Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8F78/F8DE32D0E31911EF81032F34C4F9AE02/E219016CE31C11EF9927DB6BC4F9AE02.roa
File: E219016CE31C11EF9927DB6BC4F9AE02.roa (raw, json)
Hash identifier: yKNcsRa30cbt+UvmKQMQQjjVntZF8YpvtZ225DVModg=
Subject key identifier: D2:5D:48:A8:76:7E:A4:50:1F:FA:52:A6:BA:0B:B0:0C:82:BA:39:6E
Certificate issuer: /CN=A91C8F78/serialNumber=2481E75FCA53EADE98277A8C0368BFF8EDCD73F8
Certificate serial: 02
Authority key identifier: 24:81:E7:5F:CA:53:EA:DE:98:27:7A:8C:03:68:BF:F8:ED:CD:73:F8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JIHnX8pT6t6YJ3qMA2i_-O3Nc_g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C8F78/F8DE32D0E31911EF81032F34C4F9AE02/E219016CE31C11EF9927DB6BC4F9AE02.roa
Signing time: Tue 04 Feb 2025 17:24:26 +0000
ROA not before: Tue 04 Feb 2025 17:24:26 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 135772
IP address blocks: 14.192.52.0/22 maxlen: 24
103.68.216.0/22 maxlen: 24
2001:df6:6b00::/48 maxlen: 48
2407:a8c0::/32 maxlen: 36
2407:a8c0::/33 maxlen: 39
2407:a8c0::/34 maxlen: 40
2407:a8c0:4000::/36 maxlen: 40
2407:a8c0:5000::/39 maxlen: 40
2407:a8c0:5300::/40 maxlen: 40
2407:a8c0:5400::/38 maxlen: 40
2407:a8c0:5800::/37 maxlen: 40
2407:a8c0:6000::/35 maxlen: 40
2407:a8c0:8000::/34 maxlen: 40
2407:a8c0:c000::/35 maxlen: 40
2407:a8c0:e000::/36 maxlen: 40
2407:a8c0:f000::/37 maxlen: 37
2407:a8c0:f000::/38 maxlen: 38
2407:a8c0:f000::/39 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C8F78
Validity
Not Before: Feb 4 17:24:26 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67a24d4a-0143
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:cd:9b:88:d1:3e:09:c9:db:7c:0c:d4:2f:1d:
f7:68:59:68:7a:37:0e:56:bc:f9:66:50:ff:09:fd:
05:e6:30:91:0e:5d:16:da:14:f4:1f:9d:ea:9d:93:
4e:a2:80:ed:8e:58:40:dc:64:1a:d6:7e:0c:7c:88:
9c:86:c4:92:13:28:4a:75:ce:98:af:4b:c3:44:09:
eb:3a:25:e4:ec:0f:37:01:82:a3:d6:be:22:5a:0d:
df:65:23:79:57:5e:9b:c7:e1:7c:35:aa:85:60:3c:
da:f5:3e:90:e6:1d:06:d9:91:39:34:a9:56:dd:8c:
71:56:bb:28:f0:32:1f:ee:8c:a7:a8:ec:a0:f6:6a:
ca:8e:ad:d4:cc:80:af:d0:80:fe:d4:15:05:0d:04:
51:59:d1:a9:c7:bf:b0:95:fa:56:f7:61:83:3b:a9:
5d:63:54:02:66:1c:fa:28:75:f6:c6:a0:35:57:79:
99:b5:59:5a:76:18:c8:42:41:03:64:63:63:3c:06:
7c:80:06:a9:37:7d:99:3f:af:7a:09:52:c3:69:4b:
94:c6:a6:d7:57:04:68:93:fc:d9:72:89:be:15:e9:
d0:9b:bb:1a:83:55:fc:c2:d5:cb:c8:31:4c:5b:c8:
3a:d1:4e:46:7e:35:9a:d1:0c:85:03:16:80:f2:16:
08:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:5D:48:A8:76:7E:A4:50:1F:FA:52:A6:BA:0B:B0:0C:82:BA:39:6E
X509v3 Authority Key Identifier:
keyid:24:81:E7:5F:CA:53:EA:DE:98:27:7A:8C:03:68:BF:F8:ED:CD:73:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C8F78/F8DE32D0E31911EF81032F34C4F9AE02/JIHnX8pT6t6YJ3qMA2i_-O3Nc_g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JIHnX8pT6t6YJ3qMA2i_-O3Nc_g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8F78/F8DE32D0E31911EF81032F34C4F9AE02/E219016CE31C11EF9927DB6BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.52.0/22
103.68.216.0/22
IPv6:
2001:df6:6b00::/48
2407:a8c0::/32
Signature Algorithm: sha256WithRSAEncryption
d1:e3:f3:c9:c9:d2:02:10:89:19:5e:7e:89:a1:30:c2:dd:b2:
d2:60:f4:e3:b2:fa:ad:f7:ae:75:91:8a:2f:5b:b7:e3:38:1a:
c6:c8:fc:74:f2:ff:d3:cc:d6:38:6f:44:1f:ab:28:c6:44:e9:
0e:e8:24:b9:df:8f:bb:2f:a8:38:7b:57:18:cc:28:e1:e8:88:
09:07:83:4b:9a:65:e2:97:26:b9:9f:ed:10:38:9e:dd:38:34:
c6:14:d4:56:26:9c:e4:a8:02:50:ca:8d:bc:86:72:34:7e:b7:
07:f5:81:83:7c:ce:61:5e:f7:d7:f4:1e:a2:be:39:f8:92:ff:
b2:02:90:38:5e:1b:2c:91:03:3e:a1:ef:03:26:94:bb:e5:1f:
db:cd:f3:86:5f:fa:3f:44:70:90:78:ad:85:e9:38:4a:96:66:
cc:a8:48:37:fd:22:1b:e6:05:2b:86:33:6c:a3:eb:ce:e7:af:
5d:82:b2:43:b6:e2:bb:17:31:0f:ec:8c:cf:3e:13:f3:70:8a:
19:c2:f8:df:e0:8e:60:01:a3:36:8b:79:41:a7:82:6e:99:25:
6b:09:1c:bd:fa:76:4f:e7:42:90:d1:d6:eb:77:b2:b9:13:37:
a7:8b:1d:5e:e4:60:96:5c:0a:e8:02:0c:0e:a3:a6:ff:0a:63:
88:5f:e8:07
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
OEY3ODExMC8GA1UEBRMoMjQ4MUU3NUZDQTUzRUFERTk4Mjc3QThDMDM2OEJGRjhF
RENENzNGODAeFw0yNTAyMDQxNzI0MjZaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YTI0ZDRhLTAxNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLzZuI0T4Jydt8DNQvHfdoWWh6Nw5WvPlmUP8J/QXmMJEOXRbaFPQfneqdk06i
gO2OWEDcZBrWfgx8iJyGxJITKEp1zpivS8NECes6JeTsDzcBgqPWviJaDd9lI3lX
XpvH4Xw1qoVgPNr1PpDmHQbZkTk0qVbdjHFWuyjwMh/ujKeo7KD2asqOrdTMgK/Q
gP7UFQUNBFFZ0anHv7CV+lb3YYM7qV1jVAJmHPoodfbGoDVXeZm1WVp2GMhCQQNk
Y2M8BnyABqk3fZk/r3oJUsNpS5TGptdXBGiT/Nlyib4V6dCbuxqDVfzC1cvIMUxb
yDrRTkZ+NZrRDIUDFoDyFgjFAgMBAAGjggKzMIICrzAdBgNVHQ4EFgQU0l1IqHZ+
pFAf+lKmuguwDIK6OW4wHwYDVR0jBBgwFoAUJIHnX8pT6t6YJ3qMA2i/+O3Nc/gw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM4Rjc4L0Y4REUzMkQwRTMx
OTExRUY4MTAzMkYzNEM0RjlBRTAyL0pJSG5YOHBUNnQ2WUozcU1BMmlfLU8zTmNf
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSklIblg4cFQ2dDZZSjNxTUEyaV8tTzNOY19nLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
OEY3OC9GOERFMzJEMEUzMTkxMUVGODEwMzJGMzRDNEY5QUUwMi9FMjE5MDE2Q0Uz
MUMxMUVGOTkyN0RCNkJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA9BggrBgEFBQcBBwEB/wQu
MCwwEgQCAAEwDAMEAg7ANAMEAmdE2DAWBAIAAjAQAwcAIAEN9msAAwUAJAeowDAN
BgkqhkiG9w0BAQsFAAOCAQEA0ePzycnSAhCJGV5+iaEwwt2y0mD047L6rfeudZGK
L1u34zgaxsj8dPL/08zWOG9EH6soxkTpDugkud+Puy+oOHtXGMwo4eiICQeDS5pl
4pcmuZ/tEDie3Tg0xhTUViac5KgCUMqNvIZyNH63B/WBg3zOYV731/Qeor45+JL/
sgKQOF4bLJEDPqHvAyaUu+Uf283zhl/6P0RwkHithek4SpZmzKhIN/0iG+YFK4Yz
bKPrzuevXYKyQ7biuxcxD+yMzz4T83CKGcL43+COYAGjNot5QaeCbpklawkcvfp2
T+dCkNHW63eyuRM3p4sdXuRgllwK6AIMDqOm/wpjiF/oBw==
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:39:03 2025 by rpki-client