Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/5A69D6D4824811EC9AAB122AC4F9AE02.roa
File: 5A69D6D4824811EC9AAB122AC4F9AE02.roa (raw, json)
Hash identifier: T1RqJEwWa4e5cck4Fvi+ljWkhCWo2TGOlG7qRsjHOHs=
Subject key identifier: A8:D5:8F:04:87:CD:86:D1:04:17:D1:9B:26:F5:34:18:AC:5D:3A:A7
Certificate issuer: /CN=A91E2364/serialNumber=647B149EF016CC5356A7ED730F133E002C0E7FAA
Certificate serial: 0C42
Authority key identifier: 64:7B:14:9E:F0:16:CC:53:56:A7:ED:73:0F:13:3E:00:2C:0E:7F:AA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/5A69D6D4824811EC9AAB122AC4F9AE02.roa
Signing time: Thu 12 Dec 2024 18:37:09 +0000
ROA not before: Thu 12 Dec 2024 18:37:09 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 38600
IP address blocks: 202.56.0.0/22 maxlen: 24
2401:9700:d000::/36 maxlen: 36
2401:9700:d000::/40 maxlen: 48
2401:9700:e000::/36 maxlen: 36
2401:9700:f000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3138 (0xc42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E2364/serialNumber=647B149EF016CC5356A7ED730F133E002C0E7FAA
Validity
Not Before: Dec 12 18:37:09 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=675b2d55-830d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a8:ff:32:70:a0:63:f4:cf:66:62:3f:25:4b:
b3:e8:8a:48:5d:8b:b2:96:27:95:b1:ed:c0:fb:68:
fc:5c:70:52:1a:b4:31:e2:ae:04:84:2e:c8:5c:84:
3e:6d:f2:c1:0b:61:b8:f3:43:94:0f:5c:cf:25:16:
09:aa:4d:a8:92:84:12:7d:d6:77:97:90:87:db:e7:
7f:5b:09:b7:b8:7f:09:4a:83:27:81:51:42:6e:4c:
8a:d5:08:b4:e6:5c:73:12:87:80:82:53:5d:ed:f1:
6b:4e:c1:88:14:b6:3d:ae:62:62:8a:a7:83:8a:5e:
28:e7:1c:56:ba:c4:62:36:68:5a:a9:62:c0:08:b0:
0b:c0:70:40:ce:9b:bb:e7:51:f5:78:d9:0b:51:61:
d0:bb:d2:4b:8d:df:6f:30:00:95:72:f3:9e:25:ed:
57:17:06:59:f3:8c:e0:4b:f7:b6:7c:2d:18:a3:22:
6c:2e:48:f8:a3:89:a6:85:6b:2d:d0:b2:cf:55:82:
bd:5f:ef:bf:33:65:0b:cb:39:14:27:98:47:8d:9e:
1d:5e:8b:1c:19:f8:37:b6:75:3e:0d:99:e8:c6:d9:
f6:29:ba:75:f0:d4:5b:9b:8c:d2:ec:4c:c7:ab:14:
3e:80:1a:38:4e:a8:4a:81:19:30:af:8d:c9:5a:7c:
a2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:D5:8F:04:87:CD:86:D1:04:17:D1:9B:26:F5:34:18:AC:5D:3A:A7
X509v3 Authority Key Identifier:
keyid:64:7B:14:9E:F0:16:CC:53:56:A7:ED:73:0F:13:3E:00:2C:0E:7F:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/5A69D6D4824811EC9AAB122AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.56.0.0/22
IPv6:
2401:9700:d000::-2401:9700:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8f:66:c9:1f:d8:8c:79:fe:ab:09:35:20:9c:6c:2f:24:aa:6b:
3e:72:49:d7:15:5b:df:2e:9c:e7:c5:a5:4a:d5:88:7a:9d:64:
f7:11:34:33:07:67:6c:06:10:49:e6:9a:ef:6c:7e:73:d4:90:
55:ae:ee:0a:a2:8d:d4:04:69:e7:43:fd:b7:d1:91:0b:d1:28:
e9:b3:f6:e9:74:3a:e3:1c:c5:e4:27:92:9f:17:25:66:a6:b0:
70:1f:9b:eb:a7:4d:86:38:2b:be:ad:f5:67:7f:20:89:d3:93:
16:61:b7:0e:31:1e:fb:fc:1f:cc:ea:dc:88:66:4a:f9:46:5e:
4c:76:d2:43:2b:5d:19:77:6b:6b:cb:25:c5:1a:15:de:03:bd:
ee:f4:0b:33:38:f5:55:6b:bb:6e:e4:0f:af:04:34:03:12:61:
41:83:d0:b0:e3:2b:25:a1:d0:f9:17:4a:54:38:82:49:f4:d6:
d6:9f:0d:b9:b6:4b:30:ed:aa:76:00:36:9b:f8:ce:68:d1:6f:
23:c8:1f:a9:36:77:7c:1a:9d:85:ff:62:6b:60:e6:a8:20:79:
a8:15:83:1e:1a:98:f8:c8:98:7e:99:1d:06:36:39:08:d9:8a:
bc:fa:4f:e1:42:00:a4:df:9c:98:09:d4:8a:1c:0f:86:6f:cb:
2b:12:c9:5f
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgICDEIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTIzNjQxMTAvBgNVBAUTKDY0N0IxNDlFRjAxNkNDNTM1NkE3RUQ3MzBGMTMzRTAw
MkMwRTdGQUEwHhcNMjQxMjEyMTgzNzA5WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzViMmQ1NS04MzBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxKj/MnCgY/TPZmI/JUuz6IpIXYuylieVse3A+2j8XHBSGrQx4q4EhC7IXIQ+
bfLBC2G480OUD1zPJRYJqk2okoQSfdZ3l5CH2+d/Wwm3uH8JSoMngVFCbkyK1Qi0
5lxzEoeAglNd7fFrTsGIFLY9rmJiiqeDil4o5xxWusRiNmhaqWLACLALwHBAzpu7
51H1eNkLUWHQu9JLjd9vMACVcvOeJe1XFwZZ84zgS/e2fC0YoyJsLkj4o4mmhWst
0LLPVYK9X++/M2ULyzkUJ5hHjZ4dXoscGfg3tnU+DZnoxtn2Kbp18NRbm4zS7EzH
qxQ+gBo4TqhKgRkwr43JWnyizwIDAQABo4ICrjCCAqowHQYDVR0OBBYEFKjVjwSH
zYbRBBfRmyb1NBisXTqnMB8GA1UdIwQYMBaAFGR7FJ7wFsxTVqftcw8TPgAsDn+q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjM2NC84RkU3MTc4NkZG
OUIxMUU5QjdGNEE3NzJDNEY5QUUwMi9aSHNVbnZBV3pGTldwLTF6RHhNLUFDd09m
Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pIc1VudkFXekZOV3AtMXpEeE0tQUN3T2Y2by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTIzNjQvOEZFNzE3ODZGRjlCMTFFOUI3RjRBNzcyQzRGOUFFMDIvNUE2OUQ2RDQ4
MjQ4MTFFQzlBQUIxMjJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOAYIKwYBBQUHAQcBAf8E
KTAnMAwEAgABMAYDBALKOAAwFwQCAAIwETAPAwYEJAGXANADBQAkAZcAMA0GCSqG
SIb3DQEBCwUAA4IBAQCPZskf2Ix5/qsJNSCcbC8kqms+cknXFVvfLpznxaVK1Yh6
nWT3ETQzB2dsBhBJ5prvbH5z1JBVru4Koo3UBGnnQ/230ZEL0Sjps/bpdDrjHMXk
J5KfFyVmprBwH5vrp02GOCu+rfVnfyCJ05MWYbcOMR77/B/M6tyIZkr5Rl5MdtJD
K10Zd2tryyXFGhXeA73u9AszOPVVa7tu5A+vBDQDEmFBg9Cw4yslodD5F0pUOIJJ
9NbWnw25tksw7ap2ADab+M5o0W8jyB+pNnd8Gp2F/2JrYOaoIHmoFYMeGpj4yJh+
mR0GNjkI2Yq8+k/hQgCk35yYCdSKHA+Gb8srEslf
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:18:08 2025 by rpki-client