Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/A69F92BE090911F084AAF925C4F9AE02.roa
File: A69F92BE090911F084AAF925C4F9AE02.roa (raw, json)
Hash identifier: JAD+Foc1J+GOz5pKNPlHnr3Zrw5SjVxBWNoZZgDQ44M=
Subject key identifier: 78:F9:AC:0D:32:70:65:F2:A5:08:D5:2C:99:7A:45:DD:FE:C8:1F:34
Certificate issuer: /CN=A91A546E/serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420
Certificate serial: 08F3
Authority key identifier: 6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/A69F92BE090911F084AAF925C4F9AE02.roa
Signing time: Mon 24 Mar 2025 23:43:09 +0000
ROA not before: Mon 24 Mar 2025 23:43:09 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 45577
IP address blocks: 101.234.132.0/23 maxlen: 24
101.234.134.0/24 maxlen: 24
101.234.135.0/24 maxlen: 24
101.234.136.0/24 maxlen: 24
101.234.140.0/23 maxlen: 24
101.234.144.0/23 maxlen: 24
101.234.146.0/23 maxlen: 24
101.234.148.0/24 maxlen: 24
101.234.149.0/24 maxlen: 24
101.234.150.0/24 maxlen: 24
101.234.151.0/24 maxlen: 24
101.234.152.0/24 maxlen: 24
101.234.153.0/24 maxlen: 24
101.234.154.0/24 maxlen: 24
101.234.155.0/24 maxlen: 24
101.234.156.0/23 maxlen: 24
101.234.158.0/24 maxlen: 24
101.234.159.0/24 maxlen: 24
101.234.160.0/24 maxlen: 24
101.234.170.0/24 maxlen: 24
101.234.171.0/24 maxlen: 24
111.125.160.0/24 maxlen: 24
111.125.161.0/24 maxlen: 24
111.125.162.0/23 maxlen: 23
111.125.162.0/24 maxlen: 24
111.125.164.0/23 maxlen: 23
111.125.164.0/23 maxlen: 24
111.125.168.0/23 maxlen: 23
111.125.168.0/23 maxlen: 24
111.125.170.0/23 maxlen: 23
111.125.170.0/23 maxlen: 24
111.125.172.0/23 maxlen: 23
111.125.172.0/23 maxlen: 24
111.125.174.0/23 maxlen: 23
111.125.174.0/23 maxlen: 24
114.111.128.0/24 maxlen: 24
114.111.129.0/24 maxlen: 24
114.111.130.0/23 maxlen: 23
114.111.130.0/23 maxlen: 24
114.111.132.0/24 maxlen: 24
114.111.133.0/24 maxlen: 24
114.111.134.0/23 maxlen: 23
114.111.135.0/24 maxlen: 24
114.111.136.0/23 maxlen: 23
114.111.137.0/24 maxlen: 24
114.111.138.0/23 maxlen: 24
114.111.140.0/24 maxlen: 24
114.111.141.0/24 maxlen: 24
114.111.142.0/24 maxlen: 24
114.111.143.0/24 maxlen: 24
114.111.144.0/23 maxlen: 23
114.111.144.0/23 maxlen: 24
114.111.146.0/23 maxlen: 24
114.111.148.0/23 maxlen: 24
114.111.150.0/23 maxlen: 24
114.111.156.0/23 maxlen: 24
114.111.158.0/23 maxlen: 24
122.100.0.0/24 maxlen: 24
122.100.1.0/24 maxlen: 24
122.100.2.0/24 maxlen: 24
122.100.3.0/24 maxlen: 24
122.100.4.0/24 maxlen: 24
122.100.6.0/24 maxlen: 24
122.100.7.0/24 maxlen: 24
122.100.8.0/24 maxlen: 24
122.100.9.0/24 maxlen: 24
122.100.10.0/23 maxlen: 24
122.100.14.0/24 maxlen: 24
122.100.15.0/24 maxlen: 24
2406:5800:800::/38 maxlen: 48
2406:5800:c00::/38 maxlen: 56
2406:5800:ff00::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2291 (0x8f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A546E
Validity
Not Before: Mar 24 23:43:09 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67e1ee0d-7bdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6a:bb:fa:bc:a0:4c:f2:45:8b:1c:23:c4:19:
17:34:6a:b8:55:b7:78:51:82:17:93:b7:8c:49:12:
c9:52:12:ef:26:ef:94:b0:ca:71:a1:c1:e7:53:32:
d1:26:af:04:e3:42:7f:c0:bd:4e:9d:00:17:c3:37:
de:2f:2b:fd:46:88:ab:16:77:21:0e:16:c9:a4:73:
03:c4:71:4e:ef:3e:7e:11:0f:75:1a:2c:2a:2b:98:
5c:bd:10:48:fc:59:17:00:e0:6c:fb:c3:91:48:dc:
bf:6e:51:aa:85:ae:d9:6f:aa:48:2f:b0:1d:4f:66:
d5:1f:7f:23:db:d7:31:7b:ec:17:dd:f4:a4:69:21:
2a:2a:ba:fd:54:0e:fd:1f:b5:99:cd:9c:52:12:22:
37:39:c8:6b:ea:b4:17:23:0e:90:e7:24:16:8b:4b:
96:fc:f1:db:00:ea:ef:95:58:06:96:b7:8f:08:27:
b6:57:ae:3e:dc:cf:22:14:54:d7:c0:be:54:12:16:
3d:4d:e7:6e:2e:40:a0:1b:83:1b:02:3e:b7:bc:c4:
f9:ed:36:1e:cc:ad:f3:7c:6b:ec:62:1f:e1:74:90:
07:35:ec:d1:1c:8d:d0:70:42:cf:ff:7b:8a:34:23:
74:b6:bd:98:97:90:c8:c3:2e:e5:43:51:e7:01:49:
2d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:F9:AC:0D:32:70:65:F2:A5:08:D5:2C:99:7A:45:DD:FE:C8:1F:34
X509v3 Authority Key Identifier:
keyid:6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/A69F92BE090911F084AAF925C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.234.132.0-101.234.136.255
101.234.140.0/23
101.234.144.0-101.234.160.255
101.234.170.0/23
111.125.160.0-111.125.165.255
111.125.168.0/21
114.111.128.0-114.111.151.255
114.111.156.0/22
122.100.0.0-122.100.4.255
122.100.6.0-122.100.11.255
122.100.14.0/23
IPv6:
2406:5800:800::/37
2406:5800:ff00::/48
Signature Algorithm: sha256WithRSAEncryption
9b:09:08:1b:bd:7e:4f:2f:70:0b:cc:71:04:f2:73:da:1e:cf:
75:5f:0f:f5:1e:00:2f:ef:14:a9:5e:89:cb:c5:39:2a:40:60:
ed:f9:51:75:a1:32:d9:ba:8b:d9:cd:a5:45:0e:ba:e7:6f:73:
65:62:e2:1b:1d:02:21:33:be:e7:a0:e0:c6:77:f0:85:a7:b5:
93:a5:4a:42:14:ce:8f:9c:aa:8d:b5:e6:41:0b:e3:04:22:e0:
0e:18:32:5e:48:12:89:f9:fb:4a:1c:49:52:46:a0:b9:fc:40:
1a:e9:c9:50:44:3a:0c:83:cd:65:d2:4f:2c:c4:34:c1:af:9e:
33:ad:a3:6d:a4:0b:0c:76:6c:67:ab:9f:34:87:24:00:b7:69:
9e:ee:2e:08:2f:97:58:04:dd:c6:aa:57:62:5c:b9:a5:68:b4:
92:ef:d2:92:eb:e3:da:4b:26:d7:73:db:77:52:ee:25:3b:ad:
b8:db:c7:2b:21:9a:4a:54:88:e8:9c:4d:30:77:54:25:69:4b:
78:9d:12:2d:20:68:af:d8:26:a0:f4:c8:d7:47:07:09:e4:0e:
4c:9d:3f:cd:a6:f4:40:95:b7:77:8b:d6:d8:43:04:06:0c:d8:
e5:44:f5:c7:00:b5:52:a1:0c:cb:ee:ee:ab:b6:15:5b:19:92:
90:5f:ea:6e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgICCPMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU0NkUxMTAvBgNVBAUTKDZDNUE1ODlGOTI0Q0U5QkVEMUZEODlGNUFGRjYzMEM5
Mjc1NzQ0MjAwHhcNMjUwMzI0MjM0MzA5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2UxZWUwZC03YmRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz2q7+rygTPJFixwjxBkXNGq4Vbd4UYIXk7eMSRLJUhLvJu+UsMpxocHnUzLR
Jq8E40J/wL1OnQAXwzfeLyv9RoirFnchDhbJpHMDxHFO7z5+EQ91GiwqK5hcvRBI
/FkXAOBs+8ORSNy/blGqha7Zb6pIL7AdT2bVH38j29cxe+wX3fSkaSEqKrr9VA79
H7WZzZxSEiI3Ochr6rQXIw6Q5yQWi0uW/PHbAOrvlVgGlrePCCe2V64+3M8iFFTX
wL5UEhY9TeduLkCgG4MbAj63vMT57TYezK3zfGvsYh/hdJAHNezRHI3QcELP/3uK
NCN0tr2Yl5DIwy7lQ1HnAUkt5QIDAQABo4IDHDCCAxgwHQYDVR0OBBYEFHj5rA0y
cGXypQjVLJl6Rd3+yB80MB8GA1UdIwQYMBaAFGxaWJ+STOm+0f2J9a/2MMknV0Qg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTQ2RS8wQ0Q0MURBOEI3
NkExMUVBODE0RjUwODRDNEY5QUUwMi9iRnBZbjVKTTZiN1JfWW4xcl9Zd3lTZFhS
Q0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JGcFluNUpNNmI3Ul9ZbjFyX1l3eVNkWFJDQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU0NkUvMENENDFEQThCNzZBMTFFQTgxNEY1MDg0QzRGOUFFMDIvQTY5RjkyQkUw
OTA5MTFGMDg0QUFGOTI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaUGCCsGAQUFBwEHAQH/
BIGVMIGSMHcEAgABMHEwDAMEAmXqhAMEAGXqiAMEAWXqjDAMAwQEZeqQAwQAZeqg
AwQBZeqqMAwDBAVvfaADBAFvfaQDBANvfagwDAMEB3JvgAMEA3JvkAMEAnJvnDAL
AwMCemQDBAB6ZAQwDAMEAXpkBgMEAnpkCAMEAXpkDjAXBAIAAjARAwYDJAZYAAgD
BwAkBlgA/wAwDQYJKoZIhvcNAQELBQADggEBAJsJCBu9fk8vcAvMcQTyc9oez3Vf
D/UeAC/vFKleicvFOSpAYO35UXWhMtm6i9nNpUUOuudvc2Vi4hsdAiEzvueg4MZ3
8IWntZOlSkIUzo+cqo215kEL4wQi4A4YMl5IEon5+0ocSVJGoLn8QBrpyVBEOgyD
zWXSTyzENMGvnjOto22kCwx2bGernzSHJAC3aZ7uLggvl1gE3caqV2JcuaVotJLv
0pLr49pLJtdz23dS7iU7rbjbxyshmkpUiOicTTB3VCVpS3idEi0gaK/YJqD0yNdH
BwnkDkydP82m9ECVt3eL1thDBAYM2OVE9ccAtVKhDMvu7qu2FVsZkpBf6m4=
-----END CERTIFICATE-----
Generated at Fri Apr 11 14:05:56 2025 by rpki-client