Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919D222/8764489CCD7F11EFA5848838C4F9AE02/18B90242CD8011EF8728D139C4F9AE02.roa
File: 18B90242CD8011EF8728D139C4F9AE02.roa (raw, json)
Hash identifier: /17gKTBKMMs07+KSKB5vkpnNAFNY/B0f0Up4BfWbLBA=
Subject key identifier: 3E:F1:AF:26:DB:7F:74:26:D3:12:2F:E1:6F:B5:82:52:E1:77:9E:C0
Certificate issuer: /CN=A919D222/serialNumber=8205E9796EC69A0C73DC3B5B3CE12C48192B4577
Certificate serial: 03
Authority key identifier: 82:05:E9:79:6E:C6:9A:0C:73:DC:3B:5B:3C:E1:2C:48:19:2B:45:77
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ggXpeW7Gmgxz3DtbPOEsSBkrRXc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919D222/8764489CCD7F11EFA5848838C4F9AE02/18B90242CD8011EF8728D139C4F9AE02.roa
Signing time: Wed 08 Jan 2025 05:19:12 +0000
ROA not before: Wed 08 Jan 2025 05:19:12 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 45477
IP address blocks: 113.29.224.0/24 maxlen: 24
113.29.225.0/24 maxlen: 24
113.29.227.0/24 maxlen: 24
113.29.234.0/24 maxlen: 24
113.29.235.0/24 maxlen: 24
113.29.236.0/24 maxlen: 24
113.29.237.0/24 maxlen: 24
113.29.238.0/24 maxlen: 24
113.29.239.0/24 maxlen: 24
2406:fc00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919D222
Validity
Not Before: Jan 8 05:19:12 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=677e0ad0-04fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3c:7a:cb:25:34:7a:96:2d:26:02:45:93:cb:
11:a4:97:f1:43:b2:20:8c:a5:40:9e:ee:56:96:28:
19:49:53:60:b0:21:53:81:1a:b7:05:c4:ff:14:48:
9a:36:33:fd:46:58:aa:78:0a:ae:21:b3:03:38:e9:
8f:47:e2:4c:50:72:b1:8e:5e:eb:3d:34:70:66:a2:
21:36:00:5c:83:b1:9f:78:db:5f:45:e8:43:71:23:
8a:7b:7b:bd:28:d9:07:88:6f:14:68:20:8c:7d:bc:
9a:80:89:85:be:cf:24:ff:21:0e:b1:a4:fd:9a:1b:
82:9a:2e:9c:12:2e:1e:af:28:87:bf:6f:14:c5:72:
1e:c9:27:ef:1c:fd:82:b8:2b:13:9a:f9:4f:60:6d:
28:f9:aa:b9:6e:fc:db:07:dc:64:62:26:0f:39:d6:
f9:95:bc:19:38:94:89:49:42:a0:9f:51:75:0c:fb:
0a:99:5d:3f:e4:45:84:c4:e1:ef:5c:27:62:6f:28:
4e:1a:c1:1e:ec:7c:2a:a4:de:81:bc:9c:d5:84:dd:
3b:f4:8a:10:87:c6:fd:2d:a5:0f:93:25:49:63:c2:
39:57:7f:60:c1:c4:c1:79:9d:bc:a2:fa:18:e0:fe:
d7:1a:d6:a9:c3:d9:c0:27:d0:3a:ad:87:25:62:3d:
da:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:F1:AF:26:DB:7F:74:26:D3:12:2F:E1:6F:B5:82:52:E1:77:9E:C0
X509v3 Authority Key Identifier:
keyid:82:05:E9:79:6E:C6:9A:0C:73:DC:3B:5B:3C:E1:2C:48:19:2B:45:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919D222/8764489CCD7F11EFA5848838C4F9AE02/ggXpeW7Gmgxz3DtbPOEsSBkrRXc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ggXpeW7Gmgxz3DtbPOEsSBkrRXc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919D222/8764489CCD7F11EFA5848838C4F9AE02/18B90242CD8011EF8728D139C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.29.224.0/23
113.29.227.0/24
113.29.234.0-113.29.239.255
IPv6:
2406:fc00::/32
Signature Algorithm: sha256WithRSAEncryption
a2:9f:50:bb:7a:97:2d:4d:0d:2b:c9:bd:7f:2e:48:fa:db:34:
d4:52:2d:8f:8e:38:29:bb:90:2d:a0:50:4c:3c:1d:8c:f9:f7:
eb:6a:86:80:d3:59:1e:91:42:89:2b:b5:a7:40:7f:c2:9b:b5:
7a:7c:d3:95:f7:9e:4f:d3:ae:8e:91:41:be:a0:d5:2d:eb:8b:
a6:f7:bc:c6:be:a3:85:da:bb:17:e8:67:66:2d:c6:36:d5:d2:
e0:f8:86:09:75:f1:c7:b2:13:04:06:90:a5:8f:bc:8b:56:da:
10:e7:15:e9:d8:fe:a3:ff:98:8f:53:4d:ab:03:4d:63:b4:e4:
40:bc:01:87:77:4e:d4:06:5b:b3:f3:e3:2d:2c:58:11:51:b5:
63:44:8b:05:df:8e:8b:45:7d:b9:a1:de:18:90:3c:3c:fe:0c:
0b:76:6a:cc:da:65:23:53:14:8a:f2:1b:51:12:cc:e6:58:33:
98:05:5d:cc:f1:1c:63:8e:be:72:ed:5f:f9:ce:5f:bb:c5:eb:
3a:ed:0c:e3:9c:87:e5:d3:a9:64:05:7d:af:f2:b9:aa:78:4c:
be:53:ff:b8:0a:31:57:46:1c:89:15:e5:4b:b8:c6:d8:c3:e1:
f0:d5:9d:5b:18:dc:b2:5e:dd:fc:4a:d8:e9:60:f7:00:9e:82:
09:a6:14:bc
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
RDIyMjExMC8GA1UEBRMoODIwNUU5Nzk2RUM2OUEwQzczREMzQjVCM0NFMTJDNDgx
OTJCNDU3NzAeFw0yNTAxMDgwNTE5MTJaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3N2UwYWQwLTA0ZmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBPHrLJTR6li0mAkWTyxGkl/FDsiCMpUCe7laWKBlJU2CwIVOBGrcFxP8USJo2
M/1GWKp4Cq4hswM46Y9H4kxQcrGOXus9NHBmoiE2AFyDsZ94219F6ENxI4p7e70o
2QeIbxRoIIx9vJqAiYW+zyT/IQ6xpP2aG4KaLpwSLh6vKIe/bxTFch7JJ+8c/YK4
KxOa+U9gbSj5qrlu/NsH3GRiJg851vmVvBk4lIlJQqCfUXUM+wqZXT/kRYTE4e9c
J2JvKE4awR7sfCqk3oG8nNWE3Tv0ihCHxv0tpQ+TJUljwjlXf2DBxMF5nbyi+hjg
/tca1qnD2cAn0DqthyViPdohAgMBAAGjggK4MIICtDAdBgNVHQ4EFgQUPvGvJtt/
dCbTEi/hb7WCUuF3nsAwHwYDVR0jBBgwFoAUggXpeW7Gmgxz3DtbPOEsSBkrRXcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlEMjIyLzg3NjQ0ODlDQ0Q3
RjExRUZBNTg0ODgzOEM0RjlBRTAyL2dnWHBlVzdHbWd4ejNEdGJQT0VzU0JrclJY
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZ2dYcGVXN0dtZ3h6M0R0YlBPRXNTQmtyUlhjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
RDIyMi84NzY0NDg5Q0NEN0YxMUVGQTU4NDg4MzhDNEY5QUUwMi8xOEI5MDI0MkNE
ODAxMUVGODcyOEQxMzlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBCBggrBgEFBQcBBwEB/wQz
MDEwIAQCAAEwGgMEAXEd4AMEAHEd4zAMAwQBcR3qAwQEcR3gMA0EAgACMAcDBQAk
BvwAMA0GCSqGSIb3DQEBCwUAA4IBAQCin1C7epctTQ0ryb1/Lkj62zTUUi2Pjjgp
u5AtoFBMPB2M+ffraoaA01kekUKJK7WnQH/Cm7V6fNOV955P066OkUG+oNUt64um
97zGvqOF2rsX6GdmLcY21dLg+IYJdfHHshMEBpClj7yLVtoQ5xXp2P6j/5iPU02r
A01jtORAvAGHd07UBluz8+MtLFgRUbVjRIsF346LRX25od4YkDw8/gwLdmrM2mUj
UxSK8htREszmWDOYBV3M8Rxjjr5y7V/5zl+7xes67QzjnIfl06lkBX2v8rmqeEy+
U/+4CjFXRhyJFeVLuMbYw+Hw1Z1bGNyyXt38StjpYPcAnoIJphS8
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:21:08 2025 by rpki-client