Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FC4FB/098FE2E8DCDC11EF8E291844C4F9AE02/1A710020DCE011EFBD45E66AC4F9AE02.roa
File: 1A710020DCE011EFBD45E66AC4F9AE02.roa (raw, json)
Hash identifier: UlPosdQfRXZspBZyg13TijGXH9V3ecVqUdIyX2J3j0E=
Subject key identifier: 11:83:78:94:66:BB:DE:7F:31:7B:06:E6:31:2D:BB:88:DA:BA:4D:A7
Certificate issuer: /CN=A91FC4FB/serialNumber=FF20BC379D89A0DB3BE6FCF290FA3DD52EB7FA20
Certificate serial: 02
Authority key identifier: FF:20:BC:37:9D:89:A0:DB:3B:E6:FC:F2:90:FA:3D:D5:2E:B7:FA:20
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_yC8N52JoNs75vzykPo91S63-iA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FC4FB/098FE2E8DCDC11EF8E291844C4F9AE02/1A710020DCE011EFBD45E66AC4F9AE02.roa
Signing time: Mon 27 Jan 2025 18:54:15 +0000
ROA not before: Mon 27 Jan 2025 18:54:15 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 202425
IP address blocks: 45.123.190.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FC4FB
Validity
Not Before: Jan 27 18:54:15 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6797d656-fc7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0a:f7:0a:c9:41:09:77:a5:48:5f:4b:c8:e1:
dd:fd:c2:5e:8a:a8:0e:66:e4:3d:69:69:1f:f0:d0:
45:13:68:90:7b:7d:d3:51:17:c5:0f:5c:a2:a3:5f:
3e:41:39:70:a0:57:20:e4:ce:0f:25:f2:af:d4:b2:
27:9c:ee:99:fb:e0:7c:f6:b7:35:1e:d7:22:ef:23:
29:10:9f:ee:bd:98:4d:75:4b:24:cd:6c:2a:68:bd:
d3:dc:10:4d:21:6c:a9:ab:04:ee:9c:02:44:f9:c9:
c3:40:8f:b8:ba:e3:4d:ea:86:80:a1:14:3c:b5:5a:
e2:4c:a3:68:cf:50:cf:af:53:cb:77:36:14:c5:85:
b5:50:67:a2:f0:ea:87:11:b8:8f:60:e2:33:6a:4d:
71:52:7a:d0:e7:24:da:09:9e:ee:e7:8d:a7:00:f4:
32:99:c0:1a:06:39:a1:48:93:cb:96:65:0a:ef:5a:
5a:de:a6:ed:6f:c9:69:a9:69:68:c9:18:a9:d3:ca:
0d:06:ce:f8:32:35:f8:0c:e5:7a:0a:28:df:e7:67:
17:d7:39:05:f1:25:63:e9:a3:b4:b5:eb:9b:87:e6:
7a:d7:d7:ae:76:6d:95:a6:ec:e6:3e:a2:12:c5:52:
2e:d5:c2:e2:82:2b:7b:df:45:7d:0d:fe:3e:e0:9c:
4f:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:83:78:94:66:BB:DE:7F:31:7B:06:E6:31:2D:BB:88:DA:BA:4D:A7
X509v3 Authority Key Identifier:
keyid:FF:20:BC:37:9D:89:A0:DB:3B:E6:FC:F2:90:FA:3D:D5:2E:B7:FA:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FC4FB/098FE2E8DCDC11EF8E291844C4F9AE02/_yC8N52JoNs75vzykPo91S63-iA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_yC8N52JoNs75vzykPo91S63-iA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FC4FB/098FE2E8DCDC11EF8E291844C4F9AE02/1A710020DCE011EFBD45E66AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.123.190.0/24
Signature Algorithm: sha256WithRSAEncryption
25:8a:c6:93:3e:5f:6e:df:90:08:50:c2:e1:31:1a:27:fb:87:
cd:94:fb:7f:e7:c4:bc:66:fb:0e:6b:81:ad:29:d2:04:99:13:
2e:7a:a2:02:26:e8:93:27:08:30:ea:90:90:a8:76:79:32:f2:
09:88:0c:13:a4:c4:4a:99:28:ce:38:1c:eb:61:38:3d:23:ad:
62:ee:4b:60:d2:86:07:1b:c9:0d:f4:dc:6c:d4:35:ae:e9:37:
99:51:70:56:00:40:df:df:1a:8b:19:04:a0:db:ce:c7:62:8b:
f5:36:94:29:6f:b5:66:3d:f7:54:e0:06:42:bf:a8:4d:e4:c7:
c4:0f:c5:3e:ed:3b:5b:e0:15:03:15:3e:e1:77:66:7d:1d:98:
06:6c:64:23:47:a6:4f:55:55:fb:b1:12:fe:42:55:5f:62:44:
d1:d8:46:33:7f:6f:98:48:4f:08:71:bd:23:5f:e5:15:0d:89:
ca:45:08:97:3d:94:4b:83:2b:b3:52:5e:2a:d7:da:6c:08:12:
d4:85:28:e7:ff:86:62:04:7f:54:37:07:2e:11:f9:8d:f5:d7:
15:7c:b7:4d:1a:40:bb:a9:df:5e:70:8b:71:dd:10:c0:30:e4:
44:06:10:ee:13:3a:1c:63:d6:30:a7:98:c9:23:7f:cb:66:d9:
60:4a:98:70
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
QzRGQjExMC8GA1UEBRMoRkYyMEJDMzc5RDg5QTBEQjNCRTZGQ0YyOTBGQTNERDUy
RUI3RkEyMDAeFw0yNTAxMjcxODU0MTVaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3OTdkNjU2LWZjN2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJCvcKyUEJd6VIX0vI4d39wl6KqA5m5D1paR/w0EUTaJB7fdNRF8UPXKKjXz5B
OXCgVyDkzg8l8q/Usiec7pn74Hz2tzUe1yLvIykQn+69mE11SyTNbCpovdPcEE0h
bKmrBO6cAkT5ycNAj7i6403qhoChFDy1WuJMo2jPUM+vU8t3NhTFhbVQZ6Lw6ocR
uI9g4jNqTXFSetDnJNoJnu7njacA9DKZwBoGOaFIk8uWZQrvWlrepu1vyWmpaWjJ
GKnTyg0GzvgyNfgM5XoKKN/nZxfXOQXxJWPpo7S165uH5nrX1652bZWm7OY+ohLF
Ui7VwuKCK3vfRX0N/j7gnE+3AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUEYN4lGa7
3n8xewbmMS27iNq6TacwHwYDVR0jBBgwFoAU/yC8N52JoNs75vzykPo91S63+iAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZDNEZCLzA5OEZFMkU4RENE
QzExRUY4RTI5MTg0NEM0RjlBRTAyL195QzhONTJKb05zNzV2enlrUG85MVM2My1p
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvX3lDOE41MkpvTnM3NXZ6eWtQbzkxUzYzLWlBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
QzRGQi8wOThGRTJFOERDREMxMUVGOEUyOTE4NDRDNEY5QUUwMi8xQTcxMDAyMERD
RTAxMUVGQkQ0NUU2NkFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAC17vjANBgkqhkiG9w0BAQsFAAOCAQEAJYrGkz5fbt+QCFDC
4TEaJ/uHzZT7f+fEvGb7DmuBrSnSBJkTLnqiAibokycIMOqQkKh2eTLyCYgME6TE
Spkozjgc62E4PSOtYu5LYNKGBxvJDfTcbNQ1ruk3mVFwVgBA398aixkEoNvOx2KL
9TaUKW+1Zj33VOAGQr+oTeTHxA/FPu07W+AVAxU+4XdmfR2YBmxkI0emT1VV+7ES
/kJVX2JE0dhGM39vmEhPCHG9I1/lFQ2JykUIlz2US4Mrs1JeKtfabAgS1IUo5/+G
YgR/VDcHLhH5jfXXFXy3TRpAu6nfXnCLcd0QwDDkRAYQ7hM6HGPWMKeYySN/y2bZ
YEqYcA==
-----END CERTIFICATE-----
Generated at Fri Apr 11 09:32:18 2025 by rpki-client