Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91151C9/C300C2CEC6FA11E7AAABCC0BC4F9AE02/A652A68C3DB911EFACDF8C75C4F9AE02.roa
File: A652A68C3DB911EFACDF8C75C4F9AE02.roa (raw, json)
Hash identifier: ylqBtHy0eesAkNcudeyr+HsibshKCdGJo3H45pU2XI0=
Subject key identifier: 9D:AE:94:88:EF:C7:CF:3C:3C:99:B8:DB:80:01:4B:EC:0D:87:BD:8F
Certificate issuer: /CN=A91151C9/serialNumber=875F40021C6D43B04EFE894A7FC15CC4F6ED89BA
Certificate serial: 1794
Authority key identifier: 87:5F:40:02:1C:6D:43:B0:4E:FE:89:4A:7F:C1:5C:C4:F6:ED:89:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h19AAhxtQ7BO_olKf8FcxPbtibo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91151C9/C300C2CEC6FA11E7AAABCC0BC4F9AE02/A652A68C3DB911EFACDF8C75C4F9AE02.roa
Signing time: Tue 21 Jan 2025 10:07:58 +0000
ROA not before: Tue 21 Jan 2025 10:07:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64096
IP address blocks: 43.228.180.0/22 maxlen: 22
43.228.180.0/24 maxlen: 24
43.228.181.0/24 maxlen: 24
43.228.182.0/23 maxlen: 24
103.47.200.0/22 maxlen: 24
103.212.56.0/22 maxlen: 22
103.212.56.0/24 maxlen: 24
103.212.57.0/24 maxlen: 24
103.212.58.0/23 maxlen: 24
116.206.0.0/22 maxlen: 22
116.206.0.0/24 maxlen: 24
116.206.2.0/23 maxlen: 24
2404:ff80::/32 maxlen: 32
2404:ff80:100::/48 maxlen: 48
2404:ff80:101::/48 maxlen: 48
2404:ff80:1001::/48 maxlen: 48
2404:ff80:c000::/34 maxlen: 34
2404:ff80:ffe0::/44 maxlen: 48
2404:ff80:fff0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6036 (0x1794)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91151C9/serialNumber=875F40021C6D43B04EFE894A7FC15CC4F6ED89BA
Validity
Not Before: Jan 21 10:07:58 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=678f71fd-4382
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:4e:e6:62:19:bd:9d:e5:71:12:3c:fe:fb:b8:
82:53:04:37:c7:ff:85:44:0b:06:c1:37:c2:02:68:
d5:df:d8:39:3d:8c:f0:0f:04:3f:ed:13:bb:4a:0f:
e6:85:80:3e:6c:4b:fa:d7:ab:80:79:c1:d3:d3:48:
88:5a:9e:af:ac:67:e7:e1:98:1c:42:1b:40:6a:6d:
93:ad:a2:cc:6d:04:18:85:01:9e:8d:29:1a:91:b0:
00:0a:fa:02:ca:a2:88:27:ac:31:1a:95:62:2b:b5:
b6:0e:e4:e0:a6:a4:84:6a:3b:eb:c8:5b:d5:e5:6d:
7c:f7:b7:c5:69:be:6a:c3:2e:d4:22:85:a9:24:8e:
5b:15:e5:1c:b6:28:9e:cd:17:9b:4f:0b:ce:b7:d0:
fc:f4:f8:5b:75:b7:52:ad:3d:28:c7:22:51:f7:29:
a8:ec:42:55:5e:f6:c2:38:c5:2f:eb:ca:00:a4:e1:
30:bb:78:cf:d1:b9:1f:56:76:7d:5b:8f:ce:f5:af:
29:c2:71:e1:eb:1c:87:48:62:c5:72:87:22:eb:9f:
91:15:fd:94:79:db:94:b1:07:d1:25:24:45:b9:33:
a4:ff:d7:d1:6b:01:ad:50:03:39:7b:89:94:8f:0b:
56:6d:2a:68:e2:d3:1f:7b:cb:bd:e9:85:e7:ab:67:
67:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:AE:94:88:EF:C7:CF:3C:3C:99:B8:DB:80:01:4B:EC:0D:87:BD:8F
X509v3 Authority Key Identifier:
keyid:87:5F:40:02:1C:6D:43:B0:4E:FE:89:4A:7F:C1:5C:C4:F6:ED:89:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91151C9/C300C2CEC6FA11E7AAABCC0BC4F9AE02/h19AAhxtQ7BO_olKf8FcxPbtibo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h19AAhxtQ7BO_olKf8FcxPbtibo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91151C9/C300C2CEC6FA11E7AAABCC0BC4F9AE02/A652A68C3DB911EFACDF8C75C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.228.180.0/22
103.47.200.0/22
103.212.56.0/22
116.206.0.0/22
IPv6:
2404:ff80::/32
Signature Algorithm: sha256WithRSAEncryption
33:9c:9b:9a:79:a8:55:13:a6:c9:70:22:b8:8e:9a:67:c9:84:
0d:8a:eb:15:82:b6:46:a5:59:f0:af:4d:84:3c:61:f9:3d:79:
dd:08:13:a8:df:e6:72:c5:b7:26:39:34:5a:be:9b:3a:0a:0a:
8f:70:65:78:5e:1b:50:e8:bc:52:71:45:dd:1b:29:b2:cd:ef:
d2:b1:76:34:a6:77:c0:0f:f0:32:6f:89:66:b2:a8:65:bf:39:
bc:7d:9f:14:43:18:18:5d:45:a9:0e:9f:79:3a:60:b1:31:70:
ac:d5:ae:f6:b8:36:1e:c4:29:7a:c1:13:8d:10:ab:1b:f6:c3:
be:1c:b0:74:73:90:23:d0:b5:89:81:05:be:38:05:e4:08:51:
78:c7:d5:2e:71:5f:37:3b:13:95:33:0d:be:93:88:ad:78:72:
ef:c1:b3:5e:51:26:23:dd:65:2d:08:28:42:2d:f3:94:d2:79:
f0:01:89:42:79:53:1d:51:e7:2a:28:f5:d9:0e:5a:14:31:1d:
94:96:3d:34:d8:45:4c:a7:0d:15:59:ca:54:24:78:f7:af:5e:
64:02:e7:91:a7:e4:b5:6f:df:c7:fa:bf:20:77:35:c0:24:69:
fa:c4:27:a0:e9:50:8f:87:8f:cb:7d:b5:f4:d6:84:84:19:7f:
09:7c:6a:16
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICF5QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTUxQzkxMTAvBgNVBAUTKDg3NUY0MDAyMUM2RDQzQjA0RUZFODk0QTdGQzE1Q0M0
RjZFRDg5QkEwHhcNMjUwMTIxMTAwNzU4WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhmNzFmZC00MzgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1U7mYhm9neVxEjz++7iCUwQ3x/+FRAsGwTfCAmjV39g5PYzwDwQ/7RO7Sg/m
hYA+bEv616uAecHT00iIWp6vrGfn4ZgcQhtAam2TraLMbQQYhQGejSkakbAACvoC
yqKIJ6wxGpViK7W2DuTgpqSEajvryFvV5W1897fFab5qwy7UIoWpJI5bFeUctiie
zRebTwvOt9D89PhbdbdSrT0oxyJR9ymo7EJVXvbCOMUv68oApOEwu3jP0bkfVnZ9
W4/O9a8pwnHh6xyHSGLFcoci65+RFf2UeduUsQfRJSRFuTOk/9fRawGtUAM5e4mU
jwtWbSpo4tMfe8u96YXnq2dnmwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFJ2ulIjv
x888PJm424ABS+wNh72PMB8GA1UdIwQYMBaAFIdfQAIcbUOwTv6JSn/BXMT27Ym6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNTFDOS9DMzAwQzJDRUM2
RkExMUU3QUFBQkNDMEJDNEY5QUUwMi9oMTlBQWh4dFE3Qk9fb2xLZjhGY3hQYnRp
Ym8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2gxOUFBaHh0UTdCT19vbEtmOEZjeFBidGliby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTUxQzkvQzMwMEMyQ0VDNkZBMTFFN0FBQUJDQzBCQzRGOUFFMDIvQTY1MkE2OEMz
REI5MTFFRkFDREY4Qzc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAIr5LQDBAJnL8gDBAJn1DgDBAJ0zgAwDQQCAAIwBwMFACQE
/4AwDQYJKoZIhvcNAQELBQADggEBADOcm5p5qFUTpslwIriOmmfJhA2K6xWCtkal
WfCvTYQ8Yfk9ed0IE6jf5nLFtyY5NFq+mzoKCo9wZXheG1DovFJxRd0bKbLN79Kx
djSmd8AP8DJviWayqGW/Obx9nxRDGBhdRakOn3k6YLExcKzVrva4Nh7EKXrBE40Q
qxv2w74csHRzkCPQtYmBBb44BeQIUXjH1S5xXzc7E5UzDb6TiK14cu/Bs15RJiPd
ZS0IKEIt85TSefABiUJ5Ux1R5yoo9dkOWhQxHZSWPTTYRUynDRVZylQkePevXmQC
55Gn5LVv38f6vyB3NcAkafrEJ6DpUI+Hj8t9tfTWhIQZfwl8ahY=
-----END CERTIFICATE-----
Generated at Sat Apr 26 03:58:59 2025 by rpki-client