Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/D9E23E4A6D4C11EB938EC44DC4F9AE02.roa
File: D9E23E4A6D4C11EB938EC44DC4F9AE02.roa (raw, json)
Hash identifier: jV1pO0tJQkm8tDF//+xAb/Vr8QQlVyReb+p4WbFsB4g=
Subject key identifier: 30:39:A2:F3:3E:3E:37:1A:C5:40:D2:4C:3F:2C:4B:CC:3C:93:8F:6F
Certificate issuer: /CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Certificate serial: 36C8
Authority key identifier: 9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/D9E23E4A6D4C11EB938EC44DC4F9AE02.roa
Signing time: Sat 22 Mar 2025 15:01:17 +0000
ROA not before: Sat 22 Mar 2025 15:01:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 45595
IP address blocks: 39.32.0.0/11 maxlen: 15
39.32.0.0/16 maxlen: 24
39.33.0.0/16 maxlen: 24
39.34.0.0/16 maxlen: 24
39.35.0.0/16 maxlen: 24
39.36.0.0/16 maxlen: 24
39.37.0.0/16 maxlen: 24
39.38.0.0/16 maxlen: 24
39.39.0.0/16 maxlen: 24
39.40.0.0/16 maxlen: 24
39.41.0.0/16 maxlen: 24
39.42.0.0/16 maxlen: 24
39.43.0.0/16 maxlen: 24
39.44.0.0/16 maxlen: 24
39.45.0.0/16 maxlen: 24
39.46.0.0/16 maxlen: 24
39.47.0.0/16 maxlen: 24
39.48.0.0/16 maxlen: 24
39.49.0.0/16 maxlen: 24
39.50.0.0/16 maxlen: 24
39.51.0.0/16 maxlen: 24
39.52.0.0/16 maxlen: 24
39.53.0.0/16 maxlen: 24
39.54.0.0/16 maxlen: 24
39.55.0.0/16 maxlen: 24
39.56.0.0/16 maxlen: 24
39.57.0.0/16 maxlen: 24
39.58.0.0/16 maxlen: 24
39.59.0.0/16 maxlen: 24
39.60.0.0/16 maxlen: 24
39.61.0.0/16 maxlen: 24
39.62.0.0/16 maxlen: 24
39.63.0.0/16 maxlen: 24
58.181.96.0/20 maxlen: 24
58.181.112.0/20 maxlen: 24
59.103.0.0/16 maxlen: 24
103.28.152.0/22 maxlen: 24
116.71.0.0/16 maxlen: 24
119.152.0.0/13 maxlen: 15
119.152.0.0/16 maxlen: 24
119.153.0.0/16 maxlen: 24
119.154.0.0/16 maxlen: 24
119.155.0.0/16 maxlen: 24
119.156.0.0/16 maxlen: 24
119.157.0.0/16 maxlen: 24
119.158.0.0/16 maxlen: 24
119.159.0.0/16 maxlen: 24
182.176.0.0/12 maxlen: 15
182.176.0.0/16 maxlen: 24
182.177.0.0/16 maxlen: 24
182.178.0.0/16 maxlen: 24
182.179.0.0/16 maxlen: 24
182.180.0.0/16 maxlen: 24
182.181.0.0/16 maxlen: 24
182.182.0.0/16 maxlen: 24
182.183.0.0/16 maxlen: 24
182.184.0.0/16 maxlen: 24
182.185.0.0/16 maxlen: 24
182.186.0.0/16 maxlen: 24
182.187.0.0/16 maxlen: 24
182.188.0.0/16 maxlen: 24
182.189.0.0/16 maxlen: 24
182.190.0.0/16 maxlen: 24
182.191.0.0/16 maxlen: 24
203.99.160.0/19 maxlen: 24
203.135.0.0/18 maxlen: 24
2404:7000::/32 maxlen: 48
2404:7000:0:3::/64 maxlen: 64
2404:7000:0:12::/64 maxlen: 64
2404:7000:0:302::/64 maxlen: 64
2404:7000:1000::/64 maxlen: 64
2404:7000:1010::/64 maxlen: 64
2404:7000:6000::/64 maxlen: 64
2404:7000:6100::/64 maxlen: 64
2404:7000:b100::/64 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14024 (0x36c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A0832
Validity
Not Before: Mar 22 15:01:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67ded0bd-675a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:81:32:8d:e6:c5:17:5c:c4:cb:4f:c9:47:57:
02:7e:08:4f:cc:85:f6:db:e2:36:a1:fc:6a:79:3b:
42:c7:f6:93:6d:f1:6e:76:61:77:58:ed:b5:8d:7a:
1f:64:f5:83:ab:03:7e:fa:1c:e5:fe:57:99:86:52:
50:ef:35:5e:e8:3e:2e:64:75:8f:79:09:13:a1:08:
fc:06:87:d6:1b:f4:d6:e8:9d:c4:f9:7a:a0:ce:82:
87:7c:3f:8b:e6:83:a8:a3:98:46:17:fd:a6:cf:d0:
92:bc:41:a6:27:cf:6e:c8:6c:c3:66:43:f1:09:1a:
3f:64:fc:7b:f5:7c:0a:c3:19:71:9c:61:2b:a2:8c:
55:7b:ac:95:7f:ac:49:3c:35:c2:2a:13:0d:9b:0a:
62:83:1b:22:ad:04:0e:96:2d:64:4e:d8:23:4e:fb:
7e:90:71:08:d9:78:8a:d7:c5:e5:aa:f7:d1:01:71:
1f:49:71:57:ca:78:1a:a4:9a:53:da:a7:fa:dd:40:
a9:e5:38:2b:96:88:dd:69:9a:58:d5:24:fb:3f:1d:
95:91:19:5d:83:ec:a8:71:3d:11:3d:cd:fc:74:a0:
73:67:23:b6:de:9f:ab:c4:06:fc:ca:18:62:96:12:
1a:39:39:be:30:e8:ff:ab:4b:a6:3e:c4:59:81:1d:
00:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:39:A2:F3:3E:3E:37:1A:C5:40:D2:4C:3F:2C:4B:CC:3C:93:8F:6F
X509v3 Authority Key Identifier:
keyid:9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/D9E23E4A6D4C11EB938EC44DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
39.32.0.0/11
58.181.96.0/19
59.103.0.0/16
103.28.152.0/22
116.71.0.0/16
119.152.0.0/13
182.176.0.0/12
203.99.160.0/19
203.135.0.0/18
IPv6:
2404:7000::/32
Signature Algorithm: sha256WithRSAEncryption
92:9b:de:cf:df:6d:ad:2a:b0:e7:20:98:10:20:c7:3d:a3:0f:
3e:86:6e:63:02:95:77:4c:dc:75:cc:3f:cd:a6:5d:80:bc:ed:
04:62:02:10:46:42:80:14:e9:e7:15:eb:0b:ae:9f:f5:9d:ea:
1c:c8:4c:10:3e:f4:a5:34:a5:7a:97:65:ba:1f:e5:2c:a1:8d:
12:b4:d5:08:c7:b0:79:bc:b6:2e:43:2a:96:75:8b:62:95:a6:
c5:10:b5:cd:5a:61:fd:03:7d:c0:01:43:34:7b:c4:51:3b:c2:
da:1c:a4:f7:c3:15:2a:c0:41:38:9c:85:d8:2e:ba:ff:a5:65:
12:03:cc:9e:35:c4:b0:c3:1e:c6:df:a1:42:f7:e6:3f:33:f7:
f5:74:eb:aa:e0:1c:00:32:91:a4:e3:0e:a7:e2:d2:5f:24:b2:
a9:96:e6:d1:60:da:a0:d0:dd:52:ed:af:ed:90:31:91:85:50:
c0:66:b0:19:1a:d4:6f:53:02:d2:3b:65:da:d7:d1:17:76:c7:
b6:f9:95:4e:9b:a6:c3:7d:29:38:d0:59:ea:63:6f:68:16:cc:
78:ed:2c:ab:0a:5b:b8:79:2e:6c:54:c4:47:a8:4f:52:2d:1a:
39:00:99:93:04:98:11:53:31:26:65:0c:6d:d6:2b:b8:1a:c8:
91:ad:ac:76
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgICNsgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTA4MzIxMTAvBgNVBAUTKDlFRDkwNTUxMDdDNzBGODVCQjkxQThEQTAyNzBCNUNB
NzYwQUVCNTQwHhcNMjUwMzIyMTUwMTE3WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RlZDBiZC02NzVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9IEyjebFF1zEy0/JR1cCfghPzIX22+I2ofxqeTtCx/aTbfFudmF3WO21jXof
ZPWDqwN++hzl/leZhlJQ7zVe6D4uZHWPeQkToQj8BofWG/TW6J3E+XqgzoKHfD+L
5oOoo5hGF/2mz9CSvEGmJ89uyGzDZkPxCRo/ZPx79XwKwxlxnGErooxVe6yVf6xJ
PDXCKhMNmwpigxsirQQOli1kTtgjTvt+kHEI2XiK18XlqvfRAXEfSXFXyngapJpT
2qf63UCp5TgrlojdaZpY1ST7Px2VkRldg+yocT0RPc38dKBzZyO23p+rxAb8yhhi
lhIaOTm+MOj/q0umPsRZgR0AuQIDAQABo4ICzzCCAsswHQYDVR0OBBYEFDA5ovM+
PjcaxUDSTD8sS8w8k49vMB8GA1UdIwQYMBaAFJ7ZBVEHxw+Fu5Go2gJwtcp2CutU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDgzMi85REFGNzgwRTFE
OTQxMUUyOTkwMUYzRjgwOEIwMkNEMi9udGtGVVFmSEQ0VzdrYWphQW5DMXluWUs2
MVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL250a0ZVUWZIRDRXN2thamFBbkMxeW5ZSzYxUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTA4MzIvOURBRjc4MEUxRDk0MTFFMjk5MDFGM0Y4MDhCMDJDRDIvRDlFMjNFNEE2
RDRDMTFFQjkzOEVDNDREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E
SjBIMDcEAgABMDEDAwUnIAMEBTq1YAMDADtnAwQCZxyYAwMAdEcDAwN3mAMDBLaw
AwQFy2OgAwQGy4cAMA0EAgACMAcDBQAkBHAAMA0GCSqGSIb3DQEBCwUAA4IBAQCS
m97P322tKrDnIJgQIMc9ow8+hm5jApV3TNx1zD/Npl2AvO0EYgIQRkKAFOnnFesL
rp/1neocyEwQPvSlNKV6l2W6H+UsoY0StNUIx7B5vLYuQyqWdYtilabFELXNWmH9
A33AAUM0e8RRO8LaHKT3wxUqwEE4nIXYLrr/pWUSA8yeNcSwwx7G36FC9+Y/M/f1
dOuq4BwAMpGk4w6n4tJfJLKplubRYNqg0N1S7a/tkDGRhVDAZrAZGtRvUwLSO2Xa
19EXdse2+ZVOm6bDfSk40FnqY29oFsx47SyrClu4eS5sVMRHqE9SLRo5AJmTBJgR
UzEmZQxt1iu4GsiRrax2
-----END CERTIFICATE-----
Generated at Thu Apr 10 07:01:55 2025 by rpki-client