Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919986F/EC870B868F2A11E4BF98B432C4F9AE02/27F621183B5D11EB97506B7AC4F9AE02.roa
File: 27F621183B5D11EB97506B7AC4F9AE02.roa (raw, json)
Hash identifier: +GMl4Xu8VPkNDBOVR1baOfDzoyBidluum1AgF508r2s=
Subject key identifier: 9B:43:09:38:93:94:AE:FB:14:0B:5B:B8:06:F1:43:16:65:E8:4E:CD
Certificate issuer: /CN=A919986F/serialNumber=A656F60D3F11641A571BD1FFAD2460DD4576332D
Certificate serial: 27D0
Authority key identifier: A6:56:F6:0D:3F:11:64:1A:57:1B:D1:FF:AD:24:60:DD:45:76:33:2D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/plb2DT8RZBpXG9H_rSRg3UV2My0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919986F/EC870B868F2A11E4BF98B432C4F9AE02/27F621183B5D11EB97506B7AC4F9AE02.roa
Signing time: Thu 26 Dec 2024 16:02:33 +0000
ROA not before: Thu 26 Dec 2024 16:02:33 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 63928
IP address blocks: 43.227.236.0/24 maxlen: 24
43.227.237.0/24 maxlen: 24
43.227.238.0/24 maxlen: 24
43.227.239.0/24 maxlen: 24
103.47.24.0/24 maxlen: 24
103.47.25.0/24 maxlen: 24
103.47.26.0/24 maxlen: 24
103.47.27.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10192 (0x27d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919986F/serialNumber=A656F60D3F11641A571BD1FFAD2460DD4576332D
Validity
Not Before: Dec 26 16:02:33 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=676d7e19-925c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:39:29:fd:f1:8b:e6:5c:03:2a:16:30:a7:d1:
8a:4e:7c:84:22:17:7c:18:78:1a:89:dd:c8:46:25:
b1:56:8d:68:26:56:c7:fc:db:41:7f:2d:76:14:6e:
c1:7f:98:94:7a:7c:36:e7:4f:01:b9:18:48:1f:a3:
07:fe:b6:3d:b0:e2:b4:ad:d0:67:98:25:b2:81:2b:
e1:d3:ea:c1:47:13:38:c5:17:d4:4c:8f:ba:8e:06:
b2:27:80:d0:4d:d7:0b:4b:79:96:1f:0a:11:7d:88:
50:66:25:d4:8f:f1:39:48:33:a8:fc:7a:d7:3b:d2:
c7:bc:07:df:0b:79:41:b9:b4:27:36:b7:40:17:a2:
9b:08:d8:19:fc:56:74:57:6a:8e:c5:4f:92:f8:ae:
28:58:68:cd:ea:19:c2:66:71:69:7f:75:2b:5a:26:
95:7f:64:bb:9e:d4:10:b9:0c:0d:be:5c:02:c3:0b:
21:bd:d6:37:60:96:d9:96:d5:b6:b6:e6:00:3d:4f:
16:01:9c:b9:f1:fe:af:3c:87:c0:68:79:b6:99:df:
af:e2:e2:1b:e5:c1:11:87:08:c7:4e:91:71:95:27:
6e:b0:f6:d2:e8:30:99:cc:4e:1d:8d:95:67:c7:e7:
23:af:fe:24:f5:2f:e6:a0:a0:ba:32:ee:3e:e2:07:
e5:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:43:09:38:93:94:AE:FB:14:0B:5B:B8:06:F1:43:16:65:E8:4E:CD
X509v3 Authority Key Identifier:
keyid:A6:56:F6:0D:3F:11:64:1A:57:1B:D1:FF:AD:24:60:DD:45:76:33:2D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919986F/EC870B868F2A11E4BF98B432C4F9AE02/plb2DT8RZBpXG9H_rSRg3UV2My0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/plb2DT8RZBpXG9H_rSRg3UV2My0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919986F/EC870B868F2A11E4BF98B432C4F9AE02/27F621183B5D11EB97506B7AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.227.236.0/22
103.47.24.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:c2:da:5c:48:73:fc:0e:44:05:92:02:3f:aa:f2:2a:9c:44:
f8:79:2a:22:ab:7d:7d:34:28:ff:d4:7d:a0:8d:b2:d7:99:2f:
ca:13:f4:ea:c1:fc:b7:fb:c0:47:e4:93:f5:a0:e1:92:b3:76:
6c:39:b1:d9:0c:fc:22:cd:4c:da:35:3e:44:f3:8b:ec:6b:08:
03:03:d9:de:1a:1f:b5:c0:6f:23:c1:9d:bd:20:a5:b0:c9:4c:
aa:a9:79:b6:7a:35:a8:67:5e:1b:3e:e5:b8:a1:f2:6c:7d:2a:
85:30:d1:ea:2f:e2:24:25:25:58:16:91:1c:a6:39:a6:30:90:
3c:9b:18:8b:3b:14:61:80:bb:ef:aa:8e:c6:f4:31:fd:07:96:
36:91:42:a5:4b:fb:e0:aa:4b:68:c8:c9:d4:99:ac:d8:ca:f8:
b2:d5:79:8b:c1:81:41:61:33:08:b7:ad:ee:17:72:93:6d:7b:
f7:13:47:b4:55:81:2a:f8:04:21:f3:fd:5a:ef:78:1c:13:1f:
35:77:a5:6e:be:5e:8e:de:33:0d:47:e9:68:d0:fa:2c:71:71:
96:14:3c:c4:26:f3:92:f8:ae:e9:fa:41:6e:39:95:b8:44:91:
a6:f1:c2:7b:a6:79:e2:2c:a0:bb:1a:db:9d:c8:fa:d0:b1:f0:
29:3e:01:a1
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICJ9AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTk4NkYxMTAvBgNVBAUTKEE2NTZGNjBEM0YxMTY0MUE1NzFCRDFGRkFEMjQ2MERE
NDU3NjMzMkQwHhcNMjQxMjI2MTYwMjMzWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZkN2UxOS05MjVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvTkp/fGL5lwDKhYwp9GKTnyEIhd8GHgaid3IRiWxVo1oJlbH/NtBfy12FG7B
f5iUenw2508BuRhIH6MH/rY9sOK0rdBnmCWygSvh0+rBRxM4xRfUTI+6jgayJ4DQ
TdcLS3mWHwoRfYhQZiXUj/E5SDOo/HrXO9LHvAffC3lBubQnNrdAF6KbCNgZ/FZ0
V2qOxU+S+K4oWGjN6hnCZnFpf3UrWiaVf2S7ntQQuQwNvlwCwwshvdY3YJbZltW2
tuYAPU8WAZy58f6vPIfAaHm2md+v4uIb5cERhwjHTpFxlSdusPbS6DCZzE4djZVn
x+cjr/4k9S/moKC6Mu4+4gfllQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJtDCTiT
lK77FAtbuAbxQxZl6E7NMB8GA1UdIwQYMBaAFKZW9g0/EWQaVxvR/60kYN1FdjMt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTg2Ri9FQzg3MEI4NjhG
MkExMUU0QkY5OEI0MzJDNEY5QUUwMi9wbGIyRFQ4UlpCcFhHOUhfclNSZzNVVjJN
eTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BsYjJEVDhSWkJwWEc5SF9yU1JnM1VWMk15MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTk4NkYvRUM4NzBCODY4RjJBMTFFNEJGOThCNDMyQzRGOUFFMDIvMjdGNjIxMTgz
QjVEMTFFQjk3NTA2QjdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr4+wDBAJnLxgwDQYJKoZIhvcNAQELBQADggEBALfC2lxI
c/wORAWSAj+q8iqcRPh5KiKrfX00KP/UfaCNsteZL8oT9OrB/Lf7wEfkk/Wg4ZKz
dmw5sdkM/CLNTNo1PkTzi+xrCAMD2d4aH7XAbyPBnb0gpbDJTKqpebZ6NahnXhs+
5bih8mx9KoUw0eov4iQlJVgWkRymOaYwkDybGIs7FGGAu++qjsb0Mf0HljaRQqVL
++CqS2jIydSZrNjK+LLVeYvBgUFhMwi3re4XcpNte/cTR7RVgSr4BCHz/VrveBwT
HzV3pW6+Xo7eMw1H6WjQ+ixxcZYUPMQm85L4run6QW45lbhEkabxwnumeeIsoLsa
253I+tCx8Ck+AaE=
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:31:11 2025 by rpki-client