Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/EFD55190D09711EEB3D6CA27C4F9AE02.roa
File: EFD55190D09711EEB3D6CA27C4F9AE02.roa (raw, json)
Hash identifier: qMvwWMDVZZgk8hz8jiTjTaihqdh2Mky1ALD7Z6KPd8c=
Subject key identifier: 38:9A:6B:B8:C1:F0:A4:C6:23:74:B3:7C:9B:0D:8F:0B:CE:56:5D:A4
Certificate issuer: /CN=A916C61B/serialNumber=F539291919CDE144B034EF288B0A634783E82C7F
Certificate serial: 030E
Authority key identifier: F5:39:29:19:19:CD:E1:44:B0:34:EF:28:8B:0A:63:47:83:E8:2C:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9TkpGRnN4USwNO8oiwpjR4PoLH8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/EFD55190D09711EEB3D6CA27C4F9AE02.roa
Signing time: Wed 21 Feb 2024 09:02:28 +0000
ROA not before: Wed 21 Feb 2024 09:02:28 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 136272
IP address blocks: 116.204.140.0/22 maxlen: 22
116.204.140.0/23 maxlen: 23
116.204.141.0/24 maxlen: 24
116.204.142.0/23 maxlen: 23
116.204.142.0/24 maxlen: 24
116.204.143.0/24 maxlen: 24
2400:c7c0::/32 maxlen: 32
2400:c7c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 782 (0x30e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C61B
Validity
Not Before: Feb 21 09:02:28 2024 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=65d5bc24-e9a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ee:b0:0a:28:c9:c8:88:0d:2f:24:14:7d:30:
0c:7b:3f:14:b3:3c:c7:63:ce:3c:c3:8a:44:7f:78:
e4:5d:9e:a1:9b:19:3e:da:83:b5:53:94:a2:ac:4d:
79:12:cf:7c:42:14:5b:b4:91:71:f6:1e:fb:a3:c5:
19:a3:5a:f1:c0:2f:3a:cf:07:6c:33:e0:f1:af:f2:
10:31:50:42:2a:6b:b7:ce:5f:8b:3c:ff:94:6a:7d:
ea:4f:d6:14:4d:c2:c1:05:ee:b3:0a:c5:70:de:7b:
ab:1c:33:e9:cc:ac:14:28:c1:6e:76:37:73:06:14:
30:80:a8:5e:2d:2e:eb:f1:be:54:9a:7c:2a:fb:c3:
5d:83:e3:37:c4:fc:87:af:44:21:e8:7b:ff:33:bf:
83:f8:e8:3e:47:db:0f:8e:85:6e:af:fc:66:02:2f:
1a:a2:74:4a:5e:89:63:3c:af:2d:2b:4f:6f:37:eb:
40:46:f6:e6:b7:87:d5:8b:2d:8c:91:7e:51:92:b7:
cd:e8:dd:fc:1b:06:7a:4c:5b:a5:36:52:5e:3f:b0:
52:6f:a6:5c:0b:f4:5b:ba:e9:eb:8a:aa:9c:a6:54:
eb:d4:9b:fa:26:20:cd:87:3a:44:72:14:87:28:26:
5c:6c:b5:c1:14:bb:93:53:de:62:87:e6:8c:40:6a:
43:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:9A:6B:B8:C1:F0:A4:C6:23:74:B3:7C:9B:0D:8F:0B:CE:56:5D:A4
X509v3 Authority Key Identifier:
keyid:F5:39:29:19:19:CD:E1:44:B0:34:EF:28:8B:0A:63:47:83:E8:2C:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/9TkpGRnN4USwNO8oiwpjR4PoLH8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9TkpGRnN4USwNO8oiwpjR4PoLH8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/EFD55190D09711EEB3D6CA27C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.204.140.0/22
IPv6:
2400:c7c0::/32
Signature Algorithm: sha256WithRSAEncryption
16:bf:18:71:3f:ca:a2:03:92:9b:b1:7a:68:d2:33:4c:58:cc:
bc:b3:e8:4e:ec:a6:05:e1:99:58:85:f6:a5:41:40:2c:2c:8b:
24:39:37:a8:84:88:a0:ae:46:89:b3:ae:dc:d1:50:93:d1:4c:
37:6f:08:e1:74:0c:97:75:0b:30:51:71:c3:b3:4e:0d:b1:ff:
e3:6b:e4:75:ea:a0:ee:04:89:a7:fc:53:c4:6f:0f:5b:c5:5f:
7c:b6:28:0f:95:e2:77:2c:06:29:b9:3a:10:8c:23:57:f5:42:
5b:a0:c0:db:04:0d:0b:0e:4c:64:28:2d:aa:23:01:76:25:53:
65:72:25:ff:15:9e:63:cd:52:7a:05:bd:bc:76:e6:9f:cf:9c:
15:39:0c:e8:8a:1a:75:fa:42:31:91:1a:44:b2:8e:13:e5:01:
32:d7:a8:ba:3e:ee:c4:19:e4:7e:a3:ad:08:3d:f4:1f:43:35:
84:8a:f3:aa:5a:d8:8e:e8:d2:8b:b6:bb:ae:05:a9:df:27:7a:
a1:51:f3:38:0f:9c:de:0e:a0:85:cc:3a:56:1b:1a:78:bf:6e:
60:24:cb:49:9e:d0:54:15:ab:49:48:07:ad:38:9d:04:6e:8a:
e1:e6:29:74:f9:4e:8f:42:9b:b0:d0:94:a7:f0:88:b8:ad:df:
aa:5d:98:3c
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAw4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM2MUIxMTAvBgNVBAUTKEY1MzkyOTE5MTlDREUxNDRCMDM0RUYyODhCMEE2MzQ3
ODNFODJDN0YwHhcNMjQwMjIxMDkwMjI4WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWQ1YmMyNC1lOWE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy+6wCijJyIgNLyQUfTAMez8UszzHY848w4pEf3jkXZ6hmxk+2oO1U5SirE15
Es98QhRbtJFx9h77o8UZo1rxwC86zwdsM+Dxr/IQMVBCKmu3zl+LPP+Uan3qT9YU
TcLBBe6zCsVw3nurHDPpzKwUKMFudjdzBhQwgKheLS7r8b5Umnwq+8Ndg+M3xPyH
r0Qh6Hv/M7+D+Og+R9sPjoVur/xmAi8aonRKXoljPK8tK09vN+tARvbmt4fViy2M
kX5RkrfN6N38GwZ6TFulNlJeP7BSb6ZcC/RbuunriqqcplTr1Jv6JiDNhzpEchSH
KCZcbLXBFLuTU95ih+aMQGpDeQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFDiaa7jB
8KTGI3SzfJsNjwvOVl2kMB8GA1UdIwQYMBaAFPU5KRkZzeFEsDTvKIsKY0eD6Cx/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzYxQi81MUVGRkEzMDgy
NjkxMUVDQUQyRTk1MjRDNEY5QUUwMi85VGtwR1JuTjRVU3dOTzhvaXdwalI0UG9M
SDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlUa3BHUm5ONFVTd05POG9pd3BqUjRQb0xIOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM2MUIvNTFFRkZBMzA4MjY5MTFFQ0FEMkU5NTI0QzRGOUFFMDIvRUZENTUxOTBE
MDk3MTFFRUIzRDZDQTI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJ0zIwwDQQCAAIwBwMFACQAx8AwDQYJKoZIhvcNAQELBQAD
ggEBABa/GHE/yqIDkpuxemjSM0xYzLyz6E7spgXhmViF9qVBQCwsiyQ5N6iEiKCu
RomzrtzRUJPRTDdvCOF0DJd1CzBRccOzTg2x/+Nr5HXqoO4Eiaf8U8RvD1vFX3y2
KA+V4ncsBim5OhCMI1f1QlugwNsEDQsOTGQoLaojAXYlU2VyJf8VnmPNUnoFvbx2
5p/PnBU5DOiKGnX6QjGRGkSyjhPlATLXqLo+7sQZ5H6jrQg99B9DNYSK86pa2I7o
0ou2u64Fqd8neqFR8zgPnN4OoIXMOlYbGni/bmAky0me0FQVq0lIB604nQRuiuHm
KXT5To9Cm7DQlKfwiLit36pdmDw=
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:57:42 2025 by rpki-client