Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/660E0588D27D11ED8E9A2580C4F9AE02/1046CB98D28311EDB1655152C4F9AE02.roa
File: 1046CB98D28311EDB1655152C4F9AE02.roa (raw, json)
Hash identifier: 2Sa4Qh8zy7UAIyROQUdYWBW/nS/7CVePmZ6lyfynp9Q=
Subject key identifier: 63:63:2B:5A:56:B0:6E:95:BB:53:A8:36:0D:46:08:3A:C2:C2:96:EF
Certificate issuer: /CN=A91FDD4D/serialNumber=D50C2957DFA840A9430FB9EE25D4DCFA17129C18
Certificate serial: BC
Authority key identifier: D5:0C:29:57:DF:A8:40:A9:43:0F:B9:EE:25:D4:DC:FA:17:12:9C:18
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/1QwpV9-oQKlDD7nuJdTc-hcSnBg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/660E0588D27D11ED8E9A2580C4F9AE02/1046CB98D28311EDB1655152C4F9AE02.roa
Signing time: Tue 12 Mar 2024 01:03:40 +0000
ROA not before: Tue 12 Mar 2024 01:03:40 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 137549
IP address blocks: 80.249.0.0/20 maxlen: 22
80.249.11.0/24 maxlen: 24
80.249.12.0/23 maxlen: 24
80.249.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 188 (0xbc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FDD4D/serialNumber=D50C2957DFA840A9430FB9EE25D4DCFA17129C18
Validity
Not Before: Mar 12 01:03:40 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65efa9eb-db8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:b5:dd:1a:2b:4d:78:47:bb:98:57:19:28:65:
c4:3a:eb:1a:2d:d0:7b:fe:b9:06:1a:de:71:be:fe:
41:05:9f:2f:0d:0a:82:7c:90:11:96:5b:aa:6f:2c:
04:be:56:69:a6:06:44:f4:47:50:d1:e0:8f:69:1f:
65:d3:99:c8:16:eb:7e:9b:93:d2:65:1d:15:cb:5e:
c1:dd:ce:d7:38:6a:32:8e:b8:d7:a9:f5:25:14:21:
e3:fb:a3:29:29:eb:8e:25:85:8c:e1:fe:79:f9:09:
75:66:3a:93:75:1d:6e:f6:7a:0d:95:26:57:f4:1f:
1e:5a:b9:c3:ae:92:25:84:d3:b9:b8:89:ad:6a:58:
37:c6:81:cf:f1:73:05:aa:48:73:90:74:8b:c7:24:
e8:ec:79:89:ca:13:65:b4:24:f1:0a:e2:89:d7:9d:
65:28:35:b9:63:fd:04:0d:e6:3e:c5:96:27:c4:45:
74:3c:b3:99:02:17:41:57:5e:ab:45:a3:fd:5b:96:
eb:25:3e:7c:53:f9:7a:1d:db:a7:df:32:50:0f:aa:
1e:45:77:58:d8:5f:37:74:7d:90:bd:40:48:38:51:
98:1a:64:4a:aa:77:b1:df:27:02:1a:c0:ea:79:8a:
90:1a:8d:3b:6b:f6:83:56:35:2e:f9:c9:43:98:9e:
d6:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:63:2B:5A:56:B0:6E:95:BB:53:A8:36:0D:46:08:3A:C2:C2:96:EF
X509v3 Authority Key Identifier:
keyid:D5:0C:29:57:DF:A8:40:A9:43:0F:B9:EE:25:D4:DC:FA:17:12:9C:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/660E0588D27D11ED8E9A2580C4F9AE02/1QwpV9-oQKlDD7nuJdTc-hcSnBg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/1QwpV9-oQKlDD7nuJdTc-hcSnBg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/660E0588D27D11ED8E9A2580C4F9AE02/1046CB98D28311EDB1655152C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
80.249.0.0/20
Signature Algorithm: sha256WithRSAEncryption
51:4e:a0:5d:3d:c3:3b:7d:76:da:4a:e2:b2:f7:32:ed:de:e4:
b5:4b:a7:6a:9d:7d:f0:18:23:11:04:0c:08:3b:06:db:35:de:
e6:69:30:e2:28:2d:3e:53:24:ff:82:27:af:b9:b3:80:95:6a:
c5:34:02:4d:20:91:70:d3:b9:80:c9:d2:74:9f:82:16:8c:6b:
8c:ec:15:03:b5:e2:af:25:a7:b4:5d:32:36:99:90:8c:27:15:
0f:d8:b5:37:48:cb:93:8d:67:fa:b2:a4:8b:01:cc:62:32:db:
87:9a:8f:6d:6c:54:3c:fa:7d:34:0f:b3:d2:4c:13:68:03:54:
97:5a:cc:6e:83:e0:8d:db:1e:28:f0:b8:62:77:48:0e:4b:49:
8a:92:7d:b8:6c:45:23:86:08:95:fc:fc:c0:81:7b:e1:67:d7:
fe:87:94:ee:e7:89:6b:3f:d8:99:b8:32:86:5a:e1:3c:55:78:
0a:7e:08:90:60:d3:c6:8c:8a:5a:03:ca:3d:54:d8:02:fc:a3:
73:c2:93:ba:7b:5e:25:dd:ee:d0:f5:07:1a:72:f4:8b:3d:41:
1e:c2:9e:df:54:d4:80:b4:29:17:f1:06:9e:57:1e:09:47:1b:
2d:41:03:de:12:62:1d:85:8d:3f:bf:74:f1:70:12:50:d1:1b:
9e:5f:a3:2a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICALwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkRENEQxMTAvBgNVBAUTKEQ1MEMyOTU3REZBODQwQTk0MzBGQjlFRTI1RDREQ0ZB
MTcxMjlDMTgwHhcNMjQwMzEyMDEwMzQwWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWVmYTllYi1kYjhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7bXdGitNeEe7mFcZKGXEOusaLdB7/rkGGt5xvv5BBZ8vDQqCfJARlluqbywE
vlZppgZE9EdQ0eCPaR9l05nIFut+m5PSZR0Vy17B3c7XOGoyjrjXqfUlFCHj+6Mp
KeuOJYWM4f55+Ql1ZjqTdR1u9noNlSZX9B8eWrnDrpIlhNO5uImtalg3xoHP8XMF
qkhzkHSLxyTo7HmJyhNltCTxCuKJ151lKDW5Y/0EDeY+xZYnxEV0PLOZAhdBV16r
RaP9W5brJT58U/l6Hdun3zJQD6oeRXdY2F83dH2QvUBIOFGYGmRKqnex3ycCGsDq
eYqQGo07a/aDVjUu+clDmJ7WMQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGNjK1pW
sG6Vu1OoNg1GCDrCwpbvMB8GA1UdIwQYMBaAFNUMKVffqECpQw+57iXU3PoXEpwY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC82NjBFMDU4OEQy
N0QxMUVEOEU5QTI1ODBDNEY5QUUwMi8xUXdwVjktb1FLbEREN251SmRUYy1oY1Nu
QmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyLzFRd3BWOS1vUUtsREQ3bnVKZFRjLWhjU25CZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkRENEQvNjYwRTA1ODhEMjdEMTFFRDhFOUEyNTgwQzRGOUFFMDIvMTA0NkNCOThE
MjgzMTFFREIxNjU1MTUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBARQ+QAwDQYJKoZIhvcNAQELBQADggEBAFFOoF09wzt9dtpK
4rL3Mu3e5LVLp2qdffAYIxEEDAg7Bts13uZpMOIoLT5TJP+CJ6+5s4CVasU0Ak0g
kXDTuYDJ0nSfghaMa4zsFQO14q8lp7RdMjaZkIwnFQ/YtTdIy5ONZ/qypIsBzGIy
24eaj21sVDz6fTQPs9JME2gDVJdazG6D4I3bHijwuGJ3SA5LSYqSfbhsRSOGCJX8
/MCBe+Fn1/6HlO7niWs/2Jm4MoZa4TxVeAp+CJBg08aMiloDyj1U2AL8o3PCk7p7
XiXd7tD1Bxpy9Is9QR7Cnt9U1IC0KRfxBp5XHglHGy1BA94SYh2FjT+/dPFwElDR
G55foyo=
-----END CERTIFICATE-----
Generated at Mon Apr 28 08:29:54 2025 by rpki-client