Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/47142FEC267E11ECBD9B0963C4F9AE02.roa
File: 47142FEC267E11ECBD9B0963C4F9AE02.roa (raw, json)
Hash identifier: Q6mj68x54SN8rlruebDQHf400ugU+mkcAPpQYDUnrEE=
Subject key identifier: 21:FC:E5:44:0F:11:CE:60:E0:B7:79:6A:D7:66:69:FD:67:8A:94:F8
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4675
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/47142FEC267E11ECBD9B0963C4F9AE02.roa
Signing time: Thu 05 Sep 2024 03:36:26 +0000
ROA not before: Thu 05 Sep 2024 03:36:26 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 56150
IP address blocks: 45.122.220.0/22 maxlen: 24
103.27.60.0/22 maxlen: 24
103.92.28.0/22 maxlen: 24
103.143.142.0/23 maxlen: 24
103.143.144.0/23 maxlen: 24
103.143.208.0/23 maxlen: 24
103.232.120.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18037 (0x4675)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Sep 5 03:36:26 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d9273a-2bde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1e:e6:11:c5:cd:19:33:20:2f:fb:7d:99:f0:
46:2a:4b:36:90:06:d4:81:95:40:de:a0:1b:a9:82:
69:73:01:59:b6:7a:e1:64:f9:db:cd:b1:dc:a1:69:
19:80:f0:52:b1:ea:e4:5b:a1:f2:aa:9b:25:46:ce:
49:af:6c:b8:d3:f7:ed:3e:4d:19:87:39:89:39:72:
8b:67:2e:31:e9:a4:5f:7b:29:9c:72:9c:f9:fa:16:
68:a0:fa:7c:4c:92:21:3e:8e:2b:09:b4:7a:31:64:
18:f1:d4:78:f0:a4:9e:7c:1f:c7:cb:72:65:a4:0a:
ef:a0:57:1c:79:88:e7:dc:65:8f:dd:9a:6d:62:46:
29:a7:03:09:88:0e:68:ed:8f:58:05:a6:a4:89:87:
22:e9:6f:cc:07:2b:e0:7f:ce:4d:d2:46:42:61:18:
a2:48:7f:ce:e9:83:f5:ba:52:8b:2e:93:45:75:2c:
23:9e:28:56:fc:47:40:57:ed:b5:f7:f0:ff:bf:ca:
3c:1a:e7:e6:53:b3:c7:14:6a:d4:ba:21:89:89:46:
75:dd:a0:53:73:96:32:2d:ac:52:89:29:8a:12:4f:
ae:aa:fc:c0:cb:2a:da:c2:41:1e:bf:d4:2d:3d:15:
38:b7:90:c2:24:69:1b:cf:a0:89:c9:80:a1:6f:33:
5d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:FC:E5:44:0F:11:CE:60:E0:B7:79:6A:D7:66:69:FD:67:8A:94:F8
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/47142FEC267E11ECBD9B0963C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.122.220.0/22
103.27.60.0/22
103.92.28.0/22
103.143.142.0-103.143.145.255
103.143.208.0/23
103.232.120.0/22
Signature Algorithm: sha256WithRSAEncryption
75:10:b7:c7:f0:db:dd:a6:93:1c:60:36:49:45:19:df:2f:d4:
48:40:a6:d3:e7:ec:ca:bb:76:ef:98:55:5a:a8:89:5b:30:b1:
38:b0:21:70:25:88:25:9d:9b:b1:05:c6:93:45:c9:44:c4:60:
fa:0f:d4:a0:91:80:e6:e5:33:1a:8e:fe:b4:4b:18:7a:12:14:
08:06:d6:83:d7:1f:a7:0b:b2:80:43:41:a6:f9:0b:6a:c4:47:
8c:6f:ee:3e:a6:f0:ee:9c:18:ca:39:63:d3:f7:ae:ab:50:f6:
f9:e0:d5:ed:d2:3e:5e:2a:dc:20:0c:75:03:42:a3:ed:fd:d1:
2b:b5:84:28:fc:09:96:43:fa:26:58:64:c1:cb:b2:d8:26:ff:
e4:18:ee:de:d3:f6:68:29:c0:3e:6d:14:92:03:3c:1c:cc:8c:
39:13:fc:7e:c7:53:9f:27:4a:51:a0:32:b8:b0:65:a7:e1:f1:
17:4c:5b:2a:fa:98:ce:4a:3e:13:1a:32:c4:a1:2d:08:c0:82:
f6:3f:4a:f4:2a:fb:c4:63:cc:ca:67:b3:50:fd:3a:8f:3d:5d:
f8:dc:a0:b6:19:51:66:45:f9:7c:a8:02:7f:fe:0f:74:5b:7d:
b6:65:90:26:e8:f7:91:86:42:18:17:78:fc:14:77:d5:aa:86:
23:2b:75:cd
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgICRnUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwOTA1MDMzNjI2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5MjczYS0yYmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtR7mEcXNGTMgL/t9mfBGKks2kAbUgZVA3qAbqYJpcwFZtnrhZPnbzbHcoWkZ
gPBSserkW6HyqpslRs5Jr2y40/ftPk0ZhzmJOXKLZy4x6aRfeymccpz5+hZooPp8
TJIhPo4rCbR6MWQY8dR48KSefB/Hy3JlpArvoFcceYjn3GWP3ZptYkYppwMJiA5o
7Y9YBaakiYci6W/MByvgf85N0kZCYRiiSH/O6YP1ulKLLpNFdSwjnihW/EdAV+21
9/D/v8o8GufmU7PHFGrUuiGJiUZ13aBTc5YyLaxSiSmKEk+uqvzAyyrawkEev9Qt
PRU4t5DCJGkbz6CJyYChbzNdPQIDAQABo4ICuzCCArcwHQYDVR0OBBYEFCH85UQP
Ec5g4Ld5atdmaf1nipT4MB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNDcxNDJGRUMy
NjdFMTFFQ0JEOUIwOTYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRQYIKwYBBQUHAQcBAf8E
NjA0MDIEAgABMCwDBAItetwDBAJnGzwDBAJnXBwwDAMEAWePjgMEAWePkAMEAWeP
0AMEAmfoeDANBgkqhkiG9w0BAQsFAAOCAQEAdRC3x/Db3aaTHGA2SUUZ3y/USECm
0+fsyrt275hVWqiJWzCxOLAhcCWIJZ2bsQXGk0XJRMRg+g/UoJGA5uUzGo7+tEsY
ehIUCAbWg9cfpwuygENBpvkLasRHjG/uPqbw7pwYyjlj0/euq1D2+eDV7dI+Xirc
IAx1A0Kj7f3RK7WEKPwJlkP6Jlhkwcuy2Cb/5Bju3tP2aCnAPm0UkgM8HMyMORP8
fsdTnydKUaAyuLBlp+HxF0xbKvqYzko+ExoyxKEtCMCC9j9K9Cr7xGPMymezUP06
jz1d+NygthlRZkX5fKgCf/4PdFt9tmWQJuj3kYZCGBd4/BR31aqGIyt1zQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:38:11 2025 by rpki-client