Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F1446/2A1FF56EC53511EC8E5A0313C4F9AE02/D56B4ABED54E11EFAD8C4E52C4F9AE02.roa
File: D56B4ABED54E11EFAD8C4E52C4F9AE02.roa (raw, json)
Hash identifier: GjwPBXkxZ4qE4L8GvWJPamMwvGLPmxgtpWoHImjgHS0=
Subject key identifier: DF:09:DD:F4:E5:DC:46:30:6B:A9:1C:EE:D1:C7:53:95:BC:7E:D6:7C
Certificate issuer: /CN=A91F1446/serialNumber=B5D33A7A32A5082D336B6B05B7965F307470A276
Certificate serial: 02FF
Authority key identifier: B5:D3:3A:7A:32:A5:08:2D:33:6B:6B:05:B7:96:5F:30:74:70:A2:76
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tdM6ejKlCC0za2sFt5ZfMHRwonY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F1446/2A1FF56EC53511EC8E5A0313C4F9AE02/D56B4ABED54E11EFAD8C4E52C4F9AE02.roa
Signing time: Sat 18 Jan 2025 03:46:44 +0000
ROA not before: Sat 18 Jan 2025 03:46:44 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 153494
IP address blocks: 43.241.252.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 767 (0x2ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F1446
Validity
Not Before: Jan 18 03:46:44 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=678b2423-cdc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:69:37:7f:10:7a:ce:8f:07:ef:38:f8:72:7f:
95:9c:40:d9:e9:7c:3e:5d:69:4b:3b:c9:58:04:85:
ab:d5:a3:5b:c0:19:1f:73:c8:3b:32:a6:8c:7a:41:
85:3e:85:45:3c:62:53:b5:9e:e0:d2:48:2c:9b:6e:
e2:09:9d:7e:54:60:62:10:54:98:60:92:00:b4:d6:
37:57:40:aa:82:72:e2:ce:f5:82:29:d5:38:ab:c6:
de:84:dc:a7:b5:a3:8f:b0:8a:50:49:73:53:7e:3a:
08:93:d8:6c:8c:40:4a:5b:7d:e3:90:5e:14:61:94:
3e:3c:3c:07:7e:b9:f5:2b:5c:b4:51:84:fb:95:52:
51:38:9c:14:b2:76:97:35:39:33:d6:85:7b:da:46:
36:9d:aa:4b:66:b9:0a:05:f6:21:b5:00:50:3f:e9:
9d:f5:02:7d:6b:35:19:d1:d8:0e:bb:01:ff:8b:9d:
b2:7f:eb:8d:67:15:ef:2d:de:c2:1b:f9:73:5d:4f:
0e:fd:0a:c9:4e:7c:0d:1b:3c:b4:83:60:1f:1e:56:
d8:29:1d:95:c0:02:ad:e9:67:0a:1f:60:98:de:4a:
29:0d:29:c9:12:b4:77:fb:da:3e:7b:67:2e:b7:77:
4f:c3:28:3c:2d:c4:49:42:d1:58:8a:ab:e8:97:39:
b6:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:09:DD:F4:E5:DC:46:30:6B:A9:1C:EE:D1:C7:53:95:BC:7E:D6:7C
X509v3 Authority Key Identifier:
keyid:B5:D3:3A:7A:32:A5:08:2D:33:6B:6B:05:B7:96:5F:30:74:70:A2:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F1446/2A1FF56EC53511EC8E5A0313C4F9AE02/tdM6ejKlCC0za2sFt5ZfMHRwonY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tdM6ejKlCC0za2sFt5ZfMHRwonY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F1446/2A1FF56EC53511EC8E5A0313C4F9AE02/D56B4ABED54E11EFAD8C4E52C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.252.0/22
Signature Algorithm: sha256WithRSAEncryption
17:7f:41:e1:e5:8f:e0:5f:77:36:a8:12:c3:b2:b5:11:99:a8:
07:ba:f1:e0:a8:6a:71:70:57:e9:91:2a:93:a6:fc:92:c6:5e:
c2:d4:e3:71:76:8f:37:32:54:2a:db:e7:01:b9:7b:d4:ac:36:
a4:39:0b:df:00:ad:e1:8c:01:e3:c1:23:92:6e:a8:37:ce:38:
74:7d:7c:a2:e4:5c:1e:ec:3b:31:f7:b3:d6:27:51:fc:a0:38:
a1:2e:e0:b0:ff:50:9a:48:61:41:b0:b5:0b:54:90:22:86:96:
9d:69:31:52:ed:a8:45:94:b2:a9:4c:aa:5c:71:e3:7f:e5:b8:
44:af:c9:d6:c2:e6:c8:8a:c2:92:df:32:1a:1c:3b:1a:a4:d4:
a2:90:fc:d8:49:8d:67:bc:c3:ba:82:7f:d6:11:a6:24:bc:f0:
03:f7:e1:fd:95:94:a1:fd:9a:95:4b:31:f3:19:0a:1b:f4:cc:
71:64:2a:71:fb:02:e0:dd:42:73:85:63:64:4a:05:36:3e:c2:
6c:91:bf:60:14:d3:5e:4f:1e:24:d2:fc:b3:da:f8:98:59:d3:
4b:d2:41:84:72:cd:5b:d7:f6:03:c9:09:4b:f6:59:32:1a:ec:
48:4d:89:48:5b:b3:ad:ae:87:59:75:74:db:29:3d:84:6f:76:
04:ce:f4:ce
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAv8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjE0NDYxMTAvBgNVBAUTKEI1RDMzQTdBMzJBNTA4MkQzMzZCNkIwNUI3OTY1RjMw
NzQ3MEEyNzYwHhcNMjUwMTE4MDM0NjQ0WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhiMjQyMy1jZGM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwWk3fxB6zo8H7zj4cn+VnEDZ6Xw+XWlLO8lYBIWr1aNbwBkfc8g7MqaMekGF
PoVFPGJTtZ7g0kgsm27iCZ1+VGBiEFSYYJIAtNY3V0CqgnLizvWCKdU4q8behNyn
taOPsIpQSXNTfjoIk9hsjEBKW33jkF4UYZQ+PDwHfrn1K1y0UYT7lVJROJwUsnaX
NTkz1oV72kY2napLZrkKBfYhtQBQP+md9QJ9azUZ0dgOuwH/i52yf+uNZxXvLd7C
G/lzXU8O/QrJTnwNGzy0g2AfHlbYKR2VwAKt6WcKH2CY3kopDSnJErR3+9o+e2cu
t3dPwyg8LcRJQtFYiqvolzm2jwIDAQABo4IClTCCApEwHQYDVR0OBBYEFN8J3fTl
3EYwa6kc7tHHU5W8ftZ8MB8GA1UdIwQYMBaAFLXTOnoypQgtM2trBbeWXzB0cKJ2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTQ0Ni8yQTFGRjU2RUM1
MzUxMUVDOEU1QTAzMTNDNEY5QUUwMi90ZE02ZWpLbENDMHphMnNGdDVaZk1IUndv
blkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RkTTZlaktsQ0MwemEyc0Z0NVpmTUhSd29uWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjE0NDYvMkExRkY1NkVDNTM1MTFFQzhFNUEwMzEzQzRGOUFFMDIvRDU2QjRBQkVE
NTRFMTFFRkFEOEM0RTUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAIr8fwwDQYJKoZIhvcNAQELBQADggEBABd/QeHlj+Bfdzao
EsOytRGZqAe68eCoanFwV+mRKpOm/JLGXsLU43F2jzcyVCrb5wG5e9SsNqQ5C98A
reGMAePBI5JuqDfOOHR9fKLkXB7sOzH3s9YnUfygOKEu4LD/UJpIYUGwtQtUkCKG
lp1pMVLtqEWUsqlMqlxx43/luESvydbC5siKwpLfMhocOxqk1KKQ/NhJjWe8w7qC
f9YRpiS88AP34f2VlKH9mpVLMfMZChv0zHFkKnH7AuDdQnOFY2RKBTY+wmyRv2AU
015PHiTS/LPa+JhZ00vSQYRyzVvX9gPJCUv2WTIa7EhNiUhbs62uh1l1dNspPYRv
dgTO9M4=
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:44:24 2025 by rpki-client