Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/B883270E356B11E7A51C314CC4F9AE02.roa
File: B883270E356B11E7A51C314CC4F9AE02.roa (raw, json)
Hash identifier: a1VKqNti3NCefO4XBY1n0yK29kxA5TkKwL+YsvdOyIo=
Subject key identifier: 33:43:4C:28:7C:0A:75:C8:F0:22:54:DA:EE:3B:63:23:4F:57:C7:37
Certificate issuer: /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Certificate serial: 34CD
Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/B883270E356B11E7A51C314CC4F9AE02.roa
Signing time: Fri 24 Jan 2025 16:02:36 +0000
ROA not before: Fri 24 Jan 2025 16:02:36 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 38778
IP address blocks: 45.64.4.0/22 maxlen: 22
45.64.4.0/23 maxlen: 23
45.64.4.0/24 maxlen: 24
45.64.5.0/24 maxlen: 24
45.64.6.0/23 maxlen: 23
45.64.6.0/24 maxlen: 24
45.64.7.0/24 maxlen: 24
103.228.236.0/22 maxlen: 22
103.228.236.0/23 maxlen: 23
103.228.236.0/24 maxlen: 24
103.228.237.0/24 maxlen: 24
103.228.238.0/23 maxlen: 23
103.228.238.0/24 maxlen: 24
103.228.239.0/24 maxlen: 24
115.69.216.0/21 maxlen: 21
115.69.216.0/22 maxlen: 22
115.69.216.0/23 maxlen: 23
115.69.216.0/24 maxlen: 24
115.69.217.0/24 maxlen: 24
115.69.218.0/23 maxlen: 23
115.69.218.0/24 maxlen: 24
115.69.219.0/24 maxlen: 24
115.69.220.0/22 maxlen: 22
115.69.220.0/23 maxlen: 23
115.69.220.0/24 maxlen: 24
115.69.221.0/24 maxlen: 24
115.69.222.0/23 maxlen: 23
115.69.222.0/24 maxlen: 24
115.69.223.0/24 maxlen: 24
2407:f900::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13517 (0x34cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186214
Validity
Not Before: Jan 24 16:02:36 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6793b99c-0e1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:89:0f:19:05:44:0c:06:f0:82:33:86:c1:aa:
2c:8c:81:e1:43:d9:55:93:06:7d:65:8a:74:0e:a9:
11:bf:8a:7a:28:ce:fa:59:61:fe:7a:e6:aa:88:cc:
34:14:52:5b:82:1d:0b:a2:04:1f:01:5c:fd:d5:ed:
43:af:02:21:31:99:28:79:53:1e:8e:cb:52:b5:41:
7a:e8:63:fd:82:98:10:32:6b:a9:c2:c7:68:2a:86:
22:ac:b8:a2:22:6a:d2:40:94:4f:4a:03:d2:e3:7c:
ef:d7:aa:32:a8:e8:4e:fc:bf:fe:55:c6:87:d0:c8:
da:4d:73:33:38:1c:08:5b:4b:b4:ca:24:b7:a7:5e:
38:ac:04:35:41:f4:2a:ad:64:3c:93:f3:eb:89:e1:
17:b0:e3:b3:9d:18:92:74:c5:72:88:c0:56:55:1f:
02:6d:d4:11:b9:4f:4e:31:92:46:9e:38:15:62:63:
22:39:70:9c:49:f2:76:81:2c:13:23:fd:87:07:7d:
95:13:ea:8c:f4:eb:85:97:96:c2:32:19:da:65:de:
85:91:04:f1:fe:9e:97:03:41:c8:35:e7:09:91:22:
c9:41:ef:0e:9d:10:56:32:49:08:d7:43:95:6e:19:
a8:5d:c0:63:2c:0c:6b:f3:1f:9f:74:5c:6e:01:80:
fd:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:43:4C:28:7C:0A:75:C8:F0:22:54:DA:EE:3B:63:23:4F:57:C7:37
X509v3 Authority Key Identifier:
keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/B883270E356B11E7A51C314CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.64.4.0/22
103.228.236.0/22
115.69.216.0/21
IPv6:
2407:f900::/32
Signature Algorithm: sha256WithRSAEncryption
62:2a:fe:33:7f:ee:c5:55:47:2c:51:b4:40:35:11:df:ee:a1:
85:0d:50:c1:2a:76:bb:e1:b6:74:12:03:de:86:d1:b6:12:52:
70:36:4f:40:64:e8:e0:e2:82:92:b4:d3:51:e6:fc:a7:be:bc:
45:4f:74:41:57:4c:b3:f6:33:bb:e6:06:a6:e3:b2:b6:36:cb:
77:c1:2c:e9:2b:7a:ea:59:11:b3:42:09:d6:c8:d5:bf:a8:11:
ec:41:04:77:4c:70:52:f9:73:04:ac:2b:27:d9:0b:19:ad:23:
2e:e4:6d:e7:d8:47:b9:59:7d:b7:86:e7:35:4e:00:02:59:e4:
ec:be:71:3f:e8:dc:59:0d:a5:e1:1c:68:4d:01:45:ad:ad:26:
66:73:e9:3a:ef:4e:25:a4:6b:6f:b8:19:e0:31:6b:4f:a8:0c:
a9:73:ff:f4:57:f5:51:a5:26:f0:06:b8:74:69:cf:2a:76:d3:
d3:8b:65:0c:57:d6:2a:29:cc:c6:74:9e:a6:49:f9:e4:67:fb:
d0:1c:c8:a4:6f:e5:33:c5:5b:4f:06:58:40:79:ca:67:f1:eb:
dd:f6:7e:f6:3f:b7:a1:ec:45:da:a6:f6:fa:a3:eb:27:89:74:
65:25:5a:8f:f9:e1:52:c4:0e:ac:82:96:7e:e8:c2:bc:e8:5a:
1e:86:7c:f0
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICNM0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG
QUIyNEQ3RTcwHhcNMjUwMTI0MTYwMjM2WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkzYjk5Yy0wZTFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyYkPGQVEDAbwgjOGwaosjIHhQ9lVkwZ9ZYp0DqkRv4p6KM76WWH+euaqiMw0
FFJbgh0LogQfAVz91e1DrwIhMZkoeVMejstStUF66GP9gpgQMmupwsdoKoYirLii
ImrSQJRPSgPS43zv16oyqOhO/L/+VcaH0MjaTXMzOBwIW0u0yiS3p144rAQ1QfQq
rWQ8k/PrieEXsOOznRiSdMVyiMBWVR8CbdQRuU9OMZJGnjgVYmMiOXCcSfJ2gSwT
I/2HB32VE+qM9OuFl5bCMhnaZd6FkQTx/p6XA0HINecJkSLJQe8OnRBWMkkI10OV
bhmoXcBjLAxr8x+fdFxuAYD9lwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFDNDTCh8
CnXI8CJU2u47YyNPV8c3MB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz
MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvQjg4MzI3MEUz
NTZCMTFFN0E1MUMzMTRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAItQAQDBAJn5OwDBANzRdgwDQQCAAIwBwMFACQH+QAwDQYJ
KoZIhvcNAQELBQADggEBAGIq/jN/7sVVRyxRtEA1Ed/uoYUNUMEqdrvhtnQSA96G
0bYSUnA2T0Bk6ODigpK001Hm/Ke+vEVPdEFXTLP2M7vmBqbjsrY2y3fBLOkreupZ
EbNCCdbI1b+oEexBBHdMcFL5cwSsKyfZCxmtIy7kbefYR7lZfbeG5zVOAAJZ5Oy+
cT/o3FkNpeEcaE0BRa2tJmZz6TrvTiWka2+4GeAxa0+oDKlz//RX9VGlJvAGuHRp
zyp209OLZQxX1iopzMZ0nqZJ+eRn+9AcyKRv5TPFW08GWEB5ymfx6932fvY/t6Hs
Rdqm9vqj6yeJdGUlWo/54VLEDqyCln7owrzoWh6GfPA=
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:42:53 2025 by rpki-client