Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/01BB1B8E7C0411EFB0D29158C4F9AE02.roa
File: 01BB1B8E7C0411EFB0D29158C4F9AE02.roa (raw, json)
Hash identifier: uaYZ52aFS7AA/WBDBkvre20yg4+dnRTg85CyApS1/Vk=
Subject key identifier: F4:10:0B:DE:5B:DC:B0:F3:F4:2C:51:C3:46:78:C3:95:02:3C:68:EB
Certificate issuer: /CN=A91D298D/serialNumber=FEF2C1C4EA0964477514C1AA946E6C41778D06BF
Certificate serial: 081C
Authority key identifier: FE:F2:C1:C4:EA:09:64:47:75:14:C1:AA:94:6E:6C:41:77:8D:06:BF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_vLBxOoJZEd1FMGqlG5sQXeNBr8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/01BB1B8E7C0411EFB0D29158C4F9AE02.roa
Signing time: Wed 22 Jan 2025 20:49:43 +0000
ROA not before: Wed 22 Jan 2025 20:49:43 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 138423
IP address blocks: 111.119.175.0/24 maxlen: 24
115.42.72.0/21 maxlen: 24
121.91.56.0/23 maxlen: 24
121.91.60.0/23 maxlen: 24
121.91.62.0/23 maxlen: 24
144.48.0.0/22 maxlen: 24
223.123.0.0/24 maxlen: 24
223.123.32.0/24 maxlen: 24
223.123.33.0/24 maxlen: 24
223.123.34.0/24 maxlen: 24
223.123.35.0/24 maxlen: 24
223.123.36.0/24 maxlen: 24
223.123.37.0/24 maxlen: 24
223.123.38.0/24 maxlen: 24
223.123.39.0/24 maxlen: 24
223.123.40.0/24 maxlen: 24
223.123.41.0/24 maxlen: 24
223.123.42.0/24 maxlen: 24
223.123.43.0/24 maxlen: 24
223.123.44.0/24 maxlen: 24
223.123.45.0/24 maxlen: 24
223.123.46.0/24 maxlen: 24
223.123.47.0/24 maxlen: 24
223.123.100.0/23 maxlen: 24
223.123.102.0/23 maxlen: 24
223.123.122.0/23 maxlen: 24
223.123.124.0/23 maxlen: 24
2402:ad80:c0::/44 maxlen: 48
2402:ad80:d0::/44 maxlen: 48
2402:ad80:e0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2076 (0x81c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D298D/serialNumber=FEF2C1C4EA0964477514C1AA946E6C41778D06BF
Validity
Not Before: Jan 22 20:49:43 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=679159e6-bd35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0b:f2:48:a3:74:3e:39:c3:1d:67:be:b5:d6:
f2:83:ff:e0:0e:c1:51:09:cc:78:75:6a:7e:54:23:
2d:1a:e7:2e:83:da:62:2d:bf:7b:fd:9e:29:8a:81:
48:81:3f:64:cc:6c:10:ab:13:e8:e2:05:26:ec:83:
72:95:f9:c8:67:d6:32:1e:06:fa:36:bf:a3:be:95:
eb:33:3d:02:3d:c5:47:18:14:a9:2b:d9:4a:9d:a2:
b9:db:50:a5:f4:07:ff:4a:50:fe:b2:ca:40:62:fa:
1a:90:10:8a:84:71:7b:e0:68:69:7a:2f:f0:8c:e8:
e4:ab:09:cb:7b:b2:b8:4c:19:8e:ed:a5:ff:6c:62:
93:8a:26:a5:b7:ea:16:4c:c3:50:70:97:9d:c4:83:
a9:83:c6:26:ce:5d:13:96:14:1a:e6:d3:54:94:f0:
2b:2c:7b:12:b5:b5:34:a2:f1:64:67:c3:18:af:2f:
a7:1f:f5:cb:be:78:47:f7:20:61:f8:92:9e:80:ad:
59:6b:42:3c:83:96:f5:4d:9a:a9:cf:e7:4f:c5:a6:
d8:0a:37:f7:4b:3b:74:da:cb:ba:66:66:1e:30:35:
02:88:28:a3:b3:7b:85:1c:85:cf:54:fa:6b:a4:b2:
c3:46:07:3e:19:18:1a:49:fe:b8:2e:4d:f4:80:c3:
b7:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:10:0B:DE:5B:DC:B0:F3:F4:2C:51:C3:46:78:C3:95:02:3C:68:EB
X509v3 Authority Key Identifier:
keyid:FE:F2:C1:C4:EA:09:64:47:75:14:C1:AA:94:6E:6C:41:77:8D:06:BF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/_vLBxOoJZEd1FMGqlG5sQXeNBr8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_vLBxOoJZEd1FMGqlG5sQXeNBr8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/01BB1B8E7C0411EFB0D29158C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.119.175.0/24
115.42.72.0/21
121.91.56.0/23
121.91.60.0/22
144.48.0.0/22
223.123.0.0/24
223.123.32.0/20
223.123.100.0/22
223.123.122.0-223.123.125.255
IPv6:
2402:ad80:c0::-2402:ad80:ef:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4f:3f:2e:93:92:f7:ac:4e:47:66:10:1e:e1:42:44:48:ab:b3:
8a:79:c4:e4:f0:a7:9d:13:12:31:3c:ee:e5:4d:09:b3:35:1f:
94:eb:92:57:28:ab:fa:41:62:fd:9f:c6:ac:61:83:b3:6a:aa:
94:55:0a:e3:f6:bd:33:c2:6e:55:de:cf:17:d2:73:7b:44:01:
17:cd:43:58:65:58:4f:15:c2:d3:38:c5:24:3a:06:d7:8f:aa:
21:19:56:34:eb:f9:e2:b2:0b:24:6e:cf:ac:4e:f4:71:eb:3d:
2f:58:02:2f:3b:e9:76:80:6f:ed:37:3f:0d:6b:ab:df:9d:59:
fa:97:fb:0b:b7:49:3b:70:1c:e7:ad:4e:e3:5e:15:90:a4:96:
ce:6b:5b:19:ef:69:d8:48:00:ef:af:cf:10:d1:cb:e0:9c:26:
96:3c:81:e1:cb:a2:07:f7:b9:2f:11:4e:99:30:85:6c:21:07:
54:37:de:31:ea:60:5a:ab:8f:65:b4:3a:e5:e5:21:6a:25:4f:
99:a5:61:00:7c:3b:bf:9c:31:b9:11:a7:34:d3:c1:31:0d:3d:
54:1c:da:76:43:b4:b4:7c:4d:bf:da:47:67:57:26:c9:34:df:
54:7a:32:48:14:8e:32:87:bf:94:c6:1b:4f:77:00:ac:9b:6f:
d6:3b:ce:13
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgICCBwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDI5OEQxMTAvBgNVBAUTKEZFRjJDMUM0RUEwOTY0NDc3NTE0QzFBQTk0NkU2QzQx
Nzc4RDA2QkYwHhcNMjUwMTIyMjA0OTQzWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkxNTllNi1iZDM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvgvySKN0PjnDHWe+tdbyg//gDsFRCcx4dWp+VCMtGucug9piLb97/Z4pioFI
gT9kzGwQqxPo4gUm7INylfnIZ9YyHgb6Nr+jvpXrMz0CPcVHGBSpK9lKnaK521Cl
9Af/SlD+sspAYvoakBCKhHF74Ghpei/wjOjkqwnLe7K4TBmO7aX/bGKTiialt+oW
TMNQcJedxIOpg8Ymzl0TlhQa5tNUlPArLHsStbU0ovFkZ8MYry+nH/XLvnhH9yBh
+JKegK1Za0I8g5b1TZqpz+dPxabYCjf3Szt02su6ZmYeMDUCiCijs3uFHIXPVPpr
pLLDRgc+GRgaSf64Lk30gMO3VQIDAQABo4IC6TCCAuUwHQYDVR0OBBYEFPQQC95b
3LDz9CxRw0Z4w5UCPGjrMB8GA1UdIwQYMBaAFP7ywcTqCWRHdRTBqpRubEF3jQa/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjk4RC8zMzdBNjQzMkYx
QTYxMUVBQjk1QzBFMkZDNEY5QUUwMi9fdkxCeE9vSlpFZDFGTUdxbEc1c1FYZU5C
cjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL192TEJ4T29KWkVkMUZNR3FsRzVzUVhlTkJyOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDI5OEQvMzM3QTY0MzJGMUE2MTFFQUI5NUMwRTJGQzRGOUFFMDIvMDFCQjFCOEU3
QzA0MTFFRkIwRDI5MTU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcwYIKwYBBQUHAQcBAf8E
ZDBiMEQEAgABMD4DBABvd68DBANzKkgDBAF5WzgDBAJ5WzwDBAKQMAADBADfewAD
BATfeyADBALfe2QwDAMEAd97egMEAd97fDAaBAIAAjAUMBIDBwYkAq2AAMADBwQk
Aq2AAOAwDQYJKoZIhvcNAQELBQADggEBAE8/LpOS96xOR2YQHuFCREirs4p5xOTw
p50TEjE87uVNCbM1H5Trklcoq/pBYv2fxqxhg7NqqpRVCuP2vTPCblXezxfSc3tE
ARfNQ1hlWE8VwtM4xSQ6BtePqiEZVjTr+eKyCyRuz6xO9HHrPS9YAi876XaAb+03
Pw1rq9+dWfqX+wu3STtwHOetTuNeFZCkls5rWxnvadhIAO+vzxDRy+CcJpY8geHL
ogf3uS8RTpkwhWwhB1Q33jHqYFqrj2W0OuXlIWolT5mlYQB8O7+cMbkRpzTTwTEN
PVQc2nZDtLR8Tb/aR2dXJsk031R6MkgUjjKHv5TGG093AKybb9Y7zhM=
-----END CERTIFICATE-----
Generated at Sun Apr 27 07:34:58 2025 by rpki-client