Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/E9DE96C44C3611EEA9D59630C4F9AE02.roa
File: E9DE96C44C3611EEA9D59630C4F9AE02.roa (raw, json)
Hash identifier: PC1UpxkrsO/0WXvqCVPit0ma41SpwfY7b5bjQTzVpWQ=
Subject key identifier: 92:6F:0E:27:44:BD:7A:51:D7:2C:CF:44:27:A8:6A:16:3F:4F:7D:21
Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60
Certificate serial: 217D
Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/E9DE96C44C3611EEA9D59630C4F9AE02.roa
Signing time: Tue 04 Mar 2025 16:33:17 +0000
ROA not before: Tue 04 Mar 2025 16:33:17 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 55811
IP address blocks: 27.124.96.0/20 maxlen: 20
45.113.196.0/22 maxlen: 22
103.53.116.0/22 maxlen: 22
103.53.116.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8573 (0x217d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FDD4D
Validity
Not Before: Mar 4 16:33:17 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67c72b4c-2a50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d4:51:43:58:dd:87:ae:f0:d0:93:5d:87:37:
e3:d2:05:59:91:69:a6:3b:da:10:89:b7:9b:f9:ed:
77:9c:fc:6d:42:bc:28:d6:28:27:b2:b3:9d:6d:c0:
71:b2:4b:1e:e3:04:79:1d:26:00:81:06:b8:43:a6:
f3:b4:2c:9b:cb:2e:8e:11:80:79:b5:47:0c:87:a0:
8c:a5:b3:be:e2:19:26:4f:6c:30:76:91:56:6b:84:
88:21:7b:aa:84:71:6a:10:03:a9:e9:cf:67:95:ba:
00:bd:f7:fe:86:e8:ee:6a:e5:09:55:f3:dd:c8:b4:
ff:a9:eb:7f:a8:be:6a:35:3e:fb:57:58:fe:36:d8:
20:98:9b:44:5c:80:67:12:0d:d7:32:ba:a9:44:45:
45:82:5c:1c:92:45:1f:34:7f:11:ed:d8:e7:90:dd:
1d:23:42:50:36:7b:b6:28:4c:2b:8f:0b:a3:bb:64:
d8:9d:16:8e:5d:91:5e:14:1f:32:d8:72:bc:6b:69:
f9:2b:ec:53:76:11:de:e2:6b:d8:4c:0a:60:3a:fc:
f0:11:e1:9a:03:2b:83:f9:eb:e7:ba:3e:97:e3:d1:
81:57:12:f3:f2:6c:0e:f5:f0:ef:62:29:d9:51:e0:
5c:c6:f7:4a:77:b1:ff:bb:86:e2:c3:e3:38:aa:82:
d7:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:6F:0E:27:44:BD:7A:51:D7:2C:CF:44:27:A8:6A:16:3F:4F:7D:21
X509v3 Authority Key Identifier:
keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/E9DE96C44C3611EEA9D59630C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.124.96.0/20
45.113.196.0/22
103.53.116.0/22
Signature Algorithm: sha256WithRSAEncryption
38:ac:43:ce:6d:5e:95:17:60:af:12:4a:3a:08:4d:a5:77:16:
48:90:32:15:7c:ee:55:e5:41:e5:c0:68:87:51:a8:23:08:c8:
f1:cf:95:a0:a3:da:7c:8d:f7:76:0e:c4:4a:89:c6:13:37:76:
90:0c:3e:ea:4f:a7:09:47:99:65:9f:37:77:f6:ce:18:4e:03:
d5:f8:04:2c:ec:79:be:c8:9f:b0:18:76:39:74:20:84:b3:6b:
f5:bc:73:98:3e:e9:bd:e9:02:50:e6:db:bc:d1:fb:62:fd:fd:
d1:d1:32:71:98:0a:ae:59:a3:7a:25:ee:94:f8:68:6d:a1:36:
38:c6:ac:70:79:a7:52:32:45:55:d9:b8:b7:d1:23:e6:2d:75:
27:fc:f5:96:e6:96:ff:19:84:7b:af:e3:bc:7d:16:43:6d:23:
25:63:ca:fa:d9:de:d5:09:f0:d7:55:c8:e1:84:8e:60:fc:39:
70:4e:c4:93:6c:d2:5b:65:ff:38:13:c3:eb:60:96:ba:b8:1b:
9d:83:5e:e9:08:4d:b3:41:01:a4:d0:94:30:5c:c6:0f:6b:ad:
89:c1:04:87:7d:f6:6d:59:69:fa:6a:ea:ec:b1:97:d5:d2:e1:
28:a1:57:65:02:5b:d6:f7:67:63:9f:0b:56:28:92:0b:df:3c:
80:47:4d:b8
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICIX0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF
QTNFNDFFNjAwHhcNMjUwMzA0MTYzMzE3WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M3MmI0Yy0yYTUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp9RRQ1jdh67w0JNdhzfj0gVZkWmmO9oQibeb+e13nPxtQrwo1ignsrOdbcBx
skse4wR5HSYAgQa4Q6bztCybyy6OEYB5tUcMh6CMpbO+4hkmT2wwdpFWa4SIIXuq
hHFqEAOp6c9nlboAvff+hujuauUJVfPdyLT/qet/qL5qNT77V1j+NtggmJtEXIBn
Eg3XMrqpREVFglwckkUfNH8R7djnkN0dI0JQNnu2KEwrjwuju2TYnRaOXZFeFB8y
2HK8a2n5K+xTdhHe4mvYTApgOvzwEeGaAyuD+evnuj6X49GBVxLz8mwO9fDvYinZ
UeBcxvdKd7H/u4biw+M4qoLXXwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFJJvDidE
vXpR1yzPRCeoahY/T30hMB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB
NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI
bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkRENEQvQkFFMTA4QzRFQTYwMTFFNTg4MTU3NzBDQzRGOUFFMDIvRTlERTk2QzQ0
QzM2MTFFRUE5RDU5NjMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAQbfGADBAItccQDBAJnNXQwDQYJKoZIhvcNAQELBQADggEB
ADisQ85tXpUXYK8SSjoITaV3FkiQMhV87lXlQeXAaIdRqCMIyPHPlaCj2nyN93YO
xEqJxhM3dpAMPupPpwlHmWWfN3f2zhhOA9X4BCzseb7In7AYdjl0IISza/W8c5g+
6b3pAlDm27zR+2L9/dHRMnGYCq5Zo3ol7pT4aG2hNjjGrHB5p1IyRVXZuLfRI+Yt
dSf89Zbmlv8ZhHuv47x9FkNtIyVjyvrZ3tUJ8NdVyOGEjmD8OXBOxJNs0ltl/zgT
w+tglrq4G52DXukITbNBAaTQlDBcxg9rrYnBBId99m1Zafpq6uyxl9XS4SihV2UC
W9b3Z2OfC1YokgvfPIBHTbg=
-----END CERTIFICATE-----
Generated at Thu Apr 10 10:53:53 2025 by rpki-client