Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B132FEB2DEE511EF9D6C9747C4F9AE02.roa
File: B132FEB2DEE511EF9D6C9747C4F9AE02.roa (raw, json)
Hash identifier: ajGY9V895PGXfkpb1r4kHMGqm+OzjgDGNcRqVEfRgCM=
Subject key identifier: 4D:BC:A5:D0:A8:84:0B:E4:34:1D:A7:74:68:71:B3:B3:53:4D:3D:A3
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A41A
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B132FEB2DEE511EF9D6C9747C4F9AE02.roa
Signing time: Thu 30 Jan 2025 08:39:17 +0000
ROA not before: Thu 30 Jan 2025 08:39:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133001
IP address blocks: 43.225.160.0/22 maxlen: 24
43.251.216.0/22 maxlen: 24
45.117.220.0/22 maxlen: 24
45.119.44.0/22 maxlen: 22
45.119.44.0/24 maxlen: 24
45.119.45.0/24 maxlen: 24
45.119.46.0/24 maxlen: 24
45.119.47.0/24 maxlen: 24
103.38.36.0/22 maxlen: 24
103.42.166.0/23 maxlen: 24
103.51.132.0/24 maxlen: 24
103.51.133.0/24 maxlen: 24
103.51.134.0/24 maxlen: 24
103.51.135.0/24 maxlen: 24
103.54.76.0/24 maxlen: 24
103.54.77.0/24 maxlen: 24
103.110.102.0/24 maxlen: 24
103.114.0.0/22 maxlen: 23
103.114.2.0/23 maxlen: 24
103.116.147.0/24 maxlen: 24
103.140.26.0/24 maxlen: 24
103.140.27.0/24 maxlen: 24
103.165.68.0/24 maxlen: 24
103.165.69.0/24 maxlen: 24
103.176.74.0/23 maxlen: 24
103.176.210.0/24 maxlen: 24
103.176.211.0/24 maxlen: 24
103.196.76.0/22 maxlen: 24
103.200.74.0/23 maxlen: 23
103.201.148.0/22 maxlen: 24
103.239.168.0/24 maxlen: 24
103.239.169.0/24 maxlen: 24
103.239.170.0/24 maxlen: 24
103.239.171.0/24 maxlen: 24
111.125.225.0/24 maxlen: 24
183.87.251.0/24 maxlen: 24
183.87.252.0/22 maxlen: 24
202.94.160.0/22 maxlen: 24
2401:b240::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42010 (0xa41a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jan 30 08:39:17 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=679b3ab5-cde5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2c:ff:35:c7:86:f0:a3:d8:5a:d9:a5:6e:f8:
d1:70:93:f6:59:a5:c1:91:1f:8e:42:29:1a:5d:15:
02:89:38:0b:a4:07:c4:02:a2:c5:96:0e:ee:a2:72:
15:eb:10:8a:82:04:09:bd:16:17:3e:02:71:ba:4a:
0e:ad:14:5d:40:c9:14:a0:4c:19:bb:65:52:b0:73:
33:75:29:5d:5e:cb:45:3b:a2:d9:58:74:ee:23:aa:
de:90:ab:2c:e6:51:cd:6a:b7:18:e2:5b:38:8e:bd:
db:61:ab:38:a6:eb:9c:ea:c1:60:5d:62:97:57:f3:
37:57:fb:6a:db:45:b3:c4:31:b3:9c:26:b8:ec:f7:
f3:e8:a6:40:c9:b9:86:94:8f:e8:d9:d2:39:3b:9f:
06:72:f0:f7:78:ce:2a:f5:f9:b2:17:f6:80:80:ab:
57:84:9b:06:26:02:77:23:ab:11:41:5d:de:07:c0:
4c:0b:15:9c:ee:60:af:0b:e2:4f:a7:1f:f1:d3:ed:
47:26:0f:ed:41:96:35:83:d8:63:74:ed:79:bf:35:
3d:b8:a6:ca:88:26:72:53:fb:03:35:73:5d:5b:1e:
0b:07:e5:f3:03:0f:4e:fa:be:68:0b:b1:34:da:83:
25:84:1f:20:54:a3:54:f3:88:bc:04:22:ae:c2:e0:
92:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:BC:A5:D0:A8:84:0B:E4:34:1D:A7:74:68:71:B3:B3:53:4D:3D:A3
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B132FEB2DEE511EF9D6C9747C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.160.0/22
43.251.216.0/22
45.117.220.0/22
45.119.44.0/22
103.38.36.0/22
103.42.166.0/23
103.51.132.0/22
103.54.76.0/23
103.110.102.0/24
103.114.0.0/22
103.116.147.0/24
103.140.26.0/23
103.165.68.0/23
103.176.74.0/23
103.176.210.0/23
103.196.76.0/22
103.200.74.0/23
103.201.148.0/22
103.239.168.0/22
111.125.225.0/24
183.87.251.0-183.87.255.255
202.94.160.0/22
IPv6:
2401:b240::/32
Signature Algorithm: sha256WithRSAEncryption
65:8d:07:09:7b:f9:a2:42:e1:62:65:6b:28:be:1c:2d:57:2f:
97:cb:9d:6d:12:7f:04:80:84:c7:fc:4b:dc:d2:da:ef:5b:45:
36:0e:3f:7e:3f:97:f2:36:55:c8:b0:be:55:4d:f0:63:98:7a:
63:eb:a6:1d:2d:52:ab:15:fb:77:5c:99:56:d5:71:6a:12:ed:
a5:f8:2e:02:85:ea:d9:1d:05:3c:c8:c4:f1:2c:2c:27:30:8f:
59:c6:52:8f:bc:e9:90:c2:cc:20:e2:ca:f5:14:ce:ef:3e:33:
f7:94:b5:5f:b7:ac:7c:d9:cb:42:dd:99:ef:0a:d1:bc:63:56:
1f:32:4a:5c:16:df:34:76:e9:24:26:b5:2b:5a:22:b9:b0:59:
38:61:14:4f:18:e3:ba:36:40:21:ed:53:d2:46:e0:28:31:59:
e3:03:ed:c0:90:46:57:77:d6:cd:fa:33:c9:0c:61:1c:17:43:
9e:4f:86:b9:6d:3a:7a:72:c4:77:f4:d7:56:1b:06:ba:13:5a:
d0:d7:1a:f0:4b:dc:44:b1:ef:14:b3:ac:93:d1:de:a2:b2:fd:
e8:51:f4:98:63:5e:99:ef:0a:6b:89:85:87:b9:72:8e:2a:dd:
5f:51:e3:08:66:88:c9:24:be:ee:34:72:c3:6f:9a:d9:9f:ec:
33:fa:b6:48
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgIDAKQaMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDEzMDA4MzkxN1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc5YjNhYjUtY2RlNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0s/zXHhvCj2FrZpW740XCT9lmlwZEfjkIpGl0VAok4C6QHxAKixZYO7qJy
FesQioIECb0WFz4CcbpKDq0UXUDJFKBMGbtlUrBzM3UpXV7LRTui2Vh07iOq3pCr
LOZRzWq3GOJbOI6922GrOKbrnOrBYF1il1fzN1f7attFs8Qxs5wmuOz38+imQMm5
hpSP6NnSOTufBnLw93jOKvX5shf2gICrV4SbBiYCdyOrEUFd3gfATAsVnO5grwvi
T6cf8dPtRyYP7UGWNYPYY3Tteb81PbimyogmclP7AzVzXVseCwfl8wMPTvq+aAux
NNqDJYQfIFSjVPOIvAQirsLgki8CAwEAAaOCAy4wggMqMB0GA1UdDgQWBBRNvKXQ
qIQL5DQdp3RocbOzU009ozAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0IxMzJGRUIy
REVFNTExRUY5RDZDOTc0N0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIG3BggrBgEFBQcBBwEB
/wSBpzCBpDCBkgQCAAEwgYsDBAIr4aADBAIr+9gDBAItddwDBAItdywDBAJnJiQD
BAFnKqYDBAJnM4QDBAFnNkwDBABnbmYDBAJncgADBABndJMDBAFnjBoDBAFnpUQD
BAFnsEoDBAFnsNIDBAJnxEwDBAFnyEoDBAJnyZQDBAJn76gDBABvfeEwCwMEALdX
+wMDA7dQAwQCyl6gMA0EAgACMAcDBQAkAbJAMA0GCSqGSIb3DQEBCwUAA4IBAQBl
jQcJe/miQuFiZWsovhwtVy+Xy51tEn8EgITH/Evc0trvW0U2Dj9+P5fyNlXIsL5V
TfBjmHpj66YdLVKrFft3XJlW1XFqEu2l+C4CherZHQU8yMTxLCwnMI9ZxlKPvOmQ
wswg4sr1FM7vPjP3lLVft6x82ctC3ZnvCtG8Y1YfMkpcFt80dukkJrUrWiK5sFk4
YRRPGOO6NkAh7VPSRuAoMVnjA+3AkEZXd9bN+jPJDGEcF0OeT4a5bTp6csR39NdW
Gwa6E1rQ1xrwS9xEse8Us6yT0d6isv3oUfSYY16Z7wpriYWHuXKOKt1fUeMIZojJ
JL7uNHLDb5rZn+wz+rZI
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:56:59 2025 by rpki-client