Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D74A6/797E9A86D19C11EF83CEAD3CC4F9AE02/048B6F32D19D11EFB536C03DC4F9AE02.roa
File: 048B6F32D19D11EFB536C03DC4F9AE02.roa (raw, json)
Hash identifier: 4rJi0RH3cklrC4uoGpXGanJ+/Wh0kLwbkekkAvcKMjU=
Subject key identifier: 1D:75:15:11:23:35:5C:CF:5E:71:80:00:62:5D:92:9E:10:F1:1B:84
Certificate issuer: /CN=A91D74A6/serialNumber=C22A51ECCE6D96EFF5328BBC25B95318B4C1DA2E
Certificate serial: 0B
Authority key identifier: C2:2A:51:EC:CE:6D:96:EF:F5:32:8B:BC:25:B9:53:18:B4:C1:DA:2E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wipR7M5tlu_1Mou8JblTGLTB2i4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D74A6/797E9A86D19C11EF83CEAD3CC4F9AE02/048B6F32D19D11EFB536C03DC4F9AE02.roa
Signing time: Thu 16 Jan 2025 10:00:33 +0000
ROA not before: Thu 16 Jan 2025 10:00:33 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 133752
IP address blocks: 43.249.36.0/23 maxlen: 24
103.161.224.0/23 maxlen: 23
2001:df1:801::/48 maxlen: 48
2402:a7c1::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11 (0xb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D74A6/serialNumber=C22A51ECCE6D96EFF5328BBC25B95318B4C1DA2E
Validity
Not Before: Jan 16 10:00:33 2025 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=6788d8c1-f9b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:56:75:80:6e:61:f7:28:be:dd:1a:dc:5f:39:
36:fb:e9:72:5e:b6:88:80:47:a4:ca:f2:3d:b6:a7:
74:57:4b:26:c6:fb:3a:19:b5:c4:bb:30:2b:40:81:
63:a5:7e:d6:48:cb:d2:b5:33:44:9b:8d:0c:74:4f:
c5:c5:8e:f9:df:4e:49:40:82:ee:09:e7:e9:ac:e1:
f1:af:38:bc:a3:7d:e3:dc:a3:43:ff:29:78:5e:b2:
ef:ff:f2:b4:cf:7b:74:ae:e9:ff:4c:1c:d6:d2:61:
60:f4:96:0c:65:bd:b5:71:24:61:89:08:3c:2a:8c:
c3:c2:89:4d:b9:d7:e4:f1:ac:29:40:28:42:49:43:
70:5b:6d:f2:c3:6c:5f:72:2c:93:87:89:cb:f6:58:
b2:b1:01:be:dc:23:fb:07:cb:9f:51:06:0e:d7:39:
49:82:ec:e3:0a:eb:b3:a2:82:65:04:1a:a0:b9:db:
4e:32:01:84:18:e1:b7:57:38:98:91:d2:ae:f3:9f:
d2:e3:35:77:79:a2:d8:b7:ec:5d:cc:e8:ae:ff:f4:
85:c9:2c:e8:f9:16:4a:ee:e8:9a:c2:79:88:5d:b6:
76:64:57:31:05:48:ef:58:96:a4:ea:6b:6e:94:6c:
0b:61:fe:bb:b7:94:12:a4:24:c5:27:83:0a:9d:1d:
70:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:75:15:11:23:35:5C:CF:5E:71:80:00:62:5D:92:9E:10:F1:1B:84
X509v3 Authority Key Identifier:
keyid:C2:2A:51:EC:CE:6D:96:EF:F5:32:8B:BC:25:B9:53:18:B4:C1:DA:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D74A6/797E9A86D19C11EF83CEAD3CC4F9AE02/wipR7M5tlu_1Mou8JblTGLTB2i4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wipR7M5tlu_1Mou8JblTGLTB2i4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D74A6/797E9A86D19C11EF83CEAD3CC4F9AE02/048B6F32D19D11EFB536C03DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.249.36.0/23
103.161.224.0/23
IPv6:
2001:df1:801::/48
2402:a7c1::/32
Signature Algorithm: sha256WithRSAEncryption
ad:7e:bd:97:ea:81:33:f8:35:c9:56:da:a0:63:91:f3:3d:5c:
6d:d6:dc:11:64:10:dd:70:29:0c:fd:77:ff:34:f4:68:b4:4c:
52:dc:86:32:3e:af:55:c6:c3:ec:0b:df:21:fc:74:08:0b:69:
1a:a7:12:d3:70:fc:a2:0b:0f:39:3e:78:e9:97:e2:95:36:be:
d4:ee:af:99:97:02:60:c8:54:d2:5c:50:f9:d6:07:f9:4a:02:
49:6f:74:45:f5:0c:a6:ab:60:4c:d3:9c:8b:38:29:ef:33:b6:
a5:b7:15:ef:8a:1f:62:db:62:8d:70:e9:91:4a:34:83:be:c3:
f7:08:c8:21:b0:08:6b:e6:56:96:bf:b9:aa:b6:ee:3a:c3:ec:
ac:95:24:e9:70:05:d3:b3:0f:b6:a5:eb:1c:a1:5e:60:04:ea:
18:b1:a0:9e:e6:74:78:e1:ad:a1:eb:d7:18:69:4a:d8:c6:99:
9e:cf:43:75:45:77:07:48:ad:93:a5:af:7e:51:ec:28:ad:5d:
21:85:91:48:c8:b3:6b:43:79:d8:ca:e5:46:02:62:c8:1e:4a:
e6:39:e8:3f:d2:99:bd:2c:9a:1f:8e:6c:7a:d1:8d:64:a6:8a:
37:37:80:9a:9b:c7:ee:8b:2f:42:f7:2a:a0:99:40:e8:22:cb:
b6:c3:1e:78
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIBCzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
NzRBNjExMC8GA1UEBRMoQzIyQTUxRUNDRTZEOTZFRkY1MzI4QkJDMjVCOTUzMThC
NEMxREEyRTAeFw0yNTAxMTYxMDAwMzNaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ODhkOGMxLWY5YjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDlVnWAbmH3KL7dGtxfOTb76XJetoiAR6TK8j22p3RXSybG+zoZtcS7MCtAgWOl
ftZIy9K1M0SbjQx0T8XFjvnfTklAgu4J5+ms4fGvOLyjfePco0P/KXhesu//8rTP
e3Su6f9MHNbSYWD0lgxlvbVxJGGJCDwqjMPCiU251+TxrClAKEJJQ3BbbfLDbF9y
LJOHicv2WLKxAb7cI/sHy59RBg7XOUmC7OMK67OigmUEGqC5204yAYQY4bdXOJiR
0q7zn9LjNXd5oti37F3M6K7/9IXJLOj5Fkru6JrCeYhdtnZkVzEFSO9YlqTqa26U
bAth/ru3lBKkJMUngwqdHXC/AgMBAAGjggKzMIICrzAdBgNVHQ4EFgQUHXUVESM1
XM9ecYAAYl2SnhDxG4QwHwYDVR0jBBgwFoAUwipR7M5tlu/1Mou8JblTGLTB2i4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ3NEE2Lzc5N0U5QTg2RDE5
QzExRUY4M0NFQUQzQ0M0RjlBRTAyL3dpcFI3TTV0bHVfMU1vdThKYmxUR0xUQjJp
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvd2lwUjdNNXRsdV8xTW91OEpibFRHTFRCMmk0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
NzRBNi83OTdFOUE4NkQxOUMxMUVGODNDRUFEM0NDNEY5QUUwMi8wNDhCNkYzMkQx
OUQxMUVGQjUzNkMwM0RDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA9BggrBgEFBQcBBwEB/wQu
MCwwEgQCAAEwDAMEASv5JAMEAWeh4DAWBAIAAjAQAwcAIAEN8QgBAwUAJAKnwTAN
BgkqhkiG9w0BAQsFAAOCAQEArX69l+qBM/g1yVbaoGOR8z1cbdbcEWQQ3XApDP13
/zT0aLRMUtyGMj6vVcbD7AvfIfx0CAtpGqcS03D8ogsPOT546ZfilTa+1O6vmZcC
YMhU0lxQ+dYH+UoCSW90RfUMpqtgTNOcizgp7zO2pbcV74ofYttijXDpkUo0g77D
9wjIIbAIa+ZWlr+5qrbuOsPsrJUk6XAF07MPtqXrHKFeYATqGLGgnuZ0eOGtoevX
GGlK2MaZns9DdUV3B0itk6WvflHsKK1dIYWRSMiza0N52MrlRgJiyB5K5jnoP9KZ
vSyaH45setGNZKaKNzeAmpvH7osvQvcqoJlA6CLLtsMeeA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:22:08 2025 by rpki-client