Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C39D1/088C1B48A27D11EBA28F9177C4F9AE02/A26500A2A27F11EBBE87837FC4F9AE02.roa
File: A26500A2A27F11EBBE87837FC4F9AE02.roa (raw, json)
Hash identifier: o6IdzF2JW4pdJz3buu3YPOk5TMt4Nbg8S9u/EOJTdU0=
Subject key identifier: 64:D6:50:42:FF:A9:2C:D8:0F:1F:11:91:59:DF:2B:16:D1:5D:A3:2B
Certificate issuer: /CN=A91C39D1/serialNumber=8DEEAE856E95F3CEACE112C0A1EA97BA45A57A44
Certificate serial: 05DE
Authority key identifier: 8D:EE:AE:85:6E:95:F3:CE:AC:E1:12:C0:A1:EA:97:BA:45:A5:7A:44
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/je6uhW6V886s4RLAoeqXukWlekQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C39D1/088C1B48A27D11EBA28F9177C4F9AE02/A26500A2A27F11EBBE87837FC4F9AE02.roa
Signing time: Tue 04 Feb 2025 22:42:02 +0000
ROA not before: Tue 04 Feb 2025 22:42:02 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 45648
IP address blocks: 27.34.240.0/24 maxlen: 24
27.34.241.0/24 maxlen: 24
27.34.242.0/24 maxlen: 24
27.34.243.0/24 maxlen: 24
27.34.244.0/24 maxlen: 24
27.34.245.0/24 maxlen: 24
27.34.246.0/24 maxlen: 24
27.34.247.0/24 maxlen: 24
27.34.248.0/24 maxlen: 24
27.34.249.0/24 maxlen: 24
27.34.250.0/24 maxlen: 24
27.34.251.0/24 maxlen: 24
27.34.252.0/24 maxlen: 24
27.34.253.0/24 maxlen: 24
27.34.254.0/24 maxlen: 24
27.34.255.0/24 maxlen: 24
43.254.160.0/24 maxlen: 24
43.254.161.0/24 maxlen: 24
43.254.162.0/24 maxlen: 24
43.254.163.0/24 maxlen: 24
103.228.220.0/24 maxlen: 24
103.228.221.0/24 maxlen: 24
103.228.222.0/24 maxlen: 24
103.228.223.0/24 maxlen: 24
111.125.192.0/24 maxlen: 24
111.125.193.0/24 maxlen: 24
111.125.200.0/24 maxlen: 24
111.125.201.0/24 maxlen: 24
111.125.202.0/24 maxlen: 24
111.125.203.0/24 maxlen: 24
111.125.204.0/24 maxlen: 24
111.125.205.0/24 maxlen: 24
111.125.206.0/24 maxlen: 24
111.125.207.0/24 maxlen: 24
111.125.212.0/24 maxlen: 24
183.87.212.0/24 maxlen: 24
183.87.213.0/24 maxlen: 24
183.87.250.0/24 maxlen: 24
203.201.60.0/24 maxlen: 24
203.201.61.0/24 maxlen: 24
203.201.62.0/24 maxlen: 24
203.201.63.0/24 maxlen: 24
2400:d280::/32 maxlen: 32
2400:d280::/36 maxlen: 36
2400:d280:1000::/36 maxlen: 36
2400:d280:2000::/36 maxlen: 36
2400:d280:3000::/36 maxlen: 36
2400:d280:4000::/36 maxlen: 36
2400:d280:5000::/36 maxlen: 36
2400:d280:6000::/36 maxlen: 36
2400:d280:7000::/36 maxlen: 36
2400:d280:8000::/36 maxlen: 36
2400:d280:9000::/36 maxlen: 36
2400:d280:a000::/36 maxlen: 36
2400:d280:b000::/36 maxlen: 36
2400:d280:c000::/36 maxlen: 36
2400:d280:d000::/36 maxlen: 36
2400:d280:e000::/36 maxlen: 36
2400:d280:f000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1502 (0x5de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C39D1
Validity
Not Before: Feb 4 22:42:02 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67a297b9-82eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6c:be:9e:18:4d:72:f0:e8:cc:47:01:51:49:
a7:16:e3:15:1d:20:96:91:bb:f3:48:c1:93:f7:a8:
4e:e9:53:da:24:fb:a3:56:eb:cd:7c:6c:61:3e:c0:
c5:8e:0f:1e:6c:67:7e:18:e1:a3:5d:66:d8:88:e4:
8f:ca:59:76:df:38:6d:64:b4:2d:8c:1b:d4:5e:a7:
1b:f9:05:8b:e8:9c:1b:a8:cb:a6:18:eb:1f:f0:8d:
c2:89:a5:6e:c8:f1:d7:d4:4e:65:85:6e:17:cd:33:
11:9b:a9:c3:ed:90:09:43:7a:6e:ae:b9:38:5e:0a:
25:d0:cc:21:d0:73:19:88:41:e8:df:a6:89:ce:fc:
14:e7:81:b4:b1:7e:ed:45:80:1b:bb:b7:f3:7c:b7:
f6:c8:ce:0d:e4:d9:15:98:1a:91:46:2b:3a:38:87:
ca:f7:0e:47:c1:3f:ba:e7:56:07:23:94:91:ae:39:
5a:e7:e9:38:51:e1:ab:46:42:26:a0:7d:11:32:e2:
d5:53:a5:99:f3:96:48:03:28:e5:29:1b:af:bf:15:
9c:7c:de:e6:63:80:5a:03:d1:a9:47:84:eb:a3:e1:
69:dc:e4:b1:15:5d:b6:03:27:be:e4:fb:eb:04:43:
2d:a3:34:3a:2e:dd:c5:e3:68:a6:5c:ab:cf:6f:49:
d6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:D6:50:42:FF:A9:2C:D8:0F:1F:11:91:59:DF:2B:16:D1:5D:A3:2B
X509v3 Authority Key Identifier:
keyid:8D:EE:AE:85:6E:95:F3:CE:AC:E1:12:C0:A1:EA:97:BA:45:A5:7A:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C39D1/088C1B48A27D11EBA28F9177C4F9AE02/je6uhW6V886s4RLAoeqXukWlekQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/je6uhW6V886s4RLAoeqXukWlekQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C39D1/088C1B48A27D11EBA28F9177C4F9AE02/A26500A2A27F11EBBE87837FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.34.240.0/20
43.254.160.0/22
103.228.220.0/22
111.125.192.0/23
111.125.200.0/21
111.125.212.0/24
183.87.212.0/23
183.87.250.0/24
203.201.60.0/22
IPv6:
2400:d280::/32
Signature Algorithm: sha256WithRSAEncryption
67:c1:39:01:11:56:99:0e:37:4d:27:28:b6:c2:75:ce:df:c3:
36:38:8d:34:2d:79:d7:ac:cb:42:f8:1e:71:13:a4:0d:28:e6:
27:ac:78:92:fd:39:f8:69:ec:cb:15:b0:c3:89:cd:9f:3e:0d:
00:ea:ca:71:cd:20:35:9e:a7:4e:b3:d2:14:22:bc:de:d5:b5:
10:c5:70:85:e2:d7:6d:58:e0:e9:74:0f:bd:d8:de:7b:e8:be:
a5:80:01:ac:44:74:b7:6f:ae:d5:48:18:7c:4b:f5:40:4c:15:
3b:1b:1b:73:3e:12:ad:4c:16:e6:b1:c3:fa:96:7d:92:88:9f:
4b:02:3a:cd:25:88:c0:b7:8f:0b:48:10:fc:d0:49:d6:c9:59:
a8:29:a8:a2:69:ea:63:a0:cd:99:d4:54:57:09:a1:17:4e:a9:
a4:20:9d:47:8c:e3:cf:1c:27:56:83:b3:8c:c6:e1:0d:f9:da:
ce:78:e7:37:d6:93:96:9a:99:53:4d:7b:9e:91:2b:e1:1c:4c:
63:1a:9d:68:eb:60:85:41:10:79:a0:a8:91:2b:07:48:15:fb:
c4:ba:23:a0:56:69:da:e9:b1:8f:c5:2c:41:e1:97:0f:87:de:
6d:79:36:52:6b:06:ed:1f:2e:57:d6:b8:78:5a:b3:33:17:78:
6f:a2:5c:fa
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgICBd4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzM5RDExMTAvBgNVBAUTKDhERUVBRTg1NkU5NUYzQ0VBQ0UxMTJDMEExRUE5N0JB
NDVBNTdBNDQwHhcNMjUwMjA0MjI0MjAyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EyOTdiOS04MmViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnWy+nhhNcvDozEcBUUmnFuMVHSCWkbvzSMGT96hO6VPaJPujVuvNfGxhPsDF
jg8ebGd+GOGjXWbYiOSPyll23zhtZLQtjBvUXqcb+QWL6JwbqMumGOsf8I3CiaVu
yPHX1E5lhW4XzTMRm6nD7ZAJQ3purrk4Xgol0Mwh0HMZiEHo36aJzvwU54G0sX7t
RYAbu7fzfLf2yM4N5NkVmBqRRis6OIfK9w5HwT+651YHI5SRrjla5+k4UeGrRkIm
oH0RMuLVU6WZ85ZIAyjlKRuvvxWcfN7mY4BaA9GpR4Tro+Fp3OSxFV22Aye+5Pvr
BEMtozQ6Lt3F42imXKvPb0nWuQIDAQABo4IC1DCCAtAwHQYDVR0OBBYEFGTWUEL/
qSzYDx8RkVnfKxbRXaMrMB8GA1UdIwQYMBaAFI3uroVulfPOrOESwKHql7pFpXpE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMzlEMS8wODhDMUI0OEEy
N0QxMUVCQTI4RjkxNzdDNEY5QUUwMi9qZTZ1aFc2Vjg4NnM0UkxBb2VxWHVrV2xl
a1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2plNnVoVzZWODg2czRSTEFvZXFYdWtXbGVrUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzM5RDEvMDg4QzFCNDhBMjdEMTFFQkEyOEY5MTc3QzRGOUFFMDIvQTI2NTAwQTJB
MjdGMTFFQkJFODc4MzdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXgYIKwYBBQUHAQcBAf8E
TzBNMDwEAgABMDYDBAQbIvADBAIr/qADBAJn5NwDBAFvfcADBANvfcgDBABvfdQD
BAG3V9QDBAC3V/oDBALLyTwwDQQCAAIwBwMFACQA0oAwDQYJKoZIhvcNAQELBQAD
ggEBAGfBOQERVpkON00nKLbCdc7fwzY4jTQtedesy0L4HnETpA0o5ieseJL9Ofhp
7MsVsMOJzZ8+DQDqynHNIDWep06z0hQivN7VtRDFcIXi121Y4Ol0D73Y3nvovqWA
AaxEdLdvrtVIGHxL9UBMFTsbG3M+Eq1MFuaxw/qWfZKIn0sCOs0liMC3jwtIEPzQ
SdbJWagpqKJp6mOgzZnUVFcJoRdOqaQgnUeM488cJ1aDs4zG4Q352s545zfWk5aa
mVNNe56RK+EcTGManWjrYIVBEHmgqJErB0gV+8S6I6BWadrpsY/FLEHhlw+H3m15
NlJrBu0fLlfWuHhaszMXeG+iXPo=
-----END CERTIFICATE-----
Generated at Fri Apr 11 19:53:09 2025 by rpki-client