Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912096C/1D31C184289211EBAC8CCE13C4F9AE02/7D7B467CE06011EDBB10FD53C4F9AE02.roa
File: 7D7B467CE06011EDBB10FD53C4F9AE02.roa (raw, json)
Hash identifier: RF8Kiol9Bl+cT8NMkiixB2yHl7PyCHbWNwT/OTtymFg=
Subject key identifier: 21:92:BF:3E:3D:97:99:98:99:DD:7D:8B:34:09:AD:B1:75:1F:31:90
Certificate issuer: /CN=A912096C/serialNumber=8197663A7F6347D591B6B2B9ADD5A2D574E91124
Certificate serial: 06A0
Authority key identifier: 81:97:66:3A:7F:63:47:D5:91:B6:B2:B9:AD:D5:A2:D5:74:E9:11:24
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gZdmOn9jR9WRtrK5rdWi1XTpESQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912096C/1D31C184289211EBAC8CCE13C4F9AE02/7D7B467CE06011EDBB10FD53C4F9AE02.roa
Signing time: Wed 05 Jun 2024 00:12:47 +0000
ROA not before: Wed 05 Jun 2024 00:12:47 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 45250
IP address blocks: 114.199.64.0/24 maxlen: 24
114.199.66.0/24 maxlen: 24
114.199.72.0/24 maxlen: 24
114.199.76.0/24 maxlen: 24
114.199.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1696 (0x6a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912096C
Validity
Not Before: Jun 5 00:12:47 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=665fad7e-ae9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a5:22:5f:14:bc:fb:85:69:fa:92:41:62:df:
27:11:60:9e:17:04:6b:d9:f0:40:11:3e:5f:7f:e8:
1b:70:48:fa:b8:7c:2d:1f:94:4a:17:f2:9b:27:2d:
62:dd:a5:a3:0b:de:28:c1:e8:f7:c6:6a:e5:3f:e6:
5f:ea:d1:ba:c9:f3:d4:ef:51:2f:54:5e:73:a9:45:
ca:f0:5d:ac:ce:93:e9:d9:a0:e2:6f:46:b8:f8:52:
a8:77:e0:0b:2f:60:06:60:85:4d:80:3c:22:08:ed:
da:91:68:88:cc:f4:2d:36:ec:18:7e:3f:d4:c8:fa:
7a:9c:16:9e:6b:61:95:9f:06:01:f0:07:77:55:65:
24:87:0e:15:30:5f:0e:ad:fe:20:b3:b5:1f:d8:d4:
fc:ee:5b:6c:fd:31:f1:fe:aa:89:5e:27:b4:fb:ef:
af:49:1d:2a:28:84:e6:65:2a:1f:35:41:ce:2c:ef:
52:69:34:d2:99:7a:67:d5:40:56:67:5a:fe:a5:25:
b8:64:40:81:e2:38:45:2a:09:68:91:a7:19:fb:0d:
26:3f:11:1a:90:a9:e3:08:eb:92:e9:54:c9:c7:45:
65:dc:81:6c:9c:75:e0:ec:9d:2c:12:69:d8:6a:86:
1e:fb:6e:dc:cf:97:61:27:11:ae:f9:8d:93:e4:43:
7b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:92:BF:3E:3D:97:99:98:99:DD:7D:8B:34:09:AD:B1:75:1F:31:90
X509v3 Authority Key Identifier:
keyid:81:97:66:3A:7F:63:47:D5:91:B6:B2:B9:AD:D5:A2:D5:74:E9:11:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912096C/1D31C184289211EBAC8CCE13C4F9AE02/gZdmOn9jR9WRtrK5rdWi1XTpESQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gZdmOn9jR9WRtrK5rdWi1XTpESQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912096C/1D31C184289211EBAC8CCE13C4F9AE02/7D7B467CE06011EDBB10FD53C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
114.199.64.0/24
114.199.66.0/24
114.199.72.0/24
114.199.76.0/24
114.199.79.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:25:89:60:70:85:70:78:7f:a5:fe:2a:df:d9:a7:7f:4b:45:
53:71:8f:b3:94:73:97:c3:75:c5:fb:95:c5:f3:a3:45:a9:c5:
0b:37:1d:55:dd:92:a1:2c:cd:f7:ad:9a:23:13:2d:06:7e:86:
79:71:31:03:be:a5:8d:72:43:b5:f0:c9:08:dd:ee:b7:12:d2:
48:0f:44:cd:39:e0:c3:6a:fe:b7:dc:b9:f7:96:9f:50:f9:fa:
1f:1a:f9:61:76:5d:90:43:c3:29:d6:57:3f:10:1a:d3:4b:5b:
28:00:4e:57:a0:24:be:79:51:55:c4:49:51:65:bd:96:12:87:
55:8c:ba:2d:06:2d:aa:bd:6f:39:ce:48:10:65:7a:14:5a:05:
10:32:91:7f:46:c6:e6:d3:0e:3b:68:13:89:55:d0:65:04:45:
ae:62:09:a1:87:0a:ac:ae:55:78:83:eb:77:41:b6:33:c1:7c:
ba:c2:cd:7f:fe:bb:50:f6:68:94:77:2d:65:7c:c9:27:9d:63:
43:cc:35:a8:3d:da:d8:0c:95:28:8c:7b:aa:05:a1:36:8a:67:
07:9e:82:c9:11:a4:f4:dd:5a:44:27:6f:46:12:32:d0:3f:62:
df:9e:d7:85:58:9b:c8:68:6c:21:20:09:33:7e:51:b9:2b:e9:
ec:cd:7f:da
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICBqAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjA5NkMxMTAvBgNVBAUTKDgxOTc2NjNBN0Y2MzQ3RDU5MUI2QjJCOUFERDVBMkQ1
NzRFOTExMjQwHhcNMjQwNjA1MDAxMjQ3WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjVmYWQ3ZS1hZTliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt6UiXxS8+4Vp+pJBYt8nEWCeFwRr2fBAET5ff+gbcEj6uHwtH5RKF/KbJy1i
3aWjC94owej3xmrlP+Zf6tG6yfPU71EvVF5zqUXK8F2szpPp2aDib0a4+FKod+AL
L2AGYIVNgDwiCO3akWiIzPQtNuwYfj/UyPp6nBaea2GVnwYB8Ad3VWUkhw4VMF8O
rf4gs7Uf2NT87lts/THx/qqJXie0+++vSR0qKITmZSofNUHOLO9SaTTSmXpn1UBW
Z1r+pSW4ZECB4jhFKglokacZ+w0mPxEakKnjCOuS6VTJx0Vl3IFsnHXg7J0sEmnY
aoYe+27cz5dhJxGu+Y2T5EN7hQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFCGSvz49
l5mYmd19izQJrbF1HzGQMB8GA1UdIwQYMBaAFIGXZjp/Y0fVkbayua3VotV06REk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMDk2Qy8xRDMxQzE4NDI4
OTIxMUVCQUM4Q0NFMTNDNEY5QUUwMi9nWmRtT245alI5V1J0cks1cmRXaTFYVHBF
U1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2daZG1PbjlqUjlXUnRySzVyZFdpMVhUcEVTUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjA5NkMvMUQzMUMxODQyODkyMTFFQkFDOENDRTEzQzRGOUFFMDIvN0Q3QjQ2N0NF
MDYwMTFFREJCMTBGRDUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAByx0ADBAByx0IDBAByx0gDBAByx0wDBAByx08wDQYJKoZI
hvcNAQELBQADggEBAKUliWBwhXB4f6X+Kt/Zp39LRVNxj7OUc5fDdcX7lcXzo0Wp
xQs3HVXdkqEszfetmiMTLQZ+hnlxMQO+pY1yQ7XwyQjd7rcS0kgPRM054MNq/rfc
ufeWn1D5+h8a+WF2XZBDwynWVz8QGtNLWygATlegJL55UVXESVFlvZYSh1WMui0G
Laq9bznOSBBlehRaBRAykX9GxubTDjtoE4lV0GUERa5iCaGHCqyuVXiD63dBtjPB
fLrCzX/+u1D2aJR3LWV8ySedY0PMNag92tgMlSiMe6oFoTaKZweegskRpPTdWkQn
b0YSMtA/Yt+e14VYm8hobCEgCTN+Ubkr6ezNf9o=
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:20:56 2025 by rpki-client