Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEBCA/B588B4A61D8811E28CAE8FE108B02CD2/6E41DB8AF02B11EFB5A99F09C4F9AE02.roa
File: 6E41DB8AF02B11EFB5A99F09C4F9AE02.roa (raw, json)
Hash identifier: FHFlzGfcBP+sHaZPOwlGzxfF7nKBU7jIV4bsQCpijts=
Subject key identifier: EB:F6:40:F8:F7:6E:A7:DA:F8:B5:06:9A:D9:93:A7:4F:09:CC:2C:25
Certificate issuer: /CN=A91CEBCA/serialNumber=FE826EE9BC12DAAD3B197471B0413F1EB2082635
Certificate serial: 3476
Authority key identifier: FE:82:6E:E9:BC:12:DA:AD:3B:19:74:71:B0:41:3F:1E:B2:08:26:35
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_oJu6bwS2q07GXRxsEE_HrIIJjU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CEBCA/B588B4A61D8811E28CAE8FE108B02CD2/6E41DB8AF02B11EFB5A99F09C4F9AE02.roa
Signing time: Fri 28 Feb 2025 14:50:41 +0000
ROA not before: Fri 28 Feb 2025 14:50:41 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 17666
IP address blocks: 43.246.164.0/24 maxlen: 24
43.246.166.0/24 maxlen: 24
43.246.167.0/24 maxlen: 24
111.67.32.0/24 maxlen: 24
111.67.33.0/24 maxlen: 24
111.67.34.0/24 maxlen: 24
111.67.35.0/24 maxlen: 24
111.67.38.0/24 maxlen: 24
111.67.39.0/24 maxlen: 24
111.67.42.0/24 maxlen: 24
111.67.43.0/24 maxlen: 24
111.67.44.0/24 maxlen: 24
111.67.45.0/24 maxlen: 24
111.67.46.0/24 maxlen: 24
111.67.47.0/24 maxlen: 24
202.9.96.0/22 maxlen: 22
202.9.100.0/24 maxlen: 24
202.9.101.0/24 maxlen: 24
202.9.102.0/24 maxlen: 24
202.9.103.0/24 maxlen: 24
202.9.104.0/23 maxlen: 24
202.9.106.0/24 maxlen: 24
202.9.107.0/24 maxlen: 24
202.87.96.0/22 maxlen: 22
202.87.96.0/24 maxlen: 24
202.87.97.0/24 maxlen: 24
202.87.98.0/24 maxlen: 24
202.87.99.0/24 maxlen: 24
202.87.100.0/22 maxlen: 22
202.87.100.0/24 maxlen: 24
202.87.101.0/24 maxlen: 24
202.87.102.0/24 maxlen: 24
202.87.103.0/24 maxlen: 24
202.87.104.0/24 maxlen: 24
202.87.105.0/24 maxlen: 24
202.87.106.0/24 maxlen: 24
202.87.107.0/24 maxlen: 24
202.87.108.0/24 maxlen: 24
202.87.109.0/24 maxlen: 24
202.87.110.0/24 maxlen: 24
202.87.111.0/24 maxlen: 24
202.87.112.0/24 maxlen: 24
202.87.113.0/24 maxlen: 24
202.87.114.0/24 maxlen: 24
202.87.115.0/24 maxlen: 24
202.87.116.0/24 maxlen: 24
202.87.117.0/24 maxlen: 24
202.87.118.0/24 maxlen: 24
202.87.119.0/24 maxlen: 24
202.87.120.0/24 maxlen: 24
202.87.121.0/24 maxlen: 24
202.87.122.0/24 maxlen: 24
202.87.123.0/24 maxlen: 24
202.87.124.0/24 maxlen: 24
202.87.125.0/24 maxlen: 24
202.87.126.0/24 maxlen: 24
202.87.127.0/24 maxlen: 24
2401:200::/32 maxlen: 32
2401:200::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13430 (0x3476)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CEBCA
Validity
Not Before: Feb 28 14:50:41 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67c1cd40-9e53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:60:35:7a:42:cb:ee:ae:4c:e3:0c:8a:7b:f2:
ab:39:38:f1:54:21:00:c2:d5:ce:3f:e4:5f:c9:8d:
b3:b7:74:1d:ac:0b:23:7a:e2:50:5e:ce:d5:4c:c1:
74:a3:a4:f3:3e:74:ed:0f:70:fa:5f:90:51:cb:69:
9f:06:39:76:17:05:2e:7e:bc:51:c7:04:a0:4a:bd:
3f:79:46:00:d5:97:96:bc:67:00:9a:33:e5:31:aa:
de:fc:59:c4:56:72:87:6a:7e:82:da:a1:10:5e:5f:
bd:2e:cb:4a:51:b8:83:90:1f:17:07:41:b1:e6:1d:
45:22:30:d7:4d:99:89:af:3c:d0:11:03:c3:cb:f6:
dc:e6:2f:13:16:42:33:b2:ce:fb:0c:4e:6b:b2:b3:
5b:2a:f7:17:73:f1:3b:59:ad:9b:e6:a4:fa:52:ee:
fc:94:93:c3:4a:ca:e2:b9:fe:13:0c:42:ad:5b:ac:
70:6a:2e:25:5d:54:59:34:a5:c2:5f:34:6f:e6:af:
a4:9f:94:0a:1f:27:31:cb:5e:99:cd:13:01:24:a8:
b5:02:be:a2:b1:40:c7:5b:a7:a8:f7:cf:18:e8:46:
d4:eb:fb:df:27:1e:78:2d:37:e9:35:5e:45:78:b9:
07:cb:0a:10:b7:c2:d0:47:c3:de:e8:ea:5b:43:e9:
8f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:F6:40:F8:F7:6E:A7:DA:F8:B5:06:9A:D9:93:A7:4F:09:CC:2C:25
X509v3 Authority Key Identifier:
keyid:FE:82:6E:E9:BC:12:DA:AD:3B:19:74:71:B0:41:3F:1E:B2:08:26:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CEBCA/B588B4A61D8811E28CAE8FE108B02CD2/_oJu6bwS2q07GXRxsEE_HrIIJjU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_oJu6bwS2q07GXRxsEE_HrIIJjU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEBCA/B588B4A61D8811E28CAE8FE108B02CD2/6E41DB8AF02B11EFB5A99F09C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.246.164.0/24
43.246.166.0/23
111.67.32.0/22
111.67.38.0/23
111.67.42.0-111.67.47.255
202.9.96.0-202.9.107.255
202.87.96.0/19
IPv6:
2401:200::/32
Signature Algorithm: sha256WithRSAEncryption
06:09:16:e0:ff:58:2d:c2:0a:1d:ee:65:5e:f1:21:40:a7:ea:
b4:f7:e2:33:b3:4e:34:71:d5:95:e2:14:18:58:34:ae:8f:a0:
7c:31:4b:b0:41:4b:42:ee:c2:36:bb:ce:44:d8:19:53:73:43:
a4:a1:65:01:5d:d5:db:22:32:33:93:e3:3a:de:c9:2f:93:0a:
d6:d0:34:a8:17:2b:eb:62:0c:a3:30:04:3b:fb:5e:fc:7c:43:
f7:70:5e:7e:47:49:f6:92:39:e0:9f:b6:03:7c:49:9f:b2:28:
c6:f3:d4:a3:a8:59:27:a0:84:29:4d:df:6e:f8:13:45:fb:80:
ae:30:20:e3:c7:9c:c0:94:ac:98:4d:65:5e:aa:9b:b2:86:1a:
cd:3b:ce:bb:24:3d:40:9d:e9:57:bc:25:49:80:8d:ef:80:42:
78:df:f4:d5:c3:91:77:cb:ef:2b:05:91:fe:68:45:1d:f1:9c:
51:05:72:63:22:66:df:28:f8:26:e7:cc:03:61:f4:db:b1:fb:
59:32:55:de:07:ff:e5:84:50:f9:17:40:36:b9:ca:7f:31:a6:
e8:63:d0:35:21:61:2e:a0:ba:03:c0:e2:0d:a9:01:0a:73:94:
8e:de:2d:92:07:1d:d5:dc:d3:77:03:13:4b:5e:bd:cb:1b:b1:
f9:d9:51:33
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgICNHYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0VCQ0ExMTAvBgNVBAUTKEZFODI2RUU5QkMxMkRBQUQzQjE5NzQ3MUIwNDEzRjFF
QjIwODI2MzUwHhcNMjUwMjI4MTQ1MDQxWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MxY2Q0MC05ZTUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzGA1ekLL7q5M4wyKe/KrOTjxVCEAwtXOP+RfyY2zt3QdrAsjeuJQXs7VTMF0
o6TzPnTtD3D6X5BRy2mfBjl2FwUufrxRxwSgSr0/eUYA1ZeWvGcAmjPlMare/FnE
VnKHan6C2qEQXl+9LstKUbiDkB8XB0Gx5h1FIjDXTZmJrzzQEQPDy/bc5i8TFkIz
ss77DE5rsrNbKvcXc/E7Wa2b5qT6Uu78lJPDSsriuf4TDEKtW6xwai4lXVRZNKXC
XzRv5q+kn5QKHycxy16ZzRMBJKi1Ar6isUDHW6eo988Y6EbU6/vfJx54LTfpNV5F
eLkHywoQt8LQR8Pe6OpbQ+mPbQIDAQABo4IC2DCCAtQwHQYDVR0OBBYEFOv2QPj3
bqfa+LUGmtmTp08JzCwlMB8GA1UdIwQYMBaAFP6Cbum8EtqtOxl0cbBBPx6yCCY1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRUJDQS9CNTg4QjRBNjFE
ODgxMUUyOENBRThGRTEwOEIwMkNEMi9fb0p1NmJ3UzJxMDdHWFJ4c0VFX0hySUlK
alUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19vSnU2YndTMnEwN0dYUnhzRUVfSHJJSUpqVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0VCQ0EvQjU4OEI0QTYxRDg4MTFFMjhDQUU4RkUxMDhCMDJDRDIvNkU0MURCOEFG
MDJCMTFFRkI1QTk5RjA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYgYIKwYBBQUHAQcBAf8E
UzBRMEAEAgABMDoDBAAr9qQDBAEr9qYDBAJvQyADBAFvQyYwDAMEAW9DKgMEBG9D
IDAMAwQFyglgAwQCygloAwQFyldgMA0EAgACMAcDBQAkAQIAMA0GCSqGSIb3DQEB
CwUAA4IBAQAGCRbg/1gtwgod7mVe8SFAp+q09+Izs040cdWV4hQYWDSuj6B8MUuw
QUtC7sI2u85E2BlTc0OkoWUBXdXbIjIzk+M63skvkwrW0DSoFyvrYgyjMAQ7+178
fEP3cF5+R0n2kjngn7YDfEmfsijG89SjqFknoIQpTd9u+BNF+4CuMCDjx5zAlKyY
TWVeqpuyhhrNO867JD1AnelXvCVJgI3vgEJ43/TVw5F3y+8rBZH+aEUd8ZxRBXJj
ImbfKPgm58wDYfTbsftZMlXeB//lhFD5F0A2ucp/MaboY9A1IWEuoLoDwOINqQEK
c5SO3i2SBx3V3NN3AxNLXr3LG7H52VEz
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:57:29 2025 by rpki-client