Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919D222/8764489CCD7F11EFA5848838C4F9AE02/1852A5B0CD8011EF8728D139C4F9AE02.roa
File: 1852A5B0CD8011EF8728D139C4F9AE02.roa (raw, json)
Hash identifier: /3vnvplidMRV9xBfvWUaE3o6ToOuVyiBtlbFl/8L1Xg=
Subject key identifier: 95:CA:D0:EE:D1:11:57:B2:0B:91:3F:A1:98:62:01:94:9E:F4:7D:DB
Certificate issuer: /CN=A919D222/serialNumber=8205E9796EC69A0C73DC3B5B3CE12C48192B4577
Certificate serial: 02
Authority key identifier: 82:05:E9:79:6E:C6:9A:0C:73:DC:3B:5B:3C:E1:2C:48:19:2B:45:77
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ggXpeW7Gmgxz3DtbPOEsSBkrRXc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919D222/8764489CCD7F11EFA5848838C4F9AE02/1852A5B0CD8011EF8728D139C4F9AE02.roa
Signing time: Wed 08 Jan 2025 05:19:12 +0000
ROA not before: Wed 08 Jan 2025 05:19:12 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 38001
IP address blocks: 113.29.226.0/24 maxlen: 24
113.29.228.0/24 maxlen: 24
113.29.229.0/24 maxlen: 24
113.29.230.0/24 maxlen: 24
113.29.231.0/24 maxlen: 24
113.29.232.0/24 maxlen: 24
113.29.233.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919D222/serialNumber=8205E9796EC69A0C73DC3B5B3CE12C48192B4577
Validity
Not Before: Jan 8 05:19:12 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=677e0ad0-4fcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6d:91:0e:f4:f8:95:0f:61:69:be:bc:93:81:
cf:29:74:8f:51:ea:ea:3a:f9:60:44:c5:04:85:ed:
fd:b7:1d:3b:09:3e:74:e0:0c:85:80:5f:ca:1c:48:
79:f8:99:67:5a:0b:52:de:f9:78:ef:38:fb:a8:a1:
ac:81:b1:63:7c:26:b8:4b:a8:be:c3:86:64:25:c6:
fc:4e:8b:72:76:6e:f9:cc:5d:aa:41:71:b0:ea:04:
82:41:4b:77:45:41:9d:66:96:b0:6e:0d:76:74:fb:
7d:df:a2:3a:91:74:7f:b8:04:11:9f:20:bd:48:11:
14:56:6a:9e:c7:d9:0a:c2:82:10:ec:20:e7:40:ce:
82:75:05:27:79:a1:81:b3:d4:9b:c8:69:f3:54:a3:
97:e9:58:08:cb:70:5f:a5:09:b1:02:00:1e:c9:92:
1f:e7:71:3a:0c:68:45:db:68:9c:fc:f5:a3:4c:be:
3f:24:bd:82:fb:76:9b:a9:ee:df:c6:e5:c1:a4:74:
fe:e4:46:f5:5e:f8:a1:9c:58:d8:65:ed:38:02:ad:
ba:7e:e0:81:c0:53:9b:85:01:bc:4c:3f:9d:3c:96:
00:6b:19:f7:5a:bf:db:e7:f2:3b:a5:93:5e:0d:64:
6e:29:5d:f1:4e:02:5a:9b:fa:45:4b:62:4a:1d:50:
f5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:CA:D0:EE:D1:11:57:B2:0B:91:3F:A1:98:62:01:94:9E:F4:7D:DB
X509v3 Authority Key Identifier:
keyid:82:05:E9:79:6E:C6:9A:0C:73:DC:3B:5B:3C:E1:2C:48:19:2B:45:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919D222/8764489CCD7F11EFA5848838C4F9AE02/ggXpeW7Gmgxz3DtbPOEsSBkrRXc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ggXpeW7Gmgxz3DtbPOEsSBkrRXc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919D222/8764489CCD7F11EFA5848838C4F9AE02/1852A5B0CD8011EF8728D139C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.29.226.0/24
113.29.228.0-113.29.233.255
Signature Algorithm: sha256WithRSAEncryption
49:01:bb:93:37:71:b2:59:b6:9a:86:f8:5e:26:a8:1f:87:15:
b2:04:6c:f5:f8:76:a5:60:fe:25:98:a2:55:8e:45:99:b8:bd:
d3:c9:ad:8b:e1:03:ba:a7:71:28:9d:66:1f:54:c7:22:01:13:
6e:a4:9a:a6:79:f7:1a:be:08:4f:aa:df:03:16:90:97:03:5e:
09:93:00:96:34:30:b6:e0:70:f9:6f:94:5c:5e:8d:a9:71:ad:
47:3a:ec:ee:8c:4f:33:85:d6:b8:d2:90:66:4d:42:02:81:8b:
d2:73:e5:b6:92:c0:76:81:1b:3b:68:9d:bb:21:09:a9:6f:f0:
c8:7a:f7:cf:38:55:d8:b1:c1:7b:82:0c:08:af:f2:a9:90:3d:
ed:50:b5:11:7b:ae:ea:00:0e:e9:4c:94:10:4a:12:5e:61:bc:
eb:3d:e5:83:36:fe:aa:99:6d:eb:a1:0b:9e:17:ed:05:7a:85:
f7:80:c6:df:6e:44:d0:66:69:3a:0f:26:ba:25:86:ec:44:fd:
87:06:d1:58:51:d9:6f:2a:81:72:fb:29:3f:0f:80:c4:59:20:
8d:00:3f:85:7a:fb:02:e9:cd:6d:a8:fe:58:96:48:60:c3:49:
cd:68:91:f8:d3:8f:c7:ac:45:76:1a:75:10:af:5a:af:fc:c2:
b5:d9:80:7e
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
RDIyMjExMC8GA1UEBRMoODIwNUU5Nzk2RUM2OUEwQzczREMzQjVCM0NFMTJDNDgx
OTJCNDU3NzAeFw0yNTAxMDgwNTE5MTJaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3N2UwYWQwLTRmY2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCfbZEO9PiVD2FpvryTgc8pdI9R6uo6+WBExQSF7f23HTsJPnTgDIWAX8ocSHn4
mWdaC1Le+XjvOPuooayBsWN8JrhLqL7DhmQlxvxOi3J2bvnMXapBcbDqBIJBS3dF
QZ1mlrBuDXZ0+33fojqRdH+4BBGfIL1IERRWap7H2QrCghDsIOdAzoJ1BSd5oYGz
1JvIafNUo5fpWAjLcF+lCbECAB7Jkh/ncToMaEXbaJz89aNMvj8kvYL7dpup7t/G
5cGkdP7kRvVe+KGcWNhl7TgCrbp+4IHAU5uFAbxMP508lgBrGfdav9vn8julk14N
ZG4pXfFOAlqb+kVLYkodUPXDAgMBAAGjggKjMIICnzAdBgNVHQ4EFgQUlcrQ7tER
V7ILkT+hmGIBlJ70fdswHwYDVR0jBBgwFoAUggXpeW7Gmgxz3DtbPOEsSBkrRXcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlEMjIyLzg3NjQ0ODlDQ0Q3
RjExRUZBNTg0ODgzOEM0RjlBRTAyL2dnWHBlVzdHbWd4ejNEdGJQT0VzU0JrclJY
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZ2dYcGVXN0dtZ3h6M0R0YlBPRXNTQmtyUlhjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
RDIyMi84NzY0NDg5Q0NEN0YxMUVGQTU4NDg4MzhDNEY5QUUwMi8xODUyQTVCMENE
ODAxMUVGODcyOEQxMzlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAtBggrBgEFBQcBBwEB/wQe
MBwwGgQCAAEwFAMEAHEd4jAMAwQCcR3kAwQBcR3oMA0GCSqGSIb3DQEBCwUAA4IB
AQBJAbuTN3GyWbaahvheJqgfhxWyBGz1+HalYP4lmKJVjkWZuL3Tya2L4QO6p3Eo
nWYfVMciARNupJqmefcavghPqt8DFpCXA14JkwCWNDC24HD5b5RcXo2pca1HOuzu
jE8zhda40pBmTUICgYvSc+W2ksB2gRs7aJ27IQmpb/DIevfPOFXYscF7ggwIr/Kp
kD3tULURe67qAA7pTJQQShJeYbzrPeWDNv6qmW3roQueF+0FeoX3gMbfbkTQZmk6
Dya6JYbsRP2HBtFYUdlvKoFy+yk/D4DEWSCNAD+FevsC6c1tqP5Ylkhgw0nNaJH4
04/HrEV2GnUQr1qv/MK12YB+
-----END CERTIFICATE-----
Generated at Mon Apr 28 06:18:44 2025 by rpki-client