Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3FAF/A90D1B96415C11EE9D355D2CC4F9AE02/5EDB6B50EE9311EF8EB9700BC4F9AE02.roa
File: 5EDB6B50EE9311EF8EB9700BC4F9AE02.roa (raw, json)
Hash identifier: 7Nat9vEjm3uLFRu4zdaHZeOvfAimC/wAZ4j55cSSDsQ=
Subject key identifier: 08:45:F8:90:FF:58:1B:53:ED:CB:C1:83:50:41:A6:86:7B:AE:1D:69
Certificate issuer: /CN=A91F3FAF/serialNumber=1E85A860D62E26079233CB7A01DB0BACBB0369A6
Certificate serial: 0183
Authority key identifier: 1E:85:A8:60:D6:2E:26:07:92:33:CB:7A:01:DB:0B:AC:BB:03:69:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HoWoYNYuJgeSM8t6AdsLrLsDaaY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F3FAF/A90D1B96415C11EE9D355D2CC4F9AE02/5EDB6B50EE9311EF8EB9700BC4F9AE02.roa
Signing time: Wed 19 Feb 2025 07:30:19 +0000
ROA not before: Wed 19 Feb 2025 07:30:19 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 4609
IP address blocks: 27.109.128.0/17 maxlen: 24
45.64.20.0/22 maxlen: 24
60.246.0.0/16 maxlen: 24
103.233.188.0/22 maxlen: 24
113.52.64.0/18 maxlen: 24
122.100.128.0/17 maxlen: 24
125.31.0.0/18 maxlen: 24
180.94.128.0/18 maxlen: 24
182.93.0.0/18 maxlen: 24
202.86.128.0/18 maxlen: 24
202.174.0.0/22 maxlen: 24
202.175.0.0/17 maxlen: 18
202.175.0.0/19 maxlen: 24
202.175.32.0/19 maxlen: 24
202.175.64.0/19 maxlen: 24
202.175.96.0/19 maxlen: 24
202.175.160.0/19 maxlen: 24
2001:f90::/32 maxlen: 39
2001:f90::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 387 (0x183)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F3FAF
Validity
Not Before: Feb 19 07:30:19 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67b5888b-921b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:14:0b:65:10:cb:68:a7:02:a1:64:86:96:ac:
41:d1:f8:60:fb:97:e9:c0:e0:5d:25:fa:81:54:ad:
08:de:44:a2:a7:f5:19:c5:4b:b1:f5:62:38:14:92:
dd:02:48:5b:4a:8f:04:9c:f1:7b:3f:b9:5a:52:10:
ef:da:99:ca:d3:d4:ca:c9:7a:31:60:ab:74:22:24:
2f:97:6c:cb:9e:87:a8:00:21:f1:3c:bb:17:d0:8d:
60:8e:30:29:5c:37:1b:72:f6:3c:5f:2b:74:75:ff:
93:ac:97:66:2f:fb:73:60:3f:b5:a8:a4:e4:5d:4f:
67:b0:1b:f5:bb:6e:96:e8:5d:07:cd:12:62:f1:3f:
8b:b4:ce:8b:c2:c8:fa:34:f0:c4:b3:4e:67:bc:e5:
ce:38:66:34:7c:e5:1a:0e:c1:c9:3c:12:11:63:7a:
82:a1:a3:80:01:92:c9:fa:cc:87:54:1f:8c:b1:8a:
05:a7:cd:64:b0:62:f5:65:18:f6:99:b6:56:41:2b:
ae:71:c6:12:54:ab:76:41:fc:c0:c5:7c:09:35:24:
16:89:6c:e6:31:43:23:0b:32:20:4f:92:eb:68:ae:
2a:85:30:e8:c8:3a:20:e8:ac:e9:12:a6:32:aa:85:
23:4c:11:0d:5b:be:f4:63:bd:ee:c0:c1:18:c5:aa:
66:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:45:F8:90:FF:58:1B:53:ED:CB:C1:83:50:41:A6:86:7B:AE:1D:69
X509v3 Authority Key Identifier:
keyid:1E:85:A8:60:D6:2E:26:07:92:33:CB:7A:01:DB:0B:AC:BB:03:69:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F3FAF/A90D1B96415C11EE9D355D2CC4F9AE02/HoWoYNYuJgeSM8t6AdsLrLsDaaY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HoWoYNYuJgeSM8t6AdsLrLsDaaY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3FAF/A90D1B96415C11EE9D355D2CC4F9AE02/5EDB6B50EE9311EF8EB9700BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.109.128.0/17
45.64.20.0/22
60.246.0.0/16
103.233.188.0/22
113.52.64.0/18
122.100.128.0/17
125.31.0.0/18
180.94.128.0/18
182.93.0.0/18
202.86.128.0/18
202.174.0.0/22
202.175.0.0/17
202.175.160.0/19
IPv6:
2001:f90::/32
Signature Algorithm: sha256WithRSAEncryption
a5:07:f7:7d:1c:4a:91:27:02:16:5b:e6:70:c7:db:eb:97:05:
a7:46:d2:ef:b5:21:05:e2:b3:a3:95:47:69:e3:70:19:2b:d0:
a7:09:a0:13:80:1d:81:f0:45:7b:84:c0:90:18:7e:23:02:e7:
fe:77:b0:38:98:bc:a5:c6:b8:bb:14:7a:52:6a:20:05:90:f3:
cc:8a:84:db:ef:d6:b9:8e:02:df:d3:5b:2a:b3:e8:80:13:04:
a2:e2:24:a9:28:1f:5e:40:42:f4:ca:19:02:15:98:b0:64:2f:
0a:4d:2e:a0:62:f5:da:cf:6d:c6:17:c9:bd:d1:92:2d:36:8c:
13:23:db:8e:0b:6c:db:61:38:a1:45:b2:92:1d:fc:31:d8:f0:
a1:50:27:29:51:0e:4a:4c:0a:eb:89:f4:f1:dd:3e:3b:92:40:
dc:fd:46:5c:b6:11:80:a6:ec:e7:15:5d:ad:f8:9b:6f:ba:38:
20:17:8e:59:56:90:a3:18:12:3b:0b:49:68:98:f9:12:4f:46:
30:0f:2d:a7:6b:1f:5d:b0:b2:89:1e:c7:01:6e:2b:b4:00:a7:
ee:f4:8a:9d:6e:9b:23:11:09:ac:fb:0b:cb:47:a5:05:99:65:
84:d9:c3:33:d2:8e:c0:1b:cd:e8:2d:7a:a1:30:91:4a:3b:b2:
17:50:59:ef
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgICAYMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjNGQUYxMTAvBgNVBAUTKDFFODVBODYwRDYyRTI2MDc5MjMzQ0I3QTAxREIwQkFD
QkIwMzY5QTYwHhcNMjUwMjE5MDczMDE5WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I1ODg4Yi05MjFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAohQLZRDLaKcCoWSGlqxB0fhg+5fpwOBdJfqBVK0I3kSip/UZxUux9WI4FJLd
AkhbSo8EnPF7P7laUhDv2pnK09TKyXoxYKt0IiQvl2zLnoeoACHxPLsX0I1gjjAp
XDcbcvY8Xyt0df+TrJdmL/tzYD+1qKTkXU9nsBv1u26W6F0HzRJi8T+LtM6Lwsj6
NPDEs05nvOXOOGY0fOUaDsHJPBIRY3qCoaOAAZLJ+syHVB+MsYoFp81ksGL1ZRj2
mbZWQSuuccYSVKt2QfzAxXwJNSQWiWzmMUMjCzIgT5LraK4qhTDoyDog6KzpEqYy
qoUjTBENW770Y73uwMEYxapm9wIDAQABo4IC6zCCAucwHQYDVR0OBBYEFAhF+JD/
WBtT7cvBg1BBpoZ7rh1pMB8GA1UdIwQYMBaAFB6FqGDWLiYHkjPLegHbC6y7A2mm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0ZBRi9BOTBEMUI5NjQx
NUMxMUVFOUQzNTVEMkNDNEY5QUUwMi9Ib1dvWU5ZdUpnZVNNOHQ2QWRzTHJMc0Rh
YVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hvV29ZTll1SmdlU004dDZBZHNMckxzRGFhWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjNGQUYvQTkwRDFCOTY0MTVDMTFFRTlEMzU1RDJDQzRGOUFFMDIvNUVEQjZCNTBF
RTkzMTFFRjhFQjk3MDBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdQYIKwYBBQUHAQcBAf8E
ZjBkMFMEAgABME0DBAcbbYADBAItQBQDAwA89gMEAmfpvAMEBnE0QAMEB3pkgAME
Bn0fAAMEBrRegAMEBrZdAAMEBspWgAMEAsquAAMEB8qvAAMEBcqvoDANBAIAAjAH
AwUAIAEPkDANBgkqhkiG9w0BAQsFAAOCAQEApQf3fRxKkScCFlvmcMfb65cFp0bS
77UhBeKzo5VHaeNwGSvQpwmgE4AdgfBFe4TAkBh+IwLn/newOJi8pca4uxR6Umog
BZDzzIqE2+/WuY4C39NbKrPogBMEouIkqSgfXkBC9MoZAhWYsGQvCk0uoGL12s9t
xhfJvdGSLTaMEyPbjgts22E4oUWykh38MdjwoVAnKVEOSkwK64n08d0+O5JA3P1G
XLYRgKbs5xVdrfibb7o4IBeOWVaQoxgSOwtJaJj5Ek9GMA8tp2sfXbCyiR7HAW4r
tACn7vSKnW6bIxEJrPsLy0elBZllhNnDM9KOwBvN6C16oTCRSjuyF1BZ7w==
-----END CERTIFICATE-----
Generated at Thu Apr 10 16:02:12 2025 by rpki-client