Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912DD36/7F4023F2253211EFBC93211AC4F9AE02/09EC8E16662211EFB6FA446CC4F9AE02.roa
File: 09EC8E16662211EFB6FA446CC4F9AE02.roa (raw, json)
Hash identifier: urnxskxc6j+If6xUlVvxOJwYlSVOMo9w2F7g3T2GGgM=
Subject key identifier: 64:DC:B8:2B:79:83:13:3B:6C:83:81:06:03:1F:78:51:32:D6:FC:99
Certificate issuer: /CN=A912DD36/serialNumber=04DEDACBDBAFA5C1C14F92817B96F7F503100A28
Certificate serial: 33
Authority key identifier: 04:DE:DA:CB:DB:AF:A5:C1:C1:4F:92:81:7B:96:F7:F5:03:10:0A:28
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BN7ay9uvpcHBT5KBe5b39QMQCig.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912DD36/7F4023F2253211EFBC93211AC4F9AE02/09EC8E16662211EFB6FA446CC4F9AE02.roa
Signing time: Tue 03 Sep 2024 08:20:21 +0000
ROA not before: Tue 03 Sep 2024 08:20:21 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 56106
IP address blocks: 45.124.212.0/22 maxlen: 22
45.124.212.0/24 maxlen: 24
45.124.213.0/24 maxlen: 24
45.124.214.0/24 maxlen: 24
45.124.215.0/24 maxlen: 24
103.193.80.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51 (0x33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912DD36
Validity
Not Before: Sep 3 08:20:21 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d6c6c5-a011
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:22:70:99:bb:e2:3d:31:46:e2:5d:35:4f:b8:
02:f2:a2:35:ea:64:7f:cf:0f:82:cd:da:99:3e:57:
97:e9:74:11:ef:8a:f1:a0:c3:0e:91:ab:f5:50:ca:
48:99:de:9e:78:c3:67:6a:17:2a:be:04:9a:af:98:
a6:a2:d8:d5:31:e0:74:51:c1:41:f7:67:82:ab:81:
37:c7:74:11:0b:35:b5:2e:b5:b6:3b:90:e7:1d:c9:
03:44:d4:ba:b4:79:02:2f:b0:4f:22:23:10:64:4d:
f5:d3:47:19:f3:73:6b:96:15:d6:9a:da:a5:cb:c0:
d1:22:0c:e6:1a:66:7b:6a:1b:88:eb:18:37:bb:f8:
1a:06:f8:47:86:bc:d5:ae:35:84:58:b3:2f:3a:c9:
1c:54:f5:18:18:29:92:b9:b4:b1:9a:0d:9e:c1:89:
7e:c9:0d:bf:0c:9f:a3:75:78:3c:b3:ce:38:e6:bd:
2d:9e:7f:5e:b4:69:5f:01:aa:10:a8:02:3e:ef:2c:
5a:d6:16:d3:87:86:24:4b:10:16:90:4a:5d:a7:49:
33:65:36:90:59:61:2c:40:82:92:25:38:7f:1e:20:
fc:cf:19:dd:e6:51:53:a2:a6:c6:89:91:ec:d5:69:
70:89:ef:29:97:da:a8:8a:2c:74:52:7e:a9:89:3a:
2f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:DC:B8:2B:79:83:13:3B:6C:83:81:06:03:1F:78:51:32:D6:FC:99
X509v3 Authority Key Identifier:
keyid:04:DE:DA:CB:DB:AF:A5:C1:C1:4F:92:81:7B:96:F7:F5:03:10:0A:28
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912DD36/7F4023F2253211EFBC93211AC4F9AE02/BN7ay9uvpcHBT5KBe5b39QMQCig.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BN7ay9uvpcHBT5KBe5b39QMQCig.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912DD36/7F4023F2253211EFBC93211AC4F9AE02/09EC8E16662211EFB6FA446CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.124.212.0/22
103.193.80.0/22
Signature Algorithm: sha256WithRSAEncryption
19:55:cb:21:f2:68:5a:2f:52:60:33:a1:55:c2:08:c3:85:c4:
5c:cd:61:89:0b:d4:9d:bb:9d:71:b2:8d:8a:1b:35:0d:8c:89:
29:ee:e0:7c:12:55:33:91:ad:01:16:b6:15:2a:82:10:6e:8e:
d1:02:98:f2:61:76:90:65:49:d3:17:1a:a3:f7:c1:ee:60:a2:
51:35:b2:58:f9:a6:c1:8b:f8:09:8c:d8:98:fb:5e:5a:62:06:
57:3a:72:46:db:6b:14:59:61:de:0b:f7:10:52:49:09:2d:61:
8b:49:b9:d5:ea:c1:85:e3:aa:ff:5d:a7:d9:bd:e3:6d:dd:47:
08:43:41:e2:98:7f:9e:9c:8f:51:27:2c:c9:25:9e:76:af:92:
c7:4b:13:24:0b:ec:06:2b:f3:05:06:d6:e1:af:69:c6:c9:fe:
88:e2:77:3e:7c:1c:54:cd:1b:94:96:02:c0:1c:d7:5c:cb:4a:
85:c4:cc:da:c6:a5:63:b6:9f:ec:81:6b:cd:a4:70:bf:ab:9f:
55:ef:ef:55:3c:62:37:43:2b:3e:fa:36:5e:39:5f:fe:84:42:
d9:5b:df:10:1b:7d:d3:13:87:55:63:fe:67:6f:29:ff:30:fa:
45:49:be:33:ec:f9:fa:5f:6e:a8:e8:d2:d0:d8:02:7f:8c:47:
17:16:e3:bd
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBMzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
REQzNjExMC8GA1UEBRMoMDRERURBQ0JEQkFGQTVDMUMxNEY5MjgxN0I5NkY3RjUw
MzEwMEEyODAeFw0yNDA5MDMwODIwMjFaFw0yNTEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZDZjNmM1LWEwMTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDHInCZu+I9MUbiXTVPuALyojXqZH/PD4LN2pk+V5fpdBHvivGgww6Rq/VQykiZ
3p54w2dqFyq+BJqvmKai2NUx4HRRwUH3Z4KrgTfHdBELNbUutbY7kOcdyQNE1Lq0
eQIvsE8iIxBkTfXTRxnzc2uWFdaa2qXLwNEiDOYaZntqG4jrGDe7+BoG+EeGvNWu
NYRYsy86yRxU9RgYKZK5tLGaDZ7BiX7JDb8Mn6N1eDyzzjjmvS2ef160aV8BqhCo
Aj7vLFrWFtOHhiRLEBaQSl2nSTNlNpBZYSxAgpIlOH8eIPzPGd3mUVOipsaJkezV
aXCJ7ymX2qiKLHRSfqmJOi+pAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUZNy4K3mD
Eztsg4EGAx94UTLW/JkwHwYDVR0jBBgwFoAUBN7ay9uvpcHBT5KBe5b39QMQCigw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJERDM2LzdGNDAyM0YyMjUz
MjExRUZCQzkzMjExQUM0RjlBRTAyL0JON2F5OXV2cGNIQlQ1S0JlNWIzOVFNUUNp
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQk43YXk5dXZwY0hCVDVLQmU1YjM5UU1RQ2lnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
REQzNi83RjQwMjNGMjI1MzIxMUVGQkM5MzIxMUFDNEY5QUUwMi8wOUVDOEUxNjY2
MjIxMUVGQjZGQTQ0NkNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAi181AMEAmfBUDANBgkqhkiG9w0BAQsFAAOCAQEAGVXLIfJo
Wi9SYDOhVcIIw4XEXM1hiQvUnbudcbKNihs1DYyJKe7gfBJVM5GtARa2FSqCEG6O
0QKY8mF2kGVJ0xcao/fB7mCiUTWyWPmmwYv4CYzYmPteWmIGVzpyRttrFFlh3gv3
EFJJCS1hi0m51erBheOq/12n2b3jbd1HCENB4ph/npyPUScsySWedq+Sx0sTJAvs
BivzBQbW4a9pxsn+iOJ3PnwcVM0blJYCwBzXXMtKhcTM2salY7af7IFrzaRwv6uf
Ve/vVTxiN0MrPvo2Xjlf/oRC2VvfEBt90xOHVWP+Z28p/zD6RUm+M+z5+l9uqOjS
0NgCf4xHFxbjvQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:54:39 2025 by rpki-client