Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8F6D3D583AEA11EC84E6634EC4F9AE02.roa
File: 8F6D3D583AEA11EC84E6634EC4F9AE02.roa (raw, json)
Hash identifier: hDelh3PoJsz9R6GZhIRg0nobcW1v03O1xgV8RZIJ1VA=
Subject key identifier: A8:0E:5E:7A:D4:69:91:13:DD:E7:33:16:FF:76:42:77:31:70:F8:28
Certificate issuer: /CN=A91B885C/serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF
Certificate serial: 0CF5
Authority key identifier: 53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8F6D3D583AEA11EC84E6634EC4F9AE02.roa
Signing time: Sat 18 Jan 2025 18:06:51 +0000
ROA not before: Sat 18 Jan 2025 18:06:51 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 63916
IP address blocks: 27.122.56.0/24 maxlen: 24
27.122.57.0/24 maxlen: 24
27.122.58.0/24 maxlen: 24
27.122.59.0/24 maxlen: 24
43.239.156.0/22 maxlen: 22
43.239.156.0/23 maxlen: 23
43.239.156.0/24 maxlen: 24
43.239.157.0/24 maxlen: 24
43.239.158.0/23 maxlen: 23
43.239.158.0/24 maxlen: 24
43.239.159.0/24 maxlen: 24
43.245.196.0/23 maxlen: 23
43.245.196.0/24 maxlen: 24
43.245.197.0/24 maxlen: 24
43.245.198.0/24 maxlen: 24
43.245.199.0/24 maxlen: 24
43.251.157.0/24 maxlen: 24
43.251.158.0/24 maxlen: 24
43.251.159.0/24 maxlen: 24
103.1.154.0/24 maxlen: 24
103.35.72.0/22 maxlen: 22
103.35.72.0/24 maxlen: 24
103.35.73.0/24 maxlen: 24
103.35.74.0/24 maxlen: 24
103.35.75.0/24 maxlen: 24
103.68.223.0/24 maxlen: 24
103.71.254.0/24 maxlen: 24
103.72.4.0/23 maxlen: 24
182.161.32.0/22 maxlen: 22
182.161.32.0/24 maxlen: 24
182.161.33.0/24 maxlen: 24
182.161.34.0/24 maxlen: 24
182.161.35.0/24 maxlen: 24
202.144.192.0/22 maxlen: 22
202.144.192.0/24 maxlen: 24
202.144.193.0/24 maxlen: 24
202.144.194.0/24 maxlen: 24
202.144.195.0/24 maxlen: 24
2402:c480::/32 maxlen: 32
2402:c480:3000::/48 maxlen: 48
2402:c480:3001::/48 maxlen: 48
2402:c480:3002::/48 maxlen: 48
2402:c480:3003::/48 maxlen: 48
2402:c480:3004::/48 maxlen: 48
2402:c480:5000::/48 maxlen: 48
2402:c480:6000::/48 maxlen: 48
2402:c480:6001::/48 maxlen: 48
2402:c480:6002::/48 maxlen: 48
2402:c480:7000::/48 maxlen: 48
2402:c480:7001::/48 maxlen: 48
2402:c480:8000::/48 maxlen: 48
2402:c480:8001::/48 maxlen: 48
2402:c480:8003::/48 maxlen: 48
2402:c480:9000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3317 (0xcf5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B885C
Validity
Not Before: Jan 18 18:06:51 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=678bedbb-71dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:80:92:45:e6:2d:77:73:4b:8d:68:3e:d5:d2:
be:fd:03:4d:8c:67:8a:a4:6d:39:f0:96:9f:02:eb:
63:c9:d4:84:30:9a:70:b3:d5:32:21:21:04:dc:65:
16:95:be:85:6a:d2:d5:68:2d:d3:74:e3:5e:e0:02:
be:93:67:40:c9:7c:a4:8d:2f:35:98:2d:29:22:fd:
f1:58:71:66:d3:b1:b2:23:ff:bd:56:c1:d8:bc:5d:
86:22:59:99:ac:8d:e5:d9:e4:d5:dd:89:70:cf:f4:
4d:26:e5:35:13:65:a4:da:a2:60:82:db:93:21:b5:
69:43:cd:03:f6:81:a0:ed:e4:6d:07:ac:5c:05:7d:
35:3c:49:8e:5d:bf:2b:21:e5:5d:d3:ec:a4:f4:8b:
91:e9:82:9a:90:c1:1e:12:9e:ca:d6:da:ff:1b:5e:
43:1b:53:60:4b:ef:a7:18:25:de:ba:c2:70:bc:50:
9b:83:32:cf:c4:89:ed:6e:09:30:c4:2a:f4:67:4f:
d5:f6:be:f2:e8:07:bb:51:f9:c5:82:68:aa:6a:35:
14:aa:ee:a4:50:41:09:01:98:03:49:e3:5d:88:fc:
c7:2b:05:eb:12:f2:f7:0a:47:d3:39:02:c3:ca:e1:
22:f8:24:f2:76:33:dc:5d:6f:41:3a:92:ac:8e:b5:
c0:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:0E:5E:7A:D4:69:91:13:DD:E7:33:16:FF:76:42:77:31:70:F8:28
X509v3 Authority Key Identifier:
keyid:53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8F6D3D583AEA11EC84E6634EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.122.56.0/22
43.239.156.0/22
43.245.196.0/22
43.251.157.0-43.251.159.255
103.1.154.0/24
103.35.72.0/22
103.68.223.0/24
103.71.254.0/24
103.72.4.0/23
182.161.32.0/22
202.144.192.0/22
IPv6:
2402:c480::/32
Signature Algorithm: sha256WithRSAEncryption
ab:98:1c:63:6d:6b:1e:b9:b9:8a:a3:b4:d2:dd:57:82:bb:a7:
c6:de:69:90:61:63:e4:ae:b3:39:2f:64:57:13:b6:d4:dd:d0:
76:82:0f:72:f0:f3:3d:6f:88:36:d7:17:ad:ef:94:e0:58:47:
a6:61:89:1c:52:30:5c:e8:96:4a:51:ee:f1:e1:04:4b:26:a2:
d5:8b:80:44:23:a3:d5:a6:92:3c:d8:e4:61:9f:a2:91:73:d6:
41:da:e7:c9:f8:45:61:23:d1:b0:8b:88:69:63:4e:b3:9d:41:
d8:16:50:80:47:c4:e6:7e:4a:95:8d:9d:c9:f1:cd:0b:86:95:
35:1a:07:fc:b2:83:82:0a:00:75:6d:c8:25:ce:0e:31:9f:21:
74:59:86:03:49:30:cd:0b:b2:b5:48:09:7e:a2:43:e1:26:28:
fe:10:bd:31:b5:44:60:c3:d0:32:45:bf:a7:2d:77:0b:1b:a2:
2d:f6:26:dd:51:62:fc:ac:b7:c5:4b:2d:02:74:f4:17:c1:90:
cd:b1:9e:19:a0:6a:8f:71:68:27:a4:b1:73:70:e9:47:ee:59:
ba:11:9e:9c:49:74:bb:80:57:30:43:74:99:5b:d3:44:02:0b:
35:e3:5a:c7:31:f7:95:25:67:4a:fe:0f:13:ed:66:17:ea:ca:
88:86:a3:cb
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgICDPUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjg4NUMxMTAvBgNVBAUTKDUzNzRDNkU3NUYxODYwNTI0NTVBMkQ4REE1MjkyRkVG
MDA5Q0M5QUYwHhcNMjUwMTE4MTgwNjUxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhiZWRiYi03MWRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuYCSReYtd3NLjWg+1dK+/QNNjGeKpG058JafAutjydSEMJpws9UyISEE3GUW
lb6FatLVaC3TdONe4AK+k2dAyXykjS81mC0pIv3xWHFm07GyI/+9VsHYvF2GIlmZ
rI3l2eTV3Ylwz/RNJuU1E2Wk2qJggtuTIbVpQ80D9oGg7eRtB6xcBX01PEmOXb8r
IeVd0+yk9IuR6YKakMEeEp7K1tr/G15DG1NgS++nGCXeusJwvFCbgzLPxIntbgkw
xCr0Z0/V9r7y6Ae7UfnFgmiqajUUqu6kUEEJAZgDSeNdiPzHKwXrEvL3CkfTOQLD
yuEi+CTydjPcXW9BOpKsjrXAiQIDAQABo4IC6DCCAuQwHQYDVR0OBBYEFKgOXnrU
aZET3eczFv92QncxcPgoMB8GA1UdIwQYMBaAFFN0xudfGGBSRVotjaUpL+8AnMmv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODg1Qy81QzE5Rjg0MkYy
NjcxMUU5ODdDNzEzMUZDNEY5QUUwMi9VM1RHNTE4WVlGSkZXaTJOcFNrdjd3Q2N5
YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1UzVEc1MThZWUZKRldpMk5wU2t2N3dDY3lhOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjg4NUMvNUMxOUY4NDJGMjY3MTFFOTg3QzcxMzFGQzRGOUFFMDIvOEY2RDNENTgz
QUVBMTFFQzg0RTY2MzRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcgYIKwYBBQUHAQcBAf8E
YzBhMFAEAgABMEoDBAIbejgDBAIr75wDBAIr9cQwDAMEACv7nQMEBSv7gAMEAGcB
mgMEAmcjSAMEAGdE3wMEAGdH/gMEAWdIBAMEArahIAMEAsqQwDANBAIAAjAHAwUA
JALEgDANBgkqhkiG9w0BAQsFAAOCAQEAq5gcY21rHrm5iqO00t1Xgrunxt5pkGFj
5K6zOS9kVxO21N3QdoIPcvDzPW+INtcXre+U4FhHpmGJHFIwXOiWSlHu8eEESyai
1YuARCOj1aaSPNjkYZ+ikXPWQdrnyfhFYSPRsIuIaWNOs51B2BZQgEfE5n5KlY2d
yfHNC4aVNRoH/LKDggoAdW3IJc4OMZ8hdFmGA0kwzQuytUgJfqJD4SYo/hC9MbVE
YMPQMkW/py13CxuiLfYm3VFi/Ky3xUstAnT0F8GQzbGeGaBqj3FoJ6Sxc3DpR+5Z
uhGenEl0u4BXMEN0mVvTRAILNeNaxzH3lSVnSv4PE+1mF+rKiIajyw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:10:21 2025 by rpki-client