Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F91EB/50EFE074F70511E9ADBA451FC4F9AE02/827D7766AACC11EA8113F532C4F9AE02.roa
File: 827D7766AACC11EA8113F532C4F9AE02.roa (raw, json)
Hash identifier: oguEqhYGf6Whv8PqzIUzLfsgAvX4wE5CZ9/lAxwLLvs=
Subject key identifier: 37:93:38:FB:73:D7:6D:DF:76:C4:65:07:4C:40:DD:20:AC:1E:9C:90
Certificate issuer: /CN=A91F91EB/serialNumber=9BC16900802772BE629260C4AAED5F3FEF7EB3E7
Certificate serial: 0C66
Authority key identifier: 9B:C1:69:00:80:27:72:BE:62:92:60:C4:AA:ED:5F:3F:EF:7E:B3:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8FpAIAncr5ikmDEqu1fP-9-s-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F91EB/50EFE074F70511E9ADBA451FC4F9AE02/827D7766AACC11EA8113F532C4F9AE02.roa
Signing time: Mon 02 Dec 2024 18:36:47 +0000
ROA not before: Mon 02 Dec 2024 18:36:47 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 59268
IP address blocks: 27.126.221.0/24 maxlen: 24
27.126.222.0/24 maxlen: 24
27.126.223.0/24 maxlen: 24
27.126.228.0/24 maxlen: 24
27.126.229.0/24 maxlen: 24
27.126.230.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3174 (0xc66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F91EB
Validity
Not Before: Dec 2 18:36:47 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=674dfe3f-194f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:df:ee:30:0c:bd:15:8b:fb:ab:94:6e:f0:ed:
0b:be:1c:db:85:dc:33:8d:6a:78:d7:7d:4a:c7:de:
34:06:d7:2e:e4:b4:08:33:3c:33:42:ad:40:80:cf:
b5:ea:ae:cf:e3:61:e5:cd:4a:1c:d5:8b:52:f9:a9:
67:c1:10:05:4f:21:36:8a:24:5b:12:f3:74:f4:df:
fb:76:56:b3:b1:38:9d:94:b3:98:db:db:3a:aa:20:
a5:e5:98:7b:bd:70:a4:c0:91:83:b7:fa:ef:c8:c6:
8b:2c:d2:93:66:d8:e4:e4:46:36:f3:f4:c7:10:19:
37:86:ef:68:7d:2b:ef:04:a1:e5:ec:17:4a:76:15:
78:8a:47:c9:1a:93:c2:47:75:74:08:9f:60:f5:3a:
25:c6:54:61:ee:05:a0:ca:91:65:60:eb:37:06:14:
ff:97:86:90:93:0d:25:d9:b8:da:b2:f3:9d:cb:f4:
62:b3:d2:96:a6:da:0d:b0:ab:d8:00:84:69:e8:17:
49:bf:c4:66:aa:af:d4:2c:46:7b:48:b4:5c:17:ff:
6c:f0:f7:2c:c2:e7:8b:40:63:b2:72:bd:41:24:b1:
cc:ff:82:36:d9:2a:47:4c:13:8d:e2:78:cb:e3:ac:
52:84:c6:53:bb:27:ac:3a:ed:16:09:da:db:11:73:
f1:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:93:38:FB:73:D7:6D:DF:76:C4:65:07:4C:40:DD:20:AC:1E:9C:90
X509v3 Authority Key Identifier:
keyid:9B:C1:69:00:80:27:72:BE:62:92:60:C4:AA:ED:5F:3F:EF:7E:B3:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F91EB/50EFE074F70511E9ADBA451FC4F9AE02/m8FpAIAncr5ikmDEqu1fP-9-s-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8FpAIAncr5ikmDEqu1fP-9-s-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F91EB/50EFE074F70511E9ADBA451FC4F9AE02/827D7766AACC11EA8113F532C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.126.221.0-27.126.223.255
27.126.228.0-27.126.230.255
Signature Algorithm: sha256WithRSAEncryption
4a:3a:06:8d:1d:17:b9:d6:fc:51:6c:af:7d:36:14:a7:30:e3:
06:86:88:e4:0e:e0:af:34:1d:d7:dd:ec:fa:f0:c2:dd:31:a1:
12:a4:a5:2e:c9:e5:1c:16:9a:b3:3a:1b:36:c9:3e:db:c9:44:
8c:37:83:f4:a6:4c:1a:a0:11:1c:da:b8:17:65:df:a0:f3:44:
c1:9a:73:ab:0a:65:6b:8c:67:86:3c:28:bc:2c:af:11:39:05:
78:ce:c5:bc:4e:6d:35:67:5b:2e:70:2c:a6:c2:21:de:cf:69:
2d:c0:14:5f:0f:9d:49:26:cf:49:42:e1:41:64:4c:2a:49:e0:
57:55:27:db:7e:05:f9:ab:0f:dd:6d:e9:4d:7b:dc:cb:35:85:
67:14:72:b7:d1:7c:03:48:f0:4e:00:8d:04:22:79:b7:2a:7a:
2b:21:74:d4:52:ac:10:d7:9f:ab:94:7a:a2:35:5a:5d:e7:4c:
16:42:ef:a4:89:59:d3:02:8a:60:fa:a4:8f:ed:67:75:84:aa:
da:bf:a5:b0:10:87:60:a6:24:07:90:6d:03:eb:1c:66:98:9c:
55:73:ab:38:48:d5:ec:ee:fc:9d:7c:0a:08:f6:62:d4:f4:57:
2b:25:11:b2:59:4b:89:57:4e:e9:0c:3d:ea:44:dd:50:5b:95:
0d:62:e9:49
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICDGYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjkxRUIxMTAvBgNVBAUTKDlCQzE2OTAwODAyNzcyQkU2MjkyNjBDNEFBRUQ1RjNG
RUY3RUIzRTcwHhcNMjQxMjAyMTgzNjQ3WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRkZmUzZi0xOTRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx9/uMAy9FYv7q5Ru8O0LvhzbhdwzjWp4131Kx940Btcu5LQIMzwzQq1AgM+1
6q7P42HlzUoc1YtS+alnwRAFTyE2iiRbEvN09N/7dlazsTidlLOY29s6qiCl5Zh7
vXCkwJGDt/rvyMaLLNKTZtjk5EY28/THEBk3hu9ofSvvBKHl7BdKdhV4ikfJGpPC
R3V0CJ9g9TolxlRh7gWgypFlYOs3BhT/l4aQkw0l2bjasvOdy/Ris9KWptoNsKvY
AIRp6BdJv8Rmqq/ULEZ7SLRcF/9s8PcswueLQGOycr1BJLHM/4I22SpHTBON4njL
46xShMZTuyesOu0WCdrbEXPx+QIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFDeTOPtz
123fdsRlB0xA3SCsHpyQMB8GA1UdIwQYMBaAFJvBaQCAJ3K+YpJgxKrtXz/vfrPn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTFFQi81MEVGRTA3NEY3
MDUxMUU5QURCQTQ1MUZDNEY5QUUwMi9tOEZwQUlBbmNyNWlrbURFcXUxZlAtOS1z
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL204RnBBSUFuY3I1aWttREVxdTFmUC05LXMtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjkxRUIvNTBFRkUwNzRGNzA1MTFFOUFEQkE0NTFGQzRGOUFFMDIvODI3RDc3NjZB
QUNDMTFFQTgxMTNGNTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMCIEAgABMBwwDAMEABt+3QMEBRt+wDAMAwQCG37kAwQAG37mMA0GCSqGSIb3
DQEBCwUAA4IBAQBKOgaNHRe51vxRbK99NhSnMOMGhojkDuCvNB3X3ez68MLdMaES
pKUuyeUcFpqzOhs2yT7byUSMN4P0pkwaoBEc2rgXZd+g80TBmnOrCmVrjGeGPCi8
LK8ROQV4zsW8Tm01Z1sucCymwiHez2ktwBRfD51JJs9JQuFBZEwqSeBXVSfbfgX5
qw/dbelNe9zLNYVnFHK30XwDSPBOAI0EInm3KnorIXTUUqwQ15+rlHqiNVpd50wW
Qu+kiVnTAopg+qSP7Wd1hKrav6WwEIdgpiQHkG0D6xxmmJxVc6s4SNXs7vydfAoI
9mLU9FcrJRGyWUuJV07pDD3qRN1QW5UNYulJ
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:45:39 2025 by rpki-client