1f:71:23:bc:91:ff:de:3b:28:f7:8a:05:0c:5c:ed:
c8:86:b1:23:85:84:1a:8e:14:6d:9e:a0:27:76:38:
4f:ed:51:25:eb:0c:01:d5:1d:33:16:1a:41:50:3d:
17:ca:60:bd:82:63:aa:02:a3:3a:93:48:4a:6c:8e:
34:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:6E:67:7D:9A:01:92:DB:83:F0:61:CA:7F:B9:2F:AA:A7:07:81:35
X509v3 Authority Key Identifier:
keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/795DEE70073111EA993EC663C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
120.29.252.0-120.29.254.255
203.17.72.0/24
IPv6:
2001:dcd:1::-2001:dcd:7:ffff:ffff:ffff:ffff:ffff
2001:dcd:dd05::/48
Signature Algorithm: sha256WithRSAEncryption
1c:23:81:a7:d2:05:e8:97:06:79:e5:ee:ac:4e:d0:d6:5f:88:
f9:e1:d3:c9:e8:8a:c9:99:e3:36:43:56:c7:dd:2f:f8:a8:24:
38:2a:3e:53:c1:0b:61:5c:be:a0:ae:44:aa:c1:ba:df:d3:bd:
4b:35:e7:b8:ca:a8:24:27:a3:7b:60:af:f7:8e:83:3e:89:64:
56:54:c0:64:c6:bc:78:b8:b6:aa:94:7d:35:0f:f7:8f:52:fc:
62:a4:dd:56:ba:ab:dc:a9:08:d8:43:c2:6a:27:bd:2b:38:b4:
e6:21:82:aa:b7:5a:0f:c1:e1:39:ef:07:14:aa:64:0f:b2:d0:
4c:f4:3b:d5:73:fc:64:90:8f:d8:61:6f:fa:17:8d:15:bf:b2:
44:fe:3b:6f:46:85:71:92:96:2d:4a:c6:f0:3f:8d:0d:c4:ee:
c8:51:bb:03:36:8e:01:f9:e8:05:04:32:6d:fb:75:28:c4:00:
4a:61:fd:80:75:7f:6c:cf:48:ce:de:92:02:a2:b9:b3:21:03:
d3:b5:bc:07:ec:5b:59:b9:38:4c:bf:81:66:7c:cf:55:48:74:
42:a1:eb:55:2a:db:45:0c:c7:2d:56:b6:7e:1f:f1:f0:e1:f7:
21:76:4c:27:3a:c5:6c:cc:40:22:bf:16:ff:5b:a2:cd:6e:42:
b4:4d:5d:2c
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgICD3gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0
NkRGNzI4NUEwHhcNMjUwMjI4MTkyOTUwWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MyMGVhZC1jMzYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArTtLaLjvjB33X3xU947nYTSukVa5xrN7qaSMKclkP6v6S5y6p7Evr/mQzEZ1
SMOcUz06lLI8FOF4UCL4VSlLCQKyYpB7XyieKhSMetLYnWfIuZ5TBBsvOutn9LVO
9rn9aNoUxRcS2QU2DqnIm6bpbk2DCH0T63LjTOGLzAOaD0DRDhx0RaYxGhFEySTz
UQvuYALUzgoC1s4u+8gN6ki1E0kCTBDAS7dDhFOiW4nRbPzGlgU0mY9kVgG7rxjp
QJ+se5EfcSO8kf/eOyj3igUMXO3IhrEjhYQajhRtnqAndjhP7VEl6wwB1R0zFhpB
UD0XymC9gmOqAqM6k0hKbI40hQIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFH5uZ32a
AZLbg/Bhyn+5L6qnB4E1MB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0
RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL
Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvNzk1REVFNzAw
NzMxMTFFQTk5M0VDNjYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E
QzBBMBoEAgABMBQwDAMEAngd/AMEAHgd/gMEAMsRSDAjBAIAAjAdMBIDBwAgAQ3N
AAEDBwMgAQ3NAAADBwAgAQ3N3QUwDQYJKoZIhvcNAQELBQADggEBABwjgafSBeiX
Bnnl7qxO0NZfiPnh08noismZ4zZDVsfdL/ioJDgqPlPBC2FcvqCuRKrBut/TvUs1
57jKqCQno3tgr/eOgz6JZFZUwGTGvHi4tqqUfTUP949S/GKk3Va6q9ypCNhDwmon
vSs4tOYhgqq3Wg/B4TnvBxSqZA+y0Ez0O9Vz/GSQj9hhb/oXjRW/skT+O29GhXGS
li1KxvA/jQ3E7shRuwM2jgH56AUEMm37dSjEAEph/YB1f2zPSM7ekgKiubMhA9O1
vAfsW1m5OEy/gWZ8z1VIdEKh61Uq20UMxy1Wtn4f8fDh9yF2TCc6xWzMQCK/Fv9b
os1uQrRNXSw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:04:41 2025 by rpki-client