Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916DED9/DF15B3B8852911EEAFD04C84C4F9AE02/880E53BC852A11EE8B988A85C4F9AE02.roa
File: 880E53BC852A11EE8B988A85C4F9AE02.roa (raw, json)
Hash identifier: SuIwbjVFIiO//MYlkWAI7JLL+Gi6my0EIFtFpMkp/oM=
Subject key identifier: 62:97:88:49:24:F4:E4:98:AB:8C:65:76:31:1A:D4:DE:4C:54:BE:E9
Certificate issuer: /CN=A916DED9/serialNumber=E16E4F65E2E397E9FCE05785A265C6197C8220C9
Certificate serial: C8
Authority key identifier: E1:6E:4F:65:E2:E3:97:E9:FC:E0:57:85:A2:65:C6:19:7C:82:20:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4W5PZeLjl-n84FeFomXGGXyCIMk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916DED9/DF15B3B8852911EEAFD04C84C4F9AE02/880E53BC852A11EE8B988A85C4F9AE02.roa
Signing time: Mon 09 Dec 2024 04:07:47 +0000
ROA not before: Mon 09 Dec 2024 04:07:47 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 45666
IP address blocks: 202.89.100.0/22 maxlen: 22
202.89.100.0/24 maxlen: 24
202.89.101.0/24 maxlen: 24
202.89.102.0/24 maxlen: 24
202.89.103.0/24 maxlen: 24
203.55.53.0/24 maxlen: 24
2407:8600::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 200 (0xc8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916DED9
Validity
Not Before: Dec 9 04:07:47 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67566d12-90c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:51:96:25:3a:c1:ab:ac:ec:1c:97:8c:ec:a3:
6d:b2:ac:41:35:9e:4c:b7:4a:62:02:5a:af:a5:10:
0e:01:11:7f:ae:2a:56:45:0c:1a:99:dc:c3:b0:af:
60:f8:23:7d:7d:a1:46:1f:98:4f:4d:93:ce:b3:6f:
6a:a9:a6:5e:2c:1d:4d:6f:9d:35:05:28:e2:34:7f:
1a:18:6b:17:d9:69:47:ce:02:72:84:f3:e9:ec:d7:
7e:84:38:0e:42:f3:0e:9a:c7:4b:55:98:28:c3:70:
7f:43:f3:1f:74:65:a7:65:04:92:86:18:b8:d5:76:
0c:59:c5:0e:93:89:6a:fe:2e:8c:34:41:26:85:b6:
a3:4e:aa:1c:f2:df:32:03:cb:76:01:08:ea:c4:75:
56:66:fa:23:7c:f4:10:ce:e1:b2:8a:16:be:fa:69:
20:0b:f3:88:32:c3:aa:af:88:aa:50:97:29:7a:32:
2c:31:2c:c8:82:78:4a:5d:fa:1e:49:a5:06:5c:ba:
ae:bd:7b:97:35:9e:00:3a:cf:07:f1:79:03:3b:63:
af:c5:f6:63:53:a7:f9:b7:33:db:02:61:26:4e:e4:
19:89:c6:99:0b:e2:88:5f:20:99:5c:35:8b:63:91:
f6:19:53:2f:56:75:08:08:53:0f:b4:dc:ef:fb:99:
e8:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:97:88:49:24:F4:E4:98:AB:8C:65:76:31:1A:D4:DE:4C:54:BE:E9
X509v3 Authority Key Identifier:
keyid:E1:6E:4F:65:E2:E3:97:E9:FC:E0:57:85:A2:65:C6:19:7C:82:20:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916DED9/DF15B3B8852911EEAFD04C84C4F9AE02/4W5PZeLjl-n84FeFomXGGXyCIMk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4W5PZeLjl-n84FeFomXGGXyCIMk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916DED9/DF15B3B8852911EEAFD04C84C4F9AE02/880E53BC852A11EE8B988A85C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.89.100.0/22
203.55.53.0/24
IPv6:
2407:8600::/32
Signature Algorithm: sha256WithRSAEncryption
c7:49:eb:6b:8b:de:84:bb:a4:53:16:7b:c5:e8:f1:fb:1b:6d:
40:b6:cc:b7:65:85:83:3c:40:07:45:50:98:cb:70:c0:9d:9d:
8b:5a:2c:8b:d2:f6:c0:63:d2:9c:7e:2a:19:76:0c:f0:76:0b:
93:f4:1c:e8:de:40:f3:01:4c:a9:5e:03:e1:c3:14:61:a2:0f:
ec:ad:85:ca:a8:77:60:4f:a4:ef:c6:6b:75:05:56:a3:d1:ac:
68:01:98:4e:86:90:6e:75:b4:28:4f:13:a5:30:20:2b:05:98:
e8:8a:8e:d7:c5:63:7c:4a:16:1a:6a:df:ea:87:7e:77:4d:8a:
87:d7:a3:24:f9:06:f3:41:84:5a:18:b4:6f:1d:45:34:c8:a0:
b3:cd:4d:17:c8:1e:db:33:90:dd:04:cc:23:91:ca:6d:77:b3:
5b:9f:e0:90:ea:9c:05:7c:47:2e:c8:cf:be:f9:71:31:1b:f3:
c4:2b:ee:b5:bd:3d:45:53:3d:72:a1:80:a8:c8:73:1e:c3:c3:
ac:2e:a8:10:45:b3:3a:49:f0:98:9d:50:d1:f1:3e:4a:95:a0:
89:9e:8e:73:fd:37:23:11:a4:f2:81:75:d2:e4:2b:e3:4c:a1:
f9:b5:41:f9:44:a9:a9:32:b8:32:64:a0:c9:71:d4:9a:85:6a:
52:93:a3:f3
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICAMgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkRFRDkxMTAvBgNVBAUTKEUxNkU0RjY1RTJFMzk3RTlGQ0UwNTc4NUEyNjVDNjE5
N0M4MjIwQzkwHhcNMjQxMjA5MDQwNzQ3WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU2NmQxMi05MGM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvVGWJTrBq6zsHJeM7KNtsqxBNZ5Mt0piAlqvpRAOARF/ripWRQwamdzDsK9g
+CN9faFGH5hPTZPOs29qqaZeLB1Nb501BSjiNH8aGGsX2WlHzgJyhPPp7Nd+hDgO
QvMOmsdLVZgow3B/Q/MfdGWnZQSShhi41XYMWcUOk4lq/i6MNEEmhbajTqoc8t8y
A8t2AQjqxHVWZvojfPQQzuGyiha++mkgC/OIMsOqr4iqUJcpejIsMSzIgnhKXfoe
SaUGXLquvXuXNZ4AOs8H8XkDO2OvxfZjU6f5tzPbAmEmTuQZicaZC+KIXyCZXDWL
Y5H2GVMvVnUICFMPtNzv+5nocwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGKXiEkk
9OSYq4xldjEa1N5MVL7pMB8GA1UdIwQYMBaAFOFuT2Xi45fp/OBXhaJlxhl8giDJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2REVEOS9ERjE1QjNCODg1
MjkxMUVFQUZEMDRDODRDNEY5QUUwMi80VzVQWmVMamwtbjg0RmVGb21YR0dYeUNJ
TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRXNVBaZUxqbC1uODRGZUZvbVhHR1h5Q0lNay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkRFRDkvREYxNUIzQjg4NTI5MTFFRUFGRDA0Qzg0QzRGOUFFMDIvODgwRTUzQkM4
NTJBMTFFRThCOTg4QTg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBALKWWQDBADLNzUwDQQCAAIwBwMFACQHhgAwDQYJKoZIhvcN
AQELBQADggEBAMdJ62uL3oS7pFMWe8Xo8fsbbUC2zLdlhYM8QAdFUJjLcMCdnYta
LIvS9sBj0px+Khl2DPB2C5P0HOjeQPMBTKleA+HDFGGiD+ythcqod2BPpO/Ga3UF
VqPRrGgBmE6GkG51tChPE6UwICsFmOiKjtfFY3xKFhpq3+qHfndNiofXoyT5BvNB
hFoYtG8dRTTIoLPNTRfIHtszkN0EzCORym13s1uf4JDqnAV8Ry7Iz775cTEb88Qr
7rW9PUVTPXKhgKjIcx7Dw6wuqBBFszpJ8JidUNHxPkqVoImejnP9NyMRpPKBddLk
K+NMofm1QflEqakyuDJkoMlx1JqFalKTo/M=
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:43:17 2025 by rpki-client