Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/D91A51FE753E11ED91728868C4F9AE02.roa
File: D91A51FE753E11ED91728868C4F9AE02.roa (raw, json)
Hash identifier: MgR1KVtSI1+EwxRCSyrMd+rW7lOPoBXUi0YuO1qTjfI=
Subject key identifier: 32:72:28:56:A8:EE:EF:1D:B0:8E:80:28:1D:8F:00:06:C6:17:2B:3B
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4645
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/D91A51FE753E11ED91728868C4F9AE02.roa
Signing time: Thu 05 Sep 2024 03:35:45 +0000
ROA not before: Thu 05 Sep 2024 03:35:45 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 38244
IP address blocks: 45.127.252.0/22 maxlen: 24
49.213.64.0/18 maxlen: 24
58.84.0.0/22 maxlen: 24
61.28.224.0/19 maxlen: 24
103.196.236.0/22 maxlen: 24
103.245.248.0/22 maxlen: 24
118.102.0.0/21 maxlen: 24
120.138.64.0/20 maxlen: 24
122.201.8.0/21 maxlen: 24
2001:df0:13::/48 maxlen: 48
2001:df0:1a::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17989 (0x4645)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Sep 5 03:35:45 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d92710-dfb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:1b:4c:51:26:40:e7:2b:d7:01:58:89:b7:f2:
5c:41:20:45:53:e6:3d:61:15:86:b8:f6:2b:4a:cd:
f2:d2:4c:63:69:39:7c:54:c4:52:e9:c4:f0:ed:24:
4b:5a:7d:51:29:cd:f1:f9:8e:c5:e5:76:68:8b:fe:
0a:6a:28:0f:93:b9:5c:19:3a:9e:a4:8e:59:d2:5b:
90:67:16:78:13:01:e2:b8:5a:48:05:a3:08:e9:5e:
86:0d:3c:4e:02:7a:9c:00:a3:a3:22:dd:42:1f:87:
9d:ed:2b:a4:d4:b7:74:26:f8:73:2d:98:1c:29:c5:
85:e0:e9:71:c0:4a:dd:1b:2a:1c:57:e0:c2:84:70:
b5:36:5c:5a:45:2b:d1:b8:e2:b7:ea:b2:26:c3:58:
49:9b:01:75:e1:54:3c:10:8b:9f:b5:9c:dc:a0:09:
28:c2:6b:28:7e:af:87:5d:ca:5d:8d:d8:12:20:04:
68:c9:b9:66:3e:ff:ec:e4:36:f5:a5:5d:b7:59:79:
11:cf:3f:88:2f:e3:99:15:90:94:c8:c2:1c:df:c5:
e2:81:da:7b:80:27:04:5e:cb:36:7a:99:95:33:5b:
2b:19:f8:4c:2f:a4:3a:74:e0:cc:cb:41:11:0a:cb:
16:18:ce:29:85:55:50:f1:cf:55:d7:d5:85:3c:68:
86:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:72:28:56:A8:EE:EF:1D:B0:8E:80:28:1D:8F:00:06:C6:17:2B:3B
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/D91A51FE753E11ED91728868C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.127.252.0/22
49.213.64.0/18
58.84.0.0/22
61.28.224.0/19
103.196.236.0/22
103.245.248.0/22
118.102.0.0/21
120.138.64.0/20
122.201.8.0/21
IPv6:
2001:df0:13::/48
2001:df0:1a::/48
Signature Algorithm: sha256WithRSAEncryption
b6:4c:7d:69:1d:43:04:bb:c9:07:ed:50:3b:9b:a7:8c:f0:98:
96:0e:98:bb:29:12:da:cb:9f:33:de:fd:09:10:71:6a:c2:86:
99:e9:8d:95:6b:c2:0a:ae:0a:7d:fb:2f:98:09:21:f2:82:e1:
64:d1:7f:92:5c:e2:cd:4c:c3:1a:e2:8d:62:90:ce:ff:ea:8c:
13:51:85:bb:ff:cb:3d:93:f4:39:69:bc:65:8e:3a:d3:fc:8e:
f0:52:16:51:82:b2:78:b5:cf:e7:f8:fa:bf:25:e0:d0:71:e6:
ef:c5:ab:19:8c:89:56:af:be:56:38:4f:ff:93:73:88:35:02:
0b:bc:ec:aa:f7:e7:96:34:84:d9:99:35:2e:90:1b:b9:bb:8e:
69:b2:7a:c2:c6:0f:a2:76:9d:e2:45:c2:b3:b3:8e:e4:c6:fb:
fb:3b:d2:a8:ab:d8:f2:9e:29:8a:e8:f5:94:40:51:21:81:0c:
15:4a:76:79:b3:f7:3e:8a:5e:df:b8:1f:3a:d3:4c:ca:71:45:
a8:3a:b4:64:fd:98:da:a2:7e:c5:ab:f2:c4:19:27:94:38:1f:
22:da:91:5b:6a:f5:3b:7c:2d:14:05:4b:c9:2e:dd:b6:df:bd:
91:7e:c2:b5:2d:05:79:ec:88:f7:7a:99:36:84:f8:e0:11:4d:
83:b9:c9:60
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgICRkUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwOTA1MDMzNTQ1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5MjcxMC1kZmI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5RtMUSZA5yvXAViJt/JcQSBFU+Y9YRWGuPYrSs3y0kxjaTl8VMRS6cTw7SRL
Wn1RKc3x+Y7F5XZoi/4KaigPk7lcGTqepI5Z0luQZxZ4EwHiuFpIBaMI6V6GDTxO
AnqcAKOjIt1CH4ed7Suk1Ld0JvhzLZgcKcWF4OlxwErdGyocV+DChHC1NlxaRSvR
uOK36rImw1hJmwF14VQ8EIuftZzcoAkowmsofq+HXcpdjdgSIARoyblmPv/s5Db1
pV23WXkRzz+IL+OZFZCUyMIc38Xigdp7gCcEXss2epmVM1srGfhML6Q6dODMy0ER
CssWGM4phVVQ8c9V19WFPGiGrwIDAQABo4IC3zCCAtswHQYDVR0OBBYEFDJyKFao
7u8dsI6AKB2PAAbGFys7MB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvRDkxQTUxRkU3
NTNFMTFFRDkxNzI4ODY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwaQYIKwYBBQUHAQcBAf8E
WjBYMDwEAgABMDYDBAItf/wDBAYx1UADBAI6VAADBAU9HOADBAJnxOwDBAJn9fgD
BAN2ZgADBAR4ikADBAN6yQgwGAQCAAIwEgMHACABDfAAEwMHACABDfAAGjANBgkq
hkiG9w0BAQsFAAOCAQEAtkx9aR1DBLvJB+1QO5unjPCYlg6YuykS2sufM979CRBx
asKGmemNlWvCCq4KffsvmAkh8oLhZNF/klzizUzDGuKNYpDO/+qME1GFu//LPZP0
OWm8ZY460/yO8FIWUYKyeLXP5/j6vyXg0HHm78WrGYyJVq++VjhP/5NziDUCC7zs
qvfnljSE2Zk1LpAbubuOabJ6wsYPonad4kXCs7OO5Mb7+zvSqKvY8p4piuj1lEBR
IYEMFUp2ebP3Pope37gfOtNMynFFqDq0ZP2Y2qJ+xavyxBknlDgfItqRW2r1O3wt
FAVLyS7dtt+9kX7CtS0FeeyI93qZNoT44BFNg7nJYA==
-----END CERTIFICATE-----
Generated at Fri Apr 11 14:05:56 2025 by rpki-client