Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9196172/E867CB100F1B11E9A5DBDB1BC4F9AE02/2D9B5B380F1D11E991F4271EC4F9AE02.roa
File: 2D9B5B380F1D11E991F4271EC4F9AE02.roa (raw, json)
Hash identifier: 28+4DGnpX6Ji2cYmKm+1uSknOVpH5kmdClZ3WCtYgVk=
Subject key identifier: 4F:F4:5B:C5:B1:4F:A8:89:04:6E:A6:41:57:73:E2:C4:05:B2:DB:22
Certificate issuer: /CN=A9196172/serialNumber=6C3A7E02ACBB73A6635BDAFE022D785D00C447DB
Certificate serial: 110B
Authority key identifier: 6C:3A:7E:02:AC:BB:73:A6:63:5B:DA:FE:02:2D:78:5D:00:C4:47:DB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bDp-Aqy7c6ZjW9r-Ai14XQDER9s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9196172/E867CB100F1B11E9A5DBDB1BC4F9AE02/2D9B5B380F1D11E991F4271EC4F9AE02.roa
Signing time: Mon 10 Mar 2025 17:36:56 +0000
ROA not before: Mon 10 Mar 2025 17:36:56 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 56300
IP address blocks: 101.100.160.0/24 maxlen: 24
101.100.161.0/24 maxlen: 24
101.100.162.0/24 maxlen: 24
101.100.163.0/24 maxlen: 24
101.100.164.0/24 maxlen: 24
101.100.165.0/24 maxlen: 24
101.100.166.0/24 maxlen: 24
101.100.167.0/24 maxlen: 24
101.100.168.0/24 maxlen: 24
101.100.169.0/24 maxlen: 24
101.100.170.0/24 maxlen: 24
101.100.171.0/24 maxlen: 24
101.100.172.0/24 maxlen: 24
101.100.173.0/24 maxlen: 24
101.100.174.0/24 maxlen: 24
101.100.175.0/24 maxlen: 24
101.100.176.0/24 maxlen: 24
101.100.177.0/24 maxlen: 24
101.100.178.0/24 maxlen: 24
101.100.179.0/24 maxlen: 24
101.100.180.0/24 maxlen: 24
101.100.181.0/24 maxlen: 24
101.100.182.0/24 maxlen: 24
101.100.183.0/24 maxlen: 24
101.100.184.0/24 maxlen: 24
101.100.185.0/24 maxlen: 24
101.100.186.0/24 maxlen: 24
101.100.188.0/24 maxlen: 24
101.100.189.0/24 maxlen: 24
101.100.190.0/24 maxlen: 24
103.247.133.0/24 maxlen: 24
103.247.134.0/24 maxlen: 24
103.247.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4363 (0x110b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9196172
Validity
Not Before: Mar 10 17:36:56 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67cf2337-919f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:79:43:40:df:88:9e:02:14:f5:67:e7:07:48:
0d:6a:19:7a:4f:1d:51:f5:e7:34:6a:81:9a:21:41:
b8:2d:d4:f3:57:8c:23:2f:f6:ad:2e:d3:ae:ae:50:
cc:fe:69:e7:d0:0c:b3:94:47:e5:b1:c5:83:7f:43:
9a:35:a5:97:a0:e2:65:0a:5b:bf:73:9e:23:f6:88:
f2:55:d9:54:dd:f9:ba:05:22:e1:67:d5:b8:b4:84:
dc:24:5e:e6:39:b9:8d:28:0a:a3:20:29:4b:1a:1f:
c8:e6:24:43:74:bb:d1:c8:71:90:f4:f5:7d:b7:f8:
44:2d:0e:ef:99:35:e6:35:14:02:08:b7:58:e8:d3:
58:c4:f0:bb:c6:b0:fd:07:9c:0f:2a:c5:08:36:30:
4b:6d:4d:f1:1d:30:ac:54:fe:37:e3:87:41:44:c0:
19:1f:d4:71:ad:0d:e1:c6:f8:64:4b:5f:64:d2:d0:
4c:e3:0b:c2:2b:4e:b9:44:d2:b6:78:92:d9:8f:4e:
d0:7f:21:e7:21:b8:9d:b3:a3:2f:48:29:c0:5f:b9:
ea:fa:82:a5:90:be:64:cc:41:37:6b:1a:2b:e1:c1:
23:cf:39:d5:45:e8:56:eb:2e:c6:f2:8f:c2:9c:38:
11:66:c1:c4:db:fc:d6:a1:f2:09:62:ec:aa:60:13:
c4:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:F4:5B:C5:B1:4F:A8:89:04:6E:A6:41:57:73:E2:C4:05:B2:DB:22
X509v3 Authority Key Identifier:
keyid:6C:3A:7E:02:AC:BB:73:A6:63:5B:DA:FE:02:2D:78:5D:00:C4:47:DB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9196172/E867CB100F1B11E9A5DBDB1BC4F9AE02/bDp-Aqy7c6ZjW9r-Ai14XQDER9s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bDp-Aqy7c6ZjW9r-Ai14XQDER9s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9196172/E867CB100F1B11E9A5DBDB1BC4F9AE02/2D9B5B380F1D11E991F4271EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.100.160.0-101.100.186.255
101.100.188.0-101.100.190.255
103.247.133.0-103.247.135.255
Signature Algorithm: sha256WithRSAEncryption
d4:2e:b0:5e:8f:5b:10:83:f7:1e:6f:cf:3f:59:74:8c:a2:93:
bb:5c:e7:1f:46:e0:75:9d:bd:3d:a1:9f:15:d3:5c:a8:5e:5f:
20:0b:ac:b3:11:1d:a6:7e:56:cf:40:10:5b:43:cc:03:e0:79:
d3:32:f5:e4:d0:1f:be:96:0c:4f:95:d6:f9:04:c8:0b:71:57:
7d:af:8c:4f:a2:c5:49:9f:01:2e:90:73:4c:17:d2:8e:08:05:
52:1e:ff:5c:43:97:58:63:28:13:08:75:91:35:6a:f5:46:f5:
f7:ce:a4:d4:ae:1a:fd:de:88:ed:8b:0f:95:47:f4:07:48:71:
46:6b:a1:cb:ba:3a:80:c6:9b:2d:5e:02:11:2a:9c:c4:5a:81:
5e:24:97:b6:a1:60:21:11:55:87:e5:2c:27:6f:a8:3f:44:12:
bc:cb:0f:fa:8a:fc:31:0f:6d:0b:da:42:30:6f:4e:2d:3e:91:
ad:85:2d:4f:75:d0:e4:bc:f9:2f:b5:08:48:f8:61:14:90:d1:
ca:c0:e7:eb:27:11:75:9d:fb:ea:ff:b2:17:76:9a:1d:16:65:
f7:58:0c:79:0e:3f:f4:ad:8b:9d:3f:d5:88:14:e5:b8:98:ad:
73:2c:74:b9:ae:5a:b6:4c:07:7e:ce:7e:96:2b:6e:bf:1d:f3:
82:e7:f3:3c
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICEQswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTYxNzIxMTAvBgNVBAUTKDZDM0E3RTAyQUNCQjczQTY2MzVCREFGRTAyMkQ3ODVE
MDBDNDQ3REIwHhcNMjUwMzEwMTczNjU2WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NmMjMzNy05MTlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxXlDQN+IngIU9WfnB0gNahl6Tx1R9ec0aoGaIUG4LdTzV4wjL/atLtOurlDM
/mnn0AyzlEflscWDf0OaNaWXoOJlClu/c54j9ojyVdlU3fm6BSLhZ9W4tITcJF7m
ObmNKAqjIClLGh/I5iRDdLvRyHGQ9PV9t/hELQ7vmTXmNRQCCLdY6NNYxPC7xrD9
B5wPKsUINjBLbU3xHTCsVP4344dBRMAZH9RxrQ3hxvhkS19k0tBM4wvCK065RNK2
eJLZj07QfyHnIbids6MvSCnAX7nq+oKlkL5kzEE3axor4cEjzznVRehW6y7G8o/C
nDgRZsHE2/zWofIJYuyqYBPE1QIDAQABo4ICuTCCArUwHQYDVR0OBBYEFE/0W8Wx
T6iJBG6mQVdz4sQFstsiMB8GA1UdIwQYMBaAFGw6fgKsu3OmY1va/gIteF0AxEfb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NjE3Mi9FODY3Q0IxMDBG
MUIxMUU5QTVEQkRCMUJDNEY5QUUwMi9iRHAtQXF5N2M2WmpXOXItQWkxNFhRREVS
OXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JEcC1BcXk3YzZaalc5ci1BaTE0WFFERVI5cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTYxNzIvRTg2N0NCMTAwRjFCMTFFOUE1REJEQjFCQzRGOUFFMDIvMkQ5QjVCMzgw
RjFEMTFFOTkxRjQyNzFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMDAEAgABMCowDAMEBWVkoAMEAGVkujAMAwQCZWS8AwQAZWS+MAwDBABn94UD
BANn94AwDQYJKoZIhvcNAQELBQADggEBANQusF6PWxCD9x5vzz9ZdIyik7tc5x9G
4HWdvT2hnxXTXKheXyALrLMRHaZ+Vs9AEFtDzAPgedMy9eTQH76WDE+V1vkEyAtx
V32vjE+ixUmfAS6Qc0wX0o4IBVIe/1xDl1hjKBMIdZE1avVG9ffOpNSuGv3eiO2L
D5VH9AdIcUZrocu6OoDGmy1eAhEqnMRagV4kl7ahYCERVYflLCdvqD9EErzLD/qK
/DEPbQvaQjBvTi0+ka2FLU910OS8+S+1CEj4YRSQ0crA5+snEXWd++r/shd2mh0W
ZfdYDHkOP/Sti50/1YgU5biYrXMsdLmuWrZMB37OfpYrbr8d84Ln8zw=
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:02:48 2025 by rpki-client