Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9197390/D2C7E7163E7A11EEA977D620C4F9AE02/CD168A226C2111EFB0ACC153C4F9AE02.roa
File: CD168A226C2111EFB0ACC153C4F9AE02.roa (raw, json)
Hash identifier: F8BQEsLxz2XO34zN3GNH3AuMPZU87rOGItPVHiqWabQ=
Subject key identifier: 73:3D:3A:15:60:AD:BA:66:43:5C:63:A9:25:C2:6D:A1:3B:15:CC:A1
Certificate issuer: /CN=A9197390/serialNumber=A135B814E1EB1E27C9597EED2E822854930D3FCF
Certificate serial: 0162
Authority key identifier: A1:35:B8:14:E1:EB:1E:27:C9:59:7E:ED:2E:82:28:54:93:0D:3F:CF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oTW4FOHrHifJWX7tLoIoVJMNP88.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9197390/D2C7E7163E7A11EEA977D620C4F9AE02/CD168A226C2111EFB0ACC153C4F9AE02.roa
Signing time: Sat 22 Feb 2025 17:30:08 +0000
ROA not before: Sat 22 Feb 2025 17:30:08 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 153318
IP address blocks: 45.115.119.0/24 maxlen: 24
103.57.17.0/24 maxlen: 24
103.57.18.0/24 maxlen: 24
103.57.19.0/24 maxlen: 24
202.6.80.0/24 maxlen: 24
203.153.208.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 354 (0x162)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9197390
Validity
Not Before: Feb 22 17:30:08 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67ba09a0-5731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:7b:1f:5e:76:d2:2f:59:f2:16:0f:62:83:ac:
14:9c:6a:e6:67:4f:15:03:55:ce:62:02:b8:96:9a:
15:81:6f:60:22:53:c8:80:83:92:00:07:3f:ea:2c:
f2:ec:6b:11:70:c2:c9:9d:c3:24:a6:85:ea:4a:a0:
77:de:c8:d0:9e:b3:ce:4a:72:84:b3:81:df:14:63:
9e:91:13:f3:17:e0:f7:cc:96:b1:47:4a:01:e0:f2:
3a:09:4b:67:56:25:d0:2f:8f:eb:6f:a0:1d:b7:cc:
77:2c:08:f8:2d:02:71:34:bb:2c:db:81:5f:ce:5e:
27:dc:e6:6c:6f:5c:9d:5a:a7:48:7f:fc:7c:65:16:
d5:46:64:a3:d3:70:4b:43:b4:3e:b2:fd:9c:84:b0:
aa:02:32:e6:7f:e1:9d:50:27:3c:0c:80:8f:da:7c:
e7:55:b8:6c:6e:86:89:10:94:37:7f:d1:66:3f:d1:
13:30:94:92:76:a2:cf:7e:59:57:d1:f2:c5:e5:ef:
f7:d4:4c:0f:f2:59:56:c7:31:25:a0:b7:10:4c:8c:
b4:5a:8f:00:ff:41:6f:16:49:33:38:88:20:c6:b3:
60:b4:77:55:58:83:88:19:c0:7c:50:c6:5a:24:70:
2c:ec:d2:06:e9:22:04:cd:bb:c4:b8:87:47:ba:1a:
3c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:3D:3A:15:60:AD:BA:66:43:5C:63:A9:25:C2:6D:A1:3B:15:CC:A1
X509v3 Authority Key Identifier:
keyid:A1:35:B8:14:E1:EB:1E:27:C9:59:7E:ED:2E:82:28:54:93:0D:3F:CF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9197390/D2C7E7163E7A11EEA977D620C4F9AE02/oTW4FOHrHifJWX7tLoIoVJMNP88.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oTW4FOHrHifJWX7tLoIoVJMNP88.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197390/D2C7E7163E7A11EEA977D620C4F9AE02/CD168A226C2111EFB0ACC153C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.115.119.0/24
103.57.17.0-103.57.19.255
202.6.80.0/24
203.153.208.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:a2:4e:74:98:38:ce:f1:e7:33:ea:3a:41:f3:50:1d:91:1f:
61:a4:d2:3c:97:42:aa:dc:dc:2a:04:58:a0:b4:a7:dc:61:69:
15:0d:a4:5e:73:65:e9:e5:5d:29:54:77:59:cd:bb:49:94:e0:
1f:86:5d:0f:63:2f:a6:c8:37:66:4d:a3:52:e9:95:e9:4f:bf:
11:50:b4:86:5a:1b:4c:b5:67:7c:78:f4:b4:52:9e:f6:ae:7a:
9e:56:66:cb:66:b4:3a:ef:48:54:1a:ac:a1:43:51:0b:2a:bc:
a8:9e:6b:c1:97:78:d2:2e:59:8a:f4:ed:fc:58:f0:d0:6d:e8:
10:da:62:d9:87:5e:32:35:f6:1a:59:d6:68:0f:2a:81:b9:ee:
c8:58:b8:07:7a:29:47:30:31:bf:d3:d9:12:e3:47:7a:ab:21:
b7:19:bb:dd:87:fd:41:8b:1f:4c:9c:3f:81:ec:19:26:77:76:
74:95:24:64:4a:15:95:df:f2:34:af:37:bd:9a:2e:7d:9d:ca:
1b:68:92:4e:be:0c:6a:af:7f:81:80:d1:ee:c6:89:22:4d:7f:
93:fd:ed:e5:96:6b:99:d7:b2:1c:c7:16:de:3d:ba:da:23:a3:
af:bc:82:03:4e:db:47:81:fe:30:c9:39:2b:8f:5b:8d:9e:c9:
da:2a:11:2a
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICAWIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTczOTAxMTAvBgNVBAUTKEExMzVCODE0RTFFQjFFMjdDOTU5N0VFRDJFODIyODU0
OTMwRDNGQ0YwHhcNMjUwMjIyMTczMDA4WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2JhMDlhMC01NzMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA23sfXnbSL1nyFg9ig6wUnGrmZ08VA1XOYgK4lpoVgW9gIlPIgIOSAAc/6izy
7GsRcMLJncMkpoXqSqB33sjQnrPOSnKEs4HfFGOekRPzF+D3zJaxR0oB4PI6CUtn
ViXQL4/rb6Adt8x3LAj4LQJxNLss24Ffzl4n3OZsb1ydWqdIf/x8ZRbVRmSj03BL
Q7Q+sv2chLCqAjLmf+GdUCc8DICP2nznVbhsboaJEJQ3f9FmP9ETMJSSdqLPfllX
0fLF5e/31EwP8llWxzEloLcQTIy0Wo8A/0FvFkkzOIggxrNgtHdVWIOIGcB8UMZa
JHAs7NIG6SIEzbvEuIdHuho8nwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFHM9OhVg
rbpmQ1xjqSXCbaE7FcyhMB8GA1UdIwQYMBaAFKE1uBTh6x4nyVl+7S6CKFSTDT/P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzM5MC9EMkM3RTcxNjNF
N0ExMUVFQTk3N0Q2MjBDNEY5QUUwMi9vVFc0Rk9IckhpZkpXWDd0TG9Jb1ZKTU5Q
ODguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29UVzRGT0hySGlmSldYN3RMb0lvVkpNTlA4OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTczOTAvRDJDN0U3MTYzRTdBMTFFRUE5NzdENjIwQzRGOUFFMDIvQ0QxNjhBMjI2
QzIxMTFFRkIwQUNDMTUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBAAtc3cwDAMEAGc5EQMEAmc5EAMEAMoGUAMEAMuZ0DANBgkq
hkiG9w0BAQsFAAOCAQEAeqJOdJg4zvHnM+o6QfNQHZEfYaTSPJdCqtzcKgRYoLSn
3GFpFQ2kXnNl6eVdKVR3Wc27SZTgH4ZdD2Mvpsg3Zk2jUumV6U+/EVC0hlobTLVn
fHj0tFKe9q56nlZmy2a0Ou9IVBqsoUNRCyq8qJ5rwZd40i5ZivTt/Fjw0G3oENpi
2YdeMjX2GlnWaA8qgbnuyFi4B3opRzAxv9PZEuNHeqshtxm73Yf9QYsfTJw/gewZ
Jnd2dJUkZEoVld/yNK83vZoufZ3KG2iSTr4Maq9/gYDR7saJIk1/k/3t5ZZrmdey
HMcW3j262iOjr7yCA07bR4H+MMk5K49bjZ7J2ioRKg==
-----END CERTIFICATE-----
Generated at Fri Apr 11 20:59:44 2025 by rpki-client