Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91975CC/1EA343E2AFE311ECA2CB066DC4F9AE02/1CF68346F0BF11EEA1A0B559C4F9AE02.roa
File: 1CF68346F0BF11EEA1A0B559C4F9AE02.roa (raw, json)
Hash identifier: N3w/cqpvbeSysw2Pl0GFrH8zH4tdrq/Hv3k8kKk/v8E=
Subject key identifier: 68:93:F9:CA:61:30:8F:32:45:72:3A:80:4D:24:01:4C:EC:DE:4E:74
Certificate issuer: /CN=A91975CC/serialNumber=0BAC42986E9ABDB7CEE2CDFB2A9FE8D6D02AAB5C
Certificate serial: 0349
Authority key identifier: 0B:AC:42:98:6E:9A:BD:B7:CE:E2:CD:FB:2A:9F:E8:D6:D0:2A:AB:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C6xCmG6avbfO4s37Kp_o1tAqq1w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91975CC/1EA343E2AFE311ECA2CB066DC4F9AE02/1CF68346F0BF11EEA1A0B559C4F9AE02.roa
Signing time: Fri 31 Jan 2025 01:15:15 +0000
ROA not before: Fri 31 Jan 2025 01:15:15 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 134697
IP address blocks: 45.248.48.0/22 maxlen: 24
103.205.28.0/23 maxlen: 24
103.214.220.0/22 maxlen: 24
103.216.190.0/23 maxlen: 24
144.48.164.0/22 maxlen: 24
203.12.0.0/23 maxlen: 24
203.12.2.0/23 maxlen: 24
203.12.4.0/23 maxlen: 24
203.12.6.0/23 maxlen: 23
203.12.6.0/24 maxlen: 24
203.12.7.0/24 maxlen: 24
203.12.8.0/23 maxlen: 24
203.12.10.0/23 maxlen: 24
203.12.12.0/23 maxlen: 24
203.12.14.0/23 maxlen: 24
2404:e80::/32 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 841 (0x349)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91975CC/serialNumber=0BAC42986E9ABDB7CEE2CDFB2A9FE8D6D02AAB5C
Validity
Not Before: Jan 31 01:15:15 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679c2423-607d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7f:67:ae:e1:cb:79:43:33:2d:cf:b4:92:9e:
11:a1:48:81:f8:b2:7b:c3:67:4c:e9:a1:b7:84:57:
ee:80:3a:53:7f:ef:a5:58:9a:86:95:7f:02:cc:3e:
d9:7a:02:2a:4a:26:f8:3a:dd:27:21:e8:27:0a:2b:
5c:09:ed:67:0b:fb:84:30:4a:e3:f0:40:32:82:d3:
e6:3b:ca:48:28:04:e9:f6:c4:f6:d4:6e:2a:38:d5:
a3:db:59:ac:a7:f8:23:f0:2d:41:2c:3f:01:b7:fa:
4d:0d:00:7a:15:95:2d:e9:b9:73:3d:d2:a6:cd:cd:
45:0e:25:14:0f:81:72:bc:d7:34:e7:95:36:86:36:
d0:90:49:03:91:d0:8d:2e:82:af:0e:34:08:3b:14:
58:20:79:0f:7a:7a:40:42:07:6d:c2:59:9c:ec:b2:
46:40:bd:98:5a:d2:be:c9:88:c6:da:1b:80:d9:b6:
65:56:93:1a:96:91:43:43:8a:22:b1:7f:3f:39:78:
f7:03:9b:60:b6:35:ef:a1:50:a0:81:83:df:17:9b:
ba:09:85:20:43:dd:bc:b0:6c:1e:65:6c:a4:97:f7:
2f:0a:4f:cf:e3:d7:a9:69:62:70:77:64:2b:dc:f7:
68:c1:f9:37:e3:1c:0a:d3:55:f0:4f:49:de:4c:40:
49:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:93:F9:CA:61:30:8F:32:45:72:3A:80:4D:24:01:4C:EC:DE:4E:74
X509v3 Authority Key Identifier:
keyid:0B:AC:42:98:6E:9A:BD:B7:CE:E2:CD:FB:2A:9F:E8:D6:D0:2A:AB:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91975CC/1EA343E2AFE311ECA2CB066DC4F9AE02/C6xCmG6avbfO4s37Kp_o1tAqq1w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C6xCmG6avbfO4s37Kp_o1tAqq1w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91975CC/1EA343E2AFE311ECA2CB066DC4F9AE02/1CF68346F0BF11EEA1A0B559C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.248.48.0/22
103.205.28.0/23
103.214.220.0/22
103.216.190.0/23
144.48.164.0/22
203.12.0.0/20
IPv6:
2404:e80::/32
Signature Algorithm: sha256WithRSAEncryption
2f:d7:95:5b:8d:35:52:9d:55:7f:e3:a2:a0:81:b7:bf:72:e4:
eb:3b:9b:2b:a8:d2:06:c0:2c:46:cc:d8:6e:b2:22:14:3b:ad:
68:5d:f1:54:f2:2b:a1:08:a5:b9:66:61:47:15:0b:84:b9:81:
d7:66:fd:ba:54:95:7c:7d:e4:16:e2:2a:71:9f:cd:c8:41:05:
27:66:46:34:07:1a:42:35:b6:94:87:31:e3:83:9f:c7:4b:73:
be:c5:f7:d9:e2:70:e7:f3:a6:51:33:eb:a5:f3:5d:e8:e5:b1:
7e:bd:ea:76:4f:3c:8b:a5:cf:f7:a5:e9:8d:bc:b5:a7:a9:f1:
54:cc:b6:cb:d7:a3:6a:fa:5b:68:ae:f7:79:7c:f5:e6:b3:97:
7b:8e:f3:ec:98:ab:ac:59:b7:e5:4b:47:66:a0:30:a1:44:12:
f3:2a:e0:33:58:15:91:eb:f6:2f:31:a7:4c:6f:2d:8b:cf:78:
c4:ce:19:fa:cc:28:2a:64:36:6e:e3:f9:48:98:66:36:c9:08:
11:12:0c:74:47:5e:06:c6:d0:8d:3b:85:a9:2e:e0:1c:bf:57:
9a:a8:f8:cc:47:dd:7b:75:8f:5d:b8:57:66:09:7e:38:4a:b1:
0e:e4:f7:1a:f6:0a:05:f5:df:39:4c:9c:d8:26:56:df:f5:35:
0e:92:77:a0
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICA0kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTc1Q0MxMTAvBgNVBAUTKDBCQUM0Mjk4NkU5QUJEQjdDRUUyQ0RGQjJBOUZFOEQ2
RDAyQUFCNUMwHhcNMjUwMTMxMDExNTE1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzljMjQyMy02MDdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzH9nruHLeUMzLc+0kp4RoUiB+LJ7w2dM6aG3hFfugDpTf++lWJqGlX8CzD7Z
egIqSib4Ot0nIegnCitcCe1nC/uEMErj8EAygtPmO8pIKATp9sT21G4qONWj21ms
p/gj8C1BLD8Bt/pNDQB6FZUt6blzPdKmzc1FDiUUD4FyvNc055U2hjbQkEkDkdCN
LoKvDjQIOxRYIHkPenpAQgdtwlmc7LJGQL2YWtK+yYjG2huA2bZlVpMalpFDQ4oi
sX8/OXj3A5tgtjXvoVCggYPfF5u6CYUgQ928sGweZWykl/cvCk/P49epaWJwd2Qr
3Pdowfk34xwK01XwT0neTEBJWQIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFGiT+cph
MI8yRXI6gE0kAUzs3k50MB8GA1UdIwQYMBaAFAusQphumr23zuLN+yqf6NbQKqtc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzVDQy8xRUEzNDNFMkFG
RTMxMUVDQTJDQjA2NkRDNEY5QUUwMi9DNnhDbUc2YXZiZk80czM3S3BfbzF0QXFx
MXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0M2eENtRzZhdmJmTzRzMzdLcF9vMXRBcXExdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTc1Q0MvMUVBMzQzRTJBRkUzMTFFQ0EyQ0IwNjZEQzRGOUFFMDIvMUNGNjgzNDZG
MEJGMTFFRUExQTBCNTU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MCoEAgABMCQDBAIt+DADBAFnzRwDBAJn1twDBAFn2L4DBAKQMKQDBATLDAAw
DQQCAAIwBwMFACQEDoAwDQYJKoZIhvcNAQELBQADggEBAC/XlVuNNVKdVX/joqCB
t79y5Os7myuo0gbALEbM2G6yIhQ7rWhd8VTyK6EIpblmYUcVC4S5gddm/bpUlXx9
5BbiKnGfzchBBSdmRjQHGkI1tpSHMeODn8dLc77F99nicOfzplEz66XzXejlsX69
6nZPPIulz/el6Y28taep8VTMtsvXo2r6W2iu93l89eazl3uO8+yYq6xZt+VLR2ag
MKFEEvMq4DNYFZHr9i8xp0xvLYvPeMTOGfrMKCpkNm7j+UiYZjbJCBESDHRHXgbG
0I07haku4By/V5qo+MxH3Xt1j124V2YJfjhKsQ7k9xr2CgX13zlMnNgmVt/1NQ6S
d6A=
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:16:32 2025 by rpki-client