Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916AC30/760D6A648C6211EF99464085C4F9AE02/8CBE22F8D33911EF9F576474C4F9AE02.roa
File: 8CBE22F8D33911EF9F576474C4F9AE02.roa (raw, json)
Hash identifier: 72ohKD9MI8KWe2+cLtI8D2+EcsRtUej+Qleoucq8OgE=
Subject key identifier: A8:C1:D6:ED:7C:9F:9F:E1:51:DE:90:A3:4D:7B:1A:BE:CE:67:3D:8B
Certificate issuer: /CN=A916AC30/serialNumber=72E8860B2B473365BF261420D06B58A804C296B2
Certificate serial: 39
Authority key identifier: 72:E8:86:0B:2B:47:33:65:BF:26:14:20:D0:6B:58:A8:04:C2:96:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cuiGCytHM2W_JhQg0GtYqATClrI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916AC30/760D6A648C6211EF99464085C4F9AE02/8CBE22F8D33911EF9F576474C4F9AE02.roa
Signing time: Thu 16 Jan 2025 09:43:19 +0000
ROA not before: Thu 16 Jan 2025 09:43:19 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 59253
IP address blocks: 43.249.38.0/23 maxlen: 23
43.249.38.0/24 maxlen: 24
43.249.39.0/24 maxlen: 24
2001:df1:800::/48 maxlen: 48
2402:a7c0::/32 maxlen: 32
2402:a7c0:3000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57 (0x39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916AC30/serialNumber=72E8860B2B473365BF261420D06B58A804C296B2
Validity
Not Before: Jan 16 09:43:19 2025 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=6788d4b7-29ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:5b:94:be:eb:00:3d:af:c5:d6:67:89:34:d3:
88:74:16:11:00:4c:f9:55:01:2f:a9:af:5b:e1:db:
39:b5:88:2f:ab:52:4a:13:cf:86:aa:c5:cc:67:2c:
c7:96:e0:74:f6:e0:a1:11:9f:92:0f:cb:9d:ee:1e:
3e:c9:f3:74:49:ea:05:06:ed:bb:c4:25:cf:2e:85:
3a:53:f3:59:06:de:07:21:e0:15:3d:7b:bc:b4:04:
8b:d9:89:63:c1:8c:8e:73:d3:31:e9:b6:8d:f6:7b:
ad:ae:75:2b:43:c5:cb:a6:94:29:65:87:a5:7f:b7:
fd:58:6a:40:4b:a3:6e:f3:c6:13:3c:e0:5b:83:ec:
a5:f7:44:cf:89:74:a4:35:11:d9:fa:f5:3c:33:ce:
a8:b4:f2:5f:f3:83:5f:e4:0e:2e:48:15:29:6f:80:
38:e5:2b:24:51:bf:5f:ba:cd:89:61:59:ca:c6:6f:
76:3a:33:13:00:2f:9e:c6:d0:90:13:9c:e8:a9:e2:
d7:ae:b7:ac:6b:23:51:63:3f:86:b4:1f:0b:15:31:
5a:d7:db:5c:47:fe:ce:08:49:65:61:cc:bc:d0:10:
37:5f:fc:72:ac:ad:2f:11:ee:56:a2:e5:b1:be:78:
95:79:9b:92:da:ca:ee:d8:03:fa:bf:83:ee:5f:b3:
27:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C1:D6:ED:7C:9F:9F:E1:51:DE:90:A3:4D:7B:1A:BE:CE:67:3D:8B
X509v3 Authority Key Identifier:
keyid:72:E8:86:0B:2B:47:33:65:BF:26:14:20:D0:6B:58:A8:04:C2:96:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916AC30/760D6A648C6211EF99464085C4F9AE02/cuiGCytHM2W_JhQg0GtYqATClrI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cuiGCytHM2W_JhQg0GtYqATClrI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916AC30/760D6A648C6211EF99464085C4F9AE02/8CBE22F8D33911EF9F576474C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.249.38.0/23
IPv6:
2001:df1:800::/48
2402:a7c0::/32
Signature Algorithm: sha256WithRSAEncryption
7a:64:4b:b4:4b:b8:cd:46:89:67:f6:28:aa:5e:a0:ca:6f:09:
f0:79:7f:67:e5:95:8e:f0:f7:90:03:cd:78:6a:99:96:65:ef:
33:99:91:da:b6:1d:0b:f9:60:3f:a1:cd:9d:14:27:85:3d:15:
02:09:b5:ba:ac:b6:25:e5:12:1f:52:20:cc:76:d5:26:ec:5c:
b6:bf:30:4d:02:d7:ac:b9:63:34:1e:75:e7:fb:1c:2f:f8:01:
20:b5:49:d3:3d:00:7c:f2:26:cd:d2:82:e5:9d:0d:7f:ad:a3:
86:12:49:12:dc:ca:2f:8c:e8:2c:1e:07:90:a9:b4:5b:83:1f:
2d:e6:bc:46:b0:4d:c3:8d:3e:a2:40:68:2f:26:22:fa:b5:a1:
ab:c1:88:d5:c4:92:fe:09:92:33:c5:1a:6c:78:89:68:22:da:
ce:49:87:f7:ca:ec:c9:11:7f:6b:6a:be:94:34:f2:95:ba:3d:
e9:a7:a4:a0:81:e6:74:9f:4b:66:38:54:30:f6:23:60:c7:90:
79:55:96:6a:ac:2a:3a:88:66:c4:46:c8:1b:29:a9:95:1a:0c:
6a:e8:b6:5d:5e:7f:2f:b9:ba:14:3c:ae:57:9a:43:2d:1c:99:
bb:9c:81:dc:ec:d1:ed:54:c0:31:80:61:23:3b:73:7d:63:43:
8d:4e:47:3b
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBOTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
QUMzMDExMC8GA1UEBRMoNzJFODg2MEIyQjQ3MzM2NUJGMjYxNDIwRDA2QjU4QTgw
NEMyOTZCMjAeFw0yNTAxMTYwOTQzMTlaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ODhkNGI3LTI5ZWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDZW5S+6wA9r8XWZ4k004h0FhEATPlVAS+pr1vh2zm1iC+rUkoTz4aqxcxnLMeW
4HT24KERn5IPy53uHj7J83RJ6gUG7bvEJc8uhTpT81kG3gch4BU9e7y0BIvZiWPB
jI5z0zHpto32e62udStDxcumlCllh6V/t/1YakBLo27zxhM84FuD7KX3RM+JdKQ1
Edn69Twzzqi08l/zg1/kDi5IFSlvgDjlKyRRv1+6zYlhWcrGb3Y6MxMAL57G0JAT
nOip4teut6xrI1FjP4a0HwsVMVrX21xH/s4ISWVhzLzQEDdf/HKsrS8R7lai5bG+
eJV5m5Layu7YA/q/g+5fsydXAgMBAAGjggKtMIICqTAdBgNVHQ4EFgQUqMHW7Xyf
n+FR3pCjTXsavs5nPYswHwYDVR0jBBgwFoAUcuiGCytHM2W/JhQg0GtYqATClrIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZBQzMwLzc2MEQ2QTY0OEM2
MjExRUY5OTQ2NDA4NUM0RjlBRTAyL2N1aUdDeXRITTJXX0poUWcwR3RZcUFUQ2xy
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvY3VpR0N5dEhNMldfSmhRZzBHdFlxQVRDbHJJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
QUMzMC83NjBENkE2NDhDNjIxMUVGOTk0NjQwODVDNEY5QUUwMi84Q0JFMjJGOEQz
MzkxMUVGOUY1NzY0NzRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA3BggrBgEFBQcBBwEB/wQo
MCYwDAQCAAEwBgMEASv5JjAWBAIAAjAQAwcAIAEN8QgAAwUAJAKnwDANBgkqhkiG
9w0BAQsFAAOCAQEAemRLtEu4zUaJZ/Yoql6gym8J8Hl/Z+WVjvD3kAPNeGqZlmXv
M5mR2rYdC/lgP6HNnRQnhT0VAgm1uqy2JeUSH1IgzHbVJuxctr8wTQLXrLljNB51
5/scL/gBILVJ0z0AfPImzdKC5Z0Nf62jhhJJEtzKL4zoLB4HkKm0W4MfLea8RrBN
w40+okBoLyYi+rWhq8GI1cSS/gmSM8UabHiJaCLazkmH98rsyRF/a2q+lDTylbo9
6aekoIHmdJ9LZjhUMPYjYMeQeVWWaqwqOohmxEbIGymplRoMaui2XV5/L7m6FDyu
V5pDLRyZu5yB3OzR7VTAMYBhIztzfWNDjU5HOw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 02:10:42 2025 by rpki-client