Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2BD9/0481F786EC1911EA85B1E76FC4F9AE02/85A0A1086C9711EEA4941846C4F9AE02.roa
File: 85A0A1086C9711EEA4941846C4F9AE02.roa (raw, json)
Hash identifier: QE3nW2mNMr96ecxL+2Sa0cUHeFInEqjbi3IjJoVbX1E=
Subject key identifier: 00:41:61:C3:36:A6:F1:DB:02:57:6D:99:BA:78:DA:DE:D2:F7:B8:AC
Certificate issuer: /CN=A91F2BD9/serialNumber=AFCD12F3409878CD4AB445C445544AE8DA851A84
Certificate serial: 07B3
Authority key identifier: AF:CD:12:F3:40:98:78:CD:4A:B4:45:C4:45:54:4A:E8:DA:85:1A:84
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r80S80CYeM1KtEXERVRK6NqFGoQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F2BD9/0481F786EC1911EA85B1E76FC4F9AE02/85A0A1086C9711EEA4941846C4F9AE02.roa
Signing time: Fri 10 Jan 2025 21:00:14 +0000
ROA not before: Fri 10 Jan 2025 21:00:14 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 7594
IP address blocks: 120.88.64.0/19 maxlen: 19
120.88.64.0/24 maxlen: 24
120.88.65.0/24 maxlen: 24
120.88.66.0/24 maxlen: 24
120.88.67.0/24 maxlen: 24
120.88.68.0/24 maxlen: 24
120.88.69.0/24 maxlen: 24
120.88.70.0/24 maxlen: 24
120.88.71.0/24 maxlen: 24
120.88.72.0/24 maxlen: 24
120.88.73.0/24 maxlen: 24
120.88.74.0/24 maxlen: 24
120.88.75.0/24 maxlen: 24
120.88.76.0/24 maxlen: 24
120.88.77.0/24 maxlen: 24
120.88.78.0/24 maxlen: 24
120.88.79.0/24 maxlen: 24
120.88.80.0/24 maxlen: 24
120.88.81.0/24 maxlen: 24
120.88.82.0/24 maxlen: 24
120.88.83.0/24 maxlen: 24
120.88.84.0/24 maxlen: 24
120.88.85.0/24 maxlen: 24
120.88.86.0/24 maxlen: 24
120.88.87.0/24 maxlen: 24
120.88.88.0/24 maxlen: 24
120.88.89.0/24 maxlen: 24
120.88.90.0/24 maxlen: 24
120.88.91.0/24 maxlen: 24
120.88.92.0/24 maxlen: 24
120.88.93.0/24 maxlen: 24
120.88.94.0/24 maxlen: 24
120.88.95.0/24 maxlen: 24
121.0.0.0/21 maxlen: 21
121.0.0.0/24 maxlen: 24
121.0.1.0/24 maxlen: 24
121.0.2.0/24 maxlen: 24
121.0.3.0/24 maxlen: 24
121.0.4.0/24 maxlen: 24
121.0.5.0/24 maxlen: 24
121.0.6.0/24 maxlen: 24
121.0.7.0/24 maxlen: 24
203.56.180.0/24 maxlen: 24
2403:9000::/32 maxlen: 34
2403:9000:500::/40 maxlen: 40
2403:9000:501::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1971 (0x7b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F2BD9
Validity
Not Before: Jan 10 21:00:14 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67818a5e-3d28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:1c:d4:82:34:7c:11:e0:e8:c4:5f:a6:33:b9:
d8:20:c6:85:de:96:ec:c4:3f:5f:a5:46:74:76:24:
33:b3:ab:18:a2:24:f4:05:0d:11:7b:b3:74:1b:fd:
f2:a8:29:95:4d:5b:fa:5c:10:2c:a9:fa:ea:0b:2d:
62:2f:53:9b:5b:34:02:41:9b:f0:6f:c0:84:c2:3f:
ad:3c:f5:b9:01:fb:65:ca:cc:46:0c:4c:02:4c:d2:
6b:57:f5:cb:c9:4c:50:85:81:04:7b:15:cc:e9:0a:
6a:20:86:5c:f2:fe:4b:53:29:28:cc:fd:2c:b4:84:
3b:4c:e4:37:dc:79:61:df:0b:05:20:b2:d5:13:3f:
cb:3d:9b:a7:2b:7a:01:81:5d:c0:80:cc:30:78:c3:
ce:56:9c:4f:c8:78:65:b1:c0:8b:ab:5f:bb:3d:e7:
14:9f:e6:1f:18:ef:05:71:e6:07:6d:24:98:d9:71:
b6:7f:fe:48:2a:89:dd:91:9d:a5:82:a8:80:e5:ec:
c9:e7:af:74:2d:cc:36:78:55:5e:bf:f3:36:97:a5:
26:60:5f:c8:ed:5f:b9:03:a8:2d:a5:5c:f3:cf:1e:
bc:df:c6:01:01:22:36:1d:98:88:2a:a3:ea:6e:3d:
d3:d6:ca:bb:f5:8d:59:f6:fc:5b:50:e0:f8:45:1f:
ba:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:41:61:C3:36:A6:F1:DB:02:57:6D:99:BA:78:DA:DE:D2:F7:B8:AC
X509v3 Authority Key Identifier:
keyid:AF:CD:12:F3:40:98:78:CD:4A:B4:45:C4:45:54:4A:E8:DA:85:1A:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F2BD9/0481F786EC1911EA85B1E76FC4F9AE02/r80S80CYeM1KtEXERVRK6NqFGoQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r80S80CYeM1KtEXERVRK6NqFGoQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2BD9/0481F786EC1911EA85B1E76FC4F9AE02/85A0A1086C9711EEA4941846C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
120.88.64.0/19
121.0.0.0/21
203.56.180.0/24
IPv6:
2403:9000::/32
Signature Algorithm: sha256WithRSAEncryption
3f:29:e9:15:4b:b7:39:d5:9b:d1:4c:89:c6:08:f9:51:0a:d5:
27:d0:36:4c:9d:cd:ce:6e:68:57:6b:ec:5f:83:17:df:c0:1b:
63:86:08:15:b3:12:59:a8:9b:c6:c6:62:cc:1e:2d:78:d9:80:
3b:9f:82:be:40:9c:e5:f6:7a:36:ad:a4:fe:bf:46:cd:f8:f1:
e4:b4:18:24:04:20:a9:8e:ec:bf:5c:ee:61:ae:a5:21:69:8f:
9a:03:a9:25:8b:50:78:d6:b1:c6:0c:1a:b4:21:d7:c6:c2:bc:
e7:2d:cc:34:6c:84:c7:3c:c8:f4:d8:b1:06:18:ae:82:12:48:
2c:33:d8:5b:0e:1e:b7:d4:61:91:2d:46:69:91:88:4a:83:a1:
37:18:af:38:29:76:5c:e7:66:46:1e:1f:06:58:a1:09:11:18:
d0:01:b4:e1:d9:1a:1b:f5:cf:f0:bb:18:74:97:bd:2c:56:8b:
d0:ca:73:7a:c6:da:76:04:f1:7f:4d:f7:27:52:1e:d9:33:a7:
da:a0:ae:df:c1:24:6a:0e:19:c7:92:c3:fe:7c:7e:fd:16:a3:
e4:57:de:e8:5e:d3:d2:41:19:93:cf:bd:6f:da:83:92:e7:0c:
2d:19:69:5a:46:09:ff:0b:65:bd:57:7d:e0:5a:5f:a7:e6:7e:
b4:42:87:8e
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICB7MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjJCRDkxMTAvBgNVBAUTKEFGQ0QxMkYzNDA5ODc4Q0Q0QUI0NDVDNDQ1NTQ0QUU4
REE4NTFBODQwHhcNMjUwMTEwMjEwMDE0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzgxOGE1ZS0zZDI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3BzUgjR8EeDoxF+mM7nYIMaF3pbsxD9fpUZ0diQzs6sYoiT0BQ0Re7N0G/3y
qCmVTVv6XBAsqfrqCy1iL1ObWzQCQZvwb8CEwj+tPPW5AftlysxGDEwCTNJrV/XL
yUxQhYEEexXM6QpqIIZc8v5LUykozP0stIQ7TOQ33Hlh3wsFILLVEz/LPZunK3oB
gV3AgMwweMPOVpxPyHhlscCLq1+7PecUn+YfGO8FceYHbSSY2XG2f/5IKondkZ2l
gqiA5ezJ5690Lcw2eFVev/M2l6UmYF/I7V+5A6gtpVzzzx6838YBASI2HZiIKqPq
bj3T1sq79Y1Z9vxbUOD4RR+6DQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFABBYcM2
pvHbAldtmbp42t7S97isMB8GA1UdIwQYMBaAFK/NEvNAmHjNSrRFxEVUSujahRqE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMkJEOS8wNDgxRjc4NkVD
MTkxMUVBODVCMUU3NkZDNEY5QUUwMi9yODBTODBDWWVNMUt0RVhFUlZSSzZOcUZH
b1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3I4MFM4MENZZU0xS3RFWEVSVlJLNk5xRkdvUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjJCRDkvMDQ4MUY3ODZFQzE5MTFFQTg1QjFFNzZGQzRGOUFFMDIvODVBMEExMDg2
Qzk3MTFFRUE0OTQxODQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAV4WEADBAN5AAADBADLOLQwDQQCAAIwBwMFACQDkAAwDQYJ
KoZIhvcNAQELBQADggEBAD8p6RVLtznVm9FMicYI+VEK1SfQNkydzc5uaFdr7F+D
F9/AG2OGCBWzElmom8bGYsweLXjZgDufgr5AnOX2ejatpP6/Rs348eS0GCQEIKmO
7L9c7mGupSFpj5oDqSWLUHjWscYMGrQh18bCvOctzDRshMc8yPTYsQYYroISSCwz
2FsOHrfUYZEtRmmRiEqDoTcYrzgpdlznZkYeHwZYoQkRGNABtOHZGhv1z/C7GHSX
vSxWi9DKc3rG2nYE8X9N9ydSHtkzp9qgrt/BJGoOGceSw/58fv0Wo+RX3uhe09JB
GZPPvW/ag5LnDC0ZaVpGCf8LZb1XfeBaX6fmfrRCh44=
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:47:40 2025 by rpki-client