Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91477C3/5DA48C20E76E11EA8142A839C4F9AE02/5FB89FD4DA8511EEBD7AF854C4F9AE02.roa
File: 5FB89FD4DA8511EEBD7AF854C4F9AE02.roa (raw, json)
Hash identifier: 7JHMwVjCROL2NO+MkxXgRxb2ZHCCwLSy/kLqZ1Og33E=
Subject key identifier: 5A:14:08:2A:A7:0F:C1:D2:44:7F:CF:E5:9D:0C:DE:48:1C:6D:53:70
Certificate issuer: /CN=A91477C3/serialNumber=B20E9FE64AF3CE8C982725D012A142927263CEF0
Certificate serial: 078F
Authority key identifier: B2:0E:9F:E6:4A:F3:CE:8C:98:27:25:D0:12:A1:42:92:72:63:CE:F0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sg6f5krzzoyYJyXQEqFCknJjzvA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91477C3/5DA48C20E76E11EA8142A839C4F9AE02/5FB89FD4DA8511EEBD7AF854C4F9AE02.roa
Signing time: Wed 02 Oct 2024 21:29:59 +0000
ROA not before: Wed 02 Oct 2024 21:29:59 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 45270
IP address blocks: 43.252.0.0/22 maxlen: 22
101.234.192.0/24 maxlen: 24
101.234.193.0/24 maxlen: 24
101.234.194.0/24 maxlen: 24
101.234.195.0/24 maxlen: 24
101.234.196.0/24 maxlen: 24
101.234.200.0/24 maxlen: 24
101.234.201.0/24 maxlen: 24
103.233.16.0/22 maxlen: 22
223.25.228.0/23 maxlen: 23
223.25.231.0/24 maxlen: 24
2407:ab00::/48 maxlen: 48
2407:ab00:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1935 (0x78f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91477C3
Validity
Not Before: Oct 2 21:29:59 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66fdbb57-3d0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:7c:c9:8f:6d:42:eb:99:18:56:04:e5:b7:6a:
ee:09:b4:2a:6d:95:17:ac:b9:16:96:77:86:1d:41:
7e:c2:ee:33:eb:6e:22:d8:7e:a3:e4:3f:bb:21:df:
42:25:ff:d7:77:77:02:0c:1f:64:38:a8:31:33:b9:
de:9a:28:af:c6:43:a2:95:8c:84:d6:01:b9:19:f4:
13:c6:7b:e1:1d:6b:f9:7f:74:e1:a6:38:66:af:30:
c0:28:00:4f:45:1b:52:98:22:c3:da:8a:83:f3:05:
3a:1d:1d:7a:ba:79:5b:33:c5:49:3c:23:3b:87:04:
37:86:1e:7c:05:54:50:33:c0:81:aa:71:47:ff:6e:
65:1f:aa:53:24:25:8d:13:f4:13:81:88:4c:80:81:
15:25:df:42:a7:d2:c9:12:e4:41:55:eb:74:4a:82:
44:f9:e2:5a:85:1c:ec:d3:ae:8f:58:2e:67:3b:c6:
d9:16:1b:84:11:a6:c8:60:04:69:30:11:bc:86:da:
be:03:b0:9b:5b:6c:fe:9b:7d:a7:31:7d:43:77:d1:
39:88:f5:25:0c:03:1a:e4:98:77:e0:74:24:e9:f5:
3e:c5:36:2b:f9:79:cc:f4:46:ce:c0:75:a5:4d:c9:
56:ea:ff:22:f0:87:ec:6e:ce:eb:e4:e4:6b:11:04:
16:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:14:08:2A:A7:0F:C1:D2:44:7F:CF:E5:9D:0C:DE:48:1C:6D:53:70
X509v3 Authority Key Identifier:
keyid:B2:0E:9F:E6:4A:F3:CE:8C:98:27:25:D0:12:A1:42:92:72:63:CE:F0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91477C3/5DA48C20E76E11EA8142A839C4F9AE02/sg6f5krzzoyYJyXQEqFCknJjzvA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sg6f5krzzoyYJyXQEqFCknJjzvA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91477C3/5DA48C20E76E11EA8142A839C4F9AE02/5FB89FD4DA8511EEBD7AF854C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.0.0/22
101.234.192.0-101.234.196.255
101.234.200.0/23
103.233.16.0/22
223.25.228.0/23
223.25.231.0/24
IPv6:
2407:ab00::/48
2407:ab00:2::/48
Signature Algorithm: sha256WithRSAEncryption
03:da:57:35:aa:ad:cb:bc:78:75:12:c6:c3:38:bf:07:1f:6e:
57:f8:92:a5:6e:77:97:bb:05:06:3d:4d:de:b9:77:dd:ce:e4:
0f:cb:d0:59:4d:1f:cc:61:d0:5f:15:b3:fb:be:d1:e9:f7:26:
80:34:f3:0c:56:78:32:24:38:3a:90:2b:04:f7:b1:7c:3c:71:
39:4a:be:61:3f:15:c0:bc:59:09:d4:b7:6c:98:d8:3e:09:08:
04:d9:b6:f9:0f:2d:d9:6d:35:15:b2:fb:1f:cf:37:ad:86:47:
7d:4f:15:88:ab:9b:98:69:da:42:8e:44:34:a8:38:fe:6b:58:
2b:0d:f3:06:79:67:7c:5a:aa:36:95:c1:d7:6d:13:48:c8:d7:
13:de:12:34:62:00:91:d0:0f:2e:a4:db:d5:b8:29:0c:e7:a2:
14:78:74:dd:78:c1:e4:0b:82:56:be:4e:69:41:26:34:92:da:
bf:47:fc:c0:cd:40:f7:ce:b1:8c:05:98:3a:2e:69:a6:72:ce:
cd:8e:bd:6d:45:50:6a:3a:c5:18:fb:db:29:96:15:14:46:74:
9a:f0:9a:8f:30:07:86:5e:8a:04:1b:36:9a:50:ae:da:2f:ee:
f6:52:4d:14:85:cd:9a:37:0c:97:18:b6:a2:b0:71:03:04:0d:
d9:cb:ea:98
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgICB48wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDc3QzMxMTAvBgNVBAUTKEIyMEU5RkU2NEFGM0NFOEM5ODI3MjVEMDEyQTE0Mjky
NzI2M0NFRjAwHhcNMjQxMDAyMjEyOTU5WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZkYmI1Ny0zZDBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1XzJj21C65kYVgTlt2ruCbQqbZUXrLkWlneGHUF+wu4z624i2H6j5D+7Id9C
Jf/Xd3cCDB9kOKgxM7nemiivxkOilYyE1gG5GfQTxnvhHWv5f3ThpjhmrzDAKABP
RRtSmCLD2oqD8wU6HR16unlbM8VJPCM7hwQ3hh58BVRQM8CBqnFH/25lH6pTJCWN
E/QTgYhMgIEVJd9Cp9LJEuRBVet0SoJE+eJahRzs066PWC5nO8bZFhuEEabIYARp
MBG8htq+A7CbW2z+m32nMX1Dd9E5iPUlDAMa5Jh34HQk6fU+xTYr+XnM9EbOwHWl
TclW6v8i8Ifsbs7r5ORrEQQW5QIDAQABo4IC1TCCAtEwHQYDVR0OBBYEFFoUCCqn
D8HSRH/P5Z0M3kgcbVNwMB8GA1UdIwQYMBaAFLIOn+ZK886MmCcl0BKhQpJyY87w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzdDMy81REE0OEMyMEU3
NkUxMUVBODE0MkE4MzlDNEY5QUUwMi9zZzZmNWtyenpveVlKeVhRRXFGQ2tuSmp6
dkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NnNmY1a3J6em95WUp5WFFFcUZDa25Kanp2QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDc3QzMvNURBNDhDMjBFNzZFMTFFQTgxNDJBODM5QzRGOUFFMDIvNUZCODlGRDRE
QTg1MTFFRUJEN0FGODU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXwYIKwYBBQUHAQcBAf8E
UDBOMDIEAgABMCwDBAIr/AAwDAMEBmXqwAMEAGXqxAMEAWXqyAMEAmfpEAMEAd8Z
5AMEAN8Z5zAYBAIAAjASAwcAJAerAAAAAwcAJAerAAACMA0GCSqGSIb3DQEBCwUA
A4IBAQAD2lc1qq3LvHh1EsbDOL8HH25X+JKlbneXuwUGPU3euXfdzuQPy9BZTR/M
YdBfFbP7vtHp9yaANPMMVngyJDg6kCsE97F8PHE5Sr5hPxXAvFkJ1LdsmNg+CQgE
2bb5Dy3ZbTUVsvsfzzethkd9TxWIq5uYadpCjkQ0qDj+a1grDfMGeWd8Wqo2lcHX
bRNIyNcT3hI0YgCR0A8upNvVuCkM56IUeHTdeMHkC4JWvk5pQSY0ktq/R/zAzUD3
zrGMBZg6Lmmmcs7Njr1tRVBqOsUY+9splhUURnSa8JqPMAeGXooEGzaaUK7aL+72
Uk0Uhc2aNwyXGLaisHEDBA3Zy+qY
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:44:14 2025 by rpki-client