Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C96C54D4650E11EFAECF9A74C4F9AE02.roa
File: C96C54D4650E11EFAECF9A74C4F9AE02.roa (raw, json)
Hash identifier: wwtyY2/N0sZZZI6tMiEwz1McPKvSDuFfDMFRYpet17U=
Subject key identifier: F9:04:CB:2E:8C:CC:3B:1B:72:54:DB:D4:EE:79:80:DF:2D:A3:F5:15
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 97B0
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C96C54D4650E11EFAECF9A74C4F9AE02.roa
Signing time: Wed 28 Aug 2024 07:26:05 +0000
ROA not before: Wed 28 Aug 2024 07:26:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133706
IP address blocks: 43.228.220.0/22 maxlen: 24
45.125.60.0/22 maxlen: 24
103.47.236.0/22 maxlen: 24
157.119.124.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38832 (0x97b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 28 07:26:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66ced10d-8654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:58:a5:16:e3:02:15:c3:d8:61:3c:2c:34:99:
9b:ab:1f:8f:7f:2d:12:c1:75:55:24:2b:8c:5f:90:
8b:e5:43:49:02:89:bd:8d:4b:1d:1a:4c:fc:db:02:
47:8f:8a:c7:fe:26:5c:39:36:97:18:d6:e4:20:13:
ad:02:b3:2c:a3:7d:bc:e7:51:94:c6:bb:9c:22:78:
9c:ce:43:63:1f:48:c5:f8:20:56:ea:3b:96:0c:01:
c5:f1:33:60:0c:b2:84:bc:12:87:4f:c2:e2:d6:ed:
a3:05:f1:25:53:6b:65:86:9f:73:d6:c2:74:c6:15:
c2:e6:77:24:0d:ee:ed:bc:cd:ec:a0:6d:60:bc:4c:
e1:fd:a2:9c:21:8d:62:a0:78:fe:e3:7e:b6:b5:2a:
ce:82:e2:51:77:f9:d3:cf:d5:e7:d6:08:57:b9:61:
2c:d2:05:3d:6f:d5:5a:51:bd:23:2d:f3:d5:26:6b:
7f:91:3e:39:df:62:fb:e7:b5:7d:db:ae:20:26:73:
ef:a6:c5:cc:6e:11:7b:09:b7:f2:51:d9:af:e8:4b:
09:f6:ed:99:5f:99:9d:a7:60:25:fa:6d:10:9c:00:
26:8a:ec:de:38:c8:5a:ce:92:cd:d7:53:6e:f6:49:
b4:05:b4:2b:ed:88:37:50:eb:94:c5:34:2b:eb:e6:
00:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:04:CB:2E:8C:CC:3B:1B:72:54:DB:D4:EE:79:80:DF:2D:A3:F5:15
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C96C54D4650E11EFAECF9A74C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.228.220.0/22
45.125.60.0/22
103.47.236.0/22
157.119.124.0/22
Signature Algorithm: sha256WithRSAEncryption
22:03:c3:f6:3c:e7:ed:19:15:b7:6e:2b:a1:8a:62:85:24:5c:
8f:6a:f2:ef:36:1a:77:ef:21:63:a0:37:8f:c7:df:66:2e:91:
92:c6:bc:e9:19:f1:ec:4e:44:21:a8:bd:26:14:f2:c8:31:77:
90:7c:8d:86:6f:7e:5c:12:75:9c:55:e1:1e:1e:01:29:d1:45:
a2:d1:d0:b8:c5:a4:ae:f0:7c:79:bd:a4:41:40:69:d8:30:54:
71:71:85:95:36:66:ac:b5:c7:8a:61:c6:f6:91:6c:ba:09:84:
40:5e:07:c5:6e:48:45:3b:3d:02:42:6e:35:37:68:55:46:93:
5c:e8:b4:29:98:66:ce:02:b3:fb:6a:93:76:dd:d7:bf:cd:7d:
03:9e:92:90:27:a0:70:c2:fc:92:ea:eb:6e:a0:a0:53:2a:2a:
e8:df:20:7b:ed:33:df:e9:2d:62:79:5b:5e:cf:cb:93:e3:f4:
ff:18:f4:73:a7:e3:50:f4:2b:47:e6:4f:fa:dc:d0:b4:a9:2c:
23:f7:2e:f4:0e:a7:80:95:7f:12:a8:80:e4:6f:a4:21:85:d2:
59:79:17:b6:16:ad:11:1a:87:b9:f5:04:ea:e4:e0:15:88:51:
9f:87:2c:ce:b1:eb:bc:18:5e:be:8d:71:31:61:1f:f7:17:ba:
83:fb:3d:34
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAJewMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDgyODA3MjYwNVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjZjZWQxMGQtODY1NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlYpRbjAhXD2GE8LDSZm6sfj38tEsF1VSQrjF+Qi+VDSQKJvY1LHRpM/NsC
R4+Kx/4mXDk2lxjW5CATrQKzLKN9vOdRlMa7nCJ4nM5DYx9IxfggVuo7lgwBxfEz
YAyyhLwSh0/C4tbtowXxJVNrZYafc9bCdMYVwuZ3JA3u7bzN7KBtYLxM4f2inCGN
YqB4/uN+trUqzoLiUXf508/V59YIV7lhLNIFPW/VWlG9Iy3z1SZrf5E+Od9i++e1
fduuICZz76bFzG4Rewm38lHZr+hLCfbtmV+ZnadgJfptEJwAJors3jjIWs6SzddT
bvZJtAW0K+2IN1DrlMU0K+vmAMECAwEAAaOCAqcwggKjMB0GA1UdDgQWBBT5BMsu
jMw7G3JU29TueYDfLaP1FTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0M5NkM1NEQ0
NjUwRTExRUZBRUNGOUE3NEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDEGCCsGAQUFBwEHAQH/
BCIwIDAeBAIAATAYAwQCK+TcAwQCLX08AwQCZy/sAwQCnXd8MA0GCSqGSIb3DQEB
CwUAA4IBAQAiA8P2POftGRW3biuhimKFJFyPavLvNhp37yFjoDePx99mLpGSxrzp
GfHsTkQhqL0mFPLIMXeQfI2Gb35cEnWcVeEeHgEp0UWi0dC4xaSu8Hx5vaRBQGnY
MFRxcYWVNmastceKYcb2kWy6CYRAXgfFbkhFOz0CQm41N2hVRpNc6LQpmGbOArP7
apN23de/zX0DnpKQJ6BwwvyS6utuoKBTKiro3yB77TPf6S1ieVtez8uT4/T/GPRz
p+NQ9CtH5k/63NC0qSwj9y70DqeAlX8SqIDkb6QhhdJZeRe2Fq0RGoe59QTq5OAV
iFGfhyzOseu8GF6+jXExYR/3F7qD+z00
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:22:41 2025 by rpki-client