Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9194C0D/AD258890575411EE940CD954C4F9AE02/F6FAEC5CCB0411EEAB05F93CC4F9AE02.roa
File: F6FAEC5CCB0411EEAB05F93CC4F9AE02.roa (raw, json)
Hash identifier: iEq1aNRP/IljFzwgZtZtkJCpzqh+TTJ3bhmSxew1yxo=
Subject key identifier: C7:1E:FF:37:F2:92:51:BE:89:6E:23:DF:B3:6B:8D:85:EA:9B:7C:62
Certificate issuer: /CN=A9194C0D/serialNumber=634E28B1002E556E8EB14F953EAD63B6D6775809
Certificate serial: 011A
Authority key identifier: 63:4E:28:B1:00:2E:55:6E:8E:B1:4F:95:3E:AD:63:B6:D6:77:58:09
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y04osQAuVW6OsU-VPq1jttZ3WAk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9194C0D/AD258890575411EE940CD954C4F9AE02/F6FAEC5CCB0411EEAB05F93CC4F9AE02.roa
Signing time: Tue 24 Dec 2024 04:04:07 +0000
ROA not before: Tue 24 Dec 2024 04:04:07 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 134090
IP address blocks: 45.249.116.0/22 maxlen: 24
103.51.112.0/22 maxlen: 24
103.85.36.0/22 maxlen: 24
103.95.112.0/22 maxlen: 24
103.106.88.0/22 maxlen: 24
123.253.188.0/22 maxlen: 24
124.158.96.0/22 maxlen: 23
175.111.176.0/22 maxlen: 23
202.128.112.0/20 maxlen: 20
202.128.112.0/21 maxlen: 24
202.128.120.0/21 maxlen: 24
202.179.128.0/22 maxlen: 24
2400:a840::/31 maxlen: 34
2400:a842::/31 maxlen: 34
2400:a844::/30 maxlen: 30
2400:a844::/31 maxlen: 34
2400:a846::/31 maxlen: 34
2400:a848::/31 maxlen: 34
2400:a84a::/31 maxlen: 34
2400:a84c::/31 maxlen: 34
2400:a84e::/31 maxlen: 34
2402:2c80::/32 maxlen: 34
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 282 (0x11a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9194C0D
Validity
Not Before: Dec 24 04:04:07 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=676a32b7-f1e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2b:05:32:fe:2a:1b:64:86:9a:04:91:75:e3:
0e:23:11:be:51:56:06:f8:d2:75:43:f8:8d:be:4f:
3f:43:4a:f8:0b:c7:55:bd:cd:4b:3a:b2:e9:19:f0:
02:ac:53:da:f6:df:31:83:b4:d2:ac:d0:23:a2:97:
dd:f0:f7:dd:31:51:b6:47:b5:62:f2:75:58:a4:7b:
f3:03:77:f2:76:ca:42:c4:d3:82:14:82:7e:11:a9:
88:7b:42:46:93:2e:4e:16:49:fe:43:34:a5:fb:0d:
a7:46:57:b8:13:44:3b:b3:94:19:18:58:2a:ac:1f:
2f:ae:b5:a1:eb:a2:f8:dd:eb:fe:2d:b1:52:98:53:
e6:aa:ca:50:98:2d:d1:25:fb:b6:40:7c:a1:fa:6c:
c7:11:b7:e1:06:d4:b3:e0:d5:d1:4c:91:64:16:8e:
0c:00:0a:7b:50:87:76:10:cf:ac:de:ea:9e:10:ee:
eb:58:fa:52:41:4e:8f:5a:73:61:b5:4f:94:49:ad:
65:b5:a0:2b:9d:3e:84:b0:16:8e:06:ca:e3:ef:ba:
b5:3d:f7:2d:8c:4d:de:83:e1:d3:dc:f5:4b:d6:fc:
12:ba:be:2f:f0:70:23:aa:4d:19:ac:af:ef:f5:cb:
ca:75:1a:12:9b:d4:b2:11:12:cc:07:69:f6:d3:3f:
cf:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:1E:FF:37:F2:92:51:BE:89:6E:23:DF:B3:6B:8D:85:EA:9B:7C:62
X509v3 Authority Key Identifier:
keyid:63:4E:28:B1:00:2E:55:6E:8E:B1:4F:95:3E:AD:63:B6:D6:77:58:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9194C0D/AD258890575411EE940CD954C4F9AE02/Y04osQAuVW6OsU-VPq1jttZ3WAk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y04osQAuVW6OsU-VPq1jttZ3WAk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194C0D/AD258890575411EE940CD954C4F9AE02/F6FAEC5CCB0411EEAB05F93CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.249.116.0/22
103.51.112.0/22
103.85.36.0/22
103.95.112.0/22
103.106.88.0/22
123.253.188.0/22
124.158.96.0/22
175.111.176.0/22
202.128.112.0/20
202.179.128.0/22
IPv6:
2400:a840::/28
2402:2c80::/32
Signature Algorithm: sha256WithRSAEncryption
41:72:b7:e6:3d:e5:97:72:d2:9c:b3:f7:14:a9:81:80:2a:b9:
c5:20:ec:df:0e:2c:ee:c8:9d:18:a7:f9:38:a0:e3:ba:bf:2e:
ae:77:b4:d6:82:26:99:cc:21:44:04:ed:12:fe:0f:69:9c:80:
c7:53:fb:6d:61:82:ae:f4:20:70:ae:2c:ff:3e:16:c3:19:b9:
0c:72:ce:7c:fd:a1:c1:12:ae:5c:48:db:81:eb:61:61:95:47:
66:72:13:01:2f:82:8f:c8:c8:c3:94:0f:a4:d2:5b:e5:98:57:
d8:f0:04:d0:d8:5c:3e:7f:d0:73:ce:0a:67:1a:04:af:af:2b:
fa:a1:2e:9d:8b:96:6a:56:9e:a1:ac:cd:5e:24:67:a3:c0:94:
dd:1e:57:5e:18:99:2d:be:db:b1:81:0a:74:8b:29:6e:64:bc:
52:c3:0e:49:df:f0:3a:e5:e0:22:07:e8:96:a9:4d:47:86:8d:
cb:d5:68:10:1c:35:c4:bc:bb:01:f2:6d:58:18:22:7c:56:3d:
25:8d:9a:f0:ac:7a:dd:b1:f6:3a:5e:bc:b8:7c:c5:92:3b:11:
27:9c:f2:a1:51:52:6c:0a:39:59:04:76:d6:f9:0e:3f:4d:4d:
6e:ad:9b:69:fc:d0:4e:a7:15:a9:40:88:59:17:04:85:cd:44:
44:7b:0a:ee
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgICARowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTRDMEQxMTAvBgNVBAUTKDYzNEUyOEIxMDAyRTU1NkU4RUIxNEY5NTNFQUQ2M0I2
RDY3NzU4MDkwHhcNMjQxMjI0MDQwNDA3WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZhMzJiNy1mMWU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuysFMv4qG2SGmgSRdeMOIxG+UVYG+NJ1Q/iNvk8/Q0r4C8dVvc1LOrLpGfAC
rFPa9t8xg7TSrNAjopfd8PfdMVG2R7Vi8nVYpHvzA3fydspCxNOCFIJ+EamIe0JG
ky5OFkn+QzSl+w2nRle4E0Q7s5QZGFgqrB8vrrWh66L43ev+LbFSmFPmqspQmC3R
Jfu2QHyh+mzHEbfhBtSz4NXRTJFkFo4MAAp7UId2EM+s3uqeEO7rWPpSQU6PWnNh
tU+USa1ltaArnT6EsBaOBsrj77q1PfctjE3eg+HT3PVL1vwSur4v8HAjqk0ZrK/v
9cvKdRoSm9SyERLMB2n20z/PkQIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFMce/zfy
klG+iW4j37NrjYXqm3xiMB8GA1UdIwQYMBaAFGNOKLEALlVujrFPlT6tY7bWd1gJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NEMwRC9BRDI1ODg5MDU3
NTQxMUVFOTQwQ0Q5NTRDNEY5QUUwMi9ZMDRvc1FBdVZXNk9zVS1WUHExanR0WjNX
QWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1kwNG9zUUF1Vlc2T3NVLVZQcTFqdHRaM1dBay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTRDMEQvQUQyNTg4OTA1NzU0MTFFRTk0MENEOTU0QzRGOUFFMDIvRjZGQUVDNUND
QjA0MTFFRUFCMDVGOTNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwawYIKwYBBQUHAQcBAf8E
XDBaMEIEAgABMDwDBAIt+XQDBAJnM3ADBAJnVSQDBAJnX3ADBAJnalgDBAJ7/bwD
BAJ8nmADBAKvb7ADBATKgHADBALKs4AwFAQCAAIwDgMFBCQAqEADBQAkAiyAMA0G
CSqGSIb3DQEBCwUAA4IBAQBBcrfmPeWXctKcs/cUqYGAKrnFIOzfDizuyJ0Yp/k4
oOO6vy6ud7TWgiaZzCFEBO0S/g9pnIDHU/ttYYKu9CBwriz/PhbDGbkMcs58/aHB
Eq5cSNuB62FhlUdmchMBL4KPyMjDlA+k0lvlmFfY8ATQ2Fw+f9BzzgpnGgSvryv6
oS6di5ZqVp6hrM1eJGejwJTdHldeGJktvtuxgQp0iyluZLxSww5J3/A65eAiB+iW
qU1Hho3L1WgQHDXEvLsB8m1YGCJ8Vj0ljZrwrHrdsfY6Xry4fMWSOxEnnPKhUVJs
CjlZBHbW+Q4/TU1urZtp/NBOpxWpQIhZFwSFzUREewru
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:04:06 2025 by rpki-client