Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91620E0/E1A384AC310E11EA9C3CE72FC4F9AE02/A40DF2FC959211EE839DCE49C4F9AE02.roa
File: A40DF2FC959211EE839DCE49C4F9AE02.roa (raw, json)
Hash identifier: IX+LKV7VvPnEWznfRdlyFlyrqBtHLlGXeTIU3OeySck=
Subject key identifier: 31:59:8E:52:8F:5C:58:CA:6F:DA:AC:E3:1C:81:1E:19:79:FB:AB:D9
Certificate issuer: /CN=A91620E0/serialNumber=FD3B4EF8F79B0AE127E71E4B6C1869D81B22E880
Certificate serial: 0DA1
Authority key identifier: FD:3B:4E:F8:F7:9B:0A:E1:27:E7:1E:4B:6C:18:69:D8:1B:22:E8:80
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_TtO-PebCuEn5x5LbBhp2Bsi6IA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91620E0/E1A384AC310E11EA9C3CE72FC4F9AE02/A40DF2FC959211EE839DCE49C4F9AE02.roa
Signing time: Sun 22 Dec 2024 19:17:37 +0000
ROA not before: Sun 22 Dec 2024 19:17:37 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 55386
IP address blocks: 115.245.40.0/22 maxlen: 22
115.245.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3489 (0xda1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91620E0
Validity
Not Before: Dec 22 19:17:37 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=676865d1-0ae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:00:17:15:a4:1c:44:95:63:c9:ba:f0:fd:3a:
bb:2f:20:1f:0e:91:e0:27:df:b5:b5:3b:68:c4:12:
0e:1a:d2:90:eb:13:2b:b9:48:73:01:9d:36:00:54:
18:f9:0d:e2:52:32:3e:58:39:c1:f9:c7:38:05:9f:
d8:30:55:fc:9b:60:c6:6d:e6:2e:3f:83:f7:61:3d:
b4:05:45:62:e5:89:76:28:02:9c:2b:5b:64:cd:99:
5f:be:bd:b0:b9:2e:96:82:76:b7:f8:d1:1d:e6:0d:
8a:9e:75:25:d0:cb:68:5d:ff:8a:85:8a:2f:c6:f4:
68:85:24:df:ff:88:57:1f:e9:4a:6c:a4:79:b5:31:
b0:da:a4:96:83:d8:99:81:e7:01:39:ca:9f:d0:51:
16:12:ec:1f:0b:89:4c:f4:d9:d1:25:75:71:28:d6:
54:65:ff:a2:3d:76:f2:31:4d:d2:8f:18:aa:27:46:
77:60:43:5f:ad:24:ed:8c:5a:d4:2e:d8:31:2d:60:
7f:f4:59:8e:6f:34:45:b5:a1:20:d0:84:f5:a3:16:
4d:da:b5:b9:80:05:ce:df:34:fc:48:10:d8:d9:67:
21:e2:87:43:dd:98:db:3c:01:ee:04:33:8c:46:8f:
6f:48:87:76:da:ea:3e:c7:36:54:73:6d:cd:27:95:
00:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:59:8E:52:8F:5C:58:CA:6F:DA:AC:E3:1C:81:1E:19:79:FB:AB:D9
X509v3 Authority Key Identifier:
keyid:FD:3B:4E:F8:F7:9B:0A:E1:27:E7:1E:4B:6C:18:69:D8:1B:22:E8:80
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91620E0/E1A384AC310E11EA9C3CE72FC4F9AE02/_TtO-PebCuEn5x5LbBhp2Bsi6IA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_TtO-PebCuEn5x5LbBhp2Bsi6IA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91620E0/E1A384AC310E11EA9C3CE72FC4F9AE02/A40DF2FC959211EE839DCE49C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
115.245.40.0/22
115.245.96.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:f1:41:a4:f2:0e:e1:d3:b7:e8:88:5f:d7:49:c0:75:9e:65:
ae:e7:03:52:79:67:ef:32:32:65:43:84:67:3f:b6:6d:d5:3f:
35:88:02:cb:f8:20:86:08:00:9c:5c:45:41:28:e8:35:e8:80:
12:44:0a:1d:f8:a7:a0:0d:b4:46:3f:11:fd:5e:16:8e:1b:60:
7c:06:54:38:e2:99:7c:ef:0f:07:8f:3f:ac:86:3c:68:9b:bf:
e4:30:9b:ec:19:d4:a8:ae:ad:b5:fd:dd:15:bc:0d:04:b5:4d:
f9:50:9b:df:f1:d1:b7:6b:cb:59:fd:61:71:e3:e4:6d:71:fe:
13:53:93:0c:25:c7:f3:f8:c5:ee:60:e8:f7:b6:f7:7f:72:ee:
b9:ce:c7:7f:65:91:f4:fb:6e:0c:f2:b7:5a:8c:42:e5:f4:43:
8d:bf:e8:dc:d9:ae:04:07:e0:bd:9d:66:84:5a:da:9f:a0:f7:
13:fd:1f:1a:20:82:bd:31:ab:bd:6e:e2:d7:3f:11:66:b4:72:
15:14:a2:e2:4f:70:ae:d4:90:aa:c4:04:39:c1:f0:6d:b7:5e:
f7:6b:1a:d2:3e:9a:9b:e7:ef:8f:8c:51:fa:02:96:59:75:3c:
84:90:14:89:d9:86:a3:f6:4f:57:d3:c0:70:e2:88:7e:45:95:
93:8e:28:8b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDaEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjIwRTAxMTAvBgNVBAUTKEZEM0I0RUY4Rjc5QjBBRTEyN0U3MUU0QjZDMTg2OUQ4
MUIyMkU4ODAwHhcNMjQxMjIyMTkxNzM3WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY4NjVkMS0wYWU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAygAXFaQcRJVjybrw/Tq7LyAfDpHgJ9+1tTtoxBIOGtKQ6xMruUhzAZ02AFQY
+Q3iUjI+WDnB+cc4BZ/YMFX8m2DGbeYuP4P3YT20BUVi5Yl2KAKcK1tkzZlfvr2w
uS6Wgna3+NEd5g2KnnUl0MtoXf+KhYovxvRohSTf/4hXH+lKbKR5tTGw2qSWg9iZ
gecBOcqf0FEWEuwfC4lM9NnRJXVxKNZUZf+iPXbyMU3SjxiqJ0Z3YENfrSTtjFrU
LtgxLWB/9FmObzRFtaEg0IT1oxZN2rW5gAXO3zT8SBDY2Wch4odD3ZjbPAHuBDOM
Ro9vSId22uo+xzZUc23NJ5UAHQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDFZjlKP
XFjKb9qs4xyBHhl5+6vZMB8GA1UdIwQYMBaAFP07Tvj3mwrhJ+ceS2wYadgbIuiA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MjBFMC9FMUEzODRBQzMx
MEUxMUVBOUMzQ0U3MkZDNEY5QUUwMi9fVHRPLVBlYkN1RW41eDVMYkJocDJCc2k2
SUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19UdE8tUGViQ3VFbjV4NUxiQmhwMkJzaTZJQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjIwRTAvRTFBMzg0QUMzMTBFMTFFQTlDM0NFNzJGQzRGOUFFMDIvQTQwREYyRkM5
NTkyMTFFRTgzOURDRTQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJz9SgDBAJz9WAwDQYJKoZIhvcNAQELBQADggEBALPxQaTy
DuHTt+iIX9dJwHWeZa7nA1J5Z+8yMmVDhGc/tm3VPzWIAsv4IIYIAJxcRUEo6DXo
gBJECh34p6ANtEY/Ef1eFo4bYHwGVDjimXzvDwePP6yGPGibv+Qwm+wZ1KiurbX9
3RW8DQS1TflQm9/x0bdry1n9YXHj5G1x/hNTkwwlx/P4xe5g6Pe2939y7rnOx39l
kfT7bgzyt1qMQuX0Q42/6NzZrgQH4L2dZoRa2p+g9xP9Hxoggr0xq71u4tc/EWa0
chUUouJPcK7UkKrEBDnB8G23XvdrGtI+mpvn74+MUfoClll1PISQFInZhqP2T1fT
wHDiiH5FlZOOKIs=
-----END CERTIFICATE-----
Generated at Fri Apr 11 14:13:17 2025 by rpki-client