Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912B4DB/5C50296C1DA811E2AB6BA6A208B02CD2/7FE5F2CEDB9411E9832A463AC4F9AE02.roa
File: 7FE5F2CEDB9411E9832A463AC4F9AE02.roa (raw, json)
Hash identifier: PN3PImrt+QJI7xYO7BeFUBTImo3X6zJHE8IHPHYYZKs=
Subject key identifier: 05:15:5A:E9:D9:9F:66:83:25:D3:FA:3B:8D:D8:15:E1:2F:93:D3:3B
Certificate issuer: /CN=A912B4DB/serialNumber=0DC5CE4A294F2C9380A9135EE1F0530728A4CDA6
Certificate serial: 33E0
Authority key identifier: 0D:C5:CE:4A:29:4F:2C:93:80:A9:13:5E:E1:F0:53:07:28:A4:CD:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DcXOSilPLJOAqRNe4fBTByikzaY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912B4DB/5C50296C1DA811E2AB6BA6A208B02CD2/7FE5F2CEDB9411E9832A463AC4F9AE02.roa
Signing time: Thu 06 Jun 2024 16:01:27 +0000
ROA not before: Thu 06 Jun 2024 16:01:27 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 56293
IP address blocks: 59.153.84.0/22 maxlen: 24
103.10.20.0/22 maxlen: 24
2400:db80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13280 (0x33e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912B4DB/serialNumber=0DC5CE4A294F2C9380A9135EE1F0530728A4CDA6
Validity
Not Before: Jun 6 16:01:27 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6661dd57-373a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f9:76:06:d9:d0:1f:1e:af:18:20:1e:6d:4c:
d4:9d:ea:df:3b:d5:5c:11:c0:00:e8:97:82:22:ca:
f6:86:63:7a:13:16:4b:82:9e:c4:ea:e7:08:99:b2:
f2:cc:41:95:1c:05:b1:e8:4a:8d:87:15:93:11:2c:
e9:c9:da:d0:8d:0c:29:61:c2:e9:ee:20:da:5c:5f:
94:44:0a:f0:61:0f:be:6e:01:3c:2c:e6:46:5a:15:
8f:a3:37:05:08:61:52:ca:b7:92:fb:67:29:8f:2e:
55:c7:1f:76:84:91:6a:aa:f6:bb:94:c6:af:7a:91:
62:69:f0:6c:d5:1f:27:f6:80:62:68:2b:ff:73:4f:
b6:d3:23:c2:c3:07:46:e4:bd:d4:58:8e:9c:ac:05:
a3:20:a0:91:a2:f0:0b:e7:a0:78:2b:c9:c5:7a:a6:
a9:b4:8d:48:3e:a8:e4:a1:49:a0:8e:6b:f7:2d:1a:
ac:8d:22:58:96:15:91:3f:2d:5e:ec:62:4b:2d:ed:
ec:b5:e2:07:20:e0:60:fd:fd:1d:5c:6f:ff:2c:4f:
7c:87:ec:fd:41:35:ed:b8:78:73:32:43:5e:22:7c:
50:f2:4e:6e:a9:59:eb:45:55:0b:62:62:0b:ce:5a:
88:fb:3e:d4:16:79:85:07:02:d9:27:e3:b6:c5:38:
6e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:15:5A:E9:D9:9F:66:83:25:D3:FA:3B:8D:D8:15:E1:2F:93:D3:3B
X509v3 Authority Key Identifier:
keyid:0D:C5:CE:4A:29:4F:2C:93:80:A9:13:5E:E1:F0:53:07:28:A4:CD:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912B4DB/5C50296C1DA811E2AB6BA6A208B02CD2/DcXOSilPLJOAqRNe4fBTByikzaY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DcXOSilPLJOAqRNe4fBTByikzaY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912B4DB/5C50296C1DA811E2AB6BA6A208B02CD2/7FE5F2CEDB9411E9832A463AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.153.84.0/22
103.10.20.0/22
IPv6:
2400:db80::/32
Signature Algorithm: sha256WithRSAEncryption
b1:2e:58:ac:78:1b:31:31:7d:02:47:8f:71:83:7e:5e:f0:28:
8c:b4:b5:c0:61:2a:8c:a1:08:e4:1d:6c:b9:7c:c8:8c:e3:c4:
48:57:11:17:06:8d:83:7d:ca:be:fb:b3:0d:9c:b3:ca:06:ec:
d6:35:58:48:2c:11:26:b9:48:5a:9b:46:6e:17:f7:77:26:f7:
42:a3:7b:0b:fc:7d:2c:22:f5:a8:9f:23:41:8b:67:3d:85:25:
3a:43:85:bf:6e:2a:b4:c7:2d:40:0c:43:b6:1e:8b:79:44:69:
ec:6e:75:d6:c8:a8:6f:9d:54:46:f6:94:61:c5:50:ad:e0:64:
00:10:91:f1:63:92:ae:ad:18:5c:0f:2b:03:24:37:31:8e:17:
de:ad:b4:2d:c9:4d:5e:9d:80:c4:ab:f5:3c:53:70:e9:cf:37:
f8:30:45:bd:b9:e8:ba:97:67:ca:8f:da:14:49:dd:ff:c8:83:
13:50:02:97:e3:06:d1:65:2e:68:cc:5d:43:d7:dc:98:ef:c4:
f3:f7:f1:49:d9:cd:a9:c2:8e:98:71:6b:dd:84:50:be:d3:25:
80:dc:94:fa:29:53:1b:3f:c5:ee:74:f2:20:71:40:21:9e:45:
e4:54:c1:3c:ef:9c:f7:9a:f9:d7:0d:40:72:51:bf:bd:d4:c0:
02:34:18:db
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICM+AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkI0REIxMTAvBgNVBAUTKDBEQzVDRTRBMjk0RjJDOTM4MEE5MTM1RUUxRjA1MzA3
MjhBNENEQTYwHhcNMjQwNjA2MTYwMTI3WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjYxZGQ1Ny0zNzNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsPl2BtnQHx6vGCAebUzUnerfO9VcEcAA6JeCIsr2hmN6ExZLgp7E6ucImbLy
zEGVHAWx6EqNhxWTESzpydrQjQwpYcLp7iDaXF+URArwYQ++bgE8LOZGWhWPozcF
CGFSyreS+2cpjy5Vxx92hJFqqva7lMavepFiafBs1R8n9oBiaCv/c0+20yPCwwdG
5L3UWI6crAWjIKCRovAL56B4K8nFeqaptI1IPqjkoUmgjmv3LRqsjSJYlhWRPy1e
7GJLLe3steIHIOBg/f0dXG//LE98h+z9QTXtuHhzMkNeInxQ8k5uqVnrRVULYmIL
zlqI+z7UFnmFBwLZJ+O2xThuUQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFAUVWunZ
n2aDJdP6O43YFeEvk9M7MB8GA1UdIwQYMBaAFA3FzkopTyyTgKkTXuHwUwcopM2m
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQjREQi81QzUwMjk2QzFE
QTgxMUUyQUI2QkE2QTIwOEIwMkNEMi9EY1hPU2lsUExKT0FxUk5lNGZCVEJ5aWt6
YVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0RjWE9TaWxQTEpPQXFSTmU0ZkJUQnlpa3phWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkI0REIvNUM1MDI5NkMxREE4MTFFMkFCNkJBNkEyMDhCMDJDRDIvN0ZFNUYyQ0VE
Qjk0MTFFOTgzMkE0NjNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAI7mVQDBAJnChQwDQQCAAIwBwMFACQA24AwDQYJKoZIhvcN
AQELBQADggEBALEuWKx4GzExfQJHj3GDfl7wKIy0tcBhKoyhCOQdbLl8yIzjxEhX
ERcGjYN9yr77sw2cs8oG7NY1WEgsESa5SFqbRm4X93cm90Kjewv8fSwi9aifI0GL
Zz2FJTpDhb9uKrTHLUAMQ7Yei3lEaexuddbIqG+dVEb2lGHFUK3gZAAQkfFjkq6t
GFwPKwMkNzGOF96ttC3JTV6dgMSr9TxTcOnPN/gwRb256LqXZ8qP2hRJ3f/IgxNQ
ApfjBtFlLmjMXUPX3JjvxPP38UnZzanCjphxa92EUL7TJYDclPopUxs/xe508iBx
QCGeReRUwTzvnPea+dcNQHJRv73UwAI0GNs=
-----END CERTIFICATE-----
Generated at Sat Apr 26 10:36:25 2025 by rpki-client