Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ECD98/7802048A66A411EA8FCB2B6FC4F9AE02/F760C48ACE0111EB980FBD53C4F9AE02.roa
File: F760C48ACE0111EB980FBD53C4F9AE02.roa (raw, json)
Hash identifier: lEjGikQ+ii4jtTGbAoJ/KSsQ3VS5/CajiRstqwCSiwQ=
Subject key identifier: 88:16:19:B4:BD:A8:E8:04:3D:32:CC:ED:9C:6D:65:FD:3F:2C:00:5F
Certificate issuer: /CN=A91ECD98/serialNumber=41C65C00F0A6B07D3C0F6B1290564FBF8382DA73
Certificate serial: 0A35
Authority key identifier: 41:C6:5C:00:F0:A6:B0:7D:3C:0F:6B:12:90:56:4F:BF:83:82:DA:73
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QcZcAPCmsH08D2sSkFZPv4OC2nM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ECD98/7802048A66A411EA8FCB2B6FC4F9AE02/F760C48ACE0111EB980FBD53C4F9AE02.roa
Signing time: Sat 22 Mar 2025 20:09:51 +0000
ROA not before: Sat 22 Mar 2025 20:09:51 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 135125
IP address blocks: 45.250.20.0/22 maxlen: 22
45.250.20.0/23 maxlen: 23
45.250.20.0/24 maxlen: 24
45.250.21.0/24 maxlen: 24
45.250.22.0/23 maxlen: 23
45.250.22.0/24 maxlen: 24
45.250.23.0/24 maxlen: 24
103.210.16.0/22 maxlen: 22
103.210.16.0/23 maxlen: 23
103.210.16.0/24 maxlen: 24
103.210.17.0/24 maxlen: 24
103.210.18.0/23 maxlen: 23
103.210.18.0/24 maxlen: 24
103.210.19.0/24 maxlen: 24
2401:940::/32 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2613 (0xa35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ECD98
Validity
Not Before: Mar 22 20:09:51 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67df190f-f17a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bb:8c:25:99:f3:f6:57:29:b4:06:6a:c3:f0:
d2:01:88:3f:da:2a:1a:9c:82:d4:7e:ba:e3:4a:1a:
c5:4b:4d:46:ef:93:23:0d:6e:5b:00:c9:fe:1a:38:
d3:f4:67:cc:cb:1a:6e:d8:be:cf:de:8f:9a:47:de:
9f:fb:e7:03:7c:b6:9c:68:7b:1e:01:87:46:44:a7:
c6:a3:a6:dd:8e:d5:4b:a5:60:f9:89:37:94:49:60:
c1:86:8f:23:df:1e:c3:18:b9:d9:40:53:e5:9e:4a:
68:7f:36:da:4f:95:12:08:3d:95:27:4c:54:a4:e8:
e6:ac:1f:b8:38:e1:74:61:af:fb:91:b6:71:20:2f:
ef:4b:ab:1c:e3:31:00:51:f5:1e:14:bf:8b:f4:cd:
68:99:34:be:d1:88:c1:28:5a:4e:f7:53:3f:90:ba:
db:48:ab:dc:2e:ca:32:f9:9a:f4:5c:2b:92:1d:1e:
4e:a5:08:84:2f:db:10:3c:25:1a:ab:cc:0b:cb:07:
f0:49:6a:ab:c5:b5:4a:54:d9:3c:ed:a3:be:09:df:
fa:4a:2b:a4:1f:13:d4:43:8d:ac:e7:80:d1:12:19:
76:82:52:14:17:80:dc:ce:27:b1:b3:90:0d:68:77:
a1:bf:28:18:a8:9f:1f:ec:8c:04:b4:d2:e1:c3:f0:
f9:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:16:19:B4:BD:A8:E8:04:3D:32:CC:ED:9C:6D:65:FD:3F:2C:00:5F
X509v3 Authority Key Identifier:
keyid:41:C6:5C:00:F0:A6:B0:7D:3C:0F:6B:12:90:56:4F:BF:83:82:DA:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ECD98/7802048A66A411EA8FCB2B6FC4F9AE02/QcZcAPCmsH08D2sSkFZPv4OC2nM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QcZcAPCmsH08D2sSkFZPv4OC2nM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ECD98/7802048A66A411EA8FCB2B6FC4F9AE02/F760C48ACE0111EB980FBD53C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.250.20.0/22
103.210.16.0/22
IPv6:
2401:940::/32
Signature Algorithm: sha256WithRSAEncryption
55:08:0c:57:2b:aa:d7:03:74:40:06:3a:4c:e0:d1:af:6b:e4:
06:42:76:ed:b0:7d:ea:a8:e7:0d:11:87:60:40:28:45:a1:24:
98:03:b4:45:3e:c1:17:fa:94:86:a5:af:87:f9:54:cb:6b:58:
00:08:25:58:6d:64:93:c7:f8:49:5d:6b:d9:f2:9b:db:68:89:
f7:2d:41:6e:3f:37:ee:87:25:81:8c:3b:96:34:82:c8:39:9b:
6f:4a:07:1f:e3:77:41:0d:3e:eb:af:98:b5:72:d4:85:66:d8:
27:5e:1f:09:4e:8e:e1:8f:0f:ad:a4:c4:0a:d4:90:a2:8a:2b:
97:ef:c1:cd:6a:93:54:c4:50:11:f8:34:8c:7e:24:80:9a:7a:
c6:76:38:f2:d3:73:0f:83:fc:cd:9f:ed:af:17:d9:f2:41:3f:
aa:94:89:a1:19:ce:db:9c:5f:65:1a:1c:fc:4f:2e:30:b2:f8:
6a:56:15:dc:39:f0:8b:28:f2:85:49:4a:b7:2d:c7:bc:9d:c3:
b2:a3:c1:d8:5d:cf:0e:c0:e6:15:cc:96:7f:88:d2:2a:d9:75:
04:ef:8b:ca:ab:52:9f:c2:d6:27:06:ce:5e:91:b9:67:d5:19:
1a:69:0f:12:f8:86:2e:73:f9:70:93:7c:cb:eb:a8:c2:65:05:
96:1c:fb:4b
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCjUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUNEOTgxMTAvBgNVBAUTKDQxQzY1QzAwRjBBNkIwN0QzQzBGNkIxMjkwNTY0RkJG
ODM4MkRBNzMwHhcNMjUwMzIyMjAwOTUxWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RmMTkwZi1mMTdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsLuMJZnz9lcptAZqw/DSAYg/2ioanILUfrrjShrFS01G75MjDW5bAMn+GjjT
9GfMyxpu2L7P3o+aR96f++cDfLacaHseAYdGRKfGo6bdjtVLpWD5iTeUSWDBho8j
3x7DGLnZQFPlnkpofzbaT5USCD2VJ0xUpOjmrB+4OOF0Ya/7kbZxIC/vS6sc4zEA
UfUeFL+L9M1omTS+0YjBKFpO91M/kLrbSKvcLsoy+Zr0XCuSHR5OpQiEL9sQPCUa
q8wLywfwSWqrxbVKVNk87aO+Cd/6SiukHxPUQ42s54DREhl2glIUF4Dcziexs5AN
aHehvygYqJ8f7IwEtNLhw/D50QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFIgWGbS9
qOgEPTLM7ZxtZf0/LABfMB8GA1UdIwQYMBaAFEHGXADwprB9PA9rEpBWT7+Dgtpz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQ0Q5OC83ODAyMDQ4QTY2
QTQxMUVBOEZDQjJCNkZDNEY5QUUwMi9RY1pjQVBDbXNIMDhEMnNTa0ZaUHY0T0My
bk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FjWmNBUENtc0gwOEQyc1NrRlpQdjRPQzJuTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUNEOTgvNzgwMjA0OEE2NkE0MTFFQThGQ0IyQjZGQzRGOUFFMDIvRjc2MEM0OEFD
RTAxMTFFQjk4MEZCRDUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAIt+hQDBAJn0hAwDQQCAAIwBwMFACQBCUAwDQYJKoZIhvcN
AQELBQADggEBAFUIDFcrqtcDdEAGOkzg0a9r5AZCdu2wfeqo5w0Rh2BAKEWhJJgD
tEU+wRf6lIalr4f5VMtrWAAIJVhtZJPH+Elda9nym9toifctQW4/N+6HJYGMO5Y0
gsg5m29KBx/jd0ENPuuvmLVy1IVm2CdeHwlOjuGPD62kxArUkKKKK5fvwc1qk1TE
UBH4NIx+JICaesZ2OPLTcw+D/M2f7a8X2fJBP6qUiaEZztucX2UaHPxPLjCy+GpW
Fdw58Iso8oVJSrctx7ydw7Kjwdhdzw7A5hXMln+I0irZdQTvi8qrUp/C1icGzl6R
uWfVGRppDxL4hi5z+XCTfMvrqMJlBZYc+0s=
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:18:21 2025 by rpki-client