Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91473F8/4B456C88F36911E99C67A061C4F9AE02/F5660FBC160611ECB3912A7EC4F9AE02.roa
File: F5660FBC160611ECB3912A7EC4F9AE02.roa (raw, json)
Hash identifier: vuIx5uN5ZZTHGHOWV+i45uzSngomzzsL58ntfcnGCEs=
Subject key identifier: F7:86:67:21:33:A6:64:4B:88:EE:6A:0B:A2:45:50:73:EC:57:44:D2
Certificate issuer: /CN=A91473F8/serialNumber=0BF2B5944C3A2CCAB6C1D12BC36A5AF3C2DCF77F
Certificate serial: 0C97
Authority key identifier: 0B:F2:B5:94:4C:3A:2C:CA:B6:C1:D1:2B:C3:6A:5A:F3:C2:DC:F7:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C_K1lEw6LMq2wdErw2pa88Lc938.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91473F8/4B456C88F36911E99C67A061C4F9AE02/F5660FBC160611ECB3912A7EC4F9AE02.roa
Signing time: Fri 28 Mar 2025 18:29:31 +0000
ROA not before: Fri 28 Mar 2025 18:29:31 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 38011
IP address blocks: 202.44.104.0/21 maxlen: 24
2402:21c0::/32 maxlen: 32
2402:21c0:100::/40 maxlen: 40
2402:21c0:200::/40 maxlen: 40
2402:21c0:300::/40 maxlen: 40
2402:21c0:400::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3223 (0xc97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91473F8
Validity
Not Before: Mar 28 18:29:31 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e6ea8a-0c43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:62:d5:f7:20:87:e6:d2:e0:c0:2e:3c:ce:7e:
ea:c2:2a:5f:3c:93:f0:d7:c4:4e:f1:4b:2c:22:f7:
8f:e7:67:52:be:40:fc:eb:9c:3a:58:94:c0:c7:6f:
92:44:69:e8:8c:2a:6d:4b:06:74:e5:e7:05:10:41:
5c:38:c4:f5:a1:4c:d6:d7:e4:d7:a0:22:43:8c:75:
ac:e2:31:cd:47:21:c9:69:7e:de:b7:42:47:2c:a0:
4e:20:34:c6:7f:df:d4:c1:ae:c9:84:98:1e:24:f3:
bc:61:75:f9:40:da:ec:0a:1a:3b:98:ae:10:79:9a:
90:9e:33:de:8a:38:b1:cf:b4:72:8d:2c:29:28:cd:
a9:b9:4a:ae:0c:67:c8:95:b3:3e:0f:e5:6d:96:8e:
4d:0d:a4:12:fa:9c:d9:de:d2:0f:10:da:c5:5a:6f:
bc:bc:cd:80:f5:94:81:7d:2a:8e:8b:2f:7f:14:2a:
ab:ec:b0:6e:7d:1b:e6:3b:73:f1:62:ed:6f:8a:15:
1c:c3:54:fa:79:b7:8b:9e:3d:7a:fc:9e:ad:7f:ea:
3e:06:4a:c3:27:c1:83:c4:70:e1:f5:33:df:07:2a:
9d:df:e4:49:ad:8a:e2:b9:67:45:da:18:01:f6:53:
df:7d:28:8f:0c:42:55:ec:90:37:04:33:10:33:b4:
a9:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:86:67:21:33:A6:64:4B:88:EE:6A:0B:A2:45:50:73:EC:57:44:D2
X509v3 Authority Key Identifier:
keyid:0B:F2:B5:94:4C:3A:2C:CA:B6:C1:D1:2B:C3:6A:5A:F3:C2:DC:F7:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91473F8/4B456C88F36911E99C67A061C4F9AE02/C_K1lEw6LMq2wdErw2pa88Lc938.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C_K1lEw6LMq2wdErw2pa88Lc938.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91473F8/4B456C88F36911E99C67A061C4F9AE02/F5660FBC160611ECB3912A7EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.44.104.0/21
IPv6:
2402:21c0::/32
Signature Algorithm: sha256WithRSAEncryption
5b:b8:ce:c0:00:99:63:67:4b:da:36:9a:0f:52:6f:0e:b7:a0:
0b:64:f0:a6:54:ba:47:f2:6b:e4:19:70:46:9b:18:9f:78:da:
a0:49:ce:00:83:4e:fb:2a:f5:11:bc:7b:38:1d:48:bd:a6:77:
34:29:92:d0:34:fd:28:a4:b8:6d:57:99:ed:b7:37:62:b3:c0:
ee:1e:25:d8:66:70:ec:32:36:03:db:a6:cb:20:90:bc:b6:2c:
f2:87:36:96:28:51:48:1d:30:0d:34:46:da:0e:83:19:5d:90:
9b:2c:42:7a:76:03:03:e5:fa:ff:49:10:ed:be:a7:3d:ea:91:
f8:7f:a2:1a:ce:97:6c:a4:1a:b7:e6:ff:76:93:13:91:c5:5c:
f1:df:83:2e:8b:de:7e:0c:09:87:38:c5:b4:ea:72:e1:39:9e:
08:d0:ec:81:1e:21:ee:1d:b3:ee:c5:42:da:36:ad:9f:00:db:
c1:11:a9:89:7b:1f:4a:6a:41:f1:a9:8f:eb:da:2b:ab:8b:c1:
1b:20:71:b3:7c:5c:a7:ea:fb:ca:35:28:e3:d5:75:c3:6d:51:
03:68:9d:20:94:a4:78:3d:87:23:fa:fc:e7:56:29:df:d8:da:
ea:02:a6:e8:6c:59:7a:72:f9:d2:6e:4c:f2:5e:1a:e6:91:08:
44:05:80:d8
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDJcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDczRjgxMTAvBgNVBAUTKDBCRjJCNTk0NEMzQTJDQ0FCNkMxRDEyQkMzNkE1QUYz
QzJEQ0Y3N0YwHhcNMjUwMzI4MTgyOTMxWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U2ZWE4YS0wYzQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1GLV9yCH5tLgwC48zn7qwipfPJPw18RO8UssIveP52dSvkD865w6WJTAx2+S
RGnojCptSwZ05ecFEEFcOMT1oUzW1+TXoCJDjHWs4jHNRyHJaX7et0JHLKBOIDTG
f9/Uwa7JhJgeJPO8YXX5QNrsCho7mK4QeZqQnjPeijixz7RyjSwpKM2puUquDGfI
lbM+D+Vtlo5NDaQS+pzZ3tIPENrFWm+8vM2A9ZSBfSqOiy9/FCqr7LBufRvmO3Px
Yu1vihUcw1T6ebeLnj16/J6tf+o+BkrDJ8GDxHDh9TPfByqd3+RJrYriuWdF2hgB
9lPffSiPDEJV7JA3BDMQM7SphQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFPeGZyEz
pmRLiO5qC6JFUHPsV0TSMB8GA1UdIwQYMBaAFAvytZRMOizKtsHRK8NqWvPC3Pd/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzNGOC80QjQ1NkM4OEYz
NjkxMUU5OUM2N0EwNjFDNEY5QUUwMi9DX0sxbEV3NkxNcTJ3ZEVydzJwYTg4TGM5
MzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NfSzFsRXc2TE1xMndkRXJ3MnBhODhMYzkzOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDczRjgvNEI0NTZDODhGMzY5MTFFOTlDNjdBMDYxQzRGOUFFMDIvRjU2NjBGQkMx
NjA2MTFFQ0IzOTEyQTdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAPKLGgwDQQCAAIwBwMFACQCIcAwDQYJKoZIhvcNAQELBQAD
ggEBAFu4zsAAmWNnS9o2mg9Sbw63oAtk8KZUukfya+QZcEabGJ942qBJzgCDTvsq
9RG8ezgdSL2mdzQpktA0/SikuG1Xme23N2KzwO4eJdhmcOwyNgPbpssgkLy2LPKH
NpYoUUgdMA00RtoOgxldkJssQnp2AwPl+v9JEO2+pz3qkfh/ohrOl2ykGrfm/3aT
E5HFXPHfgy6L3n4MCYc4xbTqcuE5ngjQ7IEeIe4ds+7FQto2rZ8A28ERqYl7H0pq
QfGpj+vaK6uLwRsgcbN8XKfq+8o1KOPVdcNtUQNonSCUpHg9hyP6/OdWKd/Y2uoC
puhsWXpy+dJuTPJeGuaRCEQFgNg=
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:11:36 2025 by rpki-client