Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/0D8C94BAAB2811ECB3CF9363C4F9AE02.roa
File: 0D8C94BAAB2811ECB3CF9363C4F9AE02.roa (raw, json)
Hash identifier: Tfb974MicnKNzVRFU1RRV4V0Uhivo+OH4armUKzsehA=
Subject key identifier: E2:17:D6:4C:5A:D2:41:16:97:1D:D5:33:28:43:DB:5A:4F:D2:5E:4B
Certificate issuer: /CN=A9182502/serialNumber=8C3CCB4FFB89189C6EF5B34DFDAABE1806A5218A
Certificate serial: 0A3F
Authority key identifier: 8C:3C:CB:4F:FB:89:18:9C:6E:F5:B3:4D:FD:AA:BE:18:06:A5:21:8A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jDzLT_uJGJxu9bNN_aq-GAalIYo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/0D8C94BAAB2811ECB3CF9363C4F9AE02.roa
Signing time: Fri 03 Jan 2025 02:53:14 +0000
ROA not before: Fri 03 Jan 2025 02:53:14 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 141768
IP address blocks: 39.109.66.0/23 maxlen: 23
39.109.66.0/24 maxlen: 24
39.109.67.0/24 maxlen: 24
39.109.68.0/24 maxlen: 24
39.109.69.0/24 maxlen: 24
39.109.70.0/24 maxlen: 24
39.109.71.0/24 maxlen: 24
39.109.72.0/21 maxlen: 21
39.109.72.0/24 maxlen: 24
39.109.73.0/24 maxlen: 24
39.109.74.0/24 maxlen: 24
39.109.75.0/24 maxlen: 24
39.109.77.0/24 maxlen: 24
39.109.79.0/24 maxlen: 24
39.109.80.0/21 maxlen: 21
39.109.80.0/24 maxlen: 24
39.109.81.0/24 maxlen: 24
39.109.83.0/24 maxlen: 24
39.109.86.0/24 maxlen: 24
39.109.87.0/24 maxlen: 24
39.109.88.0/22 maxlen: 22
39.109.88.0/24 maxlen: 24
39.109.89.0/24 maxlen: 24
39.109.90.0/24 maxlen: 24
39.109.91.0/24 maxlen: 24
103.98.14.0/24 maxlen: 24
103.119.132.0/24 maxlen: 24
103.119.133.0/24 maxlen: 24
2403:e840:8000::/33 maxlen: 33
2403:e840:fffe::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2623 (0xa3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9182502/serialNumber=8C3CCB4FFB89189C6EF5B34DFDAABE1806A5218A
Validity
Not Before: Jan 3 02:53:14 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=6777511a-95aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f9:c1:55:80:ee:8f:85:3b:5e:e6:40:34:6d:
20:11:c3:66:64:6f:ac:9b:66:94:d6:17:0e:28:40:
7d:db:84:cd:d5:22:0b:dc:89:56:f3:c1:46:d9:82:
a5:59:c8:97:a4:f1:00:ea:2c:47:e2:cf:ea:ea:85:
3c:92:64:0e:71:d1:8a:fa:3f:ff:11:aa:7b:7d:0a:
f7:83:75:85:10:e1:e0:fc:2c:74:a9:45:e1:71:19:
16:c3:fa:2f:1c:21:7a:5c:5e:a8:7a:d1:92:15:33:
a3:ac:5e:bc:a1:43:36:36:94:38:44:83:f1:88:62:
9d:ab:74:41:7e:a7:cd:da:d3:64:a5:fc:34:33:23:
85:96:da:de:66:6a:6b:d9:ee:41:19:27:02:bc:1d:
28:50:1a:fd:f3:63:55:56:55:b2:6f:f6:4d:08:9c:
83:98:bb:d2:64:8d:60:4f:41:65:47:69:fd:46:f0:
48:b2:ab:06:52:c4:85:03:99:84:52:5e:70:42:fd:
13:91:27:3a:a5:26:ff:12:db:f1:85:db:16:83:11:
93:0c:31:b1:6d:67:a3:43:ce:3a:49:6b:94:c7:6b:
e1:95:53:ab:bc:e9:38:f1:71:1d:0c:48:de:c3:a4:
cb:5c:ae:a0:8f:0c:79:b7:b5:7d:a2:c1:07:1f:14:
79:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:17:D6:4C:5A:D2:41:16:97:1D:D5:33:28:43:DB:5A:4F:D2:5E:4B
X509v3 Authority Key Identifier:
keyid:8C:3C:CB:4F:FB:89:18:9C:6E:F5:B3:4D:FD:AA:BE:18:06:A5:21:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/jDzLT_uJGJxu9bNN_aq-GAalIYo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jDzLT_uJGJxu9bNN_aq-GAalIYo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/0D8C94BAAB2811ECB3CF9363C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
39.109.66.0-39.109.91.255
103.98.14.0/24
103.119.132.0/23
IPv6:
2403:e840:8000::/33
Signature Algorithm: sha256WithRSAEncryption
9a:9a:4f:45:4d:0c:d1:ce:fe:a1:9a:3b:d8:66:71:14:ca:ae:
43:04:35:31:74:99:e5:4a:e5:c4:64:0c:62:a8:9f:09:8f:f3:
2f:75:81:a1:0c:0b:84:4b:04:4e:25:32:97:5d:09:41:1e:ee:
3f:50:56:af:81:97:ac:12:e4:0b:66:cb:d2:ce:98:a5:28:8a:
9c:42:13:5d:d3:2f:58:dc:48:d0:d7:71:d7:75:92:32:c1:04:
c9:69:29:c0:e5:16:a5:f8:ea:77:b7:1a:4b:4b:45:5d:3f:ab:
b6:55:9a:99:43:8a:df:74:4a:fb:cb:1e:19:84:66:a5:d7:8d:
89:c2:09:dc:4b:52:57:ad:03:af:ae:7e:e7:f2:71:bb:79:df:
fe:22:60:95:8c:35:08:38:4a:c9:5f:6e:bf:da:2d:c9:90:fe:
00:7f:2c:d4:64:31:9c:ab:28:fb:3a:69:a4:3e:d6:9a:f5:0a:
0b:d8:86:0b:aa:3d:d8:58:4c:48:e5:3a:58:64:47:7f:e0:15:
88:c8:1a:ba:1d:68:bd:34:06:ed:b8:31:ec:b0:69:7f:f4:d8:
16:73:ec:b0:7d:fb:95:62:97:53:e1:ab:f9:52:97:74:89:1a:
c0:dc:c3:b3:f4:8a:6d:4d:51:67:a8:2e:69:79:e9:06:32:bd:
c9:27:6d:6d
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICCj8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODI1MDIxMTAvBgNVBAUTKDhDM0NDQjRGRkI4OTE4OUM2RUY1QjM0REZEQUFCRTE4
MDZBNTIxOEEwHhcNMjUwMTAzMDI1MzE0WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc3NTExYS05NWFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyvnBVYDuj4U7XuZANG0gEcNmZG+sm2aU1hcOKEB924TN1SIL3IlW88FG2YKl
WciXpPEA6ixH4s/q6oU8kmQOcdGK+j//Eap7fQr3g3WFEOHg/Cx0qUXhcRkWw/ov
HCF6XF6oetGSFTOjrF68oUM2NpQ4RIPxiGKdq3RBfqfN2tNkpfw0MyOFltreZmpr
2e5BGScCvB0oUBr982NVVlWyb/ZNCJyDmLvSZI1gT0FlR2n9RvBIsqsGUsSFA5mE
Ul5wQv0TkSc6pSb/EtvxhdsWgxGTDDGxbWejQ846SWuUx2vhlVOrvOk48XEdDEje
w6TLXK6gjwx5t7V9osEHHxR5CwIDAQABo4ICuTCCArUwHQYDVR0OBBYEFOIX1kxa
0kEWlx3VMyhD21pP0l5LMB8GA1UdIwQYMBaAFIw8y0/7iRicbvWzTf2qvhgGpSGK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MjUwMi9EQTE2QzYzQTcz
Q0MxMUVBQTM5OTUzMjZDNEY5QUUwMi9qRHpMVF91SkdKeHU5Yk5OX2FxLUdBYWxJ
WW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pEekxUX3VKR0p4dTliTk5fYXEtR0FhbElZby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODI1MDIvREExNkM2M0E3M0NDMTFFQUEzOTk1MzI2QzRGOUFFMDIvMEQ4Qzk0QkFB
QjI4MTFFQ0IzQ0Y5MzYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMCAEAgABMBowDAMEASdtQgMEAidtWAMEAGdiDgMEAWd3hDAOBAIAAjAIAwYH
JAPoQIAwDQYJKoZIhvcNAQELBQADggEBAJqaT0VNDNHO/qGaO9hmcRTKrkMENTF0
meVK5cRkDGKonwmP8y91gaEMC4RLBE4lMpddCUEe7j9QVq+Bl6wS5Atmy9LOmKUo
ipxCE13TL1jcSNDXcdd1kjLBBMlpKcDlFqX46ne3GktLRV0/q7ZVmplDit90SvvL
HhmEZqXXjYnCCdxLUletA6+ufufycbt53/4iYJWMNQg4Sslfbr/aLcmQ/gB/LNRk
MZyrKPs6aaQ+1pr1CgvYhguqPdhYTEjlOlhkR3/gFYjIGrodaL00Bu24MeywaX/0
2BZz7LB9+5Vil1Phq/lSl3SJGsDcw7P0im1NUWeoLml56QYyvcknbW0=
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:03:47 2025 by rpki-client