Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9194E03/3F48F2241DA611E29A075D9D08B02CD2/AAF9A7AC41AC11EA9BD8CB25C4F9AE02.roa
File: AAF9A7AC41AC11EA9BD8CB25C4F9AE02.roa (raw, json)
Hash identifier: wZnaCk/gJYbevnAK1yVFsEKeXrhTNDea/rw+miTZiyc=
Subject key identifier: 1F:7B:52:DF:AA:5C:56:BC:46:81:B3:3D:45:8E:CF:41:71:72:B0:29
Certificate issuer: /CN=A9194E03/serialNumber=E39AB1D07B50DBB9ABE2CB51CD9B1E3A5A854521
Certificate serial: 3422
Authority key identifier: E3:9A:B1:D0:7B:50:DB:B9:AB:E2:CB:51:CD:9B:1E:3A:5A:85:45:21
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45qx0HtQ27mr4stRzZseOlqFRSE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9194E03/3F48F2241DA611E29A075D9D08B02CD2/AAF9A7AC41AC11EA9BD8CB25C4F9AE02.roa
Signing time: Wed 02 Oct 2024 15:21:20 +0000
ROA not before: Wed 02 Oct 2024 15:21:20 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 132827
IP address blocks: 27.123.208.0/22 maxlen: 22
101.0.8.0/24 maxlen: 24
101.0.9.0/24 maxlen: 24
101.0.10.0/24 maxlen: 24
101.0.11.0/24 maxlen: 24
101.0.20.0/22 maxlen: 22
101.0.24.0/24 maxlen: 24
101.0.25.0/24 maxlen: 24
101.0.26.0/23 maxlen: 23
103.3.16.0/24 maxlen: 24
103.3.17.0/24 maxlen: 24
103.3.19.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13346 (0x3422)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9194E03
Validity
Not Before: Oct 2 15:21:20 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=66fd64f0-3773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:47:39:88:5a:9a:72:25:90:6a:c9:7a:65:e5:
84:0a:a0:0c:39:22:81:bd:12:71:11:71:6e:6a:5b:
fa:89:86:07:f0:ba:77:8e:25:e6:08:14:4f:e4:99:
c8:5a:a7:b9:68:28:66:a6:32:6f:17:73:48:01:2e:
11:31:f6:14:e1:c0:28:18:48:39:0a:ab:b9:32:72:
4c:16:be:2d:ea:6c:c5:d5:33:20:29:5c:f7:01:47:
d5:6c:95:08:97:bc:80:60:b2:ca:dc:fa:e7:3b:5d:
6b:7e:e3:fc:ca:9b:0e:0a:aa:83:19:6f:9d:8d:ea:
73:d1:ec:1d:db:2d:95:b4:3a:39:f4:74:f3:47:88:
cd:8f:02:32:cf:0f:cb:41:e5:ca:f9:b2:3c:16:cc:
fd:23:f6:08:cb:9e:5d:29:5d:f0:d6:c3:29:60:f7:
49:4f:cc:3e:c9:22:06:be:04:b0:e1:2f:a3:4e:b3:
66:b3:2c:e3:75:ec:c0:4c:d7:39:6e:77:fb:42:ad:
e5:ff:f6:0d:09:7e:31:61:6c:57:f5:8b:18:80:af:
50:78:8a:7a:5f:2a:24:7d:62:dd:e6:ef:9a:f4:c9:
c9:79:d7:a4:19:6c:e5:b4:b0:ef:23:ea:64:eb:bc:
2c:e0:48:37:5f:c9:e4:48:11:1d:a7:34:42:f6:b2:
ba:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:7B:52:DF:AA:5C:56:BC:46:81:B3:3D:45:8E:CF:41:71:72:B0:29
X509v3 Authority Key Identifier:
keyid:E3:9A:B1:D0:7B:50:DB:B9:AB:E2:CB:51:CD:9B:1E:3A:5A:85:45:21
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9194E03/3F48F2241DA611E29A075D9D08B02CD2/45qx0HtQ27mr4stRzZseOlqFRSE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45qx0HtQ27mr4stRzZseOlqFRSE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194E03/3F48F2241DA611E29A075D9D08B02CD2/AAF9A7AC41AC11EA9BD8CB25C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.123.208.0/22
101.0.8.0/22
101.0.20.0-101.0.27.255
103.3.16.0/23
103.3.19.0/24
Signature Algorithm: sha256WithRSAEncryption
02:ba:01:01:d9:2d:4f:2d:0b:0e:39:73:25:67:37:03:2c:c1:
fe:83:6f:b2:4b:24:71:6b:a5:00:e2:16:73:4f:40:42:bd:6e:
5a:f0:1a:e7:ac:6b:82:db:2f:39:94:2e:df:b0:ed:ef:78:f0:
96:73:4c:3b:e2:7b:48:ba:2b:b2:5a:16:5a:c7:cd:df:49:39:
76:4f:52:a5:6b:87:2a:3b:0d:f6:c2:06:bb:17:df:5b:29:a5:
00:12:a5:b0:98:e8:b5:9a:cc:3f:6c:cd:73:e9:f3:e7:6e:68:
61:f7:be:4b:6d:fd:68:b8:fc:c1:d7:a1:d9:75:02:7a:98:33:
27:02:cd:70:f7:9c:54:4e:d1:55:02:7c:51:f0:5b:be:a3:77:
39:28:9d:31:56:0c:e7:9d:1f:46:b9:fa:90:bb:44:cd:f6:0a:
73:a3:ce:15:9c:81:86:5e:8d:f6:ac:36:ad:f3:95:9c:13:7f:
3e:55:20:52:b9:29:3f:64:c1:5e:bc:b4:2c:1a:35:5e:12:6e:
db:15:0c:58:ac:f1:46:62:04:05:cd:b7:2b:71:e0:14:61:c3:
21:fd:8d:5f:28:dd:75:46:8f:9e:e2:13:31:ab:cb:02:ff:e9:
60:e4:33:c0:aa:c7:0a:3b:b6:4c:69:69:74:f2:45:9a:44:75:
a4:56:db:e7
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICNCIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTRFMDMxMTAvBgNVBAUTKEUzOUFCMUQwN0I1MERCQjlBQkUyQ0I1MUNEOUIxRTNB
NUE4NTQ1MjEwHhcNMjQxMDAyMTUyMTIwWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZkNjRmMC0zNzczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuUc5iFqaciWQasl6ZeWECqAMOSKBvRJxEXFualv6iYYH8Lp3jiXmCBRP5JnI
Wqe5aChmpjJvF3NIAS4RMfYU4cAoGEg5Cqu5MnJMFr4t6mzF1TMgKVz3AUfVbJUI
l7yAYLLK3PrnO11rfuP8ypsOCqqDGW+djepz0ewd2y2VtDo59HTzR4jNjwIyzw/L
QeXK+bI8Fsz9I/YIy55dKV3w1sMpYPdJT8w+ySIGvgSw4S+jTrNmsyzjdezATNc5
bnf7Qq3l//YNCX4xYWxX9YsYgK9QeIp6XyokfWLd5u+a9MnJedekGWzltLDvI+pk
67ws4Eg3X8nkSBEdpzRC9rK6nwIDAQABo4ICtTCCArEwHQYDVR0OBBYEFB97Ut+q
XFa8RoGzPUWOz0FxcrApMB8GA1UdIwQYMBaAFOOasdB7UNu5q+LLUc2bHjpahUUh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NEUwMy8zRjQ4RjIyNDFE
QTYxMUUyOUEwNzVEOUQwOEIwMkNEMi80NXF4MEh0UTI3bXI0c3RSelpzZU9scUZS
U0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzQ1cXgwSHRRMjdtcjRzdFJ6WnNlT2xxRlJTRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTRFMDMvM0Y0OEYyMjQxREE2MTFFMjlBMDc1RDlEMDhCMDJDRDIvQUFGOUE3QUM0
MUFDMTFFQTlCRDhDQjI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYDBAIbe9ADBAJlAAgwDAMEAmUAFAMEAmUAGAMEAWcDEAMEAGcD
EzANBgkqhkiG9w0BAQsFAAOCAQEAAroBAdktTy0LDjlzJWc3AyzB/oNvskskcWul
AOIWc09AQr1uWvAa56xrgtsvOZQu37Dt73jwlnNMO+J7SLorsloWWsfN30k5dk9S
pWuHKjsN9sIGuxffWymlABKlsJjotZrMP2zNc+nz525oYfe+S239aLj8wdeh2XUC
epgzJwLNcPecVE7RVQJ8UfBbvqN3OSidMVYM550fRrn6kLtEzfYKc6POFZyBhl6N
9qw2rfOVnBN/PlUgUrkpP2TBXry0LBo1XhJu2xUMWKzxRmIEBc23K3HgFGHDIf2N
XyjddUaPnuITMavLAv/pYOQzwKrHCju2TGlpdPJFmkR1pFbb5w==
-----END CERTIFICATE-----
Generated at Fri Apr 11 16:26:55 2025 by rpki-client