Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D74A6/7171BBF2D19C11EF83CEAD3CC4F9AE02/727850D8D3EF11EFB596E00CC4F9AE02.roa
File: 727850D8D3EF11EFB596E00CC4F9AE02.roa (raw, json)
Hash identifier: fKROLKWqB5PL10sGImHSVLbiFqZaJ3xe4nIg90QIRQo=
Subject key identifier: 5E:51:06:B8:F2:B9:86:1F:A7:07:A6:47:EA:B9:FE:9D:11:1F:05:BC
Certificate issuer: /CN=A91D74A6/serialNumber=DC80C85E5101089AB2425D3FC9177985A0125C6E
Certificate serial: 13
Authority key identifier: DC:80:C8:5E:51:01:08:9A:B2:42:5D:3F:C9:17:79:85:A0:12:5C:6E
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3IDIXlEBCJqyQl0_yRd5haASXG4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D74A6/7171BBF2D19C11EF83CEAD3CC4F9AE02/727850D8D3EF11EFB596E00CC4F9AE02.roa
Signing time: Thu 16 Jan 2025 10:01:21 +0000
ROA not before: Thu 16 Jan 2025 10:01:21 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 133752
IP address blocks: 64.120.88.0/22 maxlen: 23
64.120.112.0/21 maxlen: 21
64.120.112.0/22 maxlen: 22
64.120.116.0/22 maxlen: 22
64.120.120.0/23 maxlen: 23
172.241.216.0/21 maxlen: 21
209.58.184.0/21 maxlen: 21
209.58.184.0/23 maxlen: 23
209.58.186.0/24 maxlen: 24
209.58.188.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19 (0x13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D74A6/serialNumber=DC80C85E5101089AB2425D3FC9177985A0125C6E
Validity
Not Before: Jan 16 10:01:21 2025 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=6788d8f1-9d5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:ab:77:57:2d:39:6a:37:96:e4:48:33:ec:02:
66:9c:9b:38:3d:02:10:c1:f8:3e:4b:94:34:56:10:
18:e9:df:78:a8:7d:4e:8f:fd:7d:ae:b8:7d:7b:03:
82:5d:98:85:77:ff:d2:b0:94:e7:4b:a7:cb:71:d4:
35:24:0a:92:89:34:95:5b:9c:03:95:a9:75:c5:1f:
20:71:68:33:14:1c:d5:a5:e4:d5:cd:a2:08:f6:90:
12:6e:32:a3:de:a6:8a:0b:a6:c5:c1:ad:af:96:ca:
d4:a2:ac:af:0f:94:a9:94:52:00:59:52:78:8e:fa:
08:c8:e7:8d:0c:3b:ca:d5:a5:e6:59:68:75:f7:a8:
8f:e4:7b:a5:21:7b:f1:4e:3a:b9:fc:d0:71:cb:ef:
20:a7:b4:e7:dc:d4:23:0a:cc:72:3f:f4:55:ac:3e:
ea:42:db:f8:b2:1a:d0:35:98:4c:59:4e:46:e9:7f:
e9:c3:c4:95:21:69:7e:dc:54:73:6f:76:23:7e:c4:
80:89:be:bf:30:a6:a6:4d:b8:c3:5d:5e:d2:dc:c3:
65:24:00:55:38:e6:90:e4:85:c5:39:de:38:d5:3f:
79:d0:37:64:0c:7f:e6:ea:8c:83:51:87:cf:39:f1:
f0:15:2d:f5:25:15:b4:a6:2d:b2:2c:de:33:9c:41:
31:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:51:06:B8:F2:B9:86:1F:A7:07:A6:47:EA:B9:FE:9D:11:1F:05:BC
X509v3 Authority Key Identifier:
keyid:DC:80:C8:5E:51:01:08:9A:B2:42:5D:3F:C9:17:79:85:A0:12:5C:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D74A6/7171BBF2D19C11EF83CEAD3CC4F9AE02/3IDIXlEBCJqyQl0_yRd5haASXG4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3IDIXlEBCJqyQl0_yRd5haASXG4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D74A6/7171BBF2D19C11EF83CEAD3CC4F9AE02/727850D8D3EF11EFB596E00CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
64.120.88.0/22
64.120.112.0-64.120.121.255
172.241.216.0/21
209.58.184.0/21
Signature Algorithm: sha256WithRSAEncryption
13:6a:0e:f8:46:e2:70:b0:53:71:16:07:a0:fa:18:08:82:85:
cc:5a:23:ec:58:c2:13:b8:29:7d:7c:fe:32:62:61:28:26:dc:
42:01:8f:54:5f:1d:e7:b8:84:4f:66:8c:53:5d:48:24:b7:c4:
cd:6f:a1:46:2f:0d:40:c9:9a:c6:cc:f3:4c:eb:c6:c5:32:a0:
b2:6e:b0:9e:d3:cc:38:aa:69:d0:a7:40:fe:91:e2:e0:46:bb:
50:09:ef:f3:d0:9d:b0:b1:7a:d3:c6:e9:df:bd:bd:29:c0:a4:
02:92:2a:dc:49:1b:c2:48:d8:81:43:ec:40:e6:d7:f6:c6:2d:
24:56:e2:b3:b1:87:31:3b:73:83:a2:a9:dd:10:64:ab:d2:00:
a4:06:a3:78:c0:97:68:4a:7c:d9:49:f6:e3:75:18:0a:4c:27:
87:85:61:5b:7f:2a:4a:65:e6:15:bd:56:f3:1c:f2:1d:c7:86:
c8:d7:1b:a8:a0:98:83:dd:0c:22:93:aa:b6:2e:73:b8:3f:17:
a7:38:40:b3:58:19:7e:e2:bf:84:91:4d:2e:2f:32:6f:b3:42:
b0:7a:cd:af:19:0f:77:5e:85:13:c9:0b:7a:f7:d0:ee:34:ab:
fb:b3:8a:c3:24:e1:4d:22:1a:55:c0:a5:25:47:6c:cd:8a:28:
f4:f3:b1:02
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIBEzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
NzRBNjExMC8GA1UEBRMoREM4MEM4NUU1MTAxMDg5QUIyNDI1RDNGQzkxNzc5ODVB
MDEyNUM2RTAeFw0yNTAxMTYxMDAxMjFaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ODhkOGYxLTlkNWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDoq3dXLTlqN5bkSDPsAmacmzg9AhDB+D5LlDRWEBjp33iofU6P/X2uuH17A4Jd
mIV3/9KwlOdLp8tx1DUkCpKJNJVbnAOVqXXFHyBxaDMUHNWl5NXNogj2kBJuMqPe
pooLpsXBra+WytSirK8PlKmUUgBZUniO+gjI540MO8rVpeZZaHX3qI/ke6Uhe/FO
Orn80HHL7yCntOfc1CMKzHI/9FWsPupC2/iyGtA1mExZTkbpf+nDxJUhaX7cVHNv
diN+xICJvr8wpqZNuMNdXtLcw2UkAFU45pDkhcU53jjVP3nQN2QMf+bqjINRh885
8fAVLfUlFbSmLbIs3jOcQTEdAgMBAAGjggKvMIICqzAdBgNVHQ4EFgQUXlEGuPK5
hh+nB6ZH6rn+nREfBbwwHwYDVR0jBBgwFoAU3IDIXlEBCJqyQl0/yRd5haASXG4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ3NEE2LzcxNzFCQkYyRDE5
QzExRUY4M0NFQUQzQ0M0RjlBRTAyLzNJRElYbEVCQ0pxeVFsMF95UmQ1aGFBU1hH
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvM0lESVhsRUJDSnF5UWwwX3lSZDVoYUFTWEc0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
NzRBNi83MTcxQkJGMkQxOUMxMUVGODNDRUFEM0NDNEY5QUUwMi83Mjc4NTBEOEQz
RUYxMUVGQjU5NkUwMENDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA5BggrBgEFBQcBBwEB/wQq
MCgwJgQCAAEwIAMEAkB4WDAMAwQEQHhwAwQBQHh4AwQDrPHYAwQD0Tq4MA0GCSqG
SIb3DQEBCwUAA4IBAQATag74RuJwsFNxFgeg+hgIgoXMWiPsWMITuCl9fP4yYmEo
JtxCAY9UXx3nuIRPZoxTXUgkt8TNb6FGLw1AyZrGzPNM68bFMqCybrCe08w4qmnQ
p0D+keLgRrtQCe/z0J2wsXrTxunfvb0pwKQCkircSRvCSNiBQ+xA5tf2xi0kVuKz
sYcxO3ODoqndEGSr0gCkBqN4wJdoSnzZSfbjdRgKTCeHhWFbfypKZeYVvVbzHPId
x4bI1xuooJiD3Qwik6q2LnO4PxenOECzWBl+4r+EkU0uLzJvs0Kwes2vGQ93XoUT
yQt699DuNKv7s4rDJOFNIhpVwKUlR2zNiij087EC
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:48:35 2025 by rpki-client