Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4713/FE1BD97C892A11EEB614826AC4F9AE02/A5656D2E892B11EE94747D6BC4F9AE02.roa
File: A5656D2E892B11EE94747D6BC4F9AE02.roa (raw, json)
Hash identifier: 01zpHNpEXp5bla5wzGX7psaD7zJbZ+wyzWYL5eybWGY=
Subject key identifier: FD:31:55:96:35:0B:63:E9:C2:22:DC:AB:BF:87:70:74:3E:0B:6F:E9
Certificate issuer: /CN=A91B4713/serialNumber=69A486FBF21484F1412FB8A80A278A248CEFBEB2
Certificate serial: D2
Authority key identifier: 69:A4:86:FB:F2:14:84:F1:41:2F:B8:A8:0A:27:8A:24:8C:EF:BE:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aaSG-_IUhPFBL7ioCieKJIzvvrI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B4713/FE1BD97C892A11EEB614826AC4F9AE02/A5656D2E892B11EE94747D6BC4F9AE02.roa
Signing time: Tue 17 Dec 2024 03:57:45 +0000
ROA not before: Tue 17 Dec 2024 03:57:45 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 138004
IP address blocks: 180.94.20.0/23 maxlen: 23
180.94.20.0/24 maxlen: 24
180.94.21.0/24 maxlen: 24
2401:51e0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 210 (0xd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B4713/serialNumber=69A486FBF21484F1412FB8A80A278A248CEFBEB2
Validity
Not Before: Dec 17 03:57:45 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6760f6b8-1298
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e3:e5:74:c4:bb:ed:19:1f:97:19:be:33:58:
20:72:ca:67:37:d5:46:4b:c9:5d:ff:89:a7:ac:9e:
2f:47:72:d9:ab:90:37:af:64:11:0e:98:6b:c0:59:
41:39:70:6c:b2:7f:2e:62:12:fb:25:a6:04:fb:ef:
87:c9:94:ac:da:1c:6a:71:96:12:c1:a2:4a:16:85:
28:e1:c1:07:40:d8:87:5a:57:0f:91:44:0f:3d:5e:
52:09:49:1d:c3:4a:db:2b:39:1e:5f:ca:c7:24:90:
a0:e9:e2:a6:01:71:6a:f8:63:0e:43:4d:3d:df:07:
a5:1f:2d:42:48:11:f0:b7:c8:a8:c5:32:f3:4b:e7:
c8:aa:5f:27:d7:b1:72:ee:8c:0d:ca:21:d7:92:29:
c6:f1:ad:68:bf:f0:f4:38:60:1c:75:c2:ba:e9:dd:
17:85:68:c7:e5:88:81:4c:81:df:01:50:24:bb:bb:
05:5c:5c:87:75:57:96:ed:e7:a6:c0:d7:6c:89:c6:
9e:39:30:4f:52:b7:ad:2e:d9:1d:0d:a7:f9:10:53:
c9:0f:b8:a4:c1:cb:a5:f1:8c:2e:23:b6:e6:6c:37:
e6:e1:60:b9:2c:2f:3e:cb:e0:89:04:d7:d3:a2:9e:
2a:f9:db:11:93:7b:47:e6:03:c3:4b:a5:47:0b:40:
23:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:31:55:96:35:0B:63:E9:C2:22:DC:AB:BF:87:70:74:3E:0B:6F:E9
X509v3 Authority Key Identifier:
keyid:69:A4:86:FB:F2:14:84:F1:41:2F:B8:A8:0A:27:8A:24:8C:EF:BE:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B4713/FE1BD97C892A11EEB614826AC4F9AE02/aaSG-_IUhPFBL7ioCieKJIzvvrI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aaSG-_IUhPFBL7ioCieKJIzvvrI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4713/FE1BD97C892A11EEB614826AC4F9AE02/A5656D2E892B11EE94747D6BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
180.94.20.0/23
IPv6:
2401:51e0::/32
Signature Algorithm: sha256WithRSAEncryption
65:4d:d2:d2:a9:78:89:c9:5c:84:5d:44:08:a6:5e:2d:f5:d7:
70:93:87:61:8b:60:1d:7a:de:6c:dc:2e:49:80:c3:72:24:e2:
31:1f:5d:d9:de:3a:f0:0e:07:05:65:9a:f8:da:86:c9:53:e2:
94:dc:8b:19:20:e9:1a:5f:55:d9:62:38:e5:99:bb:11:38:be:
40:59:b5:68:4d:7e:e6:85:ac:ba:f5:e6:b2:8c:6c:db:90:5a:
e5:f4:bd:0e:59:b7:26:2c:66:28:ac:c1:7e:52:ac:06:9c:9c:
42:46:19:7a:80:ca:33:35:d4:d2:69:70:3c:66:7a:7d:78:8f:
7b:4f:64:cc:ca:a6:87:b1:17:78:c2:49:ca:80:c4:a5:8c:ef:
3d:e1:86:79:1d:12:3e:56:ac:6f:b0:2e:e9:2b:66:62:89:9f:
2b:33:74:58:44:3c:d6:93:f5:4c:82:8f:df:b1:4e:0a:43:6e:
53:c3:b5:0b:39:87:98:25:0f:2b:a3:85:92:46:87:9e:dd:2b:
d2:35:4c:e5:da:a4:e2:23:ce:da:05:22:4a:77:d3:29:39:28:
78:45:e2:74:eb:5c:b8:d3:be:4c:34:7e:0e:6d:3e:6b:8a:db:
52:7d:db:45:4f:6b:9f:32:be:37:f9:d4:42:b6:85:99:39:29:
e0:f4:65:48
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICANIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjQ3MTMxMTAvBgNVBAUTKDY5QTQ4NkZCRjIxNDg0RjE0MTJGQjhBODBBMjc4QTI0
OENFRkJFQjIwHhcNMjQxMjE3MDM1NzQ1WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYwZjZiOC0xMjk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1+PldMS77Rkflxm+M1ggcspnN9VGS8ld/4mnrJ4vR3LZq5A3r2QRDphrwFlB
OXBssn8uYhL7JaYE+++HyZSs2hxqcZYSwaJKFoUo4cEHQNiHWlcPkUQPPV5SCUkd
w0rbKzkeX8rHJJCg6eKmAXFq+GMOQ0093welHy1CSBHwt8ioxTLzS+fIql8n17Fy
7owNyiHXkinG8a1ov/D0OGAcdcK66d0XhWjH5YiBTIHfAVAku7sFXFyHdVeW7eem
wNdsicaeOTBPUretLtkdDaf5EFPJD7ikwcul8YwuI7bmbDfm4WC5LC8+y+CJBNfT
op4q+dsRk3tH5gPDS6VHC0AjiQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFP0xVZY1
C2PpwiLcq7+HcHQ+C2/pMB8GA1UdIwQYMBaAFGmkhvvyFITxQS+4qAoniiSM776y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDcxMy9GRTFCRDk3Qzg5
MkExMUVFQjYxNDgyNkFDNEY5QUUwMi9hYVNHLV9JVWhQRkJMN2lvQ2llS0pJenZ2
ckkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FhU0ctX0lVaFBGQkw3aW9DaWVLSkl6dnZySS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjQ3MTMvRkUxQkQ5N0M4OTJBMTFFRUI2MTQ4MjZBQzRGOUFFMDIvQTU2NTZEMkU4
OTJCMTFFRTk0NzQ3RDZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAG0XhQwDQQCAAIwBwMFACQBUeAwDQYJKoZIhvcNAQELBQAD
ggEBAGVN0tKpeInJXIRdRAimXi3113CTh2GLYB163mzcLkmAw3Ik4jEfXdneOvAO
BwVlmvjahslT4pTcixkg6RpfVdliOOWZuxE4vkBZtWhNfuaFrLr15rKMbNuQWuX0
vQ5ZtyYsZiiswX5SrAacnEJGGXqAyjM11NJpcDxmen14j3tPZMzKpoexF3jCScqA
xKWM7z3hhnkdEj5WrG+wLukrZmKJnyszdFhEPNaT9UyCj9+xTgpDblPDtQs5h5gl
DyujhZJGh57dK9I1TOXapOIjztoFIkp30yk5KHhF4nTrXLjTvkw0fg5tPmuK21J9
20VPa58yvjf51EK2hZk5KeD0ZUg=
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:39:19 2025 by rpki-client