Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B268A/84FB4C9CDDA111E8A2E78A69C4F9AE02/0AF12B12DDA411E88E25E96FC4F9AE02.roa
File: 0AF12B12DDA411E88E25E96FC4F9AE02.roa (raw, json)
Hash identifier: VilJgVER7BycZHaWd4URO4KYACwZnY/x/nNDEK5obqE=
Subject key identifier: AC:4E:0B:1E:05:6A:32:C8:B4:EE:9A:F0:58:33:50:26:84:25:4D:1B
Certificate issuer: /CN=A91B268A/serialNumber=F8EECE7D3C0CF5922EA3D803553638823FAEEA08
Certificate serial: 11FD
Authority key identifier: F8:EE:CE:7D:3C:0C:F5:92:2E:A3:D8:03:55:36:38:82:3F:AE:EA:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-O7OfTwM9ZIuo9gDVTY4gj-u6gg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B268A/84FB4C9CDDA111E8A2E78A69C4F9AE02/0AF12B12DDA411E88E25E96FC4F9AE02.roa
Signing time: Fri 17 Jan 2025 05:55:12 +0000
ROA not before: Fri 17 Jan 2025 05:55:12 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 56037
IP address blocks: 122.129.216.0/22 maxlen: 22
122.129.220.0/23 maxlen: 23
122.129.223.0/24 maxlen: 24
210.56.83.0/24 maxlen: 24
210.56.94.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4605 (0x11fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B268A
Validity
Not Before: Jan 17 05:55:12 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6789f0c0-2f11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:dc:14:18:82:63:dc:60:61:8a:88:c5:2e:92:
05:83:53:68:fe:b1:c8:62:b9:ed:1f:52:62:78:ab:
86:58:39:93:c1:26:68:77:62:46:8e:90:0d:aa:60:
55:07:40:a5:bd:11:cc:62:ca:46:79:f9:9a:c4:16:
51:4d:cc:1e:a2:e2:81:ec:ee:20:d0:60:13:8a:56:
fa:47:84:a3:bf:33:26:89:9b:43:4c:5f:9a:b4:ef:
23:6e:d7:ae:d9:15:29:c9:0e:a7:39:bc:33:59:26:
48:ae:35:79:b8:4e:86:02:02:7f:d7:f6:5f:74:e3:
c3:52:82:ac:8c:40:2a:bc:28:8f:ce:51:5b:77:39:
52:01:9a:92:49:83:12:97:6f:f0:45:3f:f9:37:83:
26:c5:88:58:79:f2:8d:92:9b:a4:88:9e:b3:b7:72:
31:c6:e4:28:cb:61:5e:a8:f5:ed:ac:ad:f9:e6:fd:
6f:9d:29:56:94:5c:e3:ef:ce:3c:fb:a5:3e:d3:23:
48:74:25:e0:a2:6c:07:80:cd:7a:8b:0d:be:81:63:
ed:bd:16:58:48:61:fb:82:39:cd:ff:40:13:a8:bb:
38:a9:19:df:69:68:ef:42:cb:04:4e:3b:5a:42:e4:
03:1a:9a:9f:f2:c5:83:52:a8:89:33:02:62:d9:9f:
1e:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:4E:0B:1E:05:6A:32:C8:B4:EE:9A:F0:58:33:50:26:84:25:4D:1B
X509v3 Authority Key Identifier:
keyid:F8:EE:CE:7D:3C:0C:F5:92:2E:A3:D8:03:55:36:38:82:3F:AE:EA:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B268A/84FB4C9CDDA111E8A2E78A69C4F9AE02/-O7OfTwM9ZIuo9gDVTY4gj-u6gg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-O7OfTwM9ZIuo9gDVTY4gj-u6gg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B268A/84FB4C9CDDA111E8A2E78A69C4F9AE02/0AF12B12DDA411E88E25E96FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.129.216.0-122.129.221.255
122.129.223.0/24
210.56.83.0/24
210.56.94.0/24
Signature Algorithm: sha256WithRSAEncryption
16:32:39:04:4c:2b:87:6d:84:23:2c:17:e8:fa:63:81:25:13:
c5:66:97:5d:df:0c:54:35:64:e6:c4:a5:21:2f:d1:7c:0f:9b:
1a:f1:c0:ff:14:c7:2b:8b:da:47:7f:96:6b:76:04:b5:69:79:
1a:d7:5a:14:c3:f4:e6:dc:bb:87:fe:b5:1c:aa:7a:b7:38:81:
73:84:2d:75:31:f8:f3:e6:c4:44:07:99:ba:cc:e8:8f:4b:ac:
ac:ea:21:b1:f2:98:2a:c4:6e:ff:4d:27:b1:32:db:fa:a2:f7:
66:6f:4c:68:9c:d2:a9:e3:d3:41:07:94:b0:2a:4e:2f:9a:9c:
6f:a7:8a:92:40:2c:68:6f:84:ec:57:a9:b1:a9:10:bf:7c:7f:
30:f8:d2:ab:7c:15:5c:c2:34:ed:68:a9:5f:40:f2:0e:d1:2e:
c7:7f:cc:f9:30:a7:a4:dd:d0:48:fa:19:a6:fe:36:d7:0e:d1:
24:25:fc:13:d5:69:25:ce:40:80:7b:23:2c:38:66:2f:7a:a8:
db:06:ba:55:87:a1:4a:8a:48:2d:c4:e6:ae:bd:4f:57:7d:c9:
9e:2e:7d:47:91:60:cf:7b:cc:22:5f:af:62:94:ff:a1:84:ca:
2c:4b:00:49:82:43:91:54:3d:bb:ea:00:49:fd:5a:f1:2e:a6:
89:9a:36:46
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICEf0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjI2OEExMTAvBgNVBAUTKEY4RUVDRTdEM0MwQ0Y1OTIyRUEzRDgwMzU1MzYzODgy
M0ZBRUVBMDgwHhcNMjUwMTE3MDU1NTEyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg5ZjBjMC0yZjExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr9wUGIJj3GBhiojFLpIFg1No/rHIYrntH1JieKuGWDmTwSZod2JGjpANqmBV
B0ClvRHMYspGefmaxBZRTcweouKB7O4g0GATilb6R4SjvzMmiZtDTF+atO8jbteu
2RUpyQ6nObwzWSZIrjV5uE6GAgJ/1/ZfdOPDUoKsjEAqvCiPzlFbdzlSAZqSSYMS
l2/wRT/5N4MmxYhYefKNkpukiJ6zt3IxxuQoy2FeqPXtrK355v1vnSlWlFzj7848
+6U+0yNIdCXgomwHgM16iw2+gWPtvRZYSGH7gjnN/0ATqLs4qRnfaWjvQssETjta
QuQDGpqf8sWDUqiJMwJi2Z8eowIDAQABo4ICrzCCAqswHQYDVR0OBBYEFKxOCx4F
ajLItO6a8FgzUCaEJU0bMB8GA1UdIwQYMBaAFPjuzn08DPWSLqPYA1U2OII/ruoI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjY4QS84NEZCNEM5Q0RE
QTExMUU4QTJFNzhBNjlDNEY5QUUwMi8tTzdPZlR3TTlaSXVvOWdEVlRZNGdqLXU2
Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1PN09mVHdNOVpJdW85Z0RWVFk0Z2otdTZnZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjI2OEEvODRGQjRDOUNEREExMTFFOEEyRTc4QTY5QzRGOUFFMDIvMEFGMTJCMTJE
REE0MTFFODhFMjVFOTZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCAwDAMEA3qB2AMEAXqB3AMEAHqB3wMEANI4UwMEANI4XjANBgkq
hkiG9w0BAQsFAAOCAQEAFjI5BEwrh22EIywX6PpjgSUTxWaXXd8MVDVk5sSlIS/R
fA+bGvHA/xTHK4vaR3+Wa3YEtWl5GtdaFMP05ty7h/61HKp6tziBc4QtdTH48+bE
RAeZuszoj0usrOohsfKYKsRu/00nsTLb+qL3Zm9MaJzSqePTQQeUsCpOL5qcb6eK
kkAsaG+E7FepsakQv3x/MPjSq3wVXMI07WipX0DyDtEux3/M+TCnpN3QSPoZpv42
1w7RJCX8E9VpJc5AgHsjLDhmL3qo2wa6VYehSopILcTmrr1PV33Jni59R5Fgz3vM
Il+vYpT/oYTKLEsASYJDkVQ9u+oASf1a8S6miZo2Rg==
-----END CERTIFICATE-----
Generated at Fri Apr 11 01:51:24 2025 by rpki-client