Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91722A3/C02D85DE2B9B11EA972CDF46C4F9AE02/002DDDC22B9D11EA92F3094CC4F9AE02.roa
File: 002DDDC22B9D11EA92F3094CC4F9AE02.roa (raw, json)
Hash identifier: RIHPif0x1JlxdJG6P0E7caIIVbjXsOlXYot9xZqPb2s=
Subject key identifier: F9:44:A7:28:5E:F2:58:01:C2:26:89:6C:9B:A6:6E:30:9F:FF:68:F2
Certificate issuer: /CN=A91722A3/serialNumber=7085B5B4549ACDB5B6C2704C85BA788760F88A27
Certificate serial: 0B38
Authority key identifier: 70:85:B5:B4:54:9A:CD:B5:B6:C2:70:4C:85:BA:78:87:60:F8:8A:27
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cIW1tFSazbW2wnBMhbp4h2D4iic.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91722A3/C02D85DE2B9B11EA972CDF46C4F9AE02/002DDDC22B9D11EA92F3094CC4F9AE02.roa
Signing time: Mon 06 Jan 2025 11:21:30 +0000
ROA not before: Mon 06 Jan 2025 11:21:30 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 133421
IP address blocks: 45.117.236.0/22 maxlen: 22
45.117.236.0/24 maxlen: 24
45.117.237.0/24 maxlen: 24
45.117.238.0/24 maxlen: 24
45.117.239.0/24 maxlen: 24
101.78.16.0/20 maxlen: 20
101.78.16.0/24 maxlen: 24
101.78.17.0/24 maxlen: 24
101.78.18.0/24 maxlen: 24
101.78.19.0/24 maxlen: 24
101.78.20.0/24 maxlen: 24
101.78.21.0/24 maxlen: 24
101.78.22.0/24 maxlen: 24
101.78.23.0/24 maxlen: 24
101.78.24.0/24 maxlen: 24
101.78.25.0/24 maxlen: 24
101.78.26.0/24 maxlen: 24
101.78.27.0/24 maxlen: 24
101.78.28.0/24 maxlen: 24
101.78.29.0/24 maxlen: 24
101.78.30.0/24 maxlen: 24
101.78.31.0/24 maxlen: 24
103.228.56.0/22 maxlen: 22
103.228.56.0/24 maxlen: 24
103.228.57.0/24 maxlen: 24
103.228.58.0/24 maxlen: 24
103.228.59.0/24 maxlen: 24
2403:1380::/32 maxlen: 32
2403:1380:1::/48 maxlen: 48
2403:1380:2::/48 maxlen: 48
2403:1380:3::/48 maxlen: 48
2403:1380:11::/48 maxlen: 48
2403:1380:12::/48 maxlen: 48
2403:1380:1380::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2872 (0xb38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91722A3/serialNumber=7085B5B4549ACDB5B6C2704C85BA788760F88A27
Validity
Not Before: Jan 6 11:21:30 2025 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=677bbcba-d3c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:6a:e5:36:81:48:48:2d:0c:ff:d8:63:a2:d9:
de:e7:51:5f:a6:4c:e5:36:f7:15:01:76:48:f3:4a:
a7:fa:16:04:3a:cd:de:71:85:f1:3b:e9:85:d0:7a:
5d:93:43:22:9a:61:a7:88:cd:67:a9:be:0f:fd:1e:
61:e6:16:b2:5e:e0:a8:fb:17:18:1d:7c:81:c5:a5:
e7:ba:a3:64:0e:bd:2c:c7:04:a2:01:e6:b6:7b:67:
94:73:5c:18:3d:08:4b:8c:fd:1a:1c:1e:a3:d6:fc:
01:35:c6:04:ae:be:5e:54:ff:03:63:92:fd:38:b0:
92:02:9f:df:1c:35:7a:fb:54:43:2f:1f:68:23:4d:
ea:c8:7c:c0:48:a9:e7:b9:63:2b:47:81:69:c8:9e:
97:99:ed:4e:2a:ee:b5:35:85:68:fc:1b:8e:36:47:
f3:93:a5:1e:c2:bc:81:76:a0:8d:26:60:04:a5:f7:
06:f9:83:00:26:5f:91:90:a3:f7:5e:37:d1:46:3a:
41:de:a4:10:e1:30:36:10:a3:1e:de:cc:ca:9f:51:
1c:ff:e7:6b:9b:6f:85:1f:07:91:46:56:3a:65:4f:
54:27:09:45:89:60:ed:08:65:64:17:61:22:07:63:
ad:ec:43:0a:e8:b5:6e:f2:4a:b7:a6:19:39:92:af:
cd:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:44:A7:28:5E:F2:58:01:C2:26:89:6C:9B:A6:6E:30:9F:FF:68:F2
X509v3 Authority Key Identifier:
keyid:70:85:B5:B4:54:9A:CD:B5:B6:C2:70:4C:85:BA:78:87:60:F8:8A:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91722A3/C02D85DE2B9B11EA972CDF46C4F9AE02/cIW1tFSazbW2wnBMhbp4h2D4iic.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cIW1tFSazbW2wnBMhbp4h2D4iic.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91722A3/C02D85DE2B9B11EA972CDF46C4F9AE02/002DDDC22B9D11EA92F3094CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.236.0/22
101.78.16.0/20
103.228.56.0/22
IPv6:
2403:1380::/32
Signature Algorithm: sha256WithRSAEncryption
24:1c:b8:ee:7f:df:c1:db:d6:3f:13:50:b6:1f:cc:87:de:4a:
86:60:66:a3:b7:fe:06:3e:9a:c6:b7:9b:1c:a8:55:f7:bf:a7:
36:d7:c3:82:77:26:64:23:9d:4f:d0:9e:fc:8e:df:dd:f5:fa:
15:fd:6d:f1:84:cb:3d:f4:4e:a5:f9:ee:bb:e8:f1:c2:58:52:
57:8c:c0:14:23:3c:a6:35:f5:68:3b:ea:0d:41:09:22:5c:63:
b3:5c:e5:3f:bd:f9:a5:2c:91:41:d9:50:2d:5b:2b:53:d5:70:
48:05:1b:b6:77:32:99:31:87:60:2a:ac:14:9a:e4:aa:20:cb:
a8:1e:29:73:27:13:12:5f:73:aa:05:a8:b7:44:40:ac:f1:da:
48:58:72:71:b0:b3:88:16:c8:5f:56:e7:d5:9a:73:aa:77:47:
e9:1e:3d:85:82:18:93:27:6e:f9:22:c9:9a:e9:99:53:e9:18:
c0:79:02:0a:e4:10:ef:39:e9:6e:1f:a7:7b:56:5f:f4:18:35:
de:91:56:37:de:70:19:7e:fb:ea:f2:aa:e4:a5:77:49:bf:89:
0d:31:95:d4:c6:68:3e:42:26:ad:de:3d:d8:3a:b6:cf:5a:09:
fc:05:2b:3b:6b:fe:a1:3c:2d:b0:72:e1:18:55:24:6a:a4:75:
80:c6:bb:03
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICCzgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzIyQTMxMTAvBgNVBAUTKDcwODVCNUI0NTQ5QUNEQjVCNkMyNzA0Qzg1QkE3ODg3
NjBGODhBMjcwHhcNMjUwMTA2MTEyMTMwWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdiYmNiYS1kM2M5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAl2rlNoFISC0M/9hjotne51FfpkzlNvcVAXZI80qn+hYEOs3ecYXxO+mF0Hpd
k0MimmGniM1nqb4P/R5h5hayXuCo+xcYHXyBxaXnuqNkDr0sxwSiAea2e2eUc1wY
PQhLjP0aHB6j1vwBNcYErr5eVP8DY5L9OLCSAp/fHDV6+1RDLx9oI03qyHzASKnn
uWMrR4FpyJ6Xme1OKu61NYVo/BuONkfzk6UewryBdqCNJmAEpfcG+YMAJl+RkKP3
XjfRRjpB3qQQ4TA2EKMe3szKn1Ec/+drm2+FHweRRlY6ZU9UJwlFiWDtCGVkF2Ei
B2Ot7EMK6LVu8kq3phk5kq/NcwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFPlEpyhe
8lgBwiaJbJumbjCf/2jyMB8GA1UdIwQYMBaAFHCFtbRUms21tsJwTIW6eIdg+Ion
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MjJBMy9DMDJEODVERTJC
OUIxMUVBOTcyQ0RGNDZDNEY5QUUwMi9jSVcxdEZTYXpiVzJ3bkJNaGJwNGgyRDRp
aWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NJVzF0RlNhemJXMnduQk1oYnA0aDJENGlpYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzIyQTMvQzAyRDg1REUyQjlCMTFFQTk3MkNERjQ2QzRGOUFFMDIvMDAyREREQzIy
QjlEMTFFQTkyRjMwOTRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAItdewDBARlThADBAJn5DgwDQQCAAIwBwMFACQDE4AwDQYJ
KoZIhvcNAQELBQADggEBACQcuO5/38Hb1j8TULYfzIfeSoZgZqO3/gY+msa3mxyo
Vfe/pzbXw4J3JmQjnU/QnvyO3931+hX9bfGEyz30TqX57rvo8cJYUleMwBQjPKY1
9Wg76g1BCSJcY7Nc5T+9+aUskUHZUC1bK1PVcEgFG7Z3Mpkxh2AqrBSa5Kogy6ge
KXMnExJfc6oFqLdEQKzx2khYcnGws4gWyF9W59Wac6p3R+kePYWCGJMnbvkiyZrp
mVPpGMB5AgrkEO856W4fp3tWX/QYNd6RVjfecBl+++ryquSld0m/iQ0xldTGaD5C
Jq3ePdg6ts9aCfwFKztr/qE8LbBy4RhVJGqkdYDGuwM=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:34:53 2025 by rpki-client