Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/543B65D209B111EAB045B31EC4F9AE02.roa
File: 543B65D209B111EAB045B31EC4F9AE02.roa (raw, json)
Hash identifier: ZMN1daISp0LczA5U26jMhiYeT1nSAv1Yasy5ke9ykT8=
Subject key identifier: A7:9C:FE:DC:B8:25:96:DD:CA:8F:57:93:57:43:6A:F5:67:D0:C3:8F
Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A
Certificate serial: 0F7B
Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/543B65D209B111EAB045B31EC4F9AE02.roa
Signing time: Fri 28 Feb 2025 19:29:53 +0000
ROA not before: Fri 28 Feb 2025 19:29:53 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 397221
IP address blocks: 120.29.252.0/24 maxlen: 24
120.29.253.0/24 maxlen: 24
120.29.254.0/24 maxlen: 24
203.17.72.0/24 maxlen: 24
2001:dcd:1::/48 maxlen: 48
2001:dcd:2::/48 maxlen: 48
2001:dcd:3::/48 maxlen: 48
2001:dcd:4::/48 maxlen: 48
2001:dcd:5::/48 maxlen: 48
2001:dcd:6::/48 maxlen: 48
2001:dcd:7::/48 maxlen: 48
2001:dcd:dd05::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3963 (0xf7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91919EA
Validity
Not Before: Feb 28 19:29:53 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67c20eb1-6f0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:29:7c:5f:83:2c:8f:79:e4:30:e7:ae:5c:fe:
31:f6:68:c5:b3:c4:22:72:b6:1b:72:43:25:3e:9d:
04:7c:c0:d6:4e:70:f0:72:01:ab:a7:38:38:91:1c:
78:d4:cd:76:8f:d8:48:3f:96:54:44:a4:02:c6:07:
a5:6a:34:10:5f:56:3b:05:4f:66:9a:52:38:35:74:
d5:5d:1d:d1:33:97:23:28:44:2f:c2:7b:16:cd:ea:
4c:7f:6f:8e:0f:8a:aa:11:ff:ce:30:f4:1f:32:f0:
41:e1:eb:68:a9:56:69:11:77:4f:36:4f:9d:5f:5f:
78:4e:6d:3d:67:4e:c1:54:a8:7c:92:d4:76:27:7d:
66:46:20:71:a9:49:9b:5a:2e:2b:78:f4:98:79:0f:
90:04:51:fd:9f:f5:b3:a3:62:7f:ce:7f:eb:99:77:
33:8f:e6:b5:7b:59:74:8c:bb:47:76:a8:0e:c4:02:
4a:5a:e1:e8:7f:cd:56:6c:74:fe:09:20:07:44:95:
e7:53:e2:2d:63:f1:cd:78:dd:c3:94:b2:b2:09:ae:
ee:2e:79:8c:2e:4a:ea:20:50:45:e2:1a:9b:f2:44:
83:52:10:d9:53:52:16:d2:3b:31:a6:f0:34:b8:32:
d1:bd:aa:2a:3b:6a:da:17:17:1f:d6:bc:79:52:31:
21:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:9C:FE:DC:B8:25:96:DD:CA:8F:57:93:57:43:6A:F5:67:D0:C3:8F
X509v3 Authority Key Identifier:
keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/543B65D209B111EAB045B31EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
120.29.252.0-120.29.254.255
203.17.72.0/24
IPv6:
2001:dcd:1::-2001:dcd:7:ffff:ffff:ffff:ffff:ffff
2001:dcd:dd05::/48
Signature Algorithm: sha256WithRSAEncryption
54:b9:99:83:13:d6:df:0e:37:88:e0:eb:f9:b1:9d:2d:b3:4d:
8a:ee:63:ea:6e:45:34:38:38:fb:8e:4b:74:fa:c7:45:09:21:
0e:f4:1f:ad:29:9a:30:ca:b4:38:21:70:ba:d6:81:01:11:42:
c9:83:02:dc:4f:30:f9:67:89:38:d2:46:69:b1:67:cd:86:48:
3c:69:55:1f:91:de:e4:53:e8:2c:b4:fc:e8:d4:86:59:56:c7:
39:e2:bb:97:88:22:64:3e:6e:7c:b1:2d:c1:8d:c9:e2:8c:fe:
ad:a1:ed:cb:de:27:6a:15:ec:6f:14:5c:13:f6:5c:0f:8a:c8:
13:7e:9c:cf:b5:b7:0b:37:13:d6:2a:16:e0:10:41:b8:1d:80:
fa:75:75:7a:80:42:0c:7a:66:b7:51:fe:b9:09:52:d2:f6:0f:
ef:d0:8b:60:6d:93:78:c9:f7:29:a5:24:78:4c:28:9c:86:79:
32:7f:7a:2d:4c:cf:93:35:f6:41:8e:78:e8:9a:eb:0b:2b:fb:
48:3b:0c:eb:f0:30:7e:8c:2b:97:85:5e:bf:c5:ba:28:3a:f1:
06:ca:5e:22:0a:57:6d:e0:38:a6:77:64:98:7b:ef:64:70:89:
7a:aa:9d:ce:61:2d:f0:45:3e:70:e1:98:5c:55:9f:20:bf:2d:
37:60:d7:a6
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgICD3swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0
NkRGNzI4NUEwHhcNMjUwMjI4MTkyOTUzWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MyMGViMS02ZjBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1Cl8X4Msj3nkMOeuXP4x9mjFs8QicrYbckMlPp0EfMDWTnDwcgGrpzg4kRx4
1M12j9hIP5ZURKQCxgelajQQX1Y7BU9mmlI4NXTVXR3RM5cjKEQvwnsWzepMf2+O
D4qqEf/OMPQfMvBB4etoqVZpEXdPNk+dX194Tm09Z07BVKh8ktR2J31mRiBxqUmb
Wi4rePSYeQ+QBFH9n/Wzo2J/zn/rmXczj+a1e1l0jLtHdqgOxAJKWuHof81WbHT+
CSAHRJXnU+ItY/HNeN3DlLKyCa7uLnmMLkrqIFBF4hqb8kSDUhDZU1IW0jsxpvA0
uDLRvaoqO2raFxcf1rx5UjEhmQIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFKec/ty4
JZbdyo9Xk1dDavVn0MOPMB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0
RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL
Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvNTQzQjY1RDIw
OUIxMTFFQUIwNDVCMzFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E
QzBBMBoEAgABMBQwDAMEAngd/AMEAHgd/gMEAMsRSDAjBAIAAjAdMBIDBwAgAQ3N
AAEDBwMgAQ3NAAADBwAgAQ3N3QUwDQYJKoZIhvcNAQELBQADggEBAFS5mYMT1t8O
N4jg6/mxnS2zTYruY+puRTQ4OPuOS3T6x0UJIQ70H60pmjDKtDghcLrWgQERQsmD
AtxPMPlniTjSRmmxZ82GSDxpVR+R3uRT6Cy0/OjUhllWxzniu5eIImQ+bnyxLcGN
yeKM/q2h7cveJ2oV7G8UXBP2XA+KyBN+nM+1tws3E9YqFuAQQbgdgPp1dXqAQgx6
ZrdR/rkJUtL2D+/Qi2Btk3jJ9ymlJHhMKJyGeTJ/ei1Mz5M19kGOeOia6wsr+0g7
DOvwMH6MK5eFXr/Fuig68QbKXiIKV23gOKZ3ZJh772RwiXqqnc5hLfBFPnDhmFxV
nyC/LTdg16Y=
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:59:51 2025 by rpki-client