Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/596C54DCE83F11EE81772A87C4F9AE02.roa
File: 596C54DCE83F11EE81772A87C4F9AE02.roa (raw, json)
Hash identifier: gkJptkaETgFISWJvcQGnHB0jn74oacHoYRhEpbDvdJY=
Subject key identifier: 2C:AA:35:AD:0B:56:B6:CF:7C:E6:53:91:73:A8:71:F9:23:9E:F6:1E
Certificate issuer: /CN=A915D03A/serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91
Certificate serial: 1957
Authority key identifier: 61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/596C54DCE83F11EE81772A87C4F9AE02.roa
Signing time: Tue 14 Jan 2025 16:34:15 +0000
ROA not before: Tue 14 Jan 2025 16:34:15 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 17639
IP address blocks: 118.215.72.0/21 maxlen: 21
122.252.128.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6487 (0x1957)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915D03A
Validity
Not Before: Jan 14 16:34:15 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67869207-a3c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:eb:41:de:9d:bb:c9:36:14:4d:de:ad:05:fd:
26:61:4a:1e:47:d6:1c:26:bf:99:9c:94:c3:5d:e9:
f9:7d:e6:ff:46:95:54:73:49:e5:f1:31:91:25:29:
5e:8e:9e:74:7f:fd:07:50:5e:11:1a:76:d9:9d:6f:
00:73:4f:1a:1d:c7:be:a6:fd:b1:3e:6b:3b:8f:26:
97:5e:13:b8:c0:f0:a7:24:bf:b0:90:53:a2:fb:dd:
a3:8d:ea:36:4b:94:69:b4:2b:3d:2e:3c:9c:06:c2:
f4:83:88:a9:53:22:23:08:da:cf:c3:54:36:43:f5:
69:9b:41:f1:be:ad:5b:3d:a8:73:23:5d:5f:5c:41:
a6:b4:2b:2c:aa:dc:12:8f:ce:ba:90:04:e4:13:ed:
28:f5:82:84:b2:87:e3:49:5c:f3:23:06:f5:1b:62:
74:e5:89:7b:f9:d7:c6:d2:1f:94:f1:7a:da:36:d3:
c1:f0:13:5d:e9:48:92:c2:b0:81:3c:c7:2f:5d:e5:
93:51:f7:ae:e1:cb:0e:7c:3b:70:f8:9b:28:ac:27:
f3:34:c2:82:e2:77:ae:0d:a9:73:f9:3c:ac:b4:51:
fc:67:2d:38:f3:79:99:24:70:92:81:ca:4a:81:49:
b0:87:87:50:78:a0:b6:ad:3f:27:2d:0f:bf:c2:33:
3b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:AA:35:AD:0B:56:B6:CF:7C:E6:53:91:73:A8:71:F9:23:9E:F6:1E
X509v3 Authority Key Identifier:
keyid:61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/596C54DCE83F11EE81772A87C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
118.215.72.0/21
122.252.128.0/21
Signature Algorithm: sha256WithRSAEncryption
5a:63:1b:0c:f7:49:9f:4b:c9:af:dd:5d:ff:85:b8:3f:f2:97:
89:8e:d8:70:27:22:0f:01:ce:81:ec:e8:b0:f6:ea:4e:0c:f7:
ba:87:22:06:bd:a1:f4:d3:ac:ab:a6:d0:f6:ab:3e:4b:91:29:
76:a6:1b:d6:09:9b:d8:60:82:65:78:c3:94:95:a7:16:d5:d3:
7f:f2:bb:6f:3b:a3:9f:aa:b2:f3:5e:82:a5:91:3e:56:90:77:
ca:7c:80:e1:91:2c:cd:a7:de:5a:d3:a0:59:07:86:17:e5:09:
67:cd:fa:90:57:79:65:4f:48:35:aa:2c:57:88:68:6b:a1:63:
6c:e8:88:cd:94:1b:62:04:34:f0:4e:fe:bd:81:4c:f9:f4:ac:
a3:b7:99:62:f9:70:2b:cf:9f:57:c0:c8:81:46:6a:f9:bf:cf:
57:bf:01:e3:1f:5c:f8:ff:35:b4:58:98:80:33:93:4a:91:1d:
c2:51:1f:14:22:7d:b2:a2:8c:fb:cc:4a:76:df:04:2c:83:a1:
cd:11:25:17:3c:a8:22:3d:13:35:2a:27:4e:aa:54:49:2b:a9:
24:d8:9c:31:9e:d1:82:2e:ef:42:61:5b:3c:cf:82:0f:89:ed:
c7:6f:1d:c4:79:ee:3b:11:ff:ed:ce:c6:40:5f:ef:7d:38:8d:
8a:8e:b1:b8
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICGVcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUQwM0ExMTAvBgNVBAUTKDYxNUVEODRDNDRFNjU3RjcwOTVFMDIxMkFGRUEwNTJD
NTQyQTBEOTEwHhcNMjUwMTE0MTYzNDE1WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg2OTIwNy1hM2M4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAm+tB3p27yTYUTd6tBf0mYUoeR9YcJr+ZnJTDXen5feb/RpVUc0nl8TGRJSle
jp50f/0HUF4RGnbZnW8Ac08aHce+pv2xPms7jyaXXhO4wPCnJL+wkFOi+92jjeo2
S5RptCs9LjycBsL0g4ipUyIjCNrPw1Q2Q/Vpm0Hxvq1bPahzI11fXEGmtCssqtwS
j866kATkE+0o9YKEsofjSVzzIwb1G2J05Yl7+dfG0h+U8XraNtPB8BNd6UiSwrCB
PMcvXeWTUfeu4csOfDtw+JsorCfzNMKC4neuDalz+TystFH8Zy0483mZJHCSgcpK
gUmwh4dQeKC2rT8nLQ+/wjM7AwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCyqNa0L
VrbPfOZTkXOocfkjnvYeMB8GA1UdIwQYMBaAFGFe2ExE5lf3CV4CEq/qBSxUKg2R
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDAzQS8xQjY0NzcxMDky
NDYxMUU3OUFBRUJFMTBDNEY5QUUwMi9ZVjdZVEVUbVZfY0pYZ0lTci1vRkxGUXFE
WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lWN1lURVRtVl9jSlhnSVNyLW9GTEZRcURaRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUQwM0EvMUI2NDc3MTA5MjQ2MTFFNzlBQUVCRTEwQzRGOUFFMDIvNTk2QzU0RENF
ODNGMTFFRTgxNzcyQTg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAN210gDBAN6/IAwDQYJKoZIhvcNAQELBQADggEBAFpjGwz3
SZ9Lya/dXf+FuD/yl4mO2HAnIg8BzoHs6LD26k4M97qHIga9ofTTrKum0ParPkuR
KXamG9YJm9hggmV4w5SVpxbV03/yu287o5+qsvNegqWRPlaQd8p8gOGRLM2n3lrT
oFkHhhflCWfN+pBXeWVPSDWqLFeIaGuhY2zoiM2UG2IENPBO/r2BTPn0rKO3mWL5
cCvPn1fAyIFGavm/z1e/AeMfXPj/NbRYmIAzk0qRHcJRHxQifbKijPvMSnbfBCyD
oc0RJRc8qCI9EzUqJ06qVEkrqSTYnDGe0YIu70JhWzzPgg+J7cdvHcR57jsR/+3O
xkBf7304jYqOsbg=
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:37:32 2025 by rpki-client