Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919D539/C1265DC0E38911EAB73A3659C4F9AE02/B94BEEA036D811ECB5BD1470C4F9AE02.roa
File: B94BEEA036D811ECB5BD1470C4F9AE02.roa (raw, json)
Hash identifier: CYIyqLTD/N7RHKkzVI9yCjfPCRo2bvj5EsxmVhBkQbM=
Subject key identifier: 02:5B:53:D5:FA:AB:61:D0:48:6F:60:E8:E8:1C:B8:9E:5E:4D:2E:E2
Certificate issuer: /CN=A919D539/serialNumber=221F50143E1D5F93C4CD31C9FEE7A24DE801F2D7
Certificate serial: 07AE
Authority key identifier: 22:1F:50:14:3E:1D:5F:93:C4:CD:31:C9:FE:E7:A2:4D:E8:01:F2:D7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ih9QFD4dX5PEzTHJ_ueiTegB8tc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919D539/C1265DC0E38911EAB73A3659C4F9AE02/B94BEEA036D811ECB5BD1470C4F9AE02.roa
Signing time: Wed 04 Dec 2024 21:10:31 +0000
ROA not before: Wed 04 Dec 2024 21:10:30 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 38325
IP address blocks: 27.106.216.0/21 maxlen: 22
27.106.216.0/24 maxlen: 24
27.106.217.0/24 maxlen: 24
27.106.218.0/24 maxlen: 24
27.106.219.0/24 maxlen: 24
27.106.220.0/24 maxlen: 24
27.106.221.0/24 maxlen: 24
27.106.222.0/24 maxlen: 24
27.106.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1966 (0x7ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919D539
Validity
Not Before: Dec 4 21:10:30 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6750c546-6321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a9:17:4d:47:85:74:31:2c:14:78:06:58:37:
c1:e2:f6:71:87:57:25:5a:62:aa:1e:82:1e:93:88:
72:83:5b:c6:c2:a0:36:eb:09:d4:0e:cf:ad:6b:e0:
d2:69:16:08:3d:0f:4f:5a:a8:99:ec:22:72:a8:9f:
4b:1a:23:89:76:91:6a:c8:09:0a:04:97:90:e9:1d:
4a:09:5e:30:29:75:d0:39:b4:0a:5a:7f:68:60:ad:
08:c2:57:b1:5c:f1:5e:4e:0d:39:93:45:77:dc:ca:
65:5d:cd:e8:d2:e9:d9:ab:d1:bd:ff:09:f2:90:23:
64:91:b1:e2:e0:08:b2:4d:e0:e1:8f:9d:53:2d:78:
12:94:69:57:40:ad:05:84:3f:11:00:65:78:1a:1c:
97:77:9c:58:91:f5:5b:d8:9c:f4:1f:f4:8a:ed:01:
fa:76:50:f6:c9:fc:13:9c:08:5a:79:60:b1:e1:2f:
de:31:fc:d2:60:51:fd:87:bb:e5:a5:6f:98:00:81:
03:63:91:38:36:7a:17:b7:64:5f:96:14:c6:24:58:
db:a2:2d:2f:fe:95:ba:79:07:17:70:33:44:97:02:
be:32:bf:1a:55:55:8e:6e:f8:b4:1f:cc:35:33:c8:
97:89:3d:ce:f6:37:b9:09:48:50:cd:eb:54:28:27:
29:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:5B:53:D5:FA:AB:61:D0:48:6F:60:E8:E8:1C:B8:9E:5E:4D:2E:E2
X509v3 Authority Key Identifier:
keyid:22:1F:50:14:3E:1D:5F:93:C4:CD:31:C9:FE:E7:A2:4D:E8:01:F2:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919D539/C1265DC0E38911EAB73A3659C4F9AE02/Ih9QFD4dX5PEzTHJ_ueiTegB8tc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ih9QFD4dX5PEzTHJ_ueiTegB8tc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919D539/C1265DC0E38911EAB73A3659C4F9AE02/B94BEEA036D811ECB5BD1470C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.106.216.0/21
Signature Algorithm: sha256WithRSAEncryption
3a:f4:c1:c7:49:2f:3c:b9:65:4a:3f:68:5e:a3:c6:a2:f4:31:
fe:12:dc:73:93:aa:7c:98:6c:6d:95:fd:51:35:ed:f3:d5:14:
32:cb:19:b4:9f:31:f5:20:7f:f7:77:98:06:1d:66:24:7e:04:
69:9b:49:c3:e7:4d:4b:37:82:2e:40:8a:51:7c:f1:88:49:15:
a0:37:b6:ce:4c:6b:eb:0e:c4:d3:21:b8:cf:44:98:04:56:06:
91:34:d0:60:4f:37:6c:f6:17:c4:7a:82:ef:a4:fd:cf:22:8f:
0f:43:55:f7:85:19:40:0b:18:06:c1:e4:7f:eb:39:0c:b1:de:
25:ac:24:19:b8:8c:b8:c5:fb:3b:34:50:5a:68:0d:40:83:ba:
0f:89:d1:39:d3:4c:90:c3:18:80:cf:e9:5e:dd:d1:db:78:a5:
e7:c4:ba:ff:8d:3d:2b:3b:7c:21:95:7f:1b:82:47:e6:9e:2d:
c5:f2:98:88:f1:82:2d:03:3e:61:de:e9:cc:c4:c8:f5:9e:88:
49:13:16:36:f2:c8:2d:78:3a:4b:9a:29:cf:36:4b:42:92:b8:
dd:1d:66:fb:c7:c3:24:4d:cd:a0:31:bf:13:fb:b8:25:26:6f:
30:55:de:d7:bf:3e:ad:b8:a0:7b:5c:4a:6e:f6:f8:dc:70:2e:
08:03:4c:22
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB64wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUQ1MzkxMTAvBgNVBAUTKDIyMUY1MDE0M0UxRDVGOTNDNENEMzFDOUZFRTdBMjRE
RTgwMUYyRDcwHhcNMjQxMjA0MjExMDMwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUwYzU0Ni02MzIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwakXTUeFdDEsFHgGWDfB4vZxh1clWmKqHoIek4hyg1vGwqA26wnUDs+ta+DS
aRYIPQ9PWqiZ7CJyqJ9LGiOJdpFqyAkKBJeQ6R1KCV4wKXXQObQKWn9oYK0Iwlex
XPFeTg05k0V33MplXc3o0unZq9G9/wnykCNkkbHi4AiyTeDhj51TLXgSlGlXQK0F
hD8RAGV4GhyXd5xYkfVb2Jz0H/SK7QH6dlD2yfwTnAhaeWCx4S/eMfzSYFH9h7vl
pW+YAIEDY5E4NnoXt2RflhTGJFjboi0v/pW6eQcXcDNElwK+Mr8aVVWObvi0H8w1
M8iXiT3O9je5CUhQzetUKCcptwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAJbU9X6
q2HQSG9g6OgcuJ5eTS7iMB8GA1UdIwQYMBaAFCIfUBQ+HV+TxM0xyf7nok3oAfLX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RDUzOS9DMTI2NURDMEUz
ODkxMUVBQjczQTM2NTlDNEY5QUUwMi9JaDlRRkQ0ZFg1UEV6VEhKX3VlaVRlZ0I4
dGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0loOVFGRDRkWDVQRXpUSEpfdWVpVGVnQjh0Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUQ1MzkvQzEyNjVEQzBFMzg5MTFFQUI3M0EzNjU5QzRGOUFFMDIvQjk0QkVFQTAz
NkQ4MTFFQ0I1QkQxNDcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAMbatgwDQYJKoZIhvcNAQELBQADggEBADr0wcdJLzy5ZUo/
aF6jxqL0Mf4S3HOTqnyYbG2V/VE17fPVFDLLGbSfMfUgf/d3mAYdZiR+BGmbScPn
TUs3gi5AilF88YhJFaA3ts5Ma+sOxNMhuM9EmARWBpE00GBPN2z2F8R6gu+k/c8i
jw9DVfeFGUALGAbB5H/rOQyx3iWsJBm4jLjF+zs0UFpoDUCDug+J0TnTTJDDGIDP
6V7d0dt4pefEuv+NPSs7fCGVfxuCR+aeLcXymIjxgi0DPmHe6czEyPWeiEkTFjby
yC14OkuaKc82S0KSuN0dZvvHwyRNzaAxvxP7uCUmbzBV3te/Pq24oHtcSm72+Nxw
LggDTCI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:29:31 2025 by rpki-client