Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916AC30/6BC4CDFE8C6211EF99464085C4F9AE02/33A6DBFAD31C11EFA728D52FC4F9AE02.roa
File: 33A6DBFAD31C11EFA728D52FC4F9AE02.roa (raw, json)
Hash identifier: r2yuw5MRktuq6u58J1k8PGa2EtaCjCSs+Wn3OC8cu8s=
Subject key identifier: 03:49:75:2C:D4:C7:4D:24:4C:0D:82:21:0F:57:9A:4D:30:A1:D6:21
Certificate issuer: /CN=A916AC30/serialNumber=576790244CC29275C112356FF620F2620D7D615E
Certificate serial: 5F
Authority key identifier: 57:67:90:24:4C:C2:92:75:C1:12:35:6F:F6:20:F2:62:0D:7D:61:5E
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/V2eQJEzCknXBEjVv9iDyYg19YV4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916AC30/6BC4CDFE8C6211EF99464085C4F9AE02/33A6DBFAD31C11EFA728D52FC4F9AE02.roa
Signing time: Thu 16 Jan 2025 09:43:18 +0000
ROA not before: Thu 16 Jan 2025 09:43:18 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 59253
IP address blocks: 23.106.48.0/21 maxlen: 21
23.106.50.0/24 maxlen: 24
23.106.64.0/20 maxlen: 20
23.106.67.0/24 maxlen: 24
23.106.120.0/21 maxlen: 21
23.106.248.0/21 maxlen: 21
23.106.248.0/22 maxlen: 22
23.106.252.0/22 maxlen: 22
23.108.96.0/21 maxlen: 21
23.108.96.0/22 maxlen: 22
23.108.100.0/22 maxlen: 22
23.111.12.0/22 maxlen: 22
64.120.92.0/22 maxlen: 22
64.120.110.0/23 maxlen: 24
142.91.96.0/23 maxlen: 23
173.234.0.0/23 maxlen: 23
173.234.2.0/23 maxlen: 23
173.234.4.0/22 maxlen: 22
173.234.8.0/22 maxlen: 22
173.234.12.0/23 maxlen: 23
173.234.14.0/23 maxlen: 23
209.58.160.0/20 maxlen: 20
209.58.160.0/21 maxlen: 21
209.58.168.0/21 maxlen: 21
209.58.176.0/21 maxlen: 21
209.58.176.0/22 maxlen: 22
209.58.180.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95 (0x5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916AC30/serialNumber=576790244CC29275C112356FF620F2620D7D615E
Validity
Not Before: Jan 16 09:43:18 2025 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=6788d4b6-b762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:6f:cf:df:19:d6:4f:26:f5:97:5b:30:97:4c:
b8:75:e0:b6:e5:ee:58:46:55:64:ca:fc:d5:b6:a2:
26:ee:c7:fc:ca:e9:a3:75:4d:6d:17:c8:81:65:0d:
2a:c4:ff:40:b9:ea:58:f9:e8:b2:88:72:ea:e9:fa:
aa:68:5c:42:2e:4a:ca:eb:bf:a7:21:04:cf:68:03:
11:29:42:b6:72:5b:6f:44:26:06:b2:b4:62:c5:9f:
d1:b8:e3:cc:cb:07:7b:16:85:02:8c:b6:d3:a0:72:
f1:2b:2b:d5:b2:5a:83:a5:8e:3b:78:20:bd:0f:16:
d8:6d:77:9e:8e:b8:a7:47:fe:8f:2c:b5:c0:76:29:
0c:0d:63:a9:40:fc:71:df:5f:9e:05:3b:a5:ab:fa:
bf:d6:e8:c6:bb:81:88:3b:81:e8:e1:f6:41:f2:49:
5a:cd:cb:8e:76:67:34:f4:4a:27:b6:9c:8a:ea:5b:
38:b9:f6:89:6f:9d:c4:0f:8f:4e:55:6e:ab:dd:45:
8c:bb:a7:2a:e0:40:52:f0:45:07:b0:b8:bd:77:1b:
57:57:3e:d0:79:c6:43:6f:c3:da:fd:97:fb:66:b6:
92:62:07:df:bf:3e:56:9f:aa:ad:17:64:f2:f1:00:
c1:cd:59:c6:e5:59:3d:2d:c3:f2:fe:f8:84:33:c7:
91:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:49:75:2C:D4:C7:4D:24:4C:0D:82:21:0F:57:9A:4D:30:A1:D6:21
X509v3 Authority Key Identifier:
keyid:57:67:90:24:4C:C2:92:75:C1:12:35:6F:F6:20:F2:62:0D:7D:61:5E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916AC30/6BC4CDFE8C6211EF99464085C4F9AE02/V2eQJEzCknXBEjVv9iDyYg19YV4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/V2eQJEzCknXBEjVv9iDyYg19YV4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916AC30/6BC4CDFE8C6211EF99464085C4F9AE02/33A6DBFAD31C11EFA728D52FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
23.106.48.0/21
23.106.64.0/20
23.106.120.0/21
23.106.248.0/21
23.108.96.0/21
23.111.12.0/22
64.120.92.0/22
64.120.110.0/23
142.91.96.0/23
173.234.0.0/20
209.58.160.0-209.58.183.255
Signature Algorithm: sha256WithRSAEncryption
81:01:53:60:d3:69:06:b4:04:35:03:07:4f:a0:6d:f5:19:dc:
a2:01:75:06:ea:46:8c:84:59:4b:cc:2d:ec:54:a2:48:d7:02:
d5:59:55:61:0f:24:fd:30:37:d7:72:76:8c:71:34:4b:1a:99:
25:02:e4:42:99:cf:be:85:94:15:14:fe:73:9f:cc:81:ae:61:
48:4f:f0:6e:5e:10:7d:b3:5b:f2:06:1b:53:7a:e6:df:41:c1:
7b:4c:82:cf:50:ff:22:9f:a3:18:7c:be:1d:17:0c:78:4a:a8:
1a:26:e0:9c:e9:66:b7:c2:3f:27:c9:a6:36:92:db:a3:b4:24:
36:60:b0:00:ae:30:4d:9d:d1:c5:cb:87:68:f4:33:2a:5a:30:
64:bf:b9:aa:36:01:90:1d:f1:c3:76:cf:49:a5:29:06:a5:17:
d8:6c:31:24:6f:c7:c2:a1:e7:f0:9b:10:33:43:7e:b4:f0:13:
1f:7f:8a:2c:94:84:8b:9c:80:28:ea:ff:a8:dc:12:b3:5c:94:
9e:1a:71:54:3c:67:7e:03:81:67:1c:bb:95:20:04:64:a0:b5:
83:c7:98:d8:35:74:06:49:dd:3a:53:e7:5b:42:6b:bb:9b:db:
99:f0:77:1a:34:5d:cb:90:bb:4a:4d:0b:de:0a:9f:fe:48:cd:
4b:28:78:b0
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgIBXzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
QUMzMDExMC8GA1UEBRMoNTc2NzkwMjQ0Q0MyOTI3NUMxMTIzNTZGRjYyMEYyNjIw
RDdENjE1RTAeFw0yNTAxMTYwOTQzMThaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ODhkNGI2LWI3NjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDmb8/fGdZPJvWXWzCXTLh14Lbl7lhGVWTK/NW2oibux/zK6aN1TW0XyIFlDSrE
/0C56lj56LKIcurp+qpoXEIuSsrrv6chBM9oAxEpQrZyW29EJgaytGLFn9G448zL
B3sWhQKMttOgcvErK9WyWoOljjt4IL0PFthtd56OuKdH/o8stcB2KQwNY6lA/HHf
X54FO6Wr+r/W6Ma7gYg7gejh9kHySVrNy452ZzT0Sie2nIrqWzi59olvncQPj05V
bqvdRYy7pyrgQFLwRQewuL13G1dXPtB5xkNvw9r9l/tmtpJiB9+/Plafqq0XZPLx
AMHNWcblWT0tw/L++IQzx5GTAgMBAAGjggLZMIIC1TAdBgNVHQ4EFgQUA0l1LNTH
TSRMDYIhD1eaTTCh1iEwHwYDVR0jBBgwFoAUV2eQJEzCknXBEjVv9iDyYg19YV4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZBQzMwLzZCQzRDREZFOEM2
MjExRUY5OTQ2NDA4NUM0RjlBRTAyL1YyZVFKRXpDa25YQkVqVnY5aUR5WWcxOVlW
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvVjJlUUpFekNrblhCRWpWdjlpRHlZZzE5WVY0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
QUMzMC82QkM0Q0RGRThDNjIxMUVGOTk0NjQwODVDNEY5QUUwMi8zM0E2REJGQUQz
MUMxMUVGQTcyOEQ1MkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBjBggrBgEFBQcBBwEB/wRU
MFIwUAQCAAEwSgMEAxdqMAMEBBdqQAMEAxdqeAMEAxdq+AMEAxdsYAMEAhdvDAME
AkB4XAMEAUB4bgMEAY5bYAMEBK3qADAMAwQF0TqgAwQD0TqwMA0GCSqGSIb3DQEB
CwUAA4IBAQCBAVNg02kGtAQ1AwdPoG31GdyiAXUG6kaMhFlLzC3sVKJI1wLVWVVh
DyT9MDfXcnaMcTRLGpklAuRCmc++hZQVFP5zn8yBrmFIT/BuXhB9s1vyBhtTeubf
QcF7TILPUP8in6MYfL4dFwx4SqgaJuCc6Wa3wj8nyaY2ktujtCQ2YLAArjBNndHF
y4do9DMqWjBkv7mqNgGQHfHDds9JpSkGpRfYbDEkb8fCoefwmxAzQ3608BMff4os
lISLnIAo6v+o3BKzXJSeGnFUPGd+A4FnHLuVIARkoLWDx5jYNXQGSd06U+dbQmu7
m9uZ8HcaNF3LkLtKTQveCp/+SM1LKHiw
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:44:33 2025 by rpki-client