Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91620E0/E1A384AC310E11EA9C3CE72FC4F9AE02/1930A6C2DE1411EA9309134EC4F9AE02.roa
File: 1930A6C2DE1411EA9309134EC4F9AE02.roa (raw, json)
Hash identifier: rp15KoHPh9KPJUHupa2yc5uH/WLKjcA8xJBwyfWBGDI=
Subject key identifier: EE:44:EE:11:02:23:DC:61:0F:23:84:E9:52:29:14:30:F5:65:DB:97
Certificate issuer: /CN=A91620E0/serialNumber=FD3B4EF8F79B0AE127E71E4B6C1869D81B22E880
Certificate serial: 0DA3
Authority key identifier: FD:3B:4E:F8:F7:9B:0A:E1:27:E7:1E:4B:6C:18:69:D8:1B:22:E8:80
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_TtO-PebCuEn5x5LbBhp2Bsi6IA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91620E0/E1A384AC310E11EA9C3CE72FC4F9AE02/1930A6C2DE1411EA9309134EC4F9AE02.roa
Signing time: Sun 22 Dec 2024 19:17:42 +0000
ROA not before: Sun 22 Dec 2024 19:17:42 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 64049
IP address blocks: 49.45.4.0/24 maxlen: 24
49.45.5.0/24 maxlen: 24
2405:200:900::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3491 (0xda3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91620E0
Validity
Not Before: Dec 22 19:17:42 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=676865d5-4968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7c:2f:01:58:b0:73:23:02:5e:ae:10:a6:bd:
08:13:1a:c6:75:8e:52:ec:fd:bc:d9:1d:86:70:65:
f2:3b:80:5d:25:46:30:71:d9:3a:9c:2d:78:f5:fc:
cb:84:20:19:2d:74:75:4a:39:be:ec:45:80:23:33:
d1:d3:c0:b8:90:b6:09:b5:49:fe:67:1e:4c:ed:ff:
c2:d8:8c:e6:cc:1e:f2:e2:57:3a:95:88:b3:8a:7f:
62:11:f1:8d:41:7d:5b:09:83:c0:f4:46:cf:7e:07:
76:18:cc:21:8b:ba:a2:c5:c9:89:31:10:d2:7e:ec:
18:f4:0a:3a:20:e7:a7:e7:cd:0e:e9:b0:7b:68:f0:
5f:4b:20:2d:43:28:e5:f0:13:1b:7d:a0:9a:57:15:
94:d3:73:8d:d1:80:0d:60:3b:f3:9a:07:e4:53:68:
04:95:d8:2b:d3:8e:ba:15:e0:c1:9e:57:5f:f3:1e:
8e:00:62:67:10:32:17:25:bc:df:1d:9c:1f:0f:01:
cc:15:2f:e3:29:84:50:a0:ff:3e:b7:7f:d8:33:96:
10:cd:b8:e9:fa:12:1e:5d:05:bf:97:35:71:e4:0e:
c8:07:88:42:24:b1:f9:25:c0:40:e7:37:ec:68:ac:
ee:c7:19:78:0b:2b:ce:01:65:d8:f4:09:4f:02:12:
18:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:44:EE:11:02:23:DC:61:0F:23:84:E9:52:29:14:30:F5:65:DB:97
X509v3 Authority Key Identifier:
keyid:FD:3B:4E:F8:F7:9B:0A:E1:27:E7:1E:4B:6C:18:69:D8:1B:22:E8:80
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91620E0/E1A384AC310E11EA9C3CE72FC4F9AE02/_TtO-PebCuEn5x5LbBhp2Bsi6IA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_TtO-PebCuEn5x5LbBhp2Bsi6IA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91620E0/E1A384AC310E11EA9C3CE72FC4F9AE02/1930A6C2DE1411EA9309134EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.45.4.0/23
IPv6:
2405:200:900::/40
Signature Algorithm: sha256WithRSAEncryption
01:4c:a4:99:84:f7:24:4a:18:02:8c:32:5b:f0:46:3f:f8:ab:
12:dd:e4:88:75:dc:dd:81:13:59:fc:2a:c5:7f:51:68:95:c9:
c7:d8:5d:da:c2:d1:62:d5:c5:e9:55:a7:c8:03:ba:0b:e3:a7:
ed:ad:ae:5d:27:5b:48:96:0b:f5:5e:c8:8f:a2:59:b5:63:a5:
28:7d:36:e5:bf:0f:07:a6:ce:4d:f5:2b:a6:82:45:6c:9c:27:
9e:ec:c2:13:3a:e5:23:76:b3:83:d3:1a:3d:a0:cd:10:af:bb:
c0:1e:26:ee:23:d9:7a:e3:b9:32:34:cd:fd:14:f4:b7:0f:ba:
f2:01:40:49:63:4c:4c:41:f6:8a:0b:0e:d8:5a:90:de:0d:41:
fd:e5:af:d5:09:26:bb:11:58:ec:2d:e5:8c:3a:4f:3c:27:00:
ef:16:42:21:86:06:0c:53:33:06:14:67:a4:18:58:db:14:a2:
fb:ea:06:af:d1:06:df:d9:30:c9:54:4a:3d:59:16:e4:31:37:
e6:e5:11:dd:48:43:50:ba:27:56:5b:67:60:48:e4:40:59:61:
0b:17:b7:79:7e:34:02:e7:01:f2:29:24:21:33:f6:5e:7b:f0:
6e:ee:ee:aa:d2:55:0d:ae:ea:ba:ce:49:13:48:62:ee:86:87:
d0:0e:29:72
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICDaMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjIwRTAxMTAvBgNVBAUTKEZEM0I0RUY4Rjc5QjBBRTEyN0U3MUU0QjZDMTg2OUQ4
MUIyMkU4ODAwHhcNMjQxMjIyMTkxNzQyWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY4NjVkNS00OTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqXwvAViwcyMCXq4Qpr0IExrGdY5S7P282R2GcGXyO4BdJUYwcdk6nC149fzL
hCAZLXR1Sjm+7EWAIzPR08C4kLYJtUn+Zx5M7f/C2IzmzB7y4lc6lYizin9iEfGN
QX1bCYPA9EbPfgd2GMwhi7qixcmJMRDSfuwY9Ao6IOen580O6bB7aPBfSyAtQyjl
8BMbfaCaVxWU03ON0YANYDvzmgfkU2gEldgr0466FeDBnldf8x6OAGJnEDIXJbzf
HZwfDwHMFS/jKYRQoP8+t3/YM5YQzbjp+hIeXQW/lzVx5A7IB4hCJLH5JcBA5zfs
aKzuxxl4CyvOAWXY9AlPAhIY8QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFO5E7hEC
I9xhDyOE6VIpFDD1ZduXMB8GA1UdIwQYMBaAFP07Tvj3mwrhJ+ceS2wYadgbIuiA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MjBFMC9FMUEzODRBQzMx
MEUxMUVBOUMzQ0U3MkZDNEY5QUUwMi9fVHRPLVBlYkN1RW41eDVMYkJocDJCc2k2
SUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19UdE8tUGViQ3VFbjV4NUxiQmhwMkJzaTZJQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjIwRTAvRTFBMzg0QUMzMTBFMTFFQTlDM0NFNzJGQzRGOUFFMDIvMTkzMEE2QzJE
RTE0MTFFQTkzMDkxMzRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E
IDAeMAwEAgABMAYDBAExLQQwDgQCAAIwCAMGACQFAgAJMA0GCSqGSIb3DQEBCwUA
A4IBAQABTKSZhPckShgCjDJb8EY/+KsS3eSIddzdgRNZ/CrFf1FolcnH2F3awtFi
1cXpVafIA7oL46ftra5dJ1tIlgv1XsiPolm1Y6UofTblvw8Hps5N9SumgkVsnCee
7MITOuUjdrOD0xo9oM0Qr7vAHibuI9l647kyNM39FPS3D7ryAUBJY0xMQfaKCw7Y
WpDeDUH95a/VCSa7EVjsLeWMOk88JwDvFkIhhgYMUzMGFGekGFjbFKL76gav0Qbf
2TDJVEo9WRbkMTfm5RHdSENQuidWW2dgSORAWWELF7d5fjQC5wHyKSQhM/Zee/Bu
7u6q0lUNruq6zkkTSGLuhofQDily
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:20:56 2025 by rpki-client