Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913B6D4/957253689E7911EB8F7A4487C4F9AE02/71FEE72E782E11EFA0D33A2CC4F9AE02.roa
File: 71FEE72E782E11EFA0D33A2CC4F9AE02.roa (raw, json)
Hash identifier: wEWh3R9zfya++PEbtobJacTOE/0OOybhTzCvTJu5rL0=
Subject key identifier: 8A:CD:14:7C:99:C3:70:AA:52:4B:70:27:92:84:9E:FA:48:0F:65:41
Certificate issuer: /CN=A913B6D4/serialNumber=0D5028986A356B69B4AF7D2F6649D6BBDCBE8BED
Certificate serial: 05F2
Authority key identifier: 0D:50:28:98:6A:35:6B:69:B4:AF:7D:2F:66:49:D6:BB:DC:BE:8B:ED
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DVAomGo1a2m0r30vZknWu9y-i-0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913B6D4/957253689E7911EB8F7A4487C4F9AE02/71FEE72E782E11EFA0D33A2CC4F9AE02.roa
Signing time: Tue 24 Dec 2024 22:41:21 +0000
ROA not before: Tue 24 Dec 2024 22:41:21 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 49304
IP address blocks: 58.84.52.0/22 maxlen: 22
103.197.68.0/22 maxlen: 22
116.206.100.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1522 (0x5f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913B6D4
Validity
Not Before: Dec 24 22:41:21 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=676b3891-dd20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c7:70:a9:14:ef:bc:d2:1d:bb:61:44:47:b1:
f8:fc:9b:6b:00:89:f9:cb:89:55:1c:16:33:d8:b0:
58:13:b0:4a:b9:35:6f:89:36:c2:b1:60:d0:9d:b9:
1e:88:5d:4a:b5:58:b0:68:c6:89:7a:25:a8:03:10:
b6:9f:24:09:a4:f8:53:05:90:69:ff:a4:4d:98:e1:
e2:d5:06:a9:28:b5:8c:cf:86:03:d2:cd:f3:13:b4:
e2:d4:2f:86:31:e6:f5:65:a6:4a:f1:8f:e3:e9:59:
a0:93:95:30:b7:db:c7:1a:02:74:7e:8e:c9:2e:16:
cd:4c:8a:5f:09:37:fe:3d:db:ff:c6:17:00:47:28:
df:9a:51:fa:a3:f3:a2:db:60:3f:8f:22:2c:7f:01:
32:60:38:1e:a3:d2:fa:1a:3b:8a:17:a6:b8:41:ec:
9f:a2:49:97:db:e8:b8:83:53:73:b9:54:bd:ee:70:
7e:4a:50:55:43:0a:e4:b1:60:db:a7:60:80:27:67:
70:62:48:ee:a8:1a:06:09:e5:df:97:5b:56:c9:67:
1d:a6:19:0e:0a:62:42:ac:c5:c7:38:1d:cf:3f:3d:
27:b2:6e:e5:90:6b:d1:53:fc:43:7b:20:f5:19:b7:
bb:83:13:d3:8e:ae:81:8c:ac:2e:69:93:bd:f8:4f:
55:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:CD:14:7C:99:C3:70:AA:52:4B:70:27:92:84:9E:FA:48:0F:65:41
X509v3 Authority Key Identifier:
keyid:0D:50:28:98:6A:35:6B:69:B4:AF:7D:2F:66:49:D6:BB:DC:BE:8B:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913B6D4/957253689E7911EB8F7A4487C4F9AE02/DVAomGo1a2m0r30vZknWu9y-i-0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DVAomGo1a2m0r30vZknWu9y-i-0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913B6D4/957253689E7911EB8F7A4487C4F9AE02/71FEE72E782E11EFA0D33A2CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.84.52.0/22
103.197.68.0/22
116.206.100.0/22
Signature Algorithm: sha256WithRSAEncryption
47:e5:82:c7:02:da:37:fb:d9:b6:ac:6e:04:bd:71:b5:77:f4:
3e:6d:73:20:97:77:3e:ad:f1:bf:f4:90:82:33:ce:80:52:48:
44:f0:57:d7:78:26:d9:01:84:47:df:32:2a:28:70:79:dd:08:
0e:e8:c8:77:38:1c:6b:71:1c:f4:d9:d6:b7:0a:5d:d1:82:5e:
76:39:fc:42:2d:03:64:59:91:e9:00:14:3b:44:f0:1b:13:af:
28:8f:8a:d1:da:66:24:73:67:ee:e1:1d:87:38:20:75:41:13:
24:e1:a0:69:b4:95:9a:3c:be:df:8c:75:c2:36:60:c0:60:5a:
4f:67:6c:e5:c6:9a:22:eb:4b:9a:11:c0:cd:a6:b1:a5:1a:00:
26:79:3f:fc:73:89:af:2c:cd:ca:19:80:f9:ac:9c:01:32:10:
4e:ce:cc:b7:70:e2:0d:ed:12:93:8a:53:df:33:8b:c3:c3:6d:
5f:9a:ef:b0:32:23:a2:78:c9:6d:42:b2:82:b2:fe:f3:52:3d:
dd:17:30:11:25:49:c6:6b:b2:34:0e:3e:5d:08:40:f0:c1:a6:
d9:fb:88:23:f6:13:92:12:c6:a8:27:4d:02:9f:01:64:a7:17:
9d:70:72:ee:68:df:09:61:ca:ab:2d:92:14:ac:36:27:95:ab:
f4:55:d4:36
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBfIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0I2RDQxMTAvBgNVBAUTKDBENTAyODk4NkEzNTZCNjlCNEFGN0QyRjY2NDlENkJC
RENCRThCRUQwHhcNMjQxMjI0MjI0MTIxWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZiMzg5MS1kZDIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAucdwqRTvvNIdu2FER7H4/JtrAIn5y4lVHBYz2LBYE7BKuTVviTbCsWDQnbke
iF1KtViwaMaJeiWoAxC2nyQJpPhTBZBp/6RNmOHi1QapKLWMz4YD0s3zE7Ti1C+G
Meb1ZaZK8Y/j6Vmgk5Uwt9vHGgJ0fo7JLhbNTIpfCTf+Pdv/xhcARyjfmlH6o/Oi
22A/jyIsfwEyYDgeo9L6GjuKF6a4QeyfokmX2+i4g1NzuVS97nB+SlBVQwrksWDb
p2CAJ2dwYkjuqBoGCeXfl1tWyWcdphkOCmJCrMXHOB3PPz0nsm7lkGvRU/xDeyD1
Gbe7gxPTjq6BjKwuaZO9+E9VSwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFIrNFHyZ
w3CqUktwJ5KEnvpID2VBMB8GA1UdIwQYMBaAFA1QKJhqNWtptK99L2ZJ1rvcvovt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQjZENC85NTcyNTM2ODlF
NzkxMUVCOEY3QTQ0ODdDNEY5QUUwMi9EVkFvbUdvMWEybTByMzB2WmtuV3U5eS1p
LTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0RWQW9tR28xYTJtMHIzMHZaa25XdTl5LWktMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0I2RDQvOTU3MjUzNjg5RTc5MTFFQjhGN0E0NDg3QzRGOUFFMDIvNzFGRUU3MkU3
ODJFMTFFRkEwRDMzQTJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAI6VDQDBAJnxUQDBAJ0zmQwDQYJKoZIhvcNAQELBQADggEB
AEflgscC2jf72basbgS9cbV39D5tcyCXdz6t8b/0kIIzzoBSSETwV9d4JtkBhEff
MioocHndCA7oyHc4HGtxHPTZ1rcKXdGCXnY5/EItA2RZkekAFDtE8BsTryiPitHa
ZiRzZ+7hHYc4IHVBEyThoGm0lZo8vt+MdcI2YMBgWk9nbOXGmiLrS5oRwM2msaUa
ACZ5P/xzia8szcoZgPmsnAEyEE7OzLdw4g3tEpOKU98zi8PDbV+a77AyI6J4yW1C
soKy/vNSPd0XMBElScZrsjQOPl0IQPDBptn7iCP2E5ISxqgnTQKfAWSnF51wcu5o
3wlhyqstkhSsNieVq/RV1DY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:35:15 2025 by rpki-client