Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/E8976FF0928211EF8D2A551EC4F9AE02.roa
File: E8976FF0928211EF8D2A551EC4F9AE02.roa (raw, json)
Hash identifier: ZQDzR5Xdny7JF3r/Zb16j0lL2mL345yAUojH7vcVjic=
Subject key identifier: 43:94:A5:68:8B:EF:D5:07:08:4F:CA:A1:90:73:5F:3E:D7:DA:A9:81
Certificate issuer: /CN=A91D1691/serialNumber=7AC0C00F0FCA479EE465E4F7F545E8C94993D61C
Certificate serial: 23E7
Authority key identifier: 7A:C0:C0:0F:0F:CA:47:9E:E4:65:E4:F7:F5:45:E8:C9:49:93:D6:1C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esDADw_KR57kZeT39UXoyUmT1hw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/E8976FF0928211EF8D2A551EC4F9AE02.roa
Signing time: Tue 26 Nov 2024 05:53:45 +0000
ROA not before: Tue 26 Nov 2024 05:53:45 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 45352
IP address blocks: 14.102.144.0/22 maxlen: 24
14.102.148.0/24 maxlen: 24
14.102.149.0/24 maxlen: 24
14.102.150.0/24 maxlen: 24
14.102.151.0/24 maxlen: 24
14.192.64.0/24 maxlen: 24
14.192.65.0/24 maxlen: 24
14.192.66.0/24 maxlen: 24
14.192.70.0/23 maxlen: 24
43.252.152.0/22 maxlen: 24
45.64.168.0/22 maxlen: 22
45.64.168.0/23 maxlen: 23
45.64.168.0/24 maxlen: 24
45.64.169.0/24 maxlen: 24
45.64.170.0/24 maxlen: 24
45.64.171.0/24 maxlen: 24
58.84.8.0/22 maxlen: 22
58.84.8.0/24 maxlen: 24
58.84.9.0/24 maxlen: 24
58.84.10.0/24 maxlen: 24
58.84.11.0/24 maxlen: 24
103.3.172.0/24 maxlen: 24
103.3.173.0/24 maxlen: 24
103.3.174.0/23 maxlen: 24
103.10.156.0/23 maxlen: 24
103.10.158.0/23 maxlen: 24
103.23.45.0/24 maxlen: 24
103.40.204.0/22 maxlen: 24
118.107.200.0/21 maxlen: 24
118.107.208.0/24 maxlen: 24
118.107.209.0/24 maxlen: 24
118.107.210.0/24 maxlen: 24
118.107.211.0/24 maxlen: 24
118.107.232.0/24 maxlen: 24
118.107.233.0/24 maxlen: 24
118.107.234.0/23 maxlen: 23
118.107.235.0/24 maxlen: 24
118.107.236.0/24 maxlen: 24
118.107.237.0/24 maxlen: 24
118.107.238.0/24 maxlen: 24
118.107.239.0/24 maxlen: 24
118.107.240.0/24 maxlen: 24
118.107.241.0/24 maxlen: 24
118.107.242.0/24 maxlen: 24
118.107.243.0/24 maxlen: 24
183.81.160.0/21 maxlen: 24
192.82.56.0/21 maxlen: 21
192.82.56.0/24 maxlen: 24
192.82.57.0/24 maxlen: 24
192.82.58.0/24 maxlen: 24
192.82.59.0/24 maxlen: 24
192.82.60.0/24 maxlen: 24
192.82.61.0/24 maxlen: 24
192.82.62.0/24 maxlen: 24
192.82.63.0/24 maxlen: 24
210.5.40.0/22 maxlen: 24
210.5.44.0/22 maxlen: 24
2401:3400::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9191 (0x23e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D1691/serialNumber=7AC0C00F0FCA479EE465E4F7F545E8C94993D61C
Validity
Not Before: Nov 26 05:53:45 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67456269-8617
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e7:47:7d:67:3a:a8:bd:6a:a9:34:52:55:d8:
88:87:58:ff:2b:ed:a1:8f:c8:56:7e:65:cf:b7:86:
05:46:4e:d1:2c:06:8c:43:b1:05:28:c5:7b:58:77:
c9:8a:7d:10:d6:7c:9f:e4:97:28:da:f7:f1:56:0c:
e4:ff:e9:ff:74:0c:3d:d5:22:f9:11:0d:a9:d7:25:
da:02:e2:bf:8d:56:06:7a:b8:b8:96:40:58:5c:4e:
2b:01:78:af:95:5f:de:68:a6:25:a5:d0:d4:27:29:
ca:58:b3:27:a4:93:56:71:3b:94:11:d1:af:dc:ed:
0c:43:f7:af:f4:74:7e:74:bf:ea:55:f7:ba:2b:49:
e8:13:04:99:03:38:6e:dc:a3:d8:e4:49:3a:85:d0:
e6:c1:cd:6e:07:4f:46:15:16:3d:40:3a:c0:71:c4:
d9:f7:da:1d:27:e6:b6:b0:1e:db:bd:6b:b9:06:03:
35:05:66:bc:17:76:df:a9:12:5b:66:4d:91:6e:83:
dc:8b:ce:d9:d2:9a:35:e2:03:f5:3a:ff:d7:44:a0:
51:1f:3f:c0:6f:1f:c4:bd:02:a3:89:74:02:1f:3f:
d8:dc:24:78:3f:9a:fa:f6:5c:66:e0:76:aa:45:28:
71:b7:c8:af:78:9e:d8:05:0b:6b:72:b6:83:47:af:
0b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:94:A5:68:8B:EF:D5:07:08:4F:CA:A1:90:73:5F:3E:D7:DA:A9:81
X509v3 Authority Key Identifier:
keyid:7A:C0:C0:0F:0F:CA:47:9E:E4:65:E4:F7:F5:45:E8:C9:49:93:D6:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/esDADw_KR57kZeT39UXoyUmT1hw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esDADw_KR57kZeT39UXoyUmT1hw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/E8976FF0928211EF8D2A551EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.102.144.0/21
14.192.64.0-14.192.66.255
14.192.70.0/23
43.252.152.0/22
45.64.168.0/22
58.84.8.0/22
103.3.172.0/22
103.10.156.0/22
103.23.45.0/24
103.40.204.0/22
118.107.200.0-118.107.211.255
118.107.232.0-118.107.243.255
183.81.160.0/21
192.82.56.0/21
210.5.40.0/21
IPv6:
2401:3400::/32
Signature Algorithm: sha256WithRSAEncryption
ab:5f:38:17:af:a1:56:58:50:c5:29:8b:d9:29:5d:17:bf:dd:
89:4b:82:18:61:58:82:9d:1e:c0:fe:3c:4b:4c:b1:e4:3a:25:
ca:d9:85:78:1c:62:fb:e3:39:df:00:a4:e0:82:74:62:d7:2c:
20:d3:22:3c:1d:0b:16:75:1b:04:d8:81:96:b9:9a:0d:57:1a:
4e:89:96:3e:68:0e:43:c0:e1:5d:a1:66:35:77:d2:e4:5a:b6:
60:b0:95:3e:6e:ee:96:6e:13:1d:ec:18:98:c4:75:dd:f6:2d:
f6:da:5b:17:e4:a6:04:5d:1c:5b:a7:41:6a:b7:56:ec:f9:82:
46:c2:98:d5:d6:d3:b7:65:ea:ec:c6:21:2f:bf:4b:f3:8d:04:
f0:99:ec:59:b2:e8:b8:02:a4:06:d4:b0:63:ec:13:17:ac:32:
cd:7a:cf:ff:b2:0c:04:85:a9:bd:df:00:7a:52:14:89:ed:96:
90:f1:eb:e3:35:4f:af:18:bd:54:b0:55:0c:8e:2e:1d:86:f5:
13:64:10:3d:44:50:d8:ca:63:d0:a9:57:b6:f4:90:2d:e1:f2:
03:2d:3d:3e:37:c3:c3:8b:cb:bf:46:7a:46:18:3b:bb:f7:49:
19:eb:4a:26:34:b4:43:a7:fa:f7:c4:f2:23:4f:42:e3:4e:01:
57:ba:75:bf
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgICI+cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE2OTExMTAvBgNVBAUTKDdBQzBDMDBGMEZDQTQ3OUVFNDY1RTRGN0Y1NDVFOEM5
NDk5M0Q2MUMwHhcNMjQxMTI2MDU1MzQ1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ1NjI2OS04NjE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq+dHfWc6qL1qqTRSVdiIh1j/K+2hj8hWfmXPt4YFRk7RLAaMQ7EFKMV7WHfJ
in0Q1nyf5Jco2vfxVgzk/+n/dAw91SL5EQ2p1yXaAuK/jVYGeri4lkBYXE4rAXiv
lV/eaKYlpdDUJynKWLMnpJNWcTuUEdGv3O0MQ/ev9HR+dL/qVfe6K0noEwSZAzhu
3KPY5Ek6hdDmwc1uB09GFRY9QDrAccTZ99odJ+a2sB7bvWu5BgM1BWa8F3bfqRJb
Zk2RboPci87Z0po14gP1Ov/XRKBRHz/Abx/EvQKjiXQCHz/Y3CR4P5r69lxm4Haq
RShxt8iveJ7YBQtrcraDR68LHQIDAQABo4IDEzCCAw8wHQYDVR0OBBYEFEOUpWiL
79UHCE/KoZBzXz7X2qmBMB8GA1UdIwQYMBaAFHrAwA8Pykee5GXk9/VF6MlJk9Yc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTY5MS81QUZDMjY5MjY1
MkIxMUU1OTdBODY4ODFDNEY5QUUwMi9lc0RBRHdfS1I1N2taZVQzOVVYb3lVbVQx
aHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VzREFEd19LUjU3a1plVDM5VVhveVVtVDFody5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE2OTEvNUFGQzI2OTI2NTJCMTFFNTk3QTg2ODgxQzRGOUFFMDIvRTg5NzZGRjA5
MjgyMTFFRjhEMkE1NTFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZwGCCsGAQUFBwEHAQH/
BIGMMIGJMHgEAgABMHIDBAMOZpAwDAMEBg7AQAMEAA7AQgMEAQ7ARgMEAiv8mAME
Ai1AqAMEAjpUCAMEAmcDrAMEAmcKnAMEAGcXLQMEAmcozDAMAwQDdmvIAwQCdmvQ
MAwDBAN2a+gDBAJ2a/ADBAO3UaADBAPAUjgDBAPSBSgwDQQCAAIwBwMFACQBNAAw
DQYJKoZIhvcNAQELBQADggEBAKtfOBevoVZYUMUpi9kpXRe/3YlLghhhWIKdHsD+
PEtMseQ6JcrZhXgcYvvjOd8ApOCCdGLXLCDTIjwdCxZ1GwTYgZa5mg1XGk6Jlj5o
DkPA4V2hZjV30uRatmCwlT5u7pZuEx3sGJjEdd32LfbaWxfkpgRdHFunQWq3Vuz5
gkbCmNXW07dl6uzGIS+/S/ONBPCZ7Fmy6LgCpAbUsGPsExesMs16z/+yDASFqb3f
AHpSFIntlpDx6+M1T68YvVSwVQyOLh2G9RNkED1EUNjKY9CpV7b0kC3h8gMtPT43
w8OLy79GekYYO7v3SRnrSiY0tEOn+vfE8iNPQuNOAVe6db8=
-----END CERTIFICATE-----
Generated at Sat Apr 26 03:34:25 2025 by rpki-client