Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915CD63/8AF067C4996211ECBB661A57C4F9AE02/FA7C5B6C996611EC8E565E60C4F9AE02.roa
File: FA7C5B6C996611EC8E565E60C4F9AE02.roa (raw, json)
Hash identifier: XzEbPA3uShAOXIqZil6uWiVPTCssA6N1a5UaV/DTwa0=
Subject key identifier: 7D:4D:2C:E2:EE:83:0E:54:78:52:0E:BC:F6:27:5A:11:97:AD:AE:D0
Certificate issuer: /CN=A915CD63/serialNumber=2B9D6D7DDABC52255F3CCD79CEEA76DBCF435B9D
Certificate serial: 035F
Authority key identifier: 2B:9D:6D:7D:DA:BC:52:25:5F:3C:CD:79:CE:EA:76:DB:CF:43:5B:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K51tfdq8UiVfPM15zup2289DW50.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915CD63/8AF067C4996211ECBB661A57C4F9AE02/FA7C5B6C996611EC8E565E60C4F9AE02.roa
Signing time: Tue 07 Jan 2025 00:44:27 +0000
ROA not before: Tue 07 Jan 2025 00:44:27 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 25222
IP address blocks: 180.94.48.0/21 maxlen: 21
2402:1500:8000::/33 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 863 (0x35f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915CD63
Validity
Not Before: Jan 7 00:44:27 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=677c78eb-28b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:d3:33:6a:f9:ad:12:60:19:25:91:9f:b6:cc:
d2:af:3c:71:2e:26:f9:51:a9:56:d2:5b:29:44:e2:
0f:2d:38:bc:f4:7b:eb:e1:c6:fa:d0:6a:ca:51:55:
95:cc:3b:fd:4b:3c:a1:22:7e:39:f7:91:b7:4e:a0:
03:4b:bd:b5:04:7f:6f:aa:8f:01:1a:c3:49:79:3f:
3c:5e:1a:0c:a8:0e:ac:79:71:82:78:62:88:0e:1f:
55:2f:aa:e6:6a:5a:3b:d0:54:d6:00:5e:50:17:d0:
23:04:19:e2:71:8e:11:a4:05:f3:ad:3e:72:1c:66:
34:e2:b0:c8:b4:d8:5b:75:de:97:f1:a9:e7:98:5e:
fe:39:90:87:c3:aa:d9:75:7d:cf:9a:5f:cc:02:db:
46:c0:b2:45:98:42:b0:88:0c:96:72:d7:2f:9f:77:
43:52:3c:38:bd:00:f3:76:95:38:a6:38:bd:2d:96:
3f:98:23:0c:16:2a:14:0f:e5:62:29:06:dc:02:34:
89:a8:6c:c2:c6:80:09:af:8d:a6:09:cc:09:c8:7a:
57:84:07:e2:f4:96:5f:31:73:f0:9a:90:e2:35:08:
a4:fa:15:4d:b7:8c:1b:2c:ae:ff:c3:33:77:74:3a:
76:32:ea:e1:bb:ad:f3:b8:87:8e:8c:70:7f:22:c9:
ba:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:4D:2C:E2:EE:83:0E:54:78:52:0E:BC:F6:27:5A:11:97:AD:AE:D0
X509v3 Authority Key Identifier:
keyid:2B:9D:6D:7D:DA:BC:52:25:5F:3C:CD:79:CE:EA:76:DB:CF:43:5B:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915CD63/8AF067C4996211ECBB661A57C4F9AE02/K51tfdq8UiVfPM15zup2289DW50.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K51tfdq8UiVfPM15zup2289DW50.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915CD63/8AF067C4996211ECBB661A57C4F9AE02/FA7C5B6C996611EC8E565E60C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
180.94.48.0/21
IPv6:
2402:1500:8000::/33
Signature Algorithm: sha256WithRSAEncryption
12:1d:b1:83:f4:75:be:a2:1d:03:3d:af:fe:35:bf:95:82:60:
16:31:87:6b:35:6f:61:a1:86:8f:ef:ea:dc:8b:f2:ca:54:40:
68:1f:93:6c:a8:ab:57:ec:c9:6d:22:2f:89:58:c8:44:61:9e:
9e:df:6d:0b:77:3e:8a:1e:d2:5b:ca:68:17:f7:f9:88:d5:48:
53:31:e8:a6:bb:e2:d8:f1:f8:8d:15:59:fe:d6:b6:3d:00:f8:
65:7c:a2:2f:d8:d8:b7:f9:23:9d:28:2f:3d:07:de:fd:ea:22:
a1:a0:7d:04:fa:85:32:8c:a5:f1:7b:b0:57:d8:7e:96:33:b7:
0e:ee:91:7f:63:19:e5:a0:2a:6c:ff:96:4f:17:1f:e5:56:45:
34:2a:a8:96:84:8b:08:82:56:e0:c4:29:ab:81:8b:f1:d9:31:
88:b2:aa:de:ed:68:38:40:9e:f9:ab:1c:9b:17:4e:63:a0:0f:
92:2f:f6:5d:cb:5b:ea:0b:33:f2:3b:06:f2:de:9a:f8:ba:01:
31:87:61:64:87:e9:4e:c2:cd:c6:b8:83:7b:39:77:bf:2d:95:
87:2a:ef:7b:14:ba:22:7e:ce:94:e7:d8:61:e9:df:fb:2e:0d:
4c:0e:d8:57:86:5e:11:db:d7:8d:d8:64:0a:ca:2b:46:53:3a:
bf:5e:e9:e7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICA18wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUNENjMxMTAvBgNVBAUTKDJCOUQ2RDdEREFCQzUyMjU1RjNDQ0Q3OUNFRUE3NkRC
Q0Y0MzVCOUQwHhcNMjUwMTA3MDA0NDI3WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdjNzhlYi0yOGIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7NMzavmtEmAZJZGftszSrzxxLib5UalW0lspROIPLTi89Hvr4cb60GrKUVWV
zDv9SzyhIn4595G3TqADS721BH9vqo8BGsNJeT88XhoMqA6seXGCeGKIDh9VL6rm
alo70FTWAF5QF9AjBBnicY4RpAXzrT5yHGY04rDItNhbdd6X8annmF7+OZCHw6rZ
dX3Pml/MAttGwLJFmEKwiAyWctcvn3dDUjw4vQDzdpU4pji9LZY/mCMMFioUD+Vi
KQbcAjSJqGzCxoAJr42mCcwJyHpXhAfi9JZfMXPwmpDiNQik+hVNt4wbLK7/wzN3
dDp2Murhu63zuIeOjHB/Ism6nQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFH1NLOLu
gw5UeFIOvPYnWhGXra7QMB8GA1UdIwQYMBaAFCudbX3avFIlXzzNec7qdtvPQ1ud
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Q0Q2My84QUYwNjdDNDk5
NjIxMUVDQkI2NjFBNTdDNEY5QUUwMi9LNTF0ZmRxOFVpVmZQTTE1enVwMjI4OURX
NTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0s1MXRmZHE4VWlWZlBNMTV6dXAyMjg5RFc1MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUNENjMvOEFGMDY3QzQ5OTYyMTFFQ0JCNjYxQTU3QzRGOUFFMDIvRkE3QzVCNkM5
OTY2MTFFQzhFNTY1RTYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E
IDAeMAwEAgABMAYDBAO0XjAwDgQCAAIwCAMGByQCFQCAMA0GCSqGSIb3DQEBCwUA
A4IBAQASHbGD9HW+oh0DPa/+Nb+VgmAWMYdrNW9hoYaP7+rci/LKVEBoH5NsqKtX
7MltIi+JWMhEYZ6e320Ldz6KHtJbymgX9/mI1UhTMeimu+LY8fiNFVn+1rY9APhl
fKIv2Ni3+SOdKC89B9796iKhoH0E+oUyjKXxe7BX2H6WM7cO7pF/YxnloCps/5ZP
Fx/lVkU0KqiWhIsIglbgxCmrgYvx2TGIsqre7Wg4QJ75qxybF05joA+SL/Zdy1vq
CzPyOwby3pr4ugExh2Fkh+lOws3GuIN7OXe/LZWHKu97FLoifs6U59hh6d/7Lg1M
DthXhl4R29eN2GQKyitGUzq/Xunn
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:21:20 2025 by rpki-client