Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/FF7450F48FEB11EC818F190FC4F9AE02.roa
File: FF7450F48FEB11EC818F190FC4F9AE02.roa (raw, json)
Hash identifier: PZDOMpbnEclDOLN5fpeL4Hrokd0InE0vo7MLblajdig=
Subject key identifier: 9D:B6:60:73:34:E0:ED:C3:43:A6:8B:6B:C3:34:F6:6D:EC:EC:18:CD
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4672
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/FF7450F48FEB11EC818F190FC4F9AE02.roa
Signing time: Thu 05 Sep 2024 03:36:24 +0000
ROA not before: Thu 05 Sep 2024 03:36:24 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 56147
IP address blocks: 45.120.228.0/22 maxlen: 24
103.3.248.0/22 maxlen: 24
2001:df5:c200::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18034 (0x4672)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Sep 5 03:36:24 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d92738-13ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7f:57:3d:ef:ed:7f:cc:af:33:39:83:4c:c7:
e0:3b:8a:c7:c7:b8:91:62:79:a8:a6:32:b2:c2:2d:
ed:5b:cc:a4:e1:16:1f:40:56:cc:04:c4:11:0d:63:
b9:5b:3e:bc:4d:b2:6c:8a:24:9e:8e:7b:ee:41:23:
04:b7:77:df:10:63:67:5e:66:be:57:0a:ec:ae:19:
1b:6f:54:77:1f:c0:f9:f3:d3:da:c0:7b:ec:41:a8:
26:03:55:b0:d2:5a:26:62:fb:56:c3:11:78:fe:ba:
4a:79:e0:aa:5a:6f:47:4c:fd:ba:b7:ba:a0:db:b9:
c7:da:b3:57:47:41:1a:ed:46:aa:54:44:5d:b5:37:
80:f3:e5:49:0e:f7:18:dd:32:75:46:b1:80:e7:5d:
05:77:9c:48:09:0a:28:e5:14:f5:0f:de:77:b6:b0:
a2:6e:22:e1:c6:8d:c5:9a:5f:0f:81:2d:6a:f2:f3:
ff:db:32:c6:ff:b5:22:a3:75:80:8b:36:e6:27:30:
ac:62:fd:87:d3:6a:69:da:17:ba:2e:75:cd:70:58:
81:91:32:e6:26:7a:14:a5:7a:d0:8c:d0:4d:99:f6:
07:4c:fd:01:34:ad:0c:d3:a3:22:91:1d:df:c6:0d:
a2:37:f6:55:c1:e1:6a:ef:75:b4:48:b9:e2:50:b6:
c8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:B6:60:73:34:E0:ED:C3:43:A6:8B:6B:C3:34:F6:6D:EC:EC:18:CD
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/FF7450F48FEB11EC818F190FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.120.228.0/22
103.3.248.0/22
IPv6:
2001:df5:c200::/48
Signature Algorithm: sha256WithRSAEncryption
20:bb:3c:91:21:0c:b8:a3:de:93:2f:80:3b:04:f0:7b:33:a4:
46:64:7a:e5:92:00:ac:72:fc:52:83:a2:a2:f7:17:a3:62:69:
ec:90:04:b7:3b:5a:98:32:98:f7:7c:da:50:bb:3b:70:14:8a:
25:3e:c7:c6:7e:82:ac:e5:a7:9e:2e:87:59:f8:c9:8d:35:ec:
0f:59:d6:8d:21:81:f1:b7:a4:d0:ed:b4:1f:de:3c:83:bf:dc:
ba:8d:1a:be:71:44:6b:14:d6:e7:e2:37:24:15:5c:a9:43:88:
4b:2c:8f:b9:71:d9:3a:04:99:c9:e2:a3:f4:c3:6d:5c:54:ab:
7c:97:1b:f0:08:4e:ab:57:b8:9c:26:ef:91:e2:a4:03:cb:ef:
a0:e2:50:ca:63:c1:fa:bd:2f:d1:2f:2c:94:a6:cb:9e:fe:1f:
6b:c3:38:50:9d:e0:e6:36:cf:3e:7c:2f:04:a8:8e:ee:58:c5:
5e:72:5e:0d:d4:82:30:b0:dd:67:e9:bf:cb:c5:e4:10:8c:6f:
d1:5b:e7:48:6e:48:ee:09:1b:c9:88:87:de:e8:69:d1:88:25:
01:f5:08:ae:96:41:5a:99:be:9e:47:b7:d8:d0:a8:88:a5:ce:
3a:7d:2b:ba:c4:0e:e2:43:e0:aa:ae:5c:9f:b8:17:97:0b:bf:
47:0a:1e:4f
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICRnIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwOTA1MDMzNjI0WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5MjczOC0xM2FlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArX9XPe/tf8yvMzmDTMfgO4rHx7iRYnmopjKywi3tW8yk4RYfQFbMBMQRDWO5
Wz68TbJsiiSejnvuQSMEt3ffEGNnXma+Vwrsrhkbb1R3H8D589PawHvsQagmA1Ww
0lomYvtWwxF4/rpKeeCqWm9HTP26t7qg27nH2rNXR0Ea7UaqVERdtTeA8+VJDvcY
3TJ1RrGA510Fd5xICQoo5RT1D953trCibiLhxo3Fml8PgS1q8vP/2zLG/7Uio3WA
izbmJzCsYv2H02pp2he6LnXNcFiBkTLmJnoUpXrQjNBNmfYHTP0BNK0M06MikR3f
xg2iN/ZVweFq73W0SLniULbIWwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFJ22YHM0
4O3DQ6aLa8M09m3s7BjNMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvRkY3NDUwRjQ4
RkVCMTFFQzgxOEYxOTBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAIteOQDBAJnA/gwDwQCAAIwCQMHACABDfXCADANBgkqhkiG
9w0BAQsFAAOCAQEAILs8kSEMuKPeky+AOwTwezOkRmR65ZIArHL8UoOiovcXo2Jp
7JAEtztamDKY93zaULs7cBSKJT7Hxn6CrOWnni6HWfjJjTXsD1nWjSGB8bek0O20
H948g7/cuo0avnFEaxTW5+I3JBVcqUOISyyPuXHZOgSZyeKj9MNtXFSrfJcb8AhO
q1e4nCbvkeKkA8vvoOJQymPB+r0v0S8slKbLnv4fa8M4UJ3g5jbPPnwvBKiO7ljF
XnJeDdSCMLDdZ+m/y8XkEIxv0VvnSG5I7gkbyYiH3uhp0YglAfUIrpZBWpm+nke3
2NCoiKXOOn0rusQO4kPgqq5cn7gXlwu/RwoeTw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:17:00 2025 by rpki-client