Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/D7FEF354562111EFA7B3F00AC4F9AE02.roa
File: D7FEF354562111EFA7B3F00AC4F9AE02.roa (raw, json)
Hash identifier: Z74c44o/GimXrdeWvw94wRAl3MPTrcV7W0A3AuI0ILk=
Subject key identifier: 97:C4:53:1C:C6:35:1A:9C:B5:55:47:32:2B:2D:09:88:12:ED:F2:C4
Certificate issuer: /CN=A9195F7B/serialNumber=890B1DEFE88D59196BCC7B65268C62E86E54D46D
Certificate serial: E9
Authority key identifier: 89:0B:1D:EF:E8:8D:59:19:6B:CC:7B:65:26:8C:62:E8:6E:54:D4:6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQsd7-iNWRlrzHtlJoxi6G5U1G0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/D7FEF354562111EFA7B3F00AC4F9AE02.roa
Signing time: Thu 27 Feb 2025 07:00:26 +0000
ROA not before: Thu 27 Feb 2025 07:00:26 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 38819
IP address blocks: 120.88.192.0/18 maxlen: 18
120.88.192.0/19 maxlen: 19
120.88.224.0/20 maxlen: 20
120.88.224.0/24 maxlen: 24
120.88.225.0/24 maxlen: 24
120.88.226.0/24 maxlen: 24
120.88.227.0/24 maxlen: 24
120.88.230.0/24 maxlen: 24
120.88.232.0/24 maxlen: 24
120.88.236.0/24 maxlen: 24
120.88.237.0/24 maxlen: 24
120.88.240.0/24 maxlen: 24
120.88.241.0/24 maxlen: 24
120.88.242.0/24 maxlen: 24
120.88.243.0/24 maxlen: 24
120.88.245.0/24 maxlen: 24
120.88.246.0/24 maxlen: 24
120.88.252.0/24 maxlen: 24
120.88.253.0/24 maxlen: 24
120.88.254.0/24 maxlen: 24
202.4.192.0/19 maxlen: 19
202.4.196.0/24 maxlen: 24
202.4.208.0/24 maxlen: 24
223.130.32.0/19 maxlen: 19
2405:b200::/32 maxlen: 32
2405:b200:110:2600::/56 maxlen: 56
2405:b200:140:2600::/56 maxlen: 56
2405:b200:150:2600::/56 maxlen: 56
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 233 (0xe9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9195F7B
Validity
Not Before: Feb 27 07:00:26 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67c00d89-a0ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:33:31:63:b8:3e:f5:31:44:af:b9:97:a8:10:
2a:19:9e:29:54:54:9e:47:48:12:e5:0c:bb:3a:da:
2d:a9:ca:3c:48:cb:bc:67:c9:bd:59:5d:c4:f8:c2:
0e:65:f7:59:27:24:50:de:c5:d9:17:5e:1c:a0:a7:
d9:f8:a3:f7:b1:95:c6:50:c8:4e:c1:28:0e:6c:5c:
ac:2b:92:32:81:db:9d:50:fa:ab:30:3c:ae:ad:8b:
91:55:42:9f:f0:3c:29:50:91:9f:ae:30:d7:c7:8d:
a1:d0:d3:86:f9:6c:a4:b4:76:3f:f2:81:b6:c5:27:
ae:a3:4c:56:de:42:99:14:a8:b5:ab:45:5b:fc:25:
c1:02:f0:f8:90:59:a0:cd:44:ff:aa:e0:bc:77:0b:
b3:3b:71:ea:d8:14:21:3d:fb:6c:40:41:a6:71:2c:
d4:26:4e:a1:10:3b:40:ed:cd:6f:62:39:d1:21:79:
50:45:2e:11:f0:79:af:4f:1a:76:03:cc:6f:53:88:
0a:60:6e:ff:2e:3d:87:8d:8e:f9:ba:e8:4f:8a:61:
fe:cc:10:ab:b1:19:d5:0d:df:78:b3:e0:1a:5c:24:
08:2c:0a:66:bf:e9:67:37:f3:6c:7b:44:39:35:15:
ec:58:84:57:21:fc:b3:1d:61:93:e5:5c:7e:4a:2a:
9d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C4:53:1C:C6:35:1A:9C:B5:55:47:32:2B:2D:09:88:12:ED:F2:C4
X509v3 Authority Key Identifier:
keyid:89:0B:1D:EF:E8:8D:59:19:6B:CC:7B:65:26:8C:62:E8:6E:54:D4:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQsd7-iNWRlrzHtlJoxi6G5U1G0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/D7FEF354562111EFA7B3F00AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
120.88.192.0/18
202.4.192.0/19
223.130.32.0/19
IPv6:
2405:b200::/32
Signature Algorithm: sha256WithRSAEncryption
02:57:da:9f:ce:c5:62:a2:51:28:1f:a8:df:bf:cb:d8:3d:08:
9a:ff:0b:7d:d6:a5:78:e6:5a:e9:6d:fe:b1:bf:2c:31:fb:cc:
b6:5d:9e:8e:c7:d0:0d:4b:69:81:41:51:50:0a:ff:1e:77:d4:
85:26:77:6c:56:dc:48:f9:c7:f4:a1:bb:61:64:8b:9c:75:d5:
ee:1b:82:58:a0:9e:e8:3e:d5:b1:b2:ca:ea:8c:f6:9c:a7:65:
50:9a:3d:44:a9:a2:be:2b:0f:8b:ab:19:9d:dd:7d:45:1c:cf:
7a:f3:46:19:09:55:80:38:4f:87:01:86:ba:41:0e:45:47:d4:
7b:98:d6:d0:31:32:08:2c:ec:d8:0b:fb:d4:5d:01:4a:02:f8:
6a:74:28:34:9f:c9:ae:64:c4:70:36:7d:a9:99:1b:4b:a4:38:
58:2f:ef:2f:6e:7c:58:b3:2b:05:ac:9d:47:be:7a:f6:89:05:
f3:ba:fe:ee:a5:f1:83:21:f7:19:e5:d0:d5:0e:6f:4d:7e:da:
5f:a6:1c:50:33:04:ec:ba:da:0a:f9:82:9c:80:34:7b:87:bb:
59:e3:31:fb:8b:93:c6:32:d9:8c:94:14:3b:6f:c9:f4:de:f2:
2e:c5:59:5c:a2:26:4b:ed:1d:62:b5:7d:60:c2:c2:92:35:24:
da:d6:23:44
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICAOkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTVGN0IxMTAvBgNVBAUTKDg5MEIxREVGRTg4RDU5MTk2QkNDN0I2NTI2OEM2MkU4
NkU1NEQ0NkQwHhcNMjUwMjI3MDcwMDI2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MwMGQ4OS1hMGVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxTMxY7g+9TFEr7mXqBAqGZ4pVFSeR0gS5Qy7Ototqco8SMu8Z8m9WV3E+MIO
ZfdZJyRQ3sXZF14coKfZ+KP3sZXGUMhOwSgObFysK5IygdudUPqrMDyurYuRVUKf
8DwpUJGfrjDXx42h0NOG+WyktHY/8oG2xSeuo0xW3kKZFKi1q0Vb/CXBAvD4kFmg
zUT/quC8dwuzO3Hq2BQhPftsQEGmcSzUJk6hEDtA7c1vYjnRIXlQRS4R8HmvTxp2
A8xvU4gKYG7/Lj2HjY75uuhPimH+zBCrsRnVDd94s+AaXCQILApmv+lnN/Nse0Q5
NRXsWIRXIfyzHWGT5Vx+SiqdVQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFJfEUxzG
NRqctVVHMistCYgS7fLEMB8GA1UdIwQYMBaAFIkLHe/ojVkZa8x7ZSaMYuhuVNRt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NUY3Qi9BMTMxQjM5NEJC
MzkxMUVFQTY1NTQxN0VDNEY5QUUwMi9pUXNkNy1pTldSbHJ6SHRsSm94aTZHNVUx
RzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lRc2Q3LWlOV1JscnpIdGxKb3hpNkc1VTFHMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTVGN0IvQTEzMUIzOTRCQjM5MTFFRUE2NTU0MTdFQzRGOUFFMDIvRDdGRUYzNTQ1
NjIxMTFFRkE3QjNGMDBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAZ4WMADBAXKBMADBAXfgiAwDQQCAAIwBwMFACQFsgAwDQYJ
KoZIhvcNAQELBQADggEBAAJX2p/OxWKiUSgfqN+/y9g9CJr/C33WpXjmWult/rG/
LDH7zLZdno7H0A1LaYFBUVAK/x531IUmd2xW3Ej5x/Shu2Fki5x11e4bglignug+
1bGyyuqM9pynZVCaPUSpor4rD4urGZ3dfUUcz3rzRhkJVYA4T4cBhrpBDkVH1HuY
1tAxMggs7NgL+9RdAUoC+Gp0KDSfya5kxHA2famZG0ukOFgv7y9ufFizKwWsnUe+
evaJBfO6/u6l8YMh9xnl0NUOb01+2l+mHFAzBOy62gr5gpyANHuHu1njMfuLk8Yy
2YyUFDtvyfTe8i7FWVyiJkvtHWK1fWDCwpI1JNrWI0Q=
-----END CERTIFICATE-----
Generated at Fri Apr 11 13:43:10 2025 by rpki-client