Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/47B8B9CCE8E011EF8415BF41C4F9AE02.roa
File: 47B8B9CCE8E011EF8415BF41C4F9AE02.roa (raw, json)
Hash identifier: PY4WfBidqlI875DYC5aVwdMOaBjL1wsS9NxYPgndymY=
Subject key identifier: E2:9F:C5:DF:7D:46:06:D9:FA:95:08:5C:B6:4F:1B:5E:9E:56:5E:5B
Certificate issuer: /CN=A91E4845/serialNumber=01A412EF416C884F6F637F1BDA800EB6EF67B6D6
Certificate serial: 21C9
Authority key identifier: 01:A4:12:EF:41:6C:88:4F:6F:63:7F:1B:DA:80:0E:B6:EF:67:B6:D6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AaQS70FsiE9vY38b2oAOtu9nttY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/47B8B9CCE8E011EF8415BF41C4F9AE02.roa
Signing time: Wed 12 Feb 2025 01:36:29 +0000
ROA not before: Wed 12 Feb 2025 01:36:29 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 134712
IP address blocks: 220.158.204.0/22 maxlen: 22
220.158.204.0/24 maxlen: 24
220.158.205.0/24 maxlen: 24
220.158.206.0/24 maxlen: 24
220.158.207.0/24 maxlen: 24
2405:d340::/32 maxlen: 32
2405:d340::/48 maxlen: 48
2405:d340:1::/48 maxlen: 48
2405:d340:2::/48 maxlen: 48
2405:d340:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8649 (0x21c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4845
Validity
Not Before: Feb 12 01:36:29 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67abfb1c-1de9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4d:02:08:fb:bb:b9:e3:ef:5b:3b:9c:f4:ea:
9c:6c:ff:9c:36:74:06:3f:41:4a:75:ad:28:9b:5d:
22:96:dd:a5:5b:d5:5b:b7:41:72:81:8a:cf:27:c2:
43:07:ac:03:ee:b7:af:a9:3e:bf:ab:12:f8:46:d1:
7c:e8:60:8f:72:ee:e3:cf:54:f1:e1:5d:71:2f:02:
e5:f7:64:9b:33:6d:f7:c2:a7:e9:3f:3c:6e:23:d4:
01:e5:3e:6a:12:ca:33:17:5b:ce:2e:a9:62:77:fe:
22:b1:d4:a8:51:4c:61:a2:77:fe:b6:d0:3c:f3:66:
a8:f3:7c:00:0a:9d:44:99:f0:1b:d8:17:80:0b:95:
a4:3d:9b:58:45:bb:78:a3:d9:eb:c9:1d:93:d4:22:
dd:84:34:54:e7:be:a7:c8:75:a2:77:b5:b2:e2:9a:
e6:1b:4f:aa:f4:42:73:f4:57:86:dc:9a:3b:1e:ba:
b2:16:32:b5:b6:7b:5e:37:ee:81:64:f0:b3:d2:37:
3a:df:10:4e:27:9a:03:95:57:1c:7e:d3:c2:3f:36:
b2:1d:e2:9b:3a:a7:9c:f6:15:f0:8f:ba:3d:81:4e:
d3:27:42:ab:0a:c5:4b:36:08:06:78:53:8c:3e:cc:
80:7d:e2:ed:9e:d7:3c:9f:6f:c9:05:c4:2a:2e:a4:
69:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:9F:C5:DF:7D:46:06:D9:FA:95:08:5C:B6:4F:1B:5E:9E:56:5E:5B
X509v3 Authority Key Identifier:
keyid:01:A4:12:EF:41:6C:88:4F:6F:63:7F:1B:DA:80:0E:B6:EF:67:B6:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/AaQS70FsiE9vY38b2oAOtu9nttY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AaQS70FsiE9vY38b2oAOtu9nttY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/47B8B9CCE8E011EF8415BF41C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
220.158.204.0/22
IPv6:
2405:d340::/32
Signature Algorithm: sha256WithRSAEncryption
5d:f6:18:34:6c:d3:5a:6b:c4:bf:65:4d:03:c3:29:b9:88:ee:
fa:ac:33:3f:70:ae:e8:c3:1a:51:06:9e:27:2b:8d:72:28:3a:
66:79:91:44:f5:cf:f8:ef:ff:67:2f:e2:12:8b:5b:d7:ef:2d:
6e:e6:d2:28:60:23:ea:9e:2a:87:4c:fb:10:0d:cd:52:c2:f6:
b6:63:89:17:3a:45:0c:5b:f8:93:f6:c6:88:81:b0:d0:09:bc:
6a:42:35:8b:b8:a8:98:8b:23:01:06:eb:a6:46:04:2c:ae:c3:
3e:e7:f7:1c:cc:11:e1:a1:14:81:30:71:d1:4f:ae:68:e2:1c:
0c:21:70:06:37:7e:24:49:79:ad:f8:c8:da:c9:bb:0f:26:2f:
f4:37:69:62:08:00:a0:f7:c1:af:3b:b0:a4:89:80:b5:f7:11:
c8:d6:60:9d:a7:42:37:e6:b2:0a:ae:67:63:9a:05:9e:24:63:
b1:4d:d6:b6:fb:2d:3f:e2:fc:ce:29:ec:85:be:9c:58:23:b3:
6a:cb:ae:58:d2:ec:cc:08:01:c5:c4:da:94:2d:a4:79:95:2a:
fe:18:12:bb:ae:96:15:3d:16:d1:50:66:ff:00:f2:a6:cd:ab:
c8:70:1f:78:86:87:71:8c:ae:d6:f8:45:01:f4:83:89:66:06:
b9:55:0e:d0
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICIckwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTQ4NDUxMTAvBgNVBAUTKDAxQTQxMkVGNDE2Qzg4NEY2RjYzN0YxQkRBODAwRUI2
RUY2N0I2RDYwHhcNMjUwMjEyMDEzNjI5WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FiZmIxYy0xZGU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvk0CCPu7uePvWzuc9OqcbP+cNnQGP0FKda0om10ilt2lW9Vbt0FygYrPJ8JD
B6wD7revqT6/qxL4RtF86GCPcu7jz1Tx4V1xLwLl92SbM233wqfpPzxuI9QB5T5q
EsozF1vOLqlid/4isdSoUUxhonf+ttA882ao83wACp1EmfAb2BeAC5WkPZtYRbt4
o9nryR2T1CLdhDRU576nyHWid7Wy4prmG0+q9EJz9FeG3Jo7HrqyFjK1tnteN+6B
ZPCz0jc63xBOJ5oDlVccftPCPzayHeKbOqec9hXwj7o9gU7TJ0KrCsVLNggGeFOM
PsyAfeLtntc8n2/JBcQqLqRpbwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFOKfxd99
RgbZ+pUIXLZPG16eVl5bMB8GA1UdIwQYMBaAFAGkEu9BbIhPb2N/G9qADrbvZ7bW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDg0NS80MDAxNTNCNkQy
RUIxMUU1QjREMTVBNEVDNEY5QUUwMi9BYVFTNzBGc2lFOXZZMzhiMm9BT3R1OW50
dFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FhUVM3MEZzaUU5dlkzOGIyb0FPdHU5bnR0WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTQ4NDUvNDAwMTUzQjZEMkVCMTFFNUI0RDE1QTRFQzRGOUFFMDIvNDdCOEI5Q0NF
OEUwMTFFRjg0MTVCRjQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBALcnswwDQQCAAIwBwMFACQF00AwDQYJKoZIhvcNAQELBQAD
ggEBAF32GDRs01prxL9lTQPDKbmI7vqsMz9wrujDGlEGnicrjXIoOmZ5kUT1z/jv
/2cv4hKLW9fvLW7m0ihgI+qeKodM+xANzVLC9rZjiRc6RQxb+JP2xoiBsNAJvGpC
NYu4qJiLIwEG66ZGBCyuwz7n9xzMEeGhFIEwcdFPrmjiHAwhcAY3fiRJea34yNrJ
uw8mL/Q3aWIIAKD3wa87sKSJgLX3EcjWYJ2nQjfmsgquZ2OaBZ4kY7FN1rb7LT/i
/M4p7IW+nFgjs2rLrljS7MwIAcXE2pQtpHmVKv4YEruulhU9FtFQZv8A8qbNq8hw
H3iGh3GMrtb4RQH0g4lmBrlVDtA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:19:10 2025 by rpki-client