Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/189D53F6DF6D11EDA8253121C4F9AE02.roa
File: 189D53F6DF6D11EDA8253121C4F9AE02.roa (raw, json)
Hash identifier: LVfRsceFwgYFGNtvvOOxYb85IfYSArhKHs1tV2kKhmE=
Subject key identifier: 25:AA:48:83:47:BE:D4:20:D7:4F:C4:2C:A2:A0:4B:07:BF:8D:F3:98
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 0A3A
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/189D53F6DF6D11EDA8253121C4F9AE02.roa
Signing time: Thu 20 Apr 2023 11:18:37 +0000
ROA not before: Thu 20 Apr 2023 11:18:37 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 7018
IP address blocks: 113.203.220.0/24 maxlen: 24
113.203.222.0/24 maxlen: 24
113.203.223.0/24 maxlen: 24
113.203.224.0/24 maxlen: 24
113.203.225.0/24 maxlen: 24
113.203.227.0/24 maxlen: 24
113.203.233.0/24 maxlen: 24
113.203.245.0/24 maxlen: 24
113.203.252.0/22 maxlen: 24
223.29.226.0/24 maxlen: 24
223.29.235.0/24 maxlen: 24
223.29.236.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2618 (0xa3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7
Validity
Not Before: Apr 20 11:18:37 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64411f8d-eda8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:ee:29:5f:e8:59:d4:61:96:e3:ae:03:82:6f:
5e:09:38:56:2b:85:9f:49:eb:34:10:61:56:f7:43:
5d:a6:c0:2b:c5:61:22:6a:b6:a3:47:c4:d5:96:f4:
2d:d5:dd:15:de:82:bf:5a:a3:60:21:5a:6d:9e:9e:
df:b5:58:3e:1b:6a:8a:c4:05:06:04:e9:94:e1:ef:
53:8b:70:1d:e5:c8:37:5b:04:49:04:d0:be:ff:2e:
2c:82:78:77:6d:de:3a:34:cd:b4:c4:44:d4:3c:12:
30:f3:13:f1:85:21:cc:c3:b7:2b:fe:d1:42:55:0c:
32:3f:9d:db:01:9d:b1:3f:88:f3:e9:e1:8f:e2:40:
95:f2:c1:d6:9d:a8:eb:96:0b:7a:59:b9:69:38:30:
d8:0f:21:8a:f3:d4:06:d8:f6:d3:53:2c:0d:aa:f1:
de:02:6c:32:e2:1d:cc:1c:a1:0d:a8:73:d4:7f:f0:
b4:76:54:a9:bf:24:95:63:0f:cb:56:ec:27:6f:39:
85:99:78:14:f0:da:d5:90:c1:43:20:cf:b5:ce:d5:
b9:79:d1:8b:d9:36:43:65:b2:6d:e0:b9:c1:29:da:
ab:57:1d:39:39:a3:e0:7e:5b:c4:8b:b4:0a:ab:c1:
6c:6f:a4:e6:57:a2:95:37:39:c9:b4:df:e1:89:72:
11:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:AA:48:83:47:BE:D4:20:D7:4F:C4:2C:A2:A0:4B:07:BF:8D:F3:98
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/189D53F6DF6D11EDA8253121C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.220.0/24
113.203.222.0-113.203.225.255
113.203.227.0/24
113.203.233.0/24
113.203.245.0/24
113.203.252.0/22
223.29.226.0/24
223.29.235.0-223.29.238.255
Signature Algorithm: sha256WithRSAEncryption
47:cb:8a:b1:d6:96:72:26:34:b6:46:5f:0a:cc:d2:8b:0f:b1:
ec:70:98:22:04:e7:2c:8c:fa:6c:34:f8:a0:48:8a:a9:21:cc:
2b:21:1f:35:47:1a:ca:54:25:02:38:92:01:bf:3c:67:5d:63:
ca:1d:b4:6d:b2:39:fd:9c:d0:b5:97:2a:25:e3:a0:d6:01:7b:
e6:96:ed:3c:a2:3f:8d:7c:00:a0:2e:e1:d8:9f:f5:e5:02:6b:
f6:7e:8a:a0:34:55:ad:52:5d:99:a9:eb:db:83:72:91:77:e3:
35:0a:a2:1c:4d:06:74:e6:19:a9:53:14:a5:2d:cd:66:3a:60:
af:4d:2e:75:90:b6:7d:18:68:a4:87:94:8c:b5:8a:75:2a:e0:
c9:37:44:bc:f4:b3:e8:33:50:db:9e:02:bb:75:d6:2d:f1:e6:
ec:21:18:cd:12:4d:78:7d:dd:02:9d:bc:6f:3f:f4:35:c0:cd:
0c:17:a6:d6:c6:ad:7f:f1:f6:38:3e:8a:15:b4:66:a2:b5:3c:
d0:51:3c:cb:ea:87:c9:a3:5c:e0:02:76:15:c4:13:c8:4d:d5:
2a:92:5f:83:ff:3f:a5:8d:37:88:9a:79:a0:be:3a:be:17:90:
f2:b6:a2:6d:8d:4b:c6:a8:15:55:4d:3a:e1:42:48:d6:29:a2:
c2:76:48:a0
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgICCjowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjMwNDIwMTExODM3WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDQxMWY4ZC1lZGE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6u4pX+hZ1GGW464Dgm9eCThWK4WfSes0EGFW90NdpsArxWEiarajR8TVlvQt
1d0V3oK/WqNgIVptnp7ftVg+G2qKxAUGBOmU4e9Ti3Ad5cg3WwRJBNC+/y4sgnh3
bd46NM20xETUPBIw8xPxhSHMw7cr/tFCVQwyP53bAZ2xP4jz6eGP4kCV8sHWnajr
lgt6WblpODDYDyGK89QG2PbTUywNqvHeAmwy4h3MHKENqHPUf/C0dlSpvySVYw/L
VuwnbzmFmXgU8NrVkMFDIM+1ztW5edGL2TZDZbJt4LnBKdqrVx05OaPgflvEi7QK
q8Fsb6TmV6KVNznJtN/hiXIRywIDAQABo4ICzzCCAsswHQYDVR0OBBYEFCWqSINH
vtQg10/ELKKgSwe/jfOYMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvMTg5RDUzRjZE
RjZEMTFFREE4MjUzMTIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E
SjBIMEYEAgABMEADBABxy9wwDAMEAXHL3gMEAXHL4AMEAHHL4wMEAHHL6QMEAHHL
9QMEAnHL/AMEAN8d4jAMAwQA3x3rAwQA3x3uMA0GCSqGSIb3DQEBCwUAA4IBAQBH
y4qx1pZyJjS2Rl8KzNKLD7HscJgiBOcsjPpsNPigSIqpIcwrIR81RxrKVCUCOJIB
vzxnXWPKHbRtsjn9nNC1lyol46DWAXvmlu08oj+NfACgLuHYn/XlAmv2foqgNFWt
Ul2Zqevbg3KRd+M1CqIcTQZ05hmpUxSlLc1mOmCvTS51kLZ9GGikh5SMtYp1KuDJ
N0S89LPoM1DbngK7ddYt8ebsIRjNEk14fd0CnbxvP/Q1wM0MF6bWxq1/8fY4PooV
tGaitTzQUTzL6ofJo1zgAnYVxBPITdUqkl+D/z+ljTeImnmgvjq+F5DytqJtjUvG
qBVVTTrhQkjWKaLCdkig
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:15:00 2025 by rpki-client