Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/FBC5FF822EE711EF96610B4EC4F9AE02.roa
File: FBC5FF822EE711EF96610B4EC4F9AE02.roa (raw, json)
Hash identifier: RTrVR5wL9yOQXY6b1OrprvdMWmvSxZvI7qM3sOKAsPc=
Subject key identifier: 6B:C9:04:65:F4:DC:0C:16:21:7E:B3:FF:42:4D:B6:C2:76:6D:E5:8A
Certificate issuer: /CN=A915D03A/serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91
Certificate serial: 1956
Authority key identifier: 61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/FBC5FF822EE711EF96610B4EC4F9AE02.roa
Signing time: Tue 14 Jan 2025 16:34:15 +0000
ROA not before: Tue 14 Jan 2025 16:34:15 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 16625
IP address blocks: 59.151.128.0/22 maxlen: 22
59.151.136.0/22 maxlen: 22
59.151.176.0/22 maxlen: 22
60.254.132.0/22 maxlen: 22
60.254.168.0/22 maxlen: 22
103.238.150.0/23 maxlen: 23
118.214.32.0/20 maxlen: 20
118.214.64.0/20 maxlen: 20
118.214.96.0/20 maxlen: 20
118.214.128.0/20 maxlen: 20
118.214.240.0/20 maxlen: 20
118.215.8.0/21 maxlen: 21
118.215.32.0/21 maxlen: 21
118.215.80.0/21 maxlen: 21
118.215.88.0/21 maxlen: 21
118.215.96.0/21 maxlen: 21
118.215.176.0/20 maxlen: 20
122.252.40.0/21 maxlen: 21
125.56.212.0/23 maxlen: 23
125.252.212.0/22 maxlen: 22
125.252.216.0/22 maxlen: 22
125.252.228.0/22 maxlen: 22
125.252.232.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6486 (0x1956)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915D03A
Validity
Not Before: Jan 14 16:34:15 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67869206-243f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:93:35:c4:2f:b8:5b:cf:00:e7:80:71:c5:94:
f6:40:82:cd:d2:89:16:0c:64:56:74:e6:32:13:8a:
08:56:d1:71:f7:58:5b:89:15:00:34:e3:46:38:83:
cb:99:a9:8f:b1:62:94:95:80:03:c9:cd:17:c6:64:
a1:7a:7f:13:f1:de:b3:8e:7b:7c:a1:9b:80:ff:7b:
c6:43:d5:be:26:14:c5:7f:dc:06:33:da:f7:08:50:
e2:c1:ee:90:49:c2:ad:a8:b8:b4:39:eb:26:cf:37:
05:ac:5c:c5:3d:c4:5a:fb:74:34:f3:2b:2f:cb:87:
c1:60:62:31:ea:13:88:bd:7a:ec:26:b2:10:75:4f:
d0:cf:16:d8:db:2e:87:54:64:bb:3e:f2:e7:75:9f:
5a:93:cb:5e:07:b2:a3:8b:95:ac:80:d4:06:5c:80:
d0:18:25:39:1b:6f:6d:73:09:96:81:d7:6b:bd:5e:
a7:b4:b7:41:a1:c5:d5:91:c8:07:fd:c6:b0:cb:3c:
a6:b0:97:39:57:57:8b:89:fe:40:96:31:43:a7:0e:
82:23:d5:9f:4a:a1:08:ce:6f:92:4b:48:b8:0c:3a:
52:6f:de:15:ec:49:78:52:97:d2:46:8c:30:42:78:
6e:46:0e:c2:6f:25:3d:6f:c0:80:f6:16:51:50:04:
42:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:C9:04:65:F4:DC:0C:16:21:7E:B3:FF:42:4D:B6:C2:76:6D:E5:8A
X509v3 Authority Key Identifier:
keyid:61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/FBC5FF822EE711EF96610B4EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.151.128.0/22
59.151.136.0/22
59.151.176.0/22
60.254.132.0/22
60.254.168.0/22
103.238.150.0/23
118.214.32.0/20
118.214.64.0/20
118.214.96.0/20
118.214.128.0/20
118.214.240.0/20
118.215.8.0/21
118.215.32.0/21
118.215.80.0-118.215.103.255
118.215.176.0/20
122.252.40.0/21
125.56.212.0/23
125.252.212.0-125.252.219.255
125.252.228.0-125.252.239.255
Signature Algorithm: sha256WithRSAEncryption
26:41:db:74:0d:47:39:d2:c9:42:5f:6d:4b:92:4b:17:a8:3d:
60:e4:61:0c:27:c5:5c:8b:12:cc:92:9c:bb:0c:1a:eb:ce:8f:
8c:64:f6:03:8d:29:5f:34:b5:8b:2a:3c:9d:09:6b:1e:22:e0:
0f:7c:2e:80:2f:61:aa:53:83:9d:11:61:73:52:98:2c:59:0f:
cc:9f:44:17:30:51:b0:01:42:d7:33:73:38:eb:a8:95:84:ca:
de:30:69:d4:b6:b0:ec:2e:41:e3:ba:2b:cf:72:45:6e:cd:f6:
ce:7f:b4:15:5c:1e:17:1d:20:8d:3f:ca:0f:db:f7:c6:79:58:
2f:4f:73:2a:16:9b:2f:d2:89:4e:b2:99:36:9b:d9:9f:56:f8:
e9:61:9e:88:fb:3f:03:af:f8:40:be:a6:e4:ec:6f:70:a0:ac:
69:89:09:9d:68:fb:ed:de:d0:13:b3:46:5b:9a:c8:eb:d4:38:
a1:14:25:fa:4a:d3:3a:50:76:6b:f2:e0:e0:99:94:e6:de:fe:
7c:15:54:e0:c5:c8:56:e4:8a:0e:f0:d8:ef:1b:74:f4:b8:75:
e8:6d:39:c1:b2:b4:40:3c:fb:89:be:6b:05:60:54:4d:38:a5:
62:d8:fb:16:bb:fb:b0:60:5e:8a:83:a7:90:8d:ec:96:17:2a:
9b:3d:a2:88
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgICGVYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUQwM0ExMTAvBgNVBAUTKDYxNUVEODRDNDRFNjU3RjcwOTVFMDIxMkFGRUEwNTJD
NTQyQTBEOTEwHhcNMjUwMTE0MTYzNDE1WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg2OTIwNi0yNDNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5pM1xC+4W88A54BxxZT2QILN0okWDGRWdOYyE4oIVtFx91hbiRUANONGOIPL
mamPsWKUlYADyc0XxmShen8T8d6zjnt8oZuA/3vGQ9W+JhTFf9wGM9r3CFDiwe6Q
ScKtqLi0OesmzzcFrFzFPcRa+3Q08ysvy4fBYGIx6hOIvXrsJrIQdU/QzxbY2y6H
VGS7PvLndZ9ak8teB7Kji5WsgNQGXIDQGCU5G29tcwmWgddrvV6ntLdBocXVkcgH
/cawyzymsJc5V1eLif5AljFDpw6CI9WfSqEIzm+SS0i4DDpSb94V7El4UpfSRoww
QnhuRg7CbyU9b8CA9hZRUARC8QIDAQABo4IDHjCCAxowHQYDVR0OBBYEFGvJBGX0
3AwWIX6z/0JNtsJ2beWKMB8GA1UdIwQYMBaAFGFe2ExE5lf3CV4CEq/qBSxUKg2R
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDAzQS8xQjY0NzcxMDky
NDYxMUU3OUFBRUJFMTBDNEY5QUUwMi9ZVjdZVEVUbVZfY0pYZ0lTci1vRkxGUXFE
WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lWN1lURVRtVl9jSlhnSVNyLW9GTEZRcURaRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUQwM0EvMUI2NDc3MTA5MjQ2MTFFNzlBQUVCRTEwQzRGOUFFMDIvRkJDNUZGODIy
RUU3MTFFRjk2NjEwQjRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgacGCCsGAQUFBwEHAQH/
BIGXMIGUMIGRBAIAATCBigMEAjuXgAMEAjuXiAMEAjuXsAMEAjz+hAMEAjz+qAME
AWfulgMEBHbWIAMEBHbWQAMEBHbWYAMEBHbWgAMEBHbW8AMEA3bXCAMEA3bXIDAM
AwQEdtdQAwQDdtdgAwQEdtewAwQDevwoAwQBfTjUMAwDBAJ9/NQDBAJ9/NgwDAME
An385AMEBH384DANBgkqhkiG9w0BAQsFAAOCAQEAJkHbdA1HOdLJQl9tS5JLF6g9
YORhDCfFXIsSzJKcuwwa686PjGT2A40pXzS1iyo8nQlrHiLgD3wugC9hqlODnRFh
c1KYLFkPzJ9EFzBRsAFC1zNzOOuolYTK3jBp1Law7C5B47orz3JFbs32zn+0FVwe
Fx0gjT/KD9v3xnlYL09zKhabL9KJTrKZNpvZn1b46WGeiPs/A6/4QL6m5OxvcKCs
aYkJnWj77d7QE7NGW5rI69Q4oRQl+krTOlB2a/Lg4JmU5t7+fBVU4MXIVuSKDvDY
7xt09Lh16G05wbK0QDz7ib5rBWBUTTilYtj7Frv7sGBeioOnkI3slhcqmz2iiA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:13:52 2025 by rpki-client