Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5BFB/DF2E013ED9FB11E584D11A76C4F9AE02/6D2F20B6ECEB11EE960F5531C4F9AE02.roa
File: 6D2F20B6ECEB11EE960F5531C4F9AE02.roa (raw, json)
Hash identifier: VxYl4qfB1zjkRKmgSxnmRNT6jpcxz/oQeuf18i1PilE=
Subject key identifier: 12:26:69:38:C7:5D:6B:D5:D3:81:8C:0E:3C:DE:58:A7:84:7B:5A:CB
Certificate issuer: /CN=A91D5BFB/serialNumber=BFB69BC22576B957BAB5FF336B7E8358DCB70A2A
Certificate serial: 2188
Authority key identifier: BF:B6:9B:C2:25:76:B9:57:BA:B5:FF:33:6B:7E:83:58:DC:B7:0A:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v7abwiV2uVe6tf8za36DWNy3Cio.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D5BFB/DF2E013ED9FB11E584D11A76C4F9AE02/6D2F20B6ECEB11EE960F5531C4F9AE02.roa
Signing time: Sat 18 Jan 2025 15:53:01 +0000
ROA not before: Sat 18 Jan 2025 15:53:01 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 55915
IP address blocks: 43.231.208.0/22 maxlen: 24
45.64.160.0/22 maxlen: 24
45.123.220.0/22 maxlen: 24
49.236.212.0/22 maxlen: 24
103.1.92.0/22 maxlen: 24
103.51.16.0/22 maxlen: 24
103.192.76.0/22 maxlen: 24
202.94.66.0/24 maxlen: 24
2407:5200::/32 maxlen: 32
2407:5200:1::/48 maxlen: 48
2407:5200:32::/48 maxlen: 48
2407:5200:48::/48 maxlen: 48
2407:5200:49::/48 maxlen: 48
2407:5200:4c::/46 maxlen: 48
2407:5200:50::/46 maxlen: 48
2407:5200:200::/46 maxlen: 48
2407:5200:204::/46 maxlen: 48
2407:5200:300::/46 maxlen: 48
2407:5200:400::/46 maxlen: 48
2407:5200:404::/46 maxlen: 48
2407:5200:600::/46 maxlen: 48
2407:5200:1000::/40 maxlen: 48
2407:5200:1200::/40 maxlen: 48
2407:5200:1300::/40 maxlen: 48
2407:5200:1500::/40 maxlen: 40
2407:5200:4920::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8584 (0x2188)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D5BFB/serialNumber=BFB69BC22576B957BAB5FF336B7E8358DCB70A2A
Validity
Not Before: Jan 18 15:53:01 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=678bce5d-b3da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3a:b4:31:60:e1:cb:4f:bb:71:a3:c4:33:3b:
00:b3:88:f8:74:c4:28:69:c9:b0:87:45:a3:41:44:
8c:2a:76:1b:e0:8e:7c:ab:4d:21:11:55:a1:22:b3:
f4:b2:ad:99:eb:c8:7c:9e:e2:09:34:d7:ac:15:69:
cf:a3:8d:84:61:46:c1:c8:2c:34:c9:15:d8:67:2d:
4c:01:b8:3c:ad:bf:0b:b6:76:f9:55:b3:b2:b8:74:
83:56:89:ff:58:28:f0:0c:6d:9b:7d:f6:e0:b9:95:
f9:0d:62:c7:e8:a5:95:5d:53:2d:63:b0:1d:a4:43:
1c:0e:82:63:dc:b5:77:61:fc:b0:ad:ea:f0:23:da:
3d:4d:c2:f6:5d:9f:9a:1b:f0:78:c0:1a:65:59:52:
7c:9f:17:cb:d6:8f:a7:8f:1c:d2:68:f0:a2:41:93:
67:08:7d:f0:cc:a8:8f:1f:63:cf:8c:2e:d3:ac:45:
fb:bd:f9:d9:da:72:81:69:04:cf:56:78:ff:2b:26:
ce:26:06:dd:3b:5e:7b:58:d7:71:33:9b:6c:52:6b:
af:5f:4b:72:3e:e4:48:64:76:87:ab:62:a4:21:0c:
b3:54:56:a8:70:3c:ed:fb:f0:c5:21:6d:46:5b:a2:
81:b4:8b:26:f7:7b:30:66:3f:33:a6:f7:d8:3e:a4:
d6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:26:69:38:C7:5D:6B:D5:D3:81:8C:0E:3C:DE:58:A7:84:7B:5A:CB
X509v3 Authority Key Identifier:
keyid:BF:B6:9B:C2:25:76:B9:57:BA:B5:FF:33:6B:7E:83:58:DC:B7:0A:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D5BFB/DF2E013ED9FB11E584D11A76C4F9AE02/v7abwiV2uVe6tf8za36DWNy3Cio.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v7abwiV2uVe6tf8za36DWNy3Cio.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5BFB/DF2E013ED9FB11E584D11A76C4F9AE02/6D2F20B6ECEB11EE960F5531C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.231.208.0/22
45.64.160.0/22
45.123.220.0/22
49.236.212.0/22
103.1.92.0/22
103.51.16.0/22
103.192.76.0/22
202.94.66.0/24
IPv6:
2407:5200::/32
Signature Algorithm: sha256WithRSAEncryption
25:81:75:5e:45:5d:1c:c8:ce:d1:a3:d9:46:62:91:9f:71:c1:
18:22:30:e3:b5:33:d4:19:2b:61:89:f7:d9:0c:44:23:5a:d6:
c3:4c:a6:b8:93:1b:71:37:57:8a:79:f0:5c:d3:12:59:16:48:
6f:58:04:3e:a8:4a:f8:69:d3:a4:46:4a:2b:68:8c:c0:ab:61:
5c:38:34:4d:61:54:39:ed:cc:f9:63:a7:e0:f2:67:8a:27:fe:
45:09:7d:af:5b:47:73:90:87:3b:1c:d2:6f:ee:03:47:61:e5:
d8:e4:c6:eb:97:b0:a8:28:c0:fa:d9:dd:b4:e1:06:0a:35:32:
31:37:96:d6:5b:38:fd:96:8f:75:4f:f4:73:79:1f:15:98:69:
c1:1b:9f:22:1a:f7:fe:e8:08:0d:f6:a3:7a:22:a4:bd:29:05:
a1:fd:b9:49:08:5e:7e:e1:55:6e:4b:5a:0f:41:fa:81:41:1a:
1f:f0:56:07:aa:fd:8e:f6:f8:d0:95:cd:a6:0e:53:8f:42:1a:
47:ab:13:8f:a7:c1:14:55:8c:f0:81:ef:1a:ab:a8:fc:fd:3a:
d6:18:6c:d5:4c:f2:9e:b6:f9:48:5d:ad:01:01:d0:bb:92:51:
06:bd:27:1f:77:bd:e4:38:ad:92:31:35:8b:b2:9c:49:3e:b6:
e5:85:4a:46
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgICIYgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDVCRkIxMTAvBgNVBAUTKEJGQjY5QkMyMjU3NkI5NTdCQUI1RkYzMzZCN0U4MzU4
RENCNzBBMkEwHhcNMjUwMTE4MTU1MzAxWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhiY2U1ZC1iM2RhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoTq0MWDhy0+7caPEMzsAs4j4dMQoacmwh0WjQUSMKnYb4I58q00hEVWhIrP0
sq2Z68h8nuIJNNesFWnPo42EYUbByCw0yRXYZy1MAbg8rb8Ltnb5VbOyuHSDVon/
WCjwDG2bffbguZX5DWLH6KWVXVMtY7AdpEMcDoJj3LV3YfywrerwI9o9TcL2XZ+a
G/B4wBplWVJ8nxfL1o+njxzSaPCiQZNnCH3wzKiPH2PPjC7TrEX7vfnZ2nKBaQTP
Vnj/KybOJgbdO157WNdxM5tsUmuvX0tyPuRIZHaHq2KkIQyzVFaocDzt+/DFIW1G
W6KBtIsm93swZj8zpvfYPqTWsQIDAQABo4ICzjCCAsowHQYDVR0OBBYEFBImaTjH
XWvV04GMDjzeWKeEe1rLMB8GA1UdIwQYMBaAFL+2m8IldrlXurX/M2t+g1jctwoq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENUJGQi9ERjJFMDEzRUQ5
RkIxMUU1ODREMTFBNzZDNEY5QUUwMi92N2Fid2lWMnVWZTZ0Zjh6YTM2RFdOeTND
aW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Y3YWJ3aVYydVZlNnRmOHphMzZEV055M0Npby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDVCRkIvREYyRTAxM0VEOUZCMTFFNTg0RDExQTc2QzRGOUFFMDIvNkQyRjIwQjZF
Q0VCMTFFRTk2MEY1NTMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWAYIKwYBBQUHAQcBAf8E
STBHMDYEAgABMDADBAIr59ADBAItQKADBAIte9wDBAIx7NQDBAJnAVwDBAJnMxAD
BAJnwEwDBADKXkIwDQQCAAIwBwMFACQHUgAwDQYJKoZIhvcNAQELBQADggEBACWB
dV5FXRzIztGj2UZikZ9xwRgiMOO1M9QZK2GJ99kMRCNa1sNMpriTG3E3V4p58FzT
ElkWSG9YBD6oSvhp06RGSitojMCrYVw4NE1hVDntzPljp+DyZ4on/kUJfa9bR3OQ
hzsc0m/uA0dh5djkxuuXsKgowPrZ3bThBgo1MjE3ltZbOP2Wj3VP9HN5HxWYacEb
nyIa9/7oCA32o3oipL0pBaH9uUkIXn7hVW5LWg9B+oFBGh/wVgeq/Y72+NCVzaYO
U49CGkerE4+nwRRVjPCB7xqrqPz9OtYYbNVM8p62+UhdrQEB0LuSUQa9Jx93veQ4
rZIxNYuynEk+tuWFSkY=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:33:42 2025 by rpki-client