Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/956DEFE80CDB11EAB14B9162C4F9AE02.roa
File: 956DEFE80CDB11EAB14B9162C4F9AE02.roa (raw, json)
Hash identifier: Ze8Yanp+k5PHmh85OnFiLG44bNuhfOzahNgejKqhDtI=
Subject key identifier: 31:A2:73:1F:33:72:40:F1:A9:45:9F:0C:2C:E4:5B:BB:C6:02:A4:8C
Certificate issuer: /CN=A919EAAD/serialNumber=25099046EB59D645D419A428FC701A57353FBF2C
Certificate serial: 0C12
Authority key identifier: 25:09:90:46:EB:59:D6:45:D4:19:A4:28:FC:70:1A:57:35:3F:BF:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQmQRutZ1kXUGaQo_HAaVzU_vyw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/956DEFE80CDB11EAB14B9162C4F9AE02.roa
Signing time: Mon 10 Feb 2025 18:56:53 +0000
ROA not before: Mon 10 Feb 2025 18:56:53 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 133385
IP address blocks: 45.120.84.0/22 maxlen: 22
45.120.84.0/24 maxlen: 24
45.120.85.0/24 maxlen: 24
45.120.86.0/24 maxlen: 24
45.120.87.0/24 maxlen: 24
103.255.172.0/22 maxlen: 22
103.255.172.0/24 maxlen: 24
103.255.172.64/26 maxlen: 26
103.255.172.128/25 maxlen: 25
103.255.173.0/24 maxlen: 24
103.255.174.0/24 maxlen: 24
103.255.175.0/24 maxlen: 24
2400:8480:1000::/48 maxlen: 48
2400:8480:1100::/48 maxlen: 48
2400:8480:2010::/44 maxlen: 44
2400:8480:2020::/44 maxlen: 44
2400:8480:2030::/44 maxlen: 44
2400:8480:2040::/44 maxlen: 44
2400:8480:2110::/44 maxlen: 44
2400:8480:2120::/44 maxlen: 44
2400:8480:2130::/44 maxlen: 44
2400:8480:2140::/44 maxlen: 44
2400:8480:3010::/44 maxlen: 44
2400:8480:3020::/44 maxlen: 44
2400:8480:3030::/44 maxlen: 44
2400:8480:3040::/44 maxlen: 44
2400:8480:3110::/44 maxlen: 44
2400:8480:3120::/44 maxlen: 44
2400:8480:3130::/44 maxlen: 44
2400:8480:3140::/44 maxlen: 44
2400:8480:5000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3090 (0xc12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919EAAD
Validity
Not Before: Feb 10 18:56:53 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67aa4bf5-09f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:32:6c:b8:6b:c4:2b:9d:ae:14:d0:d5:3d:06:
2b:80:8b:23:7a:a5:6b:8f:d5:d9:a8:73:9f:f5:3e:
4c:5e:6f:3d:e4:e5:71:6e:86:1e:87:54:4f:be:90:
89:e0:4f:75:d2:32:cc:d5:eb:a1:73:6d:58:d6:7a:
e9:70:03:9c:d4:3c:b2:79:6e:02:8a:74:ba:41:de:
6d:ba:c2:f9:d0:29:71:e1:b9:71:61:84:80:8f:a1:
8d:ee:d7:1c:36:40:75:6d:83:13:43:0f:58:30:4d:
6b:c2:75:47:37:6a:90:a1:02:c9:96:4e:75:19:4c:
0b:30:93:c4:75:78:e2:4b:b9:ac:2d:96:7b:db:68:
9c:ca:d3:cd:ba:fa:7f:00:c1:fb:de:ac:e2:66:f6:
5f:13:2b:24:69:5c:ba:82:b0:47:d5:f0:66:17:ff:
f8:31:76:6b:2d:c9:0e:df:eb:c5:c0:f2:f8:41:fe:
30:20:d4:76:5a:23:be:c6:8a:b4:15:d3:37:d9:ea:
c7:42:d8:cb:b6:07:66:22:77:66:10:8e:47:8f:23:
07:8f:9d:64:16:6e:97:c4:04:d5:75:3f:6d:c9:82:
e4:e8:0b:23:70:2b:11:65:4c:ab:35:5f:35:d7:85:
36:aa:6e:84:a4:e1:3f:3a:e3:d9:e4:11:6c:65:61:
7f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:A2:73:1F:33:72:40:F1:A9:45:9F:0C:2C:E4:5B:BB:C6:02:A4:8C
X509v3 Authority Key Identifier:
keyid:25:09:90:46:EB:59:D6:45:D4:19:A4:28:FC:70:1A:57:35:3F:BF:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/JQmQRutZ1kXUGaQo_HAaVzU_vyw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQmQRutZ1kXUGaQo_HAaVzU_vyw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/956DEFE80CDB11EAB14B9162C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.120.84.0/22
103.255.172.0/22
IPv6:
2400:8480:1000::/48
2400:8480:1100::/48
2400:8480:2010::-2400:8480:204f:ffff:ffff:ffff:ffff:ffff
2400:8480:2110::-2400:8480:214f:ffff:ffff:ffff:ffff:ffff
2400:8480:3010::-2400:8480:304f:ffff:ffff:ffff:ffff:ffff
2400:8480:3110::-2400:8480:314f:ffff:ffff:ffff:ffff:ffff
2400:8480:5000::/36
Signature Algorithm: sha256WithRSAEncryption
d5:f6:c4:ce:6d:9f:9d:03:1f:2f:76:f9:92:a0:c2:53:85:38:
af:87:8b:26:52:ab:32:c1:18:d9:8f:33:4b:68:b7:51:6b:92:
3d:9b:48:52:e3:6b:f8:8b:a2:d7:cc:d0:29:e3:62:c2:35:8a:
fc:52:36:85:bf:e2:7a:57:eb:c8:50:0c:d4:3e:76:94:67:68:
0e:20:ed:2d:fc:6a:df:6b:1e:93:58:6e:c2:ae:5b:f8:27:d6:
ce:3f:2a:3f:2b:c9:ea:9c:b9:56:37:5b:3a:77:44:4f:de:c8:
77:c0:6a:74:f7:f4:0c:84:3c:f8:dc:cc:60:a5:76:42:a8:14:
e1:ae:e1:66:1a:c4:21:d4:77:33:4f:e4:36:c4:92:20:db:79:
f3:8a:67:79:43:e0:67:16:f3:7d:46:af:85:9f:de:a1:07:bb:
59:db:ff:25:e6:fc:f9:0f:d8:6f:10:a9:4d:b2:f8:cf:2d:48:
5f:c5:0d:80:0f:df:f2:7d:da:78:66:c3:b3:63:01:24:6e:27:
d4:33:75:8d:8d:72:73:14:2b:a5:1e:92:67:29:35:10:ef:26:
74:49:03:a4:31:d2:c6:a6:17:55:53:71:54:73:28:90:8f:60:
59:cc:fe:ec:b9:84:a1:04:6d:3f:24:6f:69:1e:6e:20:17:02:
68:e9:2a:8f
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgICDBIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUVBQUQxMTAvBgNVBAUTKDI1MDk5MDQ2RUI1OUQ2NDVENDE5QTQyOEZDNzAxQTU3
MzUzRkJGMkMwHhcNMjUwMjEwMTg1NjUzWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FhNGJmNS0wOWY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxzJsuGvEK52uFNDVPQYrgIsjeqVrj9XZqHOf9T5MXm895OVxboYeh1RPvpCJ
4E910jLM1euhc21Y1nrpcAOc1DyyeW4CinS6Qd5tusL50Clx4blxYYSAj6GN7tcc
NkB1bYMTQw9YME1rwnVHN2qQoQLJlk51GUwLMJPEdXjiS7msLZZ722icytPNuvp/
AMH73qziZvZfEyskaVy6grBH1fBmF//4MXZrLckO3+vFwPL4Qf4wINR2WiO+xoq0
FdM32erHQtjLtgdmIndmEI5HjyMHj51kFm6XxATVdT9tyYLk6AsjcCsRZUyrNV81
14U2qm6EpOE/OuPZ5BFsZWF/aQIDAQABo4IDEDCCAwwwHQYDVR0OBBYEFDGicx8z
ckDxqUWfDCzkW7vGAqSMMB8GA1UdIwQYMBaAFCUJkEbrWdZF1BmkKPxwGlc1P78s
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUFBRC83N0Q5NTBGMjA5
RDUxMUVBQjc2QzczMTdDNEY5QUUwMi9KUW1RUnV0WjFrWFVHYVFvX0hBYVZ6VV92
eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pRbVFSdXRaMWtYVUdhUW9fSEFhVnpVX3Z5dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVBQUQvNzdEOTUwRjIwOUQ1MTFFQUI3NkM3MzE3QzRGOUFFMDIvOTU2REVGRTgw
Q0RCMTFFQUIxNEI5MTYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZkGCCsGAQUFBwEHAQH/
BIGJMIGGMBIEAgABMAwDBAIteFQDBAJn/6wwcAQCAAIwagMHACQAhIAQAAMHACQA
hIARADASAwcEJACEgCAQAwcEJACEgCBAMBIDBwQkAISAIRADBwQkAISAIUAwEgMH
BCQAhIAwEAMHBCQAhIAwQDASAwcEJACEgDEQAwcEJACEgDFAAwYEJACEgFAwDQYJ
KoZIhvcNAQELBQADggEBANX2xM5tn50DHy92+ZKgwlOFOK+HiyZSqzLBGNmPM0to
t1Frkj2bSFLja/iLotfM0CnjYsI1ivxSNoW/4npX68hQDNQ+dpRnaA4g7S38at9r
HpNYbsKuW/gn1s4/Kj8ryeqcuVY3Wzp3RE/eyHfAanT39AyEPPjczGCldkKoFOGu
4WYaxCHUdzNP5DbEkiDbefOKZ3lD4GcW831Gr4Wf3qEHu1nb/yXm/PkP2G8QqU2y
+M8tSF/FDYAP3/J92nhmw7NjASRuJ9QzdY2NcnMUK6UekmcpNRDvJnRJA6Qx0sam
F1VTcVRzKJCPYFnM/uy5hKEEbT8kb2kebiAXAmjpKo8=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:33:26 2025 by rpki-client