Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C362/6A08F492257711EFBB0B8251C4F9AE02/6492D4985B9011EF8DB48C24C4F9AE02.roa
File: 6492D4985B9011EF8DB48C24C4F9AE02.roa (raw, json)
Hash identifier: qwzpdWF6qEe+G37teYPYeVXg/jtJufhRyAF9gFyhdjU=
Subject key identifier: 29:0C:FA:D2:6F:1E:D4:6B:7B:84:1E:B9:C6:59:66:BB:1A:9E:F9:1E
Certificate issuer: /CN=A911C362/serialNumber=EA83AF4A21CBC2071F56956E5DDD584C7638FA5B
Certificate serial: 9F
Authority key identifier: EA:83:AF:4A:21:CB:C2:07:1F:56:95:6E:5D:DD:58:4C:76:38:FA:5B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6oOvSiHLwgcfVpVuXd1YTHY4-ls.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C362/6A08F492257711EFBB0B8251C4F9AE02/6492D4985B9011EF8DB48C24C4F9AE02.roa
Signing time: Tue 07 Jan 2025 05:00:28 +0000
ROA not before: Tue 07 Jan 2025 05:00:28 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 146943
IP address blocks: 43.230.203.0/24 maxlen: 24
45.113.224.0/24 maxlen: 24
45.113.226.0/24 maxlen: 24
45.113.227.0/24 maxlen: 24
45.120.137.0/24 maxlen: 24
45.120.138.0/24 maxlen: 24
157.119.41.0/24 maxlen: 24
157.119.42.0/24 maxlen: 24
157.119.43.0/24 maxlen: 24
2405:7140:2::/48 maxlen: 48
2405:7140:4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159 (0x9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C362/serialNumber=EA83AF4A21CBC2071F56956E5DDD584C7638FA5B
Validity
Not Before: Jan 7 05:00:28 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=677cb4ec-752c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:a9:6c:1b:19:98:2e:e7:b7:bb:5c:39:99:31:
85:7d:83:18:39:37:f0:88:e8:58:7f:12:bd:37:78:
1b:59:60:5e:0b:6e:64:0b:e3:b9:f8:5f:b0:68:b6:
44:54:ae:a9:6e:8e:38:17:05:fe:89:bd:61:6e:d4:
0e:52:71:de:f9:a6:88:39:22:d9:a2:6f:f6:5f:16:
ba:81:0b:a2:59:d4:39:c7:4f:4a:f3:eb:1d:22:51:
af:8c:04:7d:09:24:31:62:65:e3:31:a7:79:6d:7a:
71:b0:76:bd:e3:7b:24:01:82:c4:85:7a:e6:f8:af:
88:8d:b9:db:d5:78:2e:ce:33:ec:ea:e8:15:da:d3:
4e:80:5c:17:5c:87:96:70:f2:05:42:17:6f:99:75:
3a:37:83:11:41:5f:94:d0:c6:d1:0a:90:cc:1a:55:
f3:83:7e:8f:f4:b9:af:98:da:74:9a:d2:0b:94:d9:
39:fd:a9:cd:02:5f:f6:d5:b1:1b:4c:c9:3b:a7:16:
c7:cb:5c:d2:cc:2e:58:10:76:e5:40:60:96:0c:36:
33:24:c9:ac:b6:d7:b1:09:aa:be:33:69:54:f0:84:
32:8d:bf:ec:d9:ac:59:75:c0:1c:17:92:f6:75:d9:
60:f6:7b:88:97:f9:88:64:8d:ac:4b:34:65:61:19:
fe:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:0C:FA:D2:6F:1E:D4:6B:7B:84:1E:B9:C6:59:66:BB:1A:9E:F9:1E
X509v3 Authority Key Identifier:
keyid:EA:83:AF:4A:21:CB:C2:07:1F:56:95:6E:5D:DD:58:4C:76:38:FA:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C362/6A08F492257711EFBB0B8251C4F9AE02/6oOvSiHLwgcfVpVuXd1YTHY4-ls.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6oOvSiHLwgcfVpVuXd1YTHY4-ls.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C362/6A08F492257711EFBB0B8251C4F9AE02/6492D4985B9011EF8DB48C24C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.203.0/24
45.113.224.0/24
45.113.226.0/23
45.120.137.0-45.120.138.255
157.119.41.0-157.119.43.255
IPv6:
2405:7140:2::/48
2405:7140:4::/48
Signature Algorithm: sha256WithRSAEncryption
6d:e0:b9:ba:2a:24:5e:bb:df:06:28:86:88:aa:98:40:9b:8f:
7e:82:b0:8c:26:9e:e3:db:af:80:04:f7:da:69:19:7b:a5:a7:
6d:61:d7:09:39:f5:c5:69:2e:cf:6b:d3:6c:35:62:21:1b:e1:
9a:7a:22:9a:64:a5:e8:bc:ab:af:e6:d7:b9:da:0a:06:cf:2a:
d1:8f:ad:30:ea:f5:82:8c:cf:b9:c9:37:77:f7:9b:af:6b:54:
1b:98:c6:d7:3d:90:72:f1:1c:37:d9:1c:78:3b:ff:48:32:5b:
3e:d6:49:38:b1:ba:5c:d8:0b:1a:29:3b:01:84:4d:0d:4c:56:
9a:38:94:95:b1:ef:c5:03:ac:9f:0b:e9:88:98:a9:92:90:b2:
d3:95:93:bb:7c:ed:62:cd:03:a1:22:b8:5c:37:07:fc:fa:5d:
1c:3e:bb:40:88:e3:66:d9:2e:15:82:bf:a1:9f:83:44:88:c2:
a2:0b:0d:a3:fd:e1:42:c2:3f:0b:53:9e:c1:6c:70:67:5b:8e:
63:6b:96:69:a4:2d:12:5b:99:21:14:7c:c0:90:35:8f:a5:ea:
76:f8:d7:42:8c:d5:51:df:3a:92:71:f0:c8:f8:a9:f1:f6:82:
a3:6f:60:e5:ff:b1:2b:04:b0:a0:dd:93:e8:ad:d7:f0:97:0b:
56:42:c1:86
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgICAJ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUMzNjIxMTAvBgNVBAUTKEVBODNBRjRBMjFDQkMyMDcxRjU2OTU2RTVEREQ1ODRD
NzYzOEZBNUIwHhcNMjUwMTA3MDUwMDI4WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdjYjRlYy03NTJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1qlsGxmYLue3u1w5mTGFfYMYOTfwiOhYfxK9N3gbWWBeC25kC+O5+F+waLZE
VK6pbo44FwX+ib1hbtQOUnHe+aaIOSLZom/2Xxa6gQuiWdQ5x09K8+sdIlGvjAR9
CSQxYmXjMad5bXpxsHa943skAYLEhXrm+K+Ijbnb1XguzjPs6ugV2tNOgFwXXIeW
cPIFQhdvmXU6N4MRQV+U0MbRCpDMGlXzg36P9LmvmNp0mtILlNk5/anNAl/21bEb
TMk7pxbHy1zSzC5YEHblQGCWDDYzJMmsttexCaq+M2lU8IQyjb/s2axZdcAcF5L2
ddlg9nuIl/mIZI2sSzRlYRn+uQIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFCkM+tJv
HtRre4QeucZZZrsanvkeMB8GA1UdIwQYMBaAFOqDr0ohy8IHH1aVbl3dWEx2OPpb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzM2Mi82QTA4RjQ5MjI1
NzcxMUVGQkIwQjgyNTFDNEY5QUUwMi82b092U2lITHdnY2ZWcFZ1WGQxWVRIWTQt
bHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZvT3ZTaUhMd2djZlZwVnVYZDFZVEhZNC1scy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUMzNjIvNkEwOEY0OTIyNTc3MTFFRkJCMEI4MjUxQzRGOUFFMDIvNjQ5MkQ0OTg1
QjkwMTFFRjhEQjQ4QzI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYQYIKwYBBQUHAQcBAf8E
UjBQMDQEAgABMC4DBAAr5ssDBAAtceADBAEtceIwDAMEAC14iQMEAC14ijAMAwQA
nXcpAwQCnXcoMBgEAgACMBIDBwAkBXFAAAIDBwAkBXFAAAQwDQYJKoZIhvcNAQEL
BQADggEBAG3guboqJF673wYohoiqmECbj36CsIwmnuPbr4AE99ppGXulp21h1wk5
9cVpLs9r02w1YiEb4Zp6Ippkpei8q6/m17naCgbPKtGPrTDq9YKMz7nJN3f3m69r
VBuYxtc9kHLxHDfZHHg7/0gyWz7WSTixulzYCxopOwGETQ1MVpo4lJWx78UDrJ8L
6YiYqZKQstOVk7t87WLNA6EiuFw3B/z6XRw+u0CI42bZLhWCv6Gfg0SIwqILDaP9
4ULCPwtTnsFscGdbjmNrlmmkLRJbmSEUfMCQNY+l6nb410KM1VHfOpJx8Mj4qfH2
gqNvYOX/sSsEsKDdk+it1/CXC1ZCwYY=
-----END CERTIFICATE-----
Generated at Sun Apr 27 18:22:12 2025 by rpki-client