Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/5A69D6D4824811EC9AAB122AC4F9AE02.roa
File: 5A69D6D4824811EC9AAB122AC4F9AE02.roa (raw, json)
Hash identifier: rEzpNAZQS945WaHL0UH3po5H0rnYis3WD2bb2UXEPhw=
Subject key identifier: 02:BB:B4:6C:2C:2B:1B:A6:43:6D:36:83:08:01:ED:DB:DB:CD:6E:F6
Certificate issuer: /CN=A91E2364/serialNumber=647B149EF016CC5356A7ED730F133E002C0E7FAA
Certificate serial: 0C63
Authority key identifier: 64:7B:14:9E:F0:16:CC:53:56:A7:ED:73:0F:13:3E:00:2C:0E:7F:AA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/5A69D6D4824811EC9AAB122AC4F9AE02.roa
Signing time: Wed 05 Feb 2025 04:37:44 +0000
ROA not before: Wed 05 Feb 2025 04:37:44 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 38600
IP address blocks: 202.56.0.0/22 maxlen: 24
203.18.216.0/21 maxlen: 21
203.18.216.0/24 maxlen: 24
203.18.217.0/24 maxlen: 24
203.18.218.0/24 maxlen: 24
203.18.219.0/24 maxlen: 24
203.18.220.0/24 maxlen: 24
203.18.221.0/24 maxlen: 24
203.18.222.0/24 maxlen: 24
203.18.223.0/24 maxlen: 24
2401:9700:d000::/36 maxlen: 36
2401:9700:d000::/40 maxlen: 48
2401:9700:e000::/36 maxlen: 36
2401:9700:f000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3171 (0xc63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E2364
Validity
Not Before: Feb 5 04:37:44 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67a2eb17-a06a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:53:52:4d:23:40:58:76:7a:1c:70:7e:ea:e3:
dc:77:7e:4b:fb:42:52:8e:bc:76:1c:bd:cc:8b:c6:
1c:1a:64:46:35:8e:98:77:1d:09:76:84:63:0d:8f:
7d:e0:78:b3:16:82:df:62:f7:cd:44:24:6f:5b:b9:
0e:95:ae:a5:4b:34:12:f8:0f:7f:57:01:bc:79:01:
82:d3:f6:17:25:86:63:f5:04:1b:2f:47:e4:7f:a9:
79:d9:e8:5e:9b:f3:fa:86:9a:29:03:75:aa:c1:90:
3a:d8:81:17:64:d4:80:18:e2:f9:7e:45:63:58:bb:
f8:81:19:c9:6e:a3:70:78:6d:7d:e4:9e:a7:c9:4d:
94:a6:41:b4:ae:55:b6:20:a3:97:75:25:f5:96:9f:
a0:40:bb:87:49:19:f7:45:87:d9:5d:3f:21:67:6f:
69:d6:78:38:41:b2:7a:43:09:e9:27:8c:8c:ae:f3:
d8:6c:63:46:84:70:93:6f:9a:c0:d9:7d:4d:ac:0d:
e2:f5:f9:25:e6:40:31:dd:b6:b4:ab:c8:90:75:ab:
6e:3e:cd:e7:30:34:ab:b9:6e:6c:4c:18:8e:db:74:
76:bd:c2:e8:45:0b:42:86:e7:0f:54:d6:6e:35:1a:
c8:3a:e8:4d:d0:d4:66:8c:74:91:17:1a:d6:7b:12:
f0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:BB:B4:6C:2C:2B:1B:A6:43:6D:36:83:08:01:ED:DB:DB:CD:6E:F6
X509v3 Authority Key Identifier:
keyid:64:7B:14:9E:F0:16:CC:53:56:A7:ED:73:0F:13:3E:00:2C:0E:7F:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/5A69D6D4824811EC9AAB122AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.56.0.0/22
203.18.216.0/21
IPv6:
2401:9700:d000::-2401:9700:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b9:ee:0d:4f:30:f6:8a:08:f8:44:de:28:56:e7:9c:52:90:54:
e9:f8:69:9c:ca:ad:1c:c9:f7:8a:da:6a:b4:61:3f:50:7a:60:
06:74:16:7e:80:0d:c1:0a:15:21:e4:6e:ad:ae:8b:19:a0:a1:
6c:64:e2:6a:58:d5:eb:7e:26:1f:75:84:42:fe:c1:d9:ef:7a:
dd:76:21:6c:80:c8:32:8b:70:dd:f4:0b:98:48:ff:11:79:40:
32:50:40:df:f8:40:51:d3:03:59:e0:71:1b:0e:ee:91:b8:c1:
42:dd:69:58:43:be:36:bc:ab:3e:bb:ec:c7:81:2d:09:d1:1d:
30:65:ff:21:62:61:3e:72:d4:4d:80:83:2a:a7:ff:65:33:2b:
3c:c2:0b:15:b4:84:9c:d3:06:6b:b3:c6:c8:f1:04:ae:1b:13:
e5:aa:3c:5c:de:79:8f:21:4f:74:5a:86:d3:f1:31:56:d6:f7:
9d:51:14:b2:ff:1e:4e:16:7d:b3:a1:84:d7:1d:b9:09:b5:88:
6e:e3:fa:d5:2f:ec:81:23:94:67:ab:33:e6:1f:81:60:44:4a:
69:7f:33:db:ca:63:2e:a5:ee:d0:6e:bc:bc:24:90:ee:a6:e6:
d8:0f:c2:68:20:ed:6c:be:09:3c:72:ee:14:67:a0:91:c4:af:
d4:0c:d2:50
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgICDGMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTIzNjQxMTAvBgNVBAUTKDY0N0IxNDlFRjAxNkNDNTM1NkE3RUQ3MzBGMTMzRTAw
MkMwRTdGQUEwHhcNMjUwMjA1MDQzNzQ0WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EyZWIxNy1hMDZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1FNSTSNAWHZ6HHB+6uPcd35L+0JSjrx2HL3Mi8YcGmRGNY6Ydx0JdoRjDY99
4HizFoLfYvfNRCRvW7kOla6lSzQS+A9/VwG8eQGC0/YXJYZj9QQbL0fkf6l52ehe
m/P6hpopA3WqwZA62IEXZNSAGOL5fkVjWLv4gRnJbqNweG195J6nyU2UpkG0rlW2
IKOXdSX1lp+gQLuHSRn3RYfZXT8hZ29p1ng4QbJ6QwnpJ4yMrvPYbGNGhHCTb5rA
2X1NrA3i9fkl5kAx3ba0q8iQdatuPs3nMDSruW5sTBiO23R2vcLoRQtChucPVNZu
NRrIOuhN0NRmjHSRFxrWexLwVQIDAQABo4ICtDCCArAwHQYDVR0OBBYEFAK7tGws
KxumQ202gwgB7dvbzW72MB8GA1UdIwQYMBaAFGR7FJ7wFsxTVqftcw8TPgAsDn+q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjM2NC84RkU3MTc4NkZG
OUIxMUU5QjdGNEE3NzJDNEY5QUUwMi9aSHNVbnZBV3pGTldwLTF6RHhNLUFDd09m
Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pIc1VudkFXekZOV3AtMXpEeE0tQUN3T2Y2by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTIzNjQvOEZFNzE3ODZGRjlCMTFFOUI3RjRBNzcyQzRGOUFFMDIvNUE2OUQ2RDQ4
MjQ4MTFFQzlBQUIxMjJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPgYIKwYBBQUHAQcBAf8E
LzAtMBIEAgABMAwDBALKOAADBAPLEtgwFwQCAAIwETAPAwYEJAGXANADBQAkAZcA
MA0GCSqGSIb3DQEBCwUAA4IBAQC57g1PMPaKCPhE3ihW55xSkFTp+Gmcyq0cyfeK
2mq0YT9QemAGdBZ+gA3BChUh5G6trosZoKFsZOJqWNXrfiYfdYRC/sHZ73rddiFs
gMgyi3Dd9AuYSP8ReUAyUEDf+EBR0wNZ4HEbDu6RuMFC3WlYQ742vKs+u+zHgS0J
0R0wZf8hYmE+ctRNgIMqp/9lMys8wgsVtISc0wZrs8bI8QSuGxPlqjxc3nmPIU90
WobT8TFW1vedURSy/x5OFn2zoYTXHbkJtYhu4/rVL+yBI5RnqzPmH4FgREppfzPb
ymMupe7Qbry8JJDupubYD8JoIO1svgk8cu4UZ6CRxK/UDNJQ
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:37:12 2025 by rpki-client