Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916A447/D2075814A09C11E4B50E7B15C4F9AE02/7F3D1128DC7811EFA7D7DB49C4F9AE02.roa
File: 7F3D1128DC7811EFA7D7DB49C4F9AE02.roa (raw, json)
Hash identifier: 45spZzwYEgk7lMaVKPpv4EgfLo7rx6qAOQmI8hJ4JNg=
Subject key identifier: B7:63:09:5D:48:BD:8E:89:CE:7E:B6:BB:B6:7D:25:71:2A:0C:82:07
Certificate issuer: /CN=A916A447/serialNumber=1F68258C526C5DBC715434357D380020146440EF
Certificate serial: 2852
Authority key identifier: 1F:68:25:8C:52:6C:5D:BC:71:54:34:35:7D:38:00:20:14:64:40:EF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H2gljFJsXbxxVDQ1fTgAIBRkQO8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916A447/D2075814A09C11E4B50E7B15C4F9AE02/7F3D1128DC7811EFA7D7DB49C4F9AE02.roa
Signing time: Mon 27 Jan 2025 06:32:36 +0000
ROA not before: Mon 27 Jan 2025 06:32:36 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 132045
IP address blocks: 101.2.190.0/24 maxlen: 24
103.227.245.0/24 maxlen: 24
103.227.247.0/24 maxlen: 24
203.153.220.0/24 maxlen: 24
203.153.222.0/24 maxlen: 24
223.224.12.0/24 maxlen: 24
223.224.22.0/24 maxlen: 24
223.224.29.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10322 (0x2852)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916A447/serialNumber=1F68258C526C5DBC715434357D380020146440EF
Validity
Not Before: Jan 27 06:32:36 2025 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=67972884-7e6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:bc:a7:e9:15:d4:99:2e:3a:83:09:bb:af:0d:
b2:6a:39:99:49:c5:1b:97:a8:89:51:da:20:07:35:
86:e5:2a:8a:91:3c:d5:76:ca:84:f4:4b:8e:e9:43:
d8:df:ad:b3:0d:3d:d2:19:15:24:59:83:55:00:cb:
e7:4a:79:63:63:84:28:96:e2:54:8a:af:b1:7f:72:
af:9d:7a:fe:76:77:f3:07:10:26:32:ca:8a:2b:ff:
e9:2b:d7:a7:5e:43:42:6d:1b:21:0b:b6:62:a7:50:
ed:47:f0:8a:e0:8e:24:ca:20:b9:7e:d4:7b:3c:a3:
20:db:cc:ca:4f:b1:47:fe:fd:18:c8:cc:f4:68:f2:
8a:f9:cf:33:bb:1d:73:8e:06:af:db:a2:5e:db:65:
94:8e:a1:5e:c2:67:fc:3f:3d:1c:5b:4c:d8:84:6c:
fb:7a:17:29:d5:68:0b:a9:ce:6c:c5:58:a4:87:3a:
3d:b3:32:88:24:33:eb:f5:8a:27:26:a7:56:5a:87:
62:c4:d4:78:05:67:cc:b6:33:29:c4:68:2c:49:2e:
e7:e5:04:47:e1:af:9a:ea:ea:49:ee:18:8a:13:6d:
2b:5e:d4:bf:e4:13:dd:c7:5e:e3:b9:21:2d:a1:36:
a0:7c:4d:79:0a:59:7d:15:90:fa:a9:91:09:11:5b:
dc:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:63:09:5D:48:BD:8E:89:CE:7E:B6:BB:B6:7D:25:71:2A:0C:82:07
X509v3 Authority Key Identifier:
keyid:1F:68:25:8C:52:6C:5D:BC:71:54:34:35:7D:38:00:20:14:64:40:EF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916A447/D2075814A09C11E4B50E7B15C4F9AE02/H2gljFJsXbxxVDQ1fTgAIBRkQO8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H2gljFJsXbxxVDQ1fTgAIBRkQO8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A447/D2075814A09C11E4B50E7B15C4F9AE02/7F3D1128DC7811EFA7D7DB49C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.2.190.0/24
103.227.245.0/24
103.227.247.0/24
203.153.220.0/24
203.153.222.0/24
223.224.12.0/24
223.224.22.0/24
223.224.29.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:53:f9:b7:48:30:4a:d7:c4:9e:bb:97:33:dd:a1:3a:61:09:
c7:f2:d6:9f:e2:53:37:15:7e:17:67:89:7f:94:2f:b7:d1:31:
cc:a1:ab:b0:73:f0:24:12:95:98:88:b1:7b:1f:11:3a:82:13:
e9:20:7d:8a:14:b8:44:c8:33:9a:95:8e:08:8f:96:b7:a0:36:
38:e3:e1:81:ed:c7:8e:d8:57:f3:25:00:ec:30:83:f0:85:0c:
e9:7f:7b:f5:a8:17:df:07:0b:4c:7d:24:20:4c:11:0d:36:f7:
57:a3:9e:4c:29:0d:e1:71:dc:89:e6:a3:ee:65:51:59:54:3d:
e3:8f:c3:8f:55:fd:dd:90:5f:de:09:9a:46:dc:d1:f2:a7:32:
db:94:15:da:1f:c3:6c:b1:41:dc:2f:0a:db:7f:2c:5f:65:f3:
8f:80:71:54:b3:10:93:e1:e6:1e:67:15:ab:8f:44:76:a7:8c:
df:de:28:7d:95:71:7b:c3:fa:51:4f:53:84:84:62:33:e9:78:
d9:83:b8:b0:1c:c7:1c:42:e2:d0:88:7d:64:e8:44:1c:61:91:
a8:19:92:51:64:5b:32:67:10:a3:71:24:0d:09:b0:60:eb:76:
93:c0:00:55:df:e3:e2:64:e3:07:cd:58:14:fd:6b:03:3b:3f:
64:df:04:8e
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICKFIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkE0NDcxMTAvBgNVBAUTKDFGNjgyNThDNTI2QzVEQkM3MTU0MzQzNTdEMzgwMDIw
MTQ2NDQwRUYwHhcNMjUwMTI3MDYzMjM2WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk3Mjg4NC03ZTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt7yn6RXUmS46gwm7rw2yajmZScUbl6iJUdogBzWG5SqKkTzVdsqE9EuO6UPY
362zDT3SGRUkWYNVAMvnSnljY4QoluJUiq+xf3KvnXr+dnfzBxAmMsqKK//pK9en
XkNCbRshC7Zip1DtR/CK4I4kyiC5ftR7PKMg28zKT7FH/v0YyMz0aPKK+c8zux1z
jgav26Je22WUjqFewmf8Pz0cW0zYhGz7ehcp1WgLqc5sxVikhzo9szKIJDPr9Yon
JqdWWodixNR4BWfMtjMpxGgsSS7n5QRH4a+a6upJ7hiKE20rXtS/5BPdx17juSEt
oTagfE15Cll9FZD6qZEJEVvcQwIDAQABo4ICvzCCArswHQYDVR0OBBYEFLdjCV1I
vY6Jzn62u7Z9JXEqDIIHMB8GA1UdIwQYMBaAFB9oJYxSbF28cVQ0NX04ACAUZEDv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QTQ0Ny9EMjA3NTgxNEEw
OUMxMUU0QjUwRTdCMTVDNEY5QUUwMi9IMmdsakZKc1hieHhWRFExZlRnQUlCUmtR
TzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0gyZ2xqRkpzWGJ4eFZEUTFmVGdBSUJSa1FPOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkE0NDcvRDIwNzU4MTRBMDlDMTFFNEI1MEU3QjE1QzRGOUFFMDIvN0YzRDExMjhE
Qzc4MTFFRkE3RDdEQjQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E
OjA4MDYEAgABMDADBABlAr4DBABn4/UDBABn4/cDBADLmdwDBADLmd4DBADf4AwD
BADf4BYDBADf4B0wDQYJKoZIhvcNAQELBQADggEBAH1T+bdIMErXxJ67lzPdoTph
Ccfy1p/iUzcVfhdniX+UL7fRMcyhq7Bz8CQSlZiIsXsfETqCE+kgfYoUuETIM5qV
jgiPlregNjjj4YHtx47YV/MlAOwwg/CFDOl/e/WoF98HC0x9JCBMEQ0291ejnkwp
DeFx3Inmo+5lUVlUPeOPw49V/d2QX94Jmkbc0fKnMtuUFdofw2yxQdwvCtt/LF9l
84+AcVSzEJPh5h5nFauPRHanjN/eKH2VcXvD+lFPU4SEYjPpeNmDuLAcxxxC4tCI
fWToRBxhkagZklFkWzJnEKNxJA0JsGDrdpPAAFXf4+Jk4wfNWBT9awM7P2TfBI4=
-----END CERTIFICATE-----
Generated at Sun Apr 27 16:56:36 2025 by rpki-client