Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CBF47/370CA2C01D8A11E2B79B13E408B02CD2/608C129E33E011ED979ED20EC4F9AE02.roa
File: 608C129E33E011ED979ED20EC4F9AE02.roa (raw, json)
Hash identifier: njnvlZhJpg+O1H7mK6/K1EfgkaOPGFRep0ckaeGXK3s=
Subject key identifier: 75:CE:F3:BA:74:BE:C2:0E:CF:65:5B:52:DF:37:F3:4A:FA:F9:86:59
Certificate issuer: /CN=A91CBF47/serialNumber=326371E399824F8004ED96756819760881B7CD96
Certificate serial: 33A3
Authority key identifier: 32:63:71:E3:99:82:4F:80:04:ED:96:75:68:19:76:08:81:B7:CD:96
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MmNx45mCT4AE7ZZ1aBl2CIG3zZY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CBF47/370CA2C01D8A11E2B79B13E408B02CD2/608C129E33E011ED979ED20EC4F9AE02.roa
Signing time: Mon 26 Feb 2024 14:50:32 +0000
ROA not before: Mon 26 Feb 2024 14:50:32 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 9313
IP address blocks: 120.29.0.0/20 maxlen: 20
120.29.16.0/20 maxlen: 20
121.50.192.0/20 maxlen: 20
121.50.208.0/21 maxlen: 21
203.10.89.0/24 maxlen: 24
203.13.68.0/24 maxlen: 24
203.13.70.0/24 maxlen: 24
203.22.124.0/23 maxlen: 23
203.22.126.0/24 maxlen: 24
203.22.127.0/24 maxlen: 24
203.30.137.0/24 maxlen: 24
203.144.4.0/22 maxlen: 22
203.144.5.0/24 maxlen: 24
203.144.8.0/21 maxlen: 21
203.144.16.0/21 maxlen: 21
203.144.23.0/24 maxlen: 24
203.144.24.0/21 maxlen: 21
203.144.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13219 (0x33a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CBF47/serialNumber=326371E399824F8004ED96756819760881B7CD96
Validity
Not Before: Feb 26 14:50:32 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65dca538-9d1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:e7:6b:b8:48:2d:9e:82:ca:8f:44:4d:62:4f:
60:ad:4b:67:14:e7:ef:a7:5a:ae:39:2f:64:df:ba:
0a:7d:9f:66:7d:af:29:d7:ca:b7:d4:11:6a:2e:d6:
fc:70:03:4a:18:cf:ce:89:0a:8d:3a:b1:b0:af:19:
b0:03:b8:d1:45:ae:12:36:9e:1a:eb:d6:44:32:fe:
54:c1:e0:15:05:e5:fb:60:bd:1e:a7:1d:94:c8:33:
c5:5f:29:22:2a:f5:d2:30:e3:96:ee:87:e2:b2:a5:
1d:7c:bf:80:2f:ff:72:bb:5e:3e:82:0e:fc:48:44:
fb:87:47:37:89:3b:33:6a:7f:15:9f:77:55:8c:a0:
ea:d9:cf:19:17:21:11:37:bf:ee:29:11:a8:28:e7:
c9:8e:35:81:a5:9e:41:61:e0:b3:1c:a6:44:b1:3b:
c9:33:f8:1a:32:d1:1e:ae:d2:70:84:a2:45:86:0d:
aa:43:62:46:c5:bb:c6:fd:0d:b5:8e:95:c1:9d:16:
27:a3:1a:9a:71:f1:6c:90:cf:2e:c3:22:4d:2a:05:
cd:06:bb:68:b0:0a:39:ad:4f:8f:9e:e9:b1:52:4d:
5a:1b:c5:2a:03:3c:b6:f3:b0:f5:89:12:92:35:d4:
b9:3c:58:d6:28:1f:0f:d5:bc:e2:af:50:ce:f0:aa:
d5:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:CE:F3:BA:74:BE:C2:0E:CF:65:5B:52:DF:37:F3:4A:FA:F9:86:59
X509v3 Authority Key Identifier:
keyid:32:63:71:E3:99:82:4F:80:04:ED:96:75:68:19:76:08:81:B7:CD:96
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CBF47/370CA2C01D8A11E2B79B13E408B02CD2/MmNx45mCT4AE7ZZ1aBl2CIG3zZY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MmNx45mCT4AE7ZZ1aBl2CIG3zZY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CBF47/370CA2C01D8A11E2B79B13E408B02CD2/608C129E33E011ED979ED20EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
120.29.0.0/19
121.50.192.0-121.50.215.255
203.10.89.0/24
203.13.68.0/24
203.13.70.0/24
203.22.124.0/22
203.30.137.0/24
203.144.4.0-203.144.31.255
Signature Algorithm: sha256WithRSAEncryption
a9:87:dc:e7:7c:f0:fc:9c:27:ff:16:15:76:bb:26:71:64:27:
27:03:1f:bc:46:1c:b6:1b:fd:0b:9b:2e:98:10:7f:f9:37:aa:
b0:83:01:93:33:e0:7f:9e:60:54:23:3f:25:34:19:18:7f:5c:
ab:de:38:1d:a2:99:ff:b3:9d:cd:2f:d0:5c:91:39:26:cb:5a:
a8:c0:59:eb:a6:de:6a:1e:2d:d1:13:d5:17:4f:b4:6f:8a:d4:
5c:f7:d4:31:dc:ef:ea:21:71:b3:fc:70:eb:4b:b8:d3:b6:13:
f1:01:de:46:bc:4c:20:f4:d2:5d:8b:7e:7b:3b:22:80:b2:43:
a9:10:7c:b7:d1:24:f5:44:d2:33:d0:6f:0a:02:f0:ae:cf:4a:
b4:46:96:d4:cb:f9:7a:3d:1b:60:0b:1c:00:7b:45:d9:c8:e6:
03:a5:5c:22:3a:82:8f:9d:05:20:09:4a:68:d2:88:15:a3:51:
0a:45:2e:6f:22:b1:c1:11:3a:c7:fe:ba:34:f8:76:ca:b1:45:
60:9e:8a:7b:ce:a6:28:ca:36:89:bd:75:65:aa:61:b2:b2:de:
e2:f8:4e:cf:69:41:bb:82:0d:4f:3b:40:4b:9a:90:74:bd:0a:
6e:12:58:a9:d5:05:3c:85:73:90:95:68:0d:8a:3c:aa:64:ef:
71:5f:14:52
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgICM6MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0JGNDcxMTAvBgNVBAUTKDMyNjM3MUUzOTk4MjRGODAwNEVEOTY3NTY4MTk3NjA4
ODFCN0NEOTYwHhcNMjQwMjI2MTQ1MDMyWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWRjYTUzOC05ZDFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4udruEgtnoLKj0RNYk9grUtnFOfvp1quOS9k37oKfZ9mfa8p18q31BFqLtb8
cANKGM/OiQqNOrGwrxmwA7jRRa4SNp4a69ZEMv5UweAVBeX7YL0epx2UyDPFXyki
KvXSMOOW7ofisqUdfL+AL/9yu14+gg78SET7h0c3iTszan8Vn3dVjKDq2c8ZFyER
N7/uKRGoKOfJjjWBpZ5BYeCzHKZEsTvJM/gaMtEertJwhKJFhg2qQ2JGxbvG/Q21
jpXBnRYnoxqacfFskM8uwyJNKgXNBrtosAo5rU+PnumxUk1aG8UqAzy287D1iRKS
NdS5PFjWKB8P1bzir1DO8KrVvwIDAQABo4ICzzCCAsswHQYDVR0OBBYEFHXO87p0
vsIOz2VbUt8380r6+YZZMB8GA1UdIwQYMBaAFDJjceOZgk+ABO2WdWgZdgiBt82W
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQkY0Ny8zNzBDQTJDMDFE
OEExMUUyQjc5QjEzRTQwOEIwMkNEMi9NbU54NDVtQ1Q0QUU3WloxYUJsMkNJRzN6
WlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01tTng0NW1DVDRBRTdaWjFhQmwyQ0lHM3paWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0JGNDcvMzcwQ0EyQzAxRDhBMTFFMkI3OUIxM0U0MDhCMDJDRDIvNjA4QzEyOUUz
M0UwMTFFRDk3OUVEMjBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E
SjBIMEYEAgABMEADBAV4HQAwDAMEBnkywAMEA3ky0AMEAMsKWQMEAMsNRAMEAMsN
RgMEAssWfAMEAMseiTAMAwQCy5AEAwQFy5AAMA0GCSqGSIb3DQEBCwUAA4IBAQCp
h9znfPD8nCf/FhV2uyZxZCcnAx+8Rhy2G/0Lmy6YEH/5N6qwgwGTM+B/nmBUIz8l
NBkYf1yr3jgdopn/s53NL9BckTkmy1qowFnrpt5qHi3RE9UXT7RvitRc99Qx3O/q
IXGz/HDrS7jTthPxAd5GvEwg9NJdi357OyKAskOpEHy30ST1RNIz0G8KAvCuz0q0
RpbUy/l6PRtgCxwAe0XZyOYDpVwiOoKPnQUgCUpo0ogVo1EKRS5vIrHBETrH/ro0
+HbKsUVgnop7zqYoyjaJvXVlqmGyst7i+E7PaUG7gg1PO0BLmpB0vQpuElip1QU8
hXOQlWgNijyqZO9xXxRS
-----END CERTIFICATE-----
Generated at Sun Apr 27 13:19:08 2025 by rpki-client