Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FAF20/65A9A242F5C411E68AAA0085C4F9AE02/D59EA6F4F5C611E6A4FFEF0AC4F9AE02.roa
File: D59EA6F4F5C611E6A4FFEF0AC4F9AE02.roa (raw, json)
Hash identifier: hRTHvov5kcr4ci8mlf/+s2ablUrnizRu5Hp+fPVJPyU=
Subject key identifier: B5:8F:EA:D3:13:C1:57:8A:4D:DA:74:B7:42:18:26:F9:07:F7:05:DD
Certificate issuer: /CN=A91FAF20/serialNumber=0F8DBDA7D0C9A1ECA1945C61B72920F5AA0E9467
Certificate serial: 1B0F
Authority key identifier: 0F:8D:BD:A7:D0:C9:A1:EC:A1:94:5C:61:B7:29:20:F5:AA:0E:94:67
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D429p9DJoeyhlFxhtykg9aoOlGc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FAF20/65A9A242F5C411E68AAA0085C4F9AE02/D59EA6F4F5C611E6A4FFEF0AC4F9AE02.roa
Signing time: Tue 02 Apr 2024 16:54:07 +0000
ROA not before: Tue 02 Apr 2024 16:54:07 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 20546
IP address blocks: 45.112.84.0/24 maxlen: 24
45.112.85.0/24 maxlen: 24
45.112.86.0/24 maxlen: 24
45.112.87.0/24 maxlen: 24
103.51.164.0/24 maxlen: 24
103.51.165.0/24 maxlen: 24
103.51.166.0/24 maxlen: 24
103.51.167.0/24 maxlen: 24
2402:1880::/32 maxlen: 32
2402:1881::/32 maxlen: 32
2402:1882::/32 maxlen: 32
2402:1883::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6927 (0x1b0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FAF20/serialNumber=0F8DBDA7D0C9A1ECA1945C61B72920F5AA0E9467
Validity
Not Before: Apr 2 16:54:07 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=660c382f-4478
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6a:24:f8:c0:5b:a7:a7:e6:cc:bb:04:2d:0c:
f1:be:b0:ba:a8:9c:ed:cc:71:a5:55:09:86:ba:bf:
f4:a7:22:0a:9b:f0:4e:3e:46:4c:ac:03:15:98:72:
43:44:c6:bb:e1:78:a9:44:b4:74:fb:87:04:6c:35:
05:85:d5:bf:55:19:a0:ad:23:ab:56:7f:bf:1d:5e:
1f:b7:69:a2:d9:9b:a2:0a:ef:3f:44:0c:be:5b:4b:
82:57:89:65:eb:63:c0:b7:be:76:56:c4:5b:41:94:
7a:46:f8:94:70:e9:a8:2a:9d:30:c0:7e:b0:6f:cd:
90:c3:3c:50:a7:5a:b8:30:3b:44:a2:09:c4:eb:44:
43:3b:bd:29:5d:46:68:86:d9:7c:4c:60:6e:20:54:
40:75:24:96:18:d7:31:51:1b:9d:d1:b8:6d:e5:ad:
35:89:72:4d:64:1a:0b:cd:d7:b0:1c:ee:6a:68:44:
b8:26:74:1f:c7:3a:15:e9:d1:57:c9:57:98:df:e3:
ca:d8:40:0c:b5:25:42:38:2c:24:9f:79:bb:25:88:
1b:f8:56:05:82:03:8f:20:5b:3a:44:bf:41:66:19:
cd:36:d8:43:b7:27:49:71:73:14:2e:de:9c:af:a7:
84:65:ed:5a:ee:fb:b5:de:e6:8b:e8:be:62:6b:1b:
89:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:8F:EA:D3:13:C1:57:8A:4D:DA:74:B7:42:18:26:F9:07:F7:05:DD
X509v3 Authority Key Identifier:
keyid:0F:8D:BD:A7:D0:C9:A1:EC:A1:94:5C:61:B7:29:20:F5:AA:0E:94:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FAF20/65A9A242F5C411E68AAA0085C4F9AE02/D429p9DJoeyhlFxhtykg9aoOlGc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D429p9DJoeyhlFxhtykg9aoOlGc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FAF20/65A9A242F5C411E68AAA0085C4F9AE02/D59EA6F4F5C611E6A4FFEF0AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.112.84.0/22
103.51.164.0/22
IPv6:
2402:1880::/30
Signature Algorithm: sha256WithRSAEncryption
7c:a2:5b:1c:56:58:00:c5:05:99:a1:62:25:ca:46:4a:e7:ca:
f7:8f:c4:20:b4:05:49:d1:9f:9a:46:bd:00:d8:39:64:f8:e3:
5f:63:57:da:03:63:b4:fc:c6:30:27:96:09:df:6f:fd:d0:55:
cc:20:d1:b5:ec:29:73:c8:95:df:fa:dc:66:bc:0d:00:45:be:
c8:77:f5:1e:39:68:f0:3d:5a:fd:87:bc:7a:95:f7:6e:28:bd:
95:54:09:b1:23:2f:7d:05:e9:bd:8d:04:4e:4e:be:b8:df:78:
2c:2e:5a:ca:2f:da:b4:41:35:c2:d8:9c:4b:d8:d9:78:71:15:
40:a9:b8:3c:de:60:4a:d8:6d:6a:f4:d2:9b:75:61:b1:18:fd:
2c:b8:95:ad:5d:eb:48:58:20:21:6f:65:75:fe:77:30:ea:b4:
d7:c5:bc:e7:82:cd:32:8a:85:a8:ae:0c:54:b9:74:dc:fc:10:
1f:e8:d2:5c:46:1a:f8:94:6a:fd:c4:8b:ca:c0:8c:d9:44:51:
20:8d:8d:d7:01:60:10:65:71:f3:49:6a:b4:41:da:70:86:54:
10:b5:b0:9e:c9:99:9a:b0:88:d2:39:cc:8d:87:f6:82:13:bb:
79:52:2f:18:79:bd:72:80:66:b1:06:99:e5:5e:a3:8c:34:d1:
5e:9b:de:18
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICGw8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkFGMjAxMTAvBgNVBAUTKDBGOERCREE3RDBDOUExRUNBMTk0NUM2MUI3MjkyMEY1
QUEwRTk0NjcwHhcNMjQwNDAyMTY1NDA3WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBjMzgyZi00NDc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuWok+MBbp6fmzLsELQzxvrC6qJztzHGlVQmGur/0pyIKm/BOPkZMrAMVmHJD
RMa74XipRLR0+4cEbDUFhdW/VRmgrSOrVn+/HV4ft2mi2ZuiCu8/RAy+W0uCV4ll
62PAt752VsRbQZR6RviUcOmoKp0wwH6wb82QwzxQp1q4MDtEognE60RDO70pXUZo
htl8TGBuIFRAdSSWGNcxURud0bht5a01iXJNZBoLzdewHO5qaES4JnQfxzoV6dFX
yVeY3+PK2EAMtSVCOCwkn3m7JYgb+FYFggOPIFs6RL9BZhnNNthDtydJcXMULt6c
r6eEZe1a7vu13uaL6L5iaxuJNwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFLWP6tMT
wVeKTdp0t0IYJvkH9wXdMB8GA1UdIwQYMBaAFA+NvafQyaHsoZRcYbcpIPWqDpRn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQUYyMC82NUE5QTI0MkY1
QzQxMUU2OEFBQTAwODVDNEY5QUUwMi9ENDI5cDlESm9leWhsRnhodHlrZzlhb09s
R2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0Q0MjlwOURKb2V5aGxGeGh0eWtnOWFvT2xHYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkFGMjAvNjVBOUEyNDJGNUM0MTFFNjhBQUEwMDg1QzRGOUFFMDIvRDU5RUE2RjRG
NUM2MTFFNkE0RkZFRjBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAItcFQDBAJnM6QwDQQCAAIwBwMFAiQCGIAwDQYJKoZIhvcN
AQELBQADggEBAHyiWxxWWADFBZmhYiXKRkrnyvePxCC0BUnRn5pGvQDYOWT4419j
V9oDY7T8xjAnlgnfb/3QVcwg0bXsKXPIld/63Ga8DQBFvsh39R45aPA9Wv2HvHqV
924ovZVUCbEjL30F6b2NBE5OvrjfeCwuWsov2rRBNcLYnEvY2XhxFUCpuDzeYErY
bWr00pt1YbEY/Sy4la1d60hYICFvZXX+dzDqtNfFvOeCzTKKhaiuDFS5dNz8EB/o
0lxGGviUav3Ei8rAjNlEUSCNjdcBYBBlcfNJarRB2nCGVBC1sJ7JmZqwiNI5zI2H
9oITu3lSLxh5vXKAZrEGmeVeo4w00V6b3hg=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:40:36 2025 by rpki-client