Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD309/1FD6A6EEFA6911E68EC12333C4F9AE02/5949B76C00DB11E8A9CA373DC4F9AE02.roa
File: 5949B76C00DB11E8A9CA373DC4F9AE02.roa (raw, json)
Hash identifier: uYIH2Df820V7sq00NPl6eOckfu5/+u+T1sNhFFho9vo=
Subject key identifier: 5A:2D:33:E3:E8:B2:D2:8A:19:88:F1:90:A9:CE:57:F9:4D:B6:6C:68
Certificate issuer: /CN=A91DD309/serialNumber=8A73FBC66E6E3E8EAB2D5FC2B68991091F021E45
Certificate serial: 1BB0
Authority key identifier: 8A:73:FB:C6:6E:6E:3E:8E:AB:2D:5F:C2:B6:89:91:09:1F:02:1E:45
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/inP7xm5uPo6rLV_CtomRCR8CHkU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DD309/1FD6A6EEFA6911E68EC12333C4F9AE02/5949B76C00DB11E8A9CA373DC4F9AE02.roa
Signing time: Mon 30 Dec 2024 16:28:00 +0000
ROA not before: Mon 30 Dec 2024 16:28:00 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 58689
IP address blocks: 43.250.80.0/22 maxlen: 22
43.250.80.0/23 maxlen: 24
43.250.82.0/23 maxlen: 23
43.250.82.0/24 maxlen: 24
43.250.83.0/24 maxlen: 24
103.15.140.0/23 maxlen: 24
103.41.212.0/23 maxlen: 24
103.109.238.0/23 maxlen: 24
2407:e80::/32 maxlen: 32
2407:e80::/48 maxlen: 48
2407:e80:0:2aa::/64 maxlen: 64
2407:e80:1::/48 maxlen: 48
2407:e80:2::/48 maxlen: 48
2407:e80:3::/48 maxlen: 48
2407:e80:4::/48 maxlen: 48
2407:e80:5::/48 maxlen: 48
2407:e80:b::/48 maxlen: 48
2407:e80:c::/48 maxlen: 48
2407:e80:e::/48 maxlen: 48
2407:e80:f::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7088 (0x1bb0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DD309
Validity
Not Before: Dec 30 16:28:00 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=6772ca10-a989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e0:c5:5f:a0:92:b0:8e:23:e0:16:0f:cd:df:
dc:bc:60:ff:eb:b4:82:fd:a2:45:93:a0:91:11:83:
c1:eb:d3:57:df:3f:2c:0e:54:97:47:a0:3e:ce:82:
6e:75:a6:5d:00:68:3c:f8:40:5a:54:c3:d6:fb:09:
c2:da:68:c5:4d:f4:42:7c:ec:ed:7c:8a:55:a9:de:
4d:b7:88:68:af:dd:99:03:ce:a0:9d:ab:d6:6f:32:
6b:7d:2c:18:7b:63:86:27:9a:de:76:df:21:4d:b9:
23:5f:7f:f0:9c:c2:8d:bd:12:c2:b9:8e:4b:db:80:
e9:cc:09:89:9d:e1:3c:6a:2f:d0:be:71:93:4b:d8:
23:58:02:69:0e:a0:9c:61:96:c7:1f:08:b0:02:44:
07:4e:11:55:3b:ed:5c:b8:8d:8e:cb:45:74:40:67:
4f:13:2b:75:95:0f:d5:89:74:55:d3:7e:ff:1d:74:
3b:f4:63:c8:8d:52:e1:0a:57:e1:09:54:b8:a9:c8:
0f:87:29:77:55:3a:ab:80:f6:aa:81:21:09:f6:6a:
96:8e:3d:e4:6f:eb:d6:02:67:1a:73:2f:3f:50:ea:
1a:a7:3f:dc:db:fd:22:d1:2f:b9:33:1f:da:4b:50:
25:99:ad:e5:56:fe:86:b3:b9:9c:b4:23:b1:d3:79:
cf:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:2D:33:E3:E8:B2:D2:8A:19:88:F1:90:A9:CE:57:F9:4D:B6:6C:68
X509v3 Authority Key Identifier:
keyid:8A:73:FB:C6:6E:6E:3E:8E:AB:2D:5F:C2:B6:89:91:09:1F:02:1E:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DD309/1FD6A6EEFA6911E68EC12333C4F9AE02/inP7xm5uPo6rLV_CtomRCR8CHkU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/inP7xm5uPo6rLV_CtomRCR8CHkU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD309/1FD6A6EEFA6911E68EC12333C4F9AE02/5949B76C00DB11E8A9CA373DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.80.0/22
103.15.140.0/23
103.41.212.0/23
103.109.238.0/23
IPv6:
2407:e80::/32
Signature Algorithm: sha256WithRSAEncryption
60:42:30:12:72:2b:36:45:fc:2c:57:ca:8e:4d:e0:68:df:c8:
53:39:0f:88:f6:2a:1e:11:a7:25:30:1c:86:b9:b6:76:57:64:
c2:45:56:d4:62:3c:e9:76:c1:60:e7:5e:cc:1e:05:58:ff:31:
9d:27:d9:cf:29:6d:33:51:13:5b:3e:d1:af:ae:72:be:e8:70:
6b:94:77:12:b8:ab:4c:66:83:3c:75:ac:eb:25:89:f0:9a:de:
bd:f3:32:50:ff:39:16:82:61:17:b8:6e:3f:32:e5:00:5b:41:
45:81:0e:79:94:95:be:ed:2e:66:49:c1:2e:97:80:54:41:75:
3b:41:ce:40:b0:a2:b6:51:5e:2d:b3:99:68:5a:0d:f5:f1:e5:
b5:80:6f:c0:d6:bc:26:a0:63:a3:59:3d:1f:06:e6:14:77:2a:
80:a3:7c:b6:70:0c:bb:30:71:6c:e0:44:37:1d:97:c3:3f:56:
70:61:28:ea:ec:d3:be:5a:cb:34:46:a0:b5:cf:28:3e:22:91:
75:b0:91:44:76:97:8c:44:6d:37:56:a7:61:58:82:45:91:8b:
3f:d4:b2:fe:d1:bb:3b:70:79:49:c3:8e:d3:1f:dc:04:b6:d9:
72:76:a3:29:6f:c4:e9:bc:fb:dc:4e:d5:d2:02:c5:6c:c1:41:
54:84:43:10
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICG7AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REQzMDkxMTAvBgNVBAUTKDhBNzNGQkM2NkU2RTNFOEVBQjJENUZDMkI2ODk5MTA5
MUYwMjFFNDUwHhcNMjQxMjMwMTYyODAwWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzcyY2ExMC1hOTg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmODFX6CSsI4j4BYPzd/cvGD/67SC/aJFk6CREYPB69NX3z8sDlSXR6A+zoJu
daZdAGg8+EBaVMPW+wnC2mjFTfRCfOztfIpVqd5Nt4hor92ZA86gnavWbzJrfSwY
e2OGJ5redt8hTbkjX3/wnMKNvRLCuY5L24DpzAmJneE8ai/QvnGTS9gjWAJpDqCc
YZbHHwiwAkQHThFVO+1cuI2Oy0V0QGdPEyt1lQ/ViXRV037/HXQ79GPIjVLhClfh
CVS4qcgPhyl3VTqrgPaqgSEJ9mqWjj3kb+vWAmcacy8/UOoapz/c2/0i0S+5Mx/a
S1Alma3lVv6Gs7mctCOx03nPPwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFFotM+Po
stKKGYjxkKnOV/lNtmxoMB8GA1UdIwQYMBaAFIpz+8Zubj6Oqy1fwraJkQkfAh5F
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERDMwOS8xRkQ2QTZFRUZB
NjkxMUU2OEVDMTIzMzNDNEY5QUUwMi9pblA3eG01dVBvNnJMVl9DdG9tUkNSOENI
a1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2luUDd4bTV1UG82ckxWX0N0b21SQ1I4Q0hrVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REQzMDkvMUZENkE2RUVGQTY5MTFFNjhFQzEyMzMzQzRGOUFFMDIvNTk0OUI3NkMw
MERCMTFFOEE5Q0EzNzNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAIr+lADBAFnD4wDBAFnKdQDBAFnbe4wDQQCAAIwBwMFACQH
DoAwDQYJKoZIhvcNAQELBQADggEBAGBCMBJyKzZF/CxXyo5N4GjfyFM5D4j2Kh4R
pyUwHIa5tnZXZMJFVtRiPOl2wWDnXsweBVj/MZ0n2c8pbTNRE1s+0a+ucr7ocGuU
dxK4q0xmgzx1rOslifCa3r3zMlD/ORaCYRe4bj8y5QBbQUWBDnmUlb7tLmZJwS6X
gFRBdTtBzkCworZRXi2zmWhaDfXx5bWAb8DWvCagY6NZPR8G5hR3KoCjfLZwDLsw
cWzgRDcdl8M/VnBhKOrs075ayzRGoLXPKD4ikXWwkUR2l4xEbTdWp2FYgkWRiz/U
sv7RuztweUnDjtMf3AS22XJ2oylvxOm8+9xO1dICxWzBQVSEQxA=
-----END CERTIFICATE-----
Generated at Fri Apr 11 19:47:08 2025 by rpki-client