Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/92C1DA72F96911EA96156C10C4F9AE02.roa
File: 92C1DA72F96911EA96156C10C4F9AE02.roa (raw, json)
Hash identifier: oAPTe//7g6jJuILhwaNX9BhWuyg62LMl2yGUtTWKtm0=
Subject key identifier: 0E:80:A4:C9:BE:DD:70:3C:E6:5D:65:68:CD:E7:14:F0:AA:52:37:C0
Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A
Certificate serial: 0F91
Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/92C1DA72F96911EA96156C10C4F9AE02.roa
Signing time: Fri 28 Feb 2025 19:30:22 +0000
ROA not before: Fri 28 Feb 2025 19:30:22 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 397243
IP address blocks: 120.29.252.0/24 maxlen: 24
120.29.253.0/24 maxlen: 24
120.29.254.0/24 maxlen: 24
203.17.72.0/24 maxlen: 24
2001:dcd:1::/48 maxlen: 48
2001:dcd:2::/48 maxlen: 48
2001:dcd:3::/48 maxlen: 48
2001:dcd:4::/48 maxlen: 48
2001:dcd:5::/48 maxlen: 48
2001:dcd:6::/48 maxlen: 48
2001:dcd:7::/48 maxlen: 48
2001:dcd:dd05::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3985 (0xf91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91919EA
Validity
Not Before: Feb 28 19:30:22 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67c20ece-b2b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:c6:09:c7:1e:05:a3:9a:88:17:cf:c3:06:8e:
61:4f:a1:67:13:9b:e2:65:fd:b0:85:2e:e7:f4:46:
52:38:c6:db:d0:d1:0a:fa:40:53:0c:68:0e:d6:10:
0b:cd:98:c3:64:f0:95:09:7b:78:61:9c:cb:4a:6d:
de:22:6a:6e:b5:67:93:1a:86:1b:ab:36:06:52:a0:
53:97:2c:15:40:13:ea:2a:30:12:9c:a9:4e:f7:e0:
e5:3a:d1:ed:03:cb:e9:c3:06:05:84:53:67:ac:e0:
bb:c5:f8:41:e2:a0:3f:0f:c1:64:52:0d:43:31:4d:
dd:b8:be:b8:db:37:cd:c2:88:21:64:1d:d4:0f:13:
72:b5:d2:a6:7e:0f:63:ca:c9:bf:41:eb:1a:e9:41:
b4:7d:97:ad:51:58:8d:0e:2f:81:49:ac:24:c7:80:
43:4e:01:a1:be:06:95:bc:bd:d9:0a:2f:66:cf:cb:
eb:f6:86:54:5d:fb:44:6e:38:37:42:59:e3:a0:aa:
96:c5:91:3c:39:dd:e8:14:ea:9b:06:00:9d:a5:50:
b2:8e:b6:77:2d:b8:0e:8b:4c:ea:9b:91:92:6d:22:
88:6c:36:ed:9c:10:bd:eb:a1:c5:ff:b0:56:11:4f:
da:56:fc:cc:76:55:ce:1c:d6:48:0a:5e:49:ab:a4:
b9:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:80:A4:C9:BE:DD:70:3C:E6:5D:65:68:CD:E7:14:F0:AA:52:37:C0
X509v3 Authority Key Identifier:
keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/92C1DA72F96911EA96156C10C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
120.29.252.0-120.29.254.255
203.17.72.0/24
IPv6:
2001:dcd:1::-2001:dcd:7:ffff:ffff:ffff:ffff:ffff
2001:dcd:dd05::/48
Signature Algorithm: sha256WithRSAEncryption
0f:ff:46:09:89:8c:43:44:04:f6:5a:b3:4f:d0:c8:8b:14:26:
b4:47:ac:cc:2e:58:2b:8c:3e:20:57:67:1c:fd:9a:7a:c6:73:
bf:b4:3d:b8:5a:2a:76:3e:a6:73:9a:cc:a7:94:ea:3a:a0:15:
72:33:9e:84:dc:9e:f6:d6:10:70:c9:ab:5e:5a:df:89:37:fa:
c0:b0:d8:de:f8:93:6d:68:e0:29:91:41:c3:6e:17:22:1f:48:
d4:f3:dd:59:85:b7:ef:74:4f:85:69:e5:52:52:b3:c1:90:57:
a5:f6:79:8d:e9:ff:e9:ce:c0:84:63:a2:f7:4f:47:69:90:70:
c9:96:09:dd:6b:d9:98:8b:bc:f8:2d:94:77:91:80:2b:ac:bb:
eb:ef:b3:be:76:43:26:13:e7:60:3d:54:ad:69:57:f3:05:8e:
af:07:9a:e2:43:ad:52:52:a2:e4:a9:90:fa:86:aa:0c:39:bd:
46:d1:9f:87:0f:c9:a8:c8:04:ea:b6:5a:78:7c:5f:9b:6f:1f:
c7:b0:6f:21:82:88:0d:02:52:97:d3:f2:2d:8d:46:78:50:10:
17:22:3c:6d:c3:62:13:8a:8f:dd:7a:f5:de:06:61:af:6e:2c:
a5:aa:74:a1:cd:4c:52:0a:58:64:3e:3d:88:58:06:97:8b:c5:
be:6e:32:bc
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgICD5EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0
NkRGNzI4NUEwHhcNMjUwMjI4MTkzMDIyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MyMGVjZS1iMmI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9sYJxx4Fo5qIF8/DBo5hT6FnE5viZf2whS7n9EZSOMbb0NEK+kBTDGgO1hAL
zZjDZPCVCXt4YZzLSm3eImputWeTGoYbqzYGUqBTlywVQBPqKjASnKlO9+DlOtHt
A8vpwwYFhFNnrOC7xfhB4qA/D8FkUg1DMU3duL642zfNwoghZB3UDxNytdKmfg9j
ysm/Qesa6UG0fZetUViNDi+BSawkx4BDTgGhvgaVvL3ZCi9mz8vr9oZUXftEbjg3
QlnjoKqWxZE8Od3oFOqbBgCdpVCyjrZ3LbgOi0zqm5GSbSKIbDbtnBC966HF/7BW
EU/aVvzMdlXOHNZICl5Jq6S5iwIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFA6ApMm+
3XA85l1laM3nFPCqUjfAMB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0
RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL
Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvOTJDMURBNzJG
OTY5MTFFQTk2MTU2QzEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E
QzBBMBoEAgABMBQwDAMEAngd/AMEAHgd/gMEAMsRSDAjBAIAAjAdMBIDBwAgAQ3N
AAEDBwMgAQ3NAAADBwAgAQ3N3QUwDQYJKoZIhvcNAQELBQADggEBAA//RgmJjENE
BPZas0/QyIsUJrRHrMwuWCuMPiBXZxz9mnrGc7+0PbhaKnY+pnOazKeU6jqgFXIz
noTcnvbWEHDJq15a34k3+sCw2N74k21o4CmRQcNuFyIfSNTz3VmFt+90T4Vp5VJS
s8GQV6X2eY3p/+nOwIRjovdPR2mQcMmWCd1r2ZiLvPgtlHeRgCusu+vvs752QyYT
52A9VK1pV/MFjq8HmuJDrVJSouSpkPqGqgw5vUbRn4cPyajIBOq2Wnh8X5tvH8ew
byGCiA0CUpfT8i2NRnhQEBciPG3DYhOKj9169d4GYa9uLKWqdKHNTFIKWGQ+PYhY
BpeLxb5uMrw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:14:03 2025 by rpki-client