Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914284F/93085C80D7AE11EBA5EB316CC4F9AE02/C6E2CBD4558011EDA4773D7FC4F9AE02.roa
File: C6E2CBD4558011EDA4773D7FC4F9AE02.roa (raw, json)
Hash identifier: ZEf3tktj8tsQa/GPBkU/T2j5p4mzyySZpNdpL6R/nPA=
Subject key identifier: 9F:94:A2:B2:9B:9B:3C:EE:E3:71:06:82:22:FB:F2:81:1B:8C:9D:76
Certificate issuer: /CN=A914284F/serialNumber=27B7AA8E511E70D8A30BB36D02CAF085790C99C3
Certificate serial: 0582
Authority key identifier: 27:B7:AA:8E:51:1E:70:D8:A3:0B:B3:6D:02:CA:F0:85:79:0C:99:C3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/J7eqjlEecNijC7NtAsrwhXkMmcM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914284F/93085C80D7AE11EBA5EB316CC4F9AE02/C6E2CBD4558011EDA4773D7FC4F9AE02.roa
Signing time: Thu 20 Mar 2025 23:34:23 +0000
ROA not before: Thu 20 Mar 2025 23:34:22 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 141468
IP address blocks: 156.16.0.0/16 maxlen: 16
158.40.0.0/16 maxlen: 17
158.40.0.0/24 maxlen: 24
158.40.1.0/24 maxlen: 24
158.40.2.0/23 maxlen: 24
158.40.4.0/23 maxlen: 24
158.40.6.0/23 maxlen: 24
158.40.8.0/23 maxlen: 24
158.40.10.0/23 maxlen: 23
158.40.12.0/22 maxlen: 22
158.40.16.0/20 maxlen: 20
158.40.32.0/19 maxlen: 19
158.40.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1410 (0x582)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914284F
Validity
Not Before: Mar 20 23:34:22 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67dca5fe-fcf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:42:7c:84:a5:83:55:21:81:10:74:ca:7f:48:
e7:8f:1b:51:a1:2e:4d:63:32:fb:f1:41:4e:25:ca:
86:60:25:7b:7c:9f:9b:16:50:69:86:85:96:10:d9:
9d:71:93:b0:58:d8:e7:24:59:0c:c9:77:7a:f4:12:
e3:8b:9a:5c:1f:a2:c4:ab:cf:77:eb:f7:9d:88:c7:
4b:3c:93:54:01:63:af:85:cd:11:1c:b6:3f:0d:ed:
19:02:38:24:4d:54:fa:59:0f:ce:7b:2c:0e:fb:89:
52:81:13:ba:24:65:a8:73:d2:bb:d8:2d:92:ac:53:
55:e1:84:24:35:1c:68:3b:9a:b7:83:5f:ed:03:94:
62:2a:1d:aa:b9:a1:64:1c:63:6c:b5:f3:91:a9:ba:
e3:af:a1:5d:83:c5:69:72:6d:5a:5c:f9:0c:ae:e1:
2e:2a:51:19:53:ec:99:8b:b3:24:2c:78:1e:bc:ce:
c7:4c:18:ee:38:4f:36:f1:6a:d4:39:57:f3:57:3d:
0d:5b:ee:bc:d6:80:f9:9f:48:42:b6:6e:a5:01:4e:
f8:dd:75:f9:19:fd:76:af:9e:df:75:28:43:97:39:
d7:1a:b3:8d:66:9a:bc:ad:34:7b:c2:70:0b:31:e8:
94:25:ca:cb:41:79:6c:85:2d:cf:ca:4a:a8:1e:34:
b8:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:94:A2:B2:9B:9B:3C:EE:E3:71:06:82:22:FB:F2:81:1B:8C:9D:76
X509v3 Authority Key Identifier:
keyid:27:B7:AA:8E:51:1E:70:D8:A3:0B:B3:6D:02:CA:F0:85:79:0C:99:C3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914284F/93085C80D7AE11EBA5EB316CC4F9AE02/J7eqjlEecNijC7NtAsrwhXkMmcM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/J7eqjlEecNijC7NtAsrwhXkMmcM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914284F/93085C80D7AE11EBA5EB316CC4F9AE02/C6E2CBD4558011EDA4773D7FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.16.0.0/16
158.40.0.0/16
Signature Algorithm: sha256WithRSAEncryption
26:dc:7c:db:52:8e:25:7f:84:a5:b4:0e:7e:4d:00:dd:8a:80:
01:1e:8c:56:9e:6a:e8:66:91:da:2d:e3:9b:7d:8c:de:62:dd:
60:20:4f:7f:8e:03:ef:9e:65:bf:2e:b4:d3:a6:0f:b9:60:b2:
6d:b3:39:e3:fe:f1:da:b2:27:6f:c4:23:b4:52:44:11:e9:5a:
e5:19:6e:ab:c5:c6:1e:b7:38:3d:32:d9:f7:fa:01:9c:46:3d:
53:0c:65:a8:53:9a:84:05:2c:b1:5e:e2:b5:05:39:3d:5a:2d:
f4:41:2c:e6:7c:01:24:94:41:07:43:1a:8b:51:b7:0f:c3:a7:
50:c2:f4:45:b2:d6:b8:90:6e:b0:6c:db:57:7e:40:7e:a1:1f:
54:cd:91:29:80:2a:8e:3e:ed:2d:75:0d:5a:72:7f:76:46:0e:
10:52:70:0a:5f:45:52:ea:a5:05:d2:16:2f:25:a2:9f:92:05:
35:3f:9b:ec:af:00:2d:f6:f2:e2:2c:cc:37:3e:1f:8b:e9:d7:
30:3c:2d:7f:77:03:73:c0:0d:11:2b:fd:68:62:ea:90:4b:87:
9c:33:03:29:b8:49:51:c3:27:c2:f8:a0:ce:39:38:88:69:49:
0c:e9:01:86:13:a8:46:4a:39:3c:39:19:24:5f:ac:b3:82:8f:
f6:48:4f:5e
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgICBYIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDI4NEYxMTAvBgNVBAUTKDI3QjdBQThFNTExRTcwRDhBMzBCQjM2RDAyQ0FGMDg1
NzkwQzk5QzMwHhcNMjUwMzIwMjMzNDIyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RjYTVmZS1mY2YxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0kJ8hKWDVSGBEHTKf0jnjxtRoS5NYzL78UFOJcqGYCV7fJ+bFlBphoWWENmd
cZOwWNjnJFkMyXd69BLji5pcH6LEq8936/ediMdLPJNUAWOvhc0RHLY/De0ZAjgk
TVT6WQ/OeywO+4lSgRO6JGWoc9K72C2SrFNV4YQkNRxoO5q3g1/tA5RiKh2quaFk
HGNstfORqbrjr6Fdg8Vpcm1aXPkMruEuKlEZU+yZi7MkLHgevM7HTBjuOE828WrU
OVfzVz0NW+681oD5n0hCtm6lAU743XX5Gf12r57fdShDlznXGrONZpq8rTR7wnAL
MeiUJcrLQXlshS3PykqoHjS4+QIDAQABo4ICmTCCApUwHQYDVR0OBBYEFJ+UorKb
mzzu43EGgiL78oEbjJ12MB8GA1UdIwQYMBaAFCe3qo5RHnDYowuzbQLK8IV5DJnD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Mjg0Ri85MzA4NUM4MEQ3
QUUxMUVCQTVFQjMxNkNDNEY5QUUwMi9KN2VxamxFZWNOaWpDN050QXNyd2hYa01t
Y00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0o3ZXFqbEVlY05pakM3TnRBc3J3aFhrTW1jTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDI4NEYvOTMwODVDODBEN0FFMTFFQkE1RUIzMTZDQzRGOUFFMDIvQzZFMkNCRDQ1
NTgwMTFFREE0NzczRDdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIwYIKwYBBQUHAQcBAf8E
FDASMBAEAgABMAoDAwCcEAMDAJ4oMA0GCSqGSIb3DQEBCwUAA4IBAQAm3HzbUo4l
f4SltA5+TQDdioABHoxWnmroZpHaLeObfYzeYt1gIE9/jgPvnmW/LrTTpg+5YLJt
sznj/vHasidvxCO0UkQR6VrlGW6rxcYetzg9Mtn3+gGcRj1TDGWoU5qEBSyxXuK1
BTk9Wi30QSzmfAEklEEHQxqLUbcPw6dQwvRFsta4kG6wbNtXfkB+oR9UzZEpgCqO
Pu0tdQ1acn92Rg4QUnAKX0VS6qUF0hYvJaKfkgU1P5vsrwAt9vLiLMw3Ph+L6dcw
PC1/dwNzwA0RK/1oYuqQS4ecMwMpuElRwyfC+KDOOTiIaUkM6QGGE6hGSjk8ORkk
X6yzgo/2SE9e
-----END CERTIFICATE-----
Generated at Fri Apr 11 13:07:06 2025 by rpki-client