Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA2D5/5F861EE6B89A11E3B4AC7E785911EA32/5F2A9412249D11EEBA491E2FC4F9AE02.roa
File: 5F2A9412249D11EEBA491E2FC4F9AE02.roa (raw, json)
Hash identifier: g11u2GEJJEEmMdpcoU8e0HEnyj3HUMfwjbRYntoaDGs=
Subject key identifier: 4F:B0:9B:76:C2:FC:AB:B0:BD:BB:6F:B2:02:A2:0E:E1:43:02:4E:2E
Certificate issuer: /CN=A91DA2D5/serialNumber=3C1C877347EE82729636AF0F3A375D391090F921
Certificate serial: 2C78
Authority key identifier: 3C:1C:87:73:47:EE:82:72:96:36:AF:0F:3A:37:5D:39:10:90:F9:21
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PByHc0fugnKWNq8POjddORCQ-SE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA2D5/5F861EE6B89A11E3B4AC7E785911EA32/5F2A9412249D11EEBA491E2FC4F9AE02.roa
Signing time: Sun 01 Dec 2024 07:51:50 +0000
ROA not before: Sun 01 Dec 2024 07:51:50 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 58717
IP address blocks: 43.245.140.0/22 maxlen: 22
43.245.140.0/22 maxlen: 24
43.245.140.0/23 maxlen: 23
43.245.140.0/24 maxlen: 24
43.245.141.0/24 maxlen: 24
43.245.142.0/23 maxlen: 23
43.245.142.0/24 maxlen: 24
43.245.143.0/24 maxlen: 24
103.15.244.0/22 maxlen: 24
103.15.246.64/26 maxlen: 26
103.75.238.0/23 maxlen: 24
103.96.69.0/24 maxlen: 24
103.96.70.0/23 maxlen: 24
103.108.144.0/22 maxlen: 24
103.199.84.0/22 maxlen: 24
103.242.216.0/24 maxlen: 24
103.242.217.0/24 maxlen: 24
103.242.218.0/23 maxlen: 24
144.48.148.0/23 maxlen: 23
144.48.148.0/24 maxlen: 24
144.48.149.0/24 maxlen: 24
2405:1500::/30 maxlen: 31
2405:1500::/32 maxlen: 32
2405:1500::/32 maxlen: 48
2405:1500::/48 maxlen: 48
2405:1500:12::/48 maxlen: 48
2405:1500:30::/48 maxlen: 48
2405:1500:40::/48 maxlen: 48
2405:1500:60::/48 maxlen: 48
2405:1500:70::/48 maxlen: 48
2405:1500:80::/48 maxlen: 48
2405:1500:82::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11384 (0x2c78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA2D5
Validity
Not Before: Dec 1 07:51:50 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=674c1596-d288
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6a:42:42:26:35:eb:7d:8e:5e:ce:ed:71:48:
81:5b:e4:01:88:42:19:8e:69:35:94:36:6e:c6:02:
8b:77:e1:6b:6b:da:68:50:d3:ed:39:2e:96:5d:e0:
11:90:9e:99:80:b2:e6:b1:ce:ab:92:c6:00:24:a3:
c4:bb:fa:4f:ee:87:f4:65:36:75:94:c6:3c:6f:91:
61:8f:28:4b:02:a3:45:b4:ed:75:27:a3:bf:93:f6:
a7:0c:d6:36:51:10:33:c7:6c:ca:13:60:51:96:7c:
7e:1d:e7:95:cd:e2:91:a0:78:7c:1c:c1:9c:b0:30:
e5:a0:79:d2:a6:db:ad:dd:2c:c4:48:42:61:8a:00:
d6:e7:e2:ab:32:be:b3:33:4f:6a:ac:66:2a:98:82:
4e:42:ab:29:7b:c4:05:8f:d0:1b:2f:6a:03:49:ab:
9e:fe:f4:b9:5a:24:ed:d0:52:d0:f8:05:8b:4b:cf:
3a:b5:1b:f3:a2:d5:c6:ab:07:80:3b:d0:72:93:64:
1b:df:3d:82:29:e7:58:76:6a:c7:4a:f9:fc:bd:5e:
82:74:d9:65:a0:e4:91:2b:2f:2f:73:b9:40:f2:bb:
f3:b4:94:49:e8:84:1b:4a:3b:11:41:c0:04:b1:af:
2a:5a:3e:44:2e:2d:26:ec:11:ec:b4:08:14:aa:4d:
fd:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:B0:9B:76:C2:FC:AB:B0:BD:BB:6F:B2:02:A2:0E:E1:43:02:4E:2E
X509v3 Authority Key Identifier:
keyid:3C:1C:87:73:47:EE:82:72:96:36:AF:0F:3A:37:5D:39:10:90:F9:21
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA2D5/5F861EE6B89A11E3B4AC7E785911EA32/PByHc0fugnKWNq8POjddORCQ-SE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PByHc0fugnKWNq8POjddORCQ-SE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA2D5/5F861EE6B89A11E3B4AC7E785911EA32/5F2A9412249D11EEBA491E2FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.140.0/22
103.15.244.0/22
103.75.238.0/23
103.96.69.0-103.96.71.255
103.108.144.0/22
103.199.84.0/22
103.242.216.0/22
144.48.148.0/23
IPv6:
2405:1500::/30
Signature Algorithm: sha256WithRSAEncryption
17:b5:50:59:ff:7e:c4:8f:c0:f0:63:9c:1f:de:45:eb:f0:69:
c3:2c:e9:7f:7a:9f:e0:d4:4c:bd:b1:98:60:43:31:ee:7c:ff:
cc:4e:64:d1:37:bd:fa:25:54:61:7c:66:64:f3:41:a6:27:60:
db:b5:fe:2f:27:f2:f1:93:9f:76:9f:9a:21:25:d9:0e:4f:92:
2d:bb:b0:f0:31:53:9b:12:f4:7f:e2:10:f4:57:23:9c:a8:6e:
f1:24:66:34:f1:43:33:a1:a7:a4:8c:e4:02:f8:78:f7:5e:72:
11:4a:a8:7b:5d:48:77:6f:8a:59:9c:f8:0f:ce:25:1e:c4:77:
39:ac:06:f8:33:d6:60:2d:2a:11:ec:06:44:ff:8e:67:1f:57:
c6:77:25:06:05:bf:cd:da:4f:d5:d0:60:a2:ee:07:53:ef:76:
33:ae:10:45:d3:78:7e:b3:5f:d6:dd:36:1b:87:ea:95:14:ba:
f4:18:a9:89:33:95:03:36:93:39:fa:b3:e9:30:b3:5c:57:5b:
56:28:7c:63:dc:93:62:12:34:fa:93:ef:c5:b0:28:c1:6c:34:
09:85:ab:24:cf:0e:e6:88:55:7f:93:74:c7:be:d8:ec:b3:fd:
a5:46:5d:83:e6:f5:b8:f0:ac:30:a9:d8:40:e3:bc:b1:50:ad:
0d:be:d7:37
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgICLHgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REEyRDUxMTAvBgNVBAUTKDNDMUM4NzczNDdFRTgyNzI5NjM2QUYwRjNBMzc1RDM5
MTA5MEY5MjEwHhcNMjQxMjAxMDc1MTUwWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRjMTU5Ni1kMjg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsmpCQiY1632OXs7tcUiBW+QBiEIZjmk1lDZuxgKLd+Fra9poUNPtOS6WXeAR
kJ6ZgLLmsc6rksYAJKPEu/pP7of0ZTZ1lMY8b5FhjyhLAqNFtO11J6O/k/anDNY2
URAzx2zKE2BRlnx+HeeVzeKRoHh8HMGcsDDloHnSptut3SzESEJhigDW5+KrMr6z
M09qrGYqmIJOQqspe8QFj9AbL2oDSaue/vS5WiTt0FLQ+AWLS886tRvzotXGqweA
O9Byk2Qb3z2CKedYdmrHSvn8vV6CdNlloOSRKy8vc7lA8rvztJRJ6IQbSjsRQcAE
sa8qWj5ELi0m7BHstAgUqk39LwIDAQABo4IC1jCCAtIwHQYDVR0OBBYEFE+wm3bC
/KuwvbtvsgKiDuFDAk4uMB8GA1UdIwQYMBaAFDwch3NH7oJyljavDzo3XTkQkPkh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTJENS81Rjg2MUVFNkI4
OUExMUUzQjRBQzdFNzg1OTExRUEzMi9QQnlIYzBmdWduS1dOcThQT2pkZE9SQ1Et
U0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BCeUhjMGZ1Z25LV05xOFBPamRkT1JDUS1TRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REEyRDUvNUY4NjFFRTZCODlBMTFFM0I0QUM3RTc4NTkxMUVBMzIvNUYyQTk0MTIy
NDlEMTFFRUJBNDkxRTJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYAYIKwYBBQUHAQcBAf8E
UTBPMD4EAgABMDgDBAIr9YwDBAJnD/QDBAFnS+4wDAMEAGdgRQMEA2dgQAMEAmds
kAMEAmfHVAMEAmfy2AMEAZAwlDANBAIAAjAHAwUCJAUVADANBgkqhkiG9w0BAQsF
AAOCAQEAF7VQWf9+xI/A8GOcH95F6/Bpwyzpf3qf4NRMvbGYYEMx7nz/zE5k0Te9
+iVUYXxmZPNBpidg27X+Lyfy8ZOfdp+aISXZDk+SLbuw8DFTmxL0f+IQ9FcjnKhu
8SRmNPFDM6GnpIzkAvh4915yEUqoe11Id2+KWZz4D84lHsR3OawG+DPWYC0qEewG
RP+OZx9XxnclBgW/zdpP1dBgou4HU+92M64QRdN4frNf1t02G4fqlRS69BipiTOV
AzaTOfqz6TCzXFdbVih8Y9yTYhI0+pPvxbAowWw0CYWrJM8O5ohVf5N0x77Y7LP9
pUZdg+b1uPCsMKnYQOO8sVCtDb7XNw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:22:54 2025 by rpki-client