Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACBB7/5E1FCEBCF3F911E9B8A8310AC4F9AE02/2B9FBCB0DEC911EBA828524CC4F9AE02.roa
File: 2B9FBCB0DEC911EBA828524CC4F9AE02.roa (raw, json)
Hash identifier: es9j3LKTp+AUW2ig2BE9iWWW6VD0Nb77D+iullPdt18=
Subject key identifier: 91:02:56:F4:F9:10:A2:44:B2:91:81:06:B1:DE:40:1B:51:50:CB:45
Certificate issuer: /CN=A91ACBB7/serialNumber=746241ADA77DDBDFEA0FE144EFE21391E3FC4FD9
Certificate serial: 0CB0
Authority key identifier: 74:62:41:AD:A7:7D:DB:DF:EA:0F:E1:44:EF:E2:13:91:E3:FC:4F:D9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dGJBrad929_qD-FE7-ITkeP8T9k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ACBB7/5E1FCEBCF3F911E9B8A8310AC4F9AE02/2B9FBCB0DEC911EBA828524CC4F9AE02.roa
Signing time: Fri 28 Mar 2025 18:29:38 +0000
ROA not before: Fri 28 Mar 2025 18:29:38 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 58715
IP address blocks: 45.114.84.0/22 maxlen: 24
103.54.36.0/22 maxlen: 24
2403:41c0::/32 maxlen: 36
2403:41c0:fc00::/48 maxlen: 48
2403:41c0:fc05::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3248 (0xcb0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ACBB7
Validity
Not Before: Mar 28 18:29:38 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e6ea92-5466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:00:41:3e:10:65:2a:e3:d9:c6:05:c4:e3:fb:
ca:7d:58:e1:ce:bb:58:06:97:16:cc:9b:f7:16:30:
cd:9f:bd:23:3f:31:f2:c6:33:38:df:82:c1:ab:ea:
e4:dc:41:4f:bc:89:05:1c:2a:23:50:43:f0:2f:42:
a0:7a:82:32:65:1c:86:3d:04:e4:03:45:fc:9e:aa:
1a:8f:b0:66:24:f6:91:68:2a:c6:05:62:b5:5b:da:
5c:6c:04:10:ef:8c:44:73:a4:b9:ee:b9:b6:3f:e4:
c4:ce:a9:ad:5a:58:77:f4:0a:66:09:33:4f:ac:87:
77:78:e9:c3:b5:d9:56:84:bd:7c:9d:ab:8a:6c:e3:
5d:93:df:80:63:27:87:7c:d3:1d:b0:90:e1:e8:62:
09:b7:55:12:fd:84:9f:62:b5:0b:bf:12:0e:05:16:
a7:9d:33:55:7b:9e:6b:90:50:60:fd:5e:ec:e1:36:
08:17:a9:6f:be:c9:3a:04:39:d7:71:af:df:bc:bb:
d8:de:c0:cc:f2:bb:b5:97:4f:67:87:93:d3:d8:cb:
f5:da:b9:cf:c4:9c:90:c1:44:53:49:ae:1d:1e:48:
2c:c9:76:a0:2e:2f:9d:b2:22:c7:2c:a1:c2:7b:3d:
17:9c:8a:5b:9b:b8:2b:c5:ff:43:47:f7:92:0e:42:
cd:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:02:56:F4:F9:10:A2:44:B2:91:81:06:B1:DE:40:1B:51:50:CB:45
X509v3 Authority Key Identifier:
keyid:74:62:41:AD:A7:7D:DB:DF:EA:0F:E1:44:EF:E2:13:91:E3:FC:4F:D9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ACBB7/5E1FCEBCF3F911E9B8A8310AC4F9AE02/dGJBrad929_qD-FE7-ITkeP8T9k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dGJBrad929_qD-FE7-ITkeP8T9k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACBB7/5E1FCEBCF3F911E9B8A8310AC4F9AE02/2B9FBCB0DEC911EBA828524CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.114.84.0/22
103.54.36.0/22
IPv6:
2403:41c0::/32
Signature Algorithm: sha256WithRSAEncryption
3d:d3:71:a3:26:ea:55:e0:60:ba:92:a4:e6:bd:b1:bb:33:24:
52:6c:b6:28:5f:6d:f9:14:14:f9:e8:98:e8:48:7d:1f:fd:fe:
65:d2:4c:ee:1e:54:a7:aa:17:99:3f:62:5c:07:a5:96:ce:c5:
9d:99:94:f7:7b:73:bd:53:83:6e:03:a5:11:f2:70:89:1a:48:
3c:ef:5a:07:f3:cf:92:68:9c:c0:15:e8:7c:ea:aa:61:e5:e2:
53:b0:1e:02:60:f8:b9:fe:80:42:1f:e5:5a:66:9f:a2:94:30:
f6:a4:12:79:4c:7e:f8:9d:84:30:1f:fc:8f:a4:70:04:31:c2:
f4:21:ee:f0:51:9b:a5:3b:c9:14:97:59:3a:c8:74:ce:17:50:
99:9b:e4:ed:44:c0:e8:d8:4c:5a:9b:a5:58:2c:9c:d7:2a:c4:
27:cc:cb:2b:44:67:d0:55:17:45:45:cb:39:76:9c:70:b3:59:
e4:ec:97:fb:bc:5d:28:12:d0:05:c4:62:cc:a0:55:4c:54:14:
f4:f0:2c:b1:ec:8f:18:c1:60:c4:6f:76:45:6a:92:c6:d7:ea:
90:0d:65:e2:02:e1:64:88:ea:88:c1:5d:0a:41:9f:78:de:e3:
3e:b9:4c:39:b7:04:77:8b:46:77:b2:1c:6a:39:94:8b:9d:9a:
03:9b:44:ed
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDLAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUNCQjcxMTAvBgNVBAUTKDc0NjI0MUFEQTc3RERCREZFQTBGRTE0NEVGRTIxMzkx
RTNGQzRGRDkwHhcNMjUwMzI4MTgyOTM4WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U2ZWE5Mi01NDY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqwBBPhBlKuPZxgXE4/vKfVjhzrtYBpcWzJv3FjDNn70jPzHyxjM434LBq+rk
3EFPvIkFHCojUEPwL0KgeoIyZRyGPQTkA0X8nqoaj7BmJPaRaCrGBWK1W9pcbAQQ
74xEc6S57rm2P+TEzqmtWlh39ApmCTNPrId3eOnDtdlWhL18nauKbONdk9+AYyeH
fNMdsJDh6GIJt1US/YSfYrULvxIOBRannTNVe55rkFBg/V7s4TYIF6lvvsk6BDnX
ca/fvLvY3sDM8ru1l09nh5PT2Mv12rnPxJyQwURTSa4dHkgsyXagLi+dsiLHLKHC
ez0XnIpbm7grxf9DR/eSDkLNQQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFJECVvT5
EKJEspGBBrHeQBtRUMtFMB8GA1UdIwQYMBaAFHRiQa2nfdvf6g/hRO/iE5Hj/E/Z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0JCNy81RTFGQ0VCQ0Yz
RjkxMUU5QjhBODMxMEFDNEY5QUUwMi9kR0pCcmFkOTI5X3FELUZFNy1JVGtlUDhU
OWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RHSkJyYWQ5MjlfcUQtRkU3LUlUa2VQOFQ5ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUNCQjcvNUUxRkNFQkNGM0Y5MTFFOUI4QTgzMTBBQzRGOUFFMDIvMkI5RkJDQjBE
RUM5MTFFQkE4Mjg1MjRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAItclQDBAJnNiQwDQQCAAIwBwMFACQDQcAwDQYJKoZIhvcN
AQELBQADggEBAD3TcaMm6lXgYLqSpOa9sbszJFJstihfbfkUFPnomOhIfR/9/mXS
TO4eVKeqF5k/YlwHpZbOxZ2ZlPd7c71Tg24DpRHycIkaSDzvWgfzz5JonMAV6Hzq
qmHl4lOwHgJg+Ln+gEIf5Vpmn6KUMPakEnlMfvidhDAf/I+kcAQxwvQh7vBRm6U7
yRSXWTrIdM4XUJmb5O1EwOjYTFqbpVgsnNcqxCfMyytEZ9BVF0VFyzl2nHCzWeTs
l/u8XSgS0AXEYsygVUxUFPTwLLHsjxjBYMRvdkVqksbX6pANZeIC4WSI6ojBXQpB
n3je4z65TDm3BHeLRneyHGo5lIudmgObRO0=
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:23:03 2025 by rpki-client