Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/5C154406988911E991B10838C4F9AE02.roa
File: 5C154406988911E991B10838C4F9AE02.roa (raw, json)
Hash identifier: rlBKToBwc/S7CrTJwY8L3fa6c6H9ms0SKbG322SWU2g=
Subject key identifier: AD:C8:50:D4:D0:22:05:78:29:5D:61:5C:58:5A:D4:58:5B:AA:F6:42
Certificate issuer: /CN=A91CEF3E/serialNumber=932EC2E6E52B5AF6C7B03C415020EDE272AAA145
Certificate serial: 0E42
Authority key identifier: 93:2E:C2:E6:E5:2B:5A:F6:C7:B0:3C:41:50:20:ED:E2:72:AA:A1:45
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ky7C5uUrWvbHsDxBUCDt4nKqoUU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/5C154406988911E991B10838C4F9AE02.roa
Signing time: Tue 14 Jan 2025 17:55:49 +0000
ROA not before: Tue 14 Jan 2025 17:55:49 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 23881
IP address blocks: 23.226.0.0/24 maxlen: 24
23.226.1.0/24 maxlen: 24
23.226.2.0/24 maxlen: 24
23.226.3.0/24 maxlen: 24
23.226.4.0/24 maxlen: 24
23.226.5.0/24 maxlen: 24
23.226.6.0/24 maxlen: 24
23.226.7.0/24 maxlen: 24
23.226.8.0/24 maxlen: 24
23.226.9.0/24 maxlen: 24
23.226.10.0/24 maxlen: 24
23.226.11.0/24 maxlen: 24
23.226.12.0/24 maxlen: 24
23.226.13.0/24 maxlen: 24
23.226.14.0/24 maxlen: 24
23.226.15.0/24 maxlen: 24
162.247.0.0/24 maxlen: 24
162.247.1.0/24 maxlen: 24
162.247.2.0/24 maxlen: 24
162.247.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3650 (0xe42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CEF3E
Validity
Not Before: Jan 14 17:55:49 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6786a525-a945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:2b:6e:83:e2:91:07:a6:0e:1a:c3:8f:f9:6c:
52:61:16:39:ac:e3:69:a3:d2:b5:be:61:1a:d6:a2:
be:7c:2f:7b:30:fe:09:c9:12:ae:42:15:bb:50:a2:
76:fc:ba:3a:40:90:03:51:42:2f:71:4a:96:d9:55:
84:3c:f8:2b:0e:e5:77:07:0f:ac:90:70:32:31:db:
61:86:01:b5:a3:94:42:4b:3e:22:0d:87:00:18:18:
86:cc:32:f8:64:5f:97:95:f5:ce:87:1b:19:d4:7b:
50:5e:ee:1b:75:53:8c:39:90:64:a1:63:95:b9:36:
df:92:b2:b4:05:03:28:5f:73:54:21:ce:1f:fb:0e:
c6:f6:15:8f:be:60:48:95:3d:dc:8c:f6:b4:b5:0a:
8c:d7:9f:eb:d6:a0:2d:31:b8:af:e7:cf:31:8c:6b:
1a:f9:32:95:f1:c4:67:d2:45:5a:47:78:c0:2d:25:
02:20:fb:3c:a3:85:78:c1:3b:63:23:54:b1:df:cb:
32:2c:4e:b2:fa:a5:86:58:61:81:64:29:a6:85:09:
5f:63:3d:75:9c:da:eb:8a:5b:d4:51:ff:6b:89:37:
bd:37:52:3c:25:6a:c8:a7:e7:53:15:b8:e6:90:90:
8e:86:35:46:10:c1:1c:f8:a7:18:34:e2:2d:26:a2:
7c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:C8:50:D4:D0:22:05:78:29:5D:61:5C:58:5A:D4:58:5B:AA:F6:42
X509v3 Authority Key Identifier:
keyid:93:2E:C2:E6:E5:2B:5A:F6:C7:B0:3C:41:50:20:ED:E2:72:AA:A1:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ky7C5uUrWvbHsDxBUCDt4nKqoUU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/5C154406988911E991B10838C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
23.226.0.0/20
162.247.0.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:7b:6e:a1:03:74:5a:cd:ec:58:54:16:e2:97:3e:6f:b6:20:
b0:10:56:42:80:8b:da:df:46:b9:68:0b:4e:5e:f4:c4:9c:51:
32:8c:90:34:26:91:88:ef:db:8c:a0:6a:74:f4:9b:8a:af:1b:
26:09:33:c6:72:b5:02:51:42:f7:84:f1:87:a7:6a:82:21:d6:
67:05:52:49:40:b8:64:ad:b3:d3:83:de:e9:e8:a4:e1:bf:1a:
1a:b5:c9:65:0e:32:db:42:1c:35:9d:b3:63:a2:87:52:93:3f:
a5:03:05:d1:dd:44:74:24:0a:fd:26:d2:c6:24:78:e2:79:91:
17:f6:9c:67:a2:a3:90:f0:3f:b5:93:ed:ec:3f:ff:b9:0a:5b:
b0:c5:54:cf:5c:a4:fa:80:f1:cb:f1:54:21:41:28:42:01:b1:
de:45:b0:2e:82:c6:a4:c3:72:e7:5d:8a:44:f4:eb:0c:6a:44:
f7:dd:c4:d0:0e:f5:67:71:69:5b:8d:3e:e4:cb:13:6c:eb:02:
1b:36:3b:19:be:48:12:83:c6:73:cd:66:02:d0:df:19:04:10:
eb:37:ab:c7:28:b3:71:08:19:e9:3d:76:1d:49:29:a2:65:a6:
17:15:7d:63:cb:2e:d3:1b:49:37:ca:c3:5d:0e:30:83:26:84:
bb:8f:d8:a3
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDkIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0VGM0UxMTAvBgNVBAUTKDkzMkVDMkU2RTUyQjVBRjZDN0IwM0M0MTUwMjBFREUy
NzJBQUExNDUwHhcNMjUwMTE0MTc1NTQ5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg2YTUyNS1hOTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6Stug+KRB6YOGsOP+WxSYRY5rONpo9K1vmEa1qK+fC97MP4JyRKuQhW7UKJ2
/Lo6QJADUUIvcUqW2VWEPPgrDuV3Bw+skHAyMdthhgG1o5RCSz4iDYcAGBiGzDL4
ZF+XlfXOhxsZ1HtQXu4bdVOMOZBkoWOVuTbfkrK0BQMoX3NUIc4f+w7G9hWPvmBI
lT3cjPa0tQqM15/r1qAtMbiv588xjGsa+TKV8cRn0kVaR3jALSUCIPs8o4V4wTtj
I1Sx38syLE6y+qWGWGGBZCmmhQlfYz11nNrrilvUUf9riTe9N1I8JWrIp+dTFbjm
kJCOhjVGEMEc+KcYNOItJqJ8iwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFK3IUNTQ
IgV4KV1hXFha1FhbqvZCMB8GA1UdIwQYMBaAFJMuwublK1r2x7A8QVAg7eJyqqFF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRUYzRS9DQjc0Q0Y2RTk4
N0IxMUU5ODNFQ0NGMTNDNEY5QUUwMi9reTdDNXVVcld2YkhzRHhCVUNEdDRuS3Fv
VVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2t5N0M1dVVyV3ZiSHNEeEJVQ0R0NG5LcW9VVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0VGM0UvQ0I3NENGNkU5ODdCMTFFOTgzRUNDRjEzQzRGOUFFMDIvNUMxNTQ0MDY5
ODg5MTFFOTkxQjEwODM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAQX4gADBAKi9wAwDQYJKoZIhvcNAQELBQADggEBAKR7bqED
dFrN7FhUFuKXPm+2ILAQVkKAi9rfRrloC05e9MScUTKMkDQmkYjv24yganT0m4qv
GyYJM8ZytQJRQveE8YenaoIh1mcFUklAuGSts9OD3unopOG/Ghq1yWUOMttCHDWd
s2Oih1KTP6UDBdHdRHQkCv0m0sYkeOJ5kRf2nGeio5DwP7WT7ew//7kKW7DFVM9c
pPqA8cvxVCFBKEIBsd5FsC6CxqTDcuddikT06wxqRPfdxNAO9WdxaVuNPuTLE2zr
Ahs2Oxm+SBKDxnPNZgLQ3xkEEOs3q8cos3EIGek9dh1JKaJlphcVfWPLLtMbSTfK
w10OMIMmhLuP2KM=
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:08:23 2025 by rpki-client