Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91847A2/B5773AAC594211EA936FCE43C4F9AE02/AB988312177211EBAC79CC7EC4F9AE02.roa
File: AB988312177211EBAC79CC7EC4F9AE02.roa (raw, json)
Hash identifier: 2efUF6FV6lzagFO6ixmFLw5grpZeZdNkHznhn486HIY=
Subject key identifier: C3:98:D6:06:6F:C6:02:0F:2C:45:BA:E7:94:C8:8F:DF:46:22:B4:DA
Certificate issuer: /CN=A91847A2/serialNumber=9287F6E82F8F3BA24E09D9C63178A5C0B2DA01DE
Certificate serial: 0B41
Authority key identifier: 92:87:F6:E8:2F:8F:3B:A2:4E:09:D9:C6:31:78:A5:C0:B2:DA:01:DE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kof26C-PO6JOCdnGMXilwLLaAd4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91847A2/B5773AAC594211EA936FCE43C4F9AE02/AB988312177211EBAC79CC7EC4F9AE02.roa
Signing time: Fri 28 Mar 2025 20:01:52 +0000
ROA not before: Fri 28 Mar 2025 20:01:52 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 45166
IP address blocks: 58.145.227.0/24 maxlen: 24
58.145.229.0/24 maxlen: 24
58.145.230.0/24 maxlen: 24
210.24.208.0/23 maxlen: 24
210.24.210.0/23 maxlen: 23
210.24.210.0/24 maxlen: 24
210.24.211.0/24 maxlen: 24
210.24.236.0/23 maxlen: 23
210.24.236.0/24 maxlen: 24
210.24.237.0/24 maxlen: 24
2400:1700:300::/48 maxlen: 48
2400:1700:301::/48 maxlen: 48
2400:1700:302::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2881 (0xb41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91847A2
Validity
Not Before: Mar 28 20:01:52 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e70030-0bac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:2c:d0:d8:1f:9c:82:e1:03:8c:8d:40:86:0d:
c8:e1:8f:15:1c:76:b0:7f:2b:a8:b2:3a:80:b1:b2:
eb:de:4f:4f:8c:5f:e8:49:10:f4:92:ae:d1:a0:ca:
5b:92:9a:1d:de:b1:86:c4:9e:15:e4:75:18:52:3b:
07:18:c4:1d:01:e9:35:e9:6e:ce:66:35:92:22:17:
cc:7a:1c:7e:41:f7:9d:07:bb:2a:2e:22:56:ec:24:
1c:ab:74:2c:8a:a1:cf:f8:b4:72:c1:d5:66:98:3f:
1c:5f:28:4f:80:d4:4c:95:84:ca:a7:9d:c3:f1:2f:
71:f6:38:71:bc:ca:fc:bd:78:f5:c3:45:6a:79:c2:
a8:45:f9:54:cc:6c:9b:4f:22:22:55:fa:7e:10:5e:
97:f9:b8:80:9f:25:c6:87:4f:36:dc:a0:12:fd:e4:
f4:49:e3:d8:28:47:b5:dc:9d:1a:b4:3b:5b:d1:f2:
a0:0e:9a:21:17:6a:1a:c0:9e:0c:d0:43:21:c0:cf:
11:db:27:f8:b4:ea:44:19:ce:b9:92:c2:3c:94:58:
af:b1:f0:4f:bd:0c:81:50:76:96:d2:b8:aa:29:6c:
92:fe:6a:ae:8d:69:5d:a7:91:c3:29:0a:5d:4e:eb:
46:ae:5d:53:21:b1:e1:50:1f:d8:44:c1:2f:e5:0c:
b3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:98:D6:06:6F:C6:02:0F:2C:45:BA:E7:94:C8:8F:DF:46:22:B4:DA
X509v3 Authority Key Identifier:
keyid:92:87:F6:E8:2F:8F:3B:A2:4E:09:D9:C6:31:78:A5:C0:B2:DA:01:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91847A2/B5773AAC594211EA936FCE43C4F9AE02/kof26C-PO6JOCdnGMXilwLLaAd4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kof26C-PO6JOCdnGMXilwLLaAd4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91847A2/B5773AAC594211EA936FCE43C4F9AE02/AB988312177211EBAC79CC7EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.145.227.0/24
58.145.229.0-58.145.230.255
210.24.208.0/22
210.24.236.0/23
IPv6:
2400:1700:300::-2400:1700:302:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
57:d6:8f:74:65:6b:67:e8:d9:13:8c:3b:39:2a:c2:5e:04:83:
ab:19:07:28:1e:f1:65:55:c2:77:ad:04:f1:e2:73:55:1d:90:
8b:8b:11:14:de:b3:a0:25:2a:7c:0e:d3:1c:98:62:31:70:2f:
c2:fd:2a:1d:e8:25:a1:44:6a:e3:b9:89:f2:05:ac:ec:4c:29:
49:86:87:c3:4a:b1:1a:f6:15:5c:ff:39:4a:98:25:83:a7:a0:
ef:d4:0a:38:fc:4e:52:64:8b:4e:7e:ca:b7:dd:13:14:24:3e:
36:95:0c:a1:86:2b:d2:92:6e:27:63:22:82:81:c8:5a:fc:dd:
f4:11:8a:e5:20:b4:91:44:ac:71:ad:50:12:76:d6:41:dc:a6:
e1:ba:a6:eb:dd:33:53:e7:ae:34:98:0e:0d:82:5f:1e:18:82:
fb:38:76:cd:49:33:95:8e:f8:f9:28:50:68:50:65:ab:b3:ab:
1e:53:f4:d1:bc:65:8c:6e:75:23:09:87:13:d0:2b:51:6c:6e:
7e:25:c1:94:df:25:d5:a9:07:36:e6:8a:d5:33:d7:f5:c0:20:
8c:d6:6a:70:38:e9:cf:35:5e:af:5b:50:97:b3:88:dc:0c:06:
a0:a8:08:4c:f2:87:21:9c:7e:03:27:a1:f8:94:6e:46:a6:a5:
65:01:48:68
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgICC0EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODQ3QTIxMTAvBgNVBAUTKDkyODdGNkU4MkY4RjNCQTI0RTA5RDlDNjMxNzhBNUMw
QjJEQTAxREUwHhcNMjUwMzI4MjAwMTUyWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U3MDAzMC0wYmFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8izQ2B+cguEDjI1Ahg3I4Y8VHHawfyuosjqAsbLr3k9PjF/oSRD0kq7RoMpb
kpod3rGGxJ4V5HUYUjsHGMQdAek16W7OZjWSIhfMehx+QfedB7sqLiJW7CQcq3Qs
iqHP+LRywdVmmD8cXyhPgNRMlYTKp53D8S9x9jhxvMr8vXj1w0VqecKoRflUzGyb
TyIiVfp+EF6X+biAnyXGh0823KAS/eT0SePYKEe13J0atDtb0fKgDpohF2oawJ4M
0EMhwM8R2yf4tOpEGc65ksI8lFivsfBPvQyBUHaW0riqKWyS/mqujWldp5HDKQpd
TutGrl1TIbHhUB/YRMEv5QyziQIDAQABo4ICyjCCAsYwHQYDVR0OBBYEFMOY1gZv
xgIPLEW655TIj99GIrTaMB8GA1UdIwQYMBaAFJKH9ugvjzuiTgnZxjF4pcCy2gHe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDdBMi9CNTc3M0FBQzU5
NDIxMUVBOTM2RkNFNDNDNEY5QUUwMi9rb2YyNkMtUE82Sk9DZG5HTVhpbHdMTGFB
ZDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tvZjI2Qy1QTzZKT0NkbkdNWGlsd0xMYUFkNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODQ3QTIvQjU3NzNBQUM1OTQyMTFFQTkzNkZDRTQzQzRGOUFFMDIvQUI5ODgzMTIx
NzcyMTFFQkFDNzlDQzdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVAYIKwYBBQUHAQcBAf8E
RTBDMCYEAgABMCADBAA6keMwDAMEADqR5QMEADqR5gMEAtIY0AMEAdIY7DAZBAIA
AjATMBEDBgAkABcAAwMHACQAFwADAjANBgkqhkiG9w0BAQsFAAOCAQEAV9aPdGVr
Z+jZE4w7OSrCXgSDqxkHKB7xZVXCd60E8eJzVR2Qi4sRFN6zoCUqfA7THJhiMXAv
wv0qHegloURq47mJ8gWs7EwpSYaHw0qxGvYVXP85Spglg6eg79QKOPxOUmSLTn7K
t90TFCQ+NpUMoYYr0pJuJ2MigoHIWvzd9BGK5SC0kUSsca1QEnbWQdym4bqm690z
U+euNJgODYJfHhiC+zh2zUkzlY74+ShQaFBlq7OrHlP00bxljG51IwmHE9ArUWxu
fiXBlN8l1akHNuaK1TPX9cAgjNZqcDjpzzVer1tQl7OI3AwGoKgITPKHIZx+Ayeh
+JRuRqalZQFIaA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:30:30 2025 by rpki-client