Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914DC55/CCBE1BA6176211EC81A0D11EC4F9AE02/4F1B63805A0A11ECAEA43C36C4F9AE02.roa
File: 4F1B63805A0A11ECAEA43C36C4F9AE02.roa (raw, json)
Hash identifier: u5W11dVoRw3toGEIJUHd861OTITZBp585qmJEJVveAI=
Subject key identifier: B6:5D:19:8B:F5:60:A6:9E:B3:50:CF:29:20:50:2F:E8:C4:39:10:E9
Certificate issuer: /CN=A914DC55/serialNumber=F38589F8464AA5A91699F808649EC536831B004A
Certificate serial: 04CE
Authority key identifier: F3:85:89:F8:46:4A:A5:A9:16:99:F8:08:64:9E:C5:36:83:1B:00:4A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/84WJ-EZKpakWmfgIZJ7FNoMbAEo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914DC55/CCBE1BA6176211EC81A0D11EC4F9AE02/4F1B63805A0A11ECAEA43C36C4F9AE02.roa
Signing time: Wed 05 Feb 2025 05:14:55 +0000
ROA not before: Wed 05 Feb 2025 05:14:55 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 134677
IP address blocks: 45.127.32.0/22 maxlen: 22
45.127.32.0/24 maxlen: 24
45.127.33.0/24 maxlen: 24
45.127.34.0/24 maxlen: 24
45.127.35.0/24 maxlen: 24
103.195.188.0/22 maxlen: 22
103.195.188.0/24 maxlen: 24
103.195.189.0/24 maxlen: 24
103.195.190.0/24 maxlen: 24
103.195.191.0/24 maxlen: 24
2001:df4:c140::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1230 (0x4ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914DC55
Validity
Not Before: Feb 5 05:14:55 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67a2f3ce-09c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:62:a7:cd:ab:52:3d:4e:0b:62:4d:2d:82:dd:
0f:3c:e4:01:c4:35:98:8a:a0:aa:52:b9:e4:6f:f1:
2b:6a:44:16:aa:99:51:a2:f8:d7:63:19:b9:13:19:
1c:6a:9a:02:38:f9:53:48:3f:06:3a:e8:30:78:b0:
3d:62:d7:83:6e:af:50:c7:02:30:18:6e:cd:19:ff:
e4:70:d1:3e:b9:53:25:d8:18:9e:24:73:47:94:af:
4c:4f:0a:6a:81:fd:c7:95:08:f4:aa:15:ba:25:78:
fa:b6:8d:ed:32:44:08:95:b9:6a:73:97:13:4a:15:
87:10:dc:b7:cc:70:99:f7:79:98:1e:c4:88:c1:19:
09:b6:81:02:0c:88:73:cb:e4:e1:78:f0:f5:89:0d:
5f:cb:4f:f9:c3:29:ca:c8:23:e9:1a:72:1b:95:a4:
8e:e1:ae:27:2b:f0:86:db:30:1c:b8:6c:c7:fe:dd:
cb:0d:ef:c4:f4:37:64:35:00:61:84:c0:6d:a2:ca:
e1:9d:d4:13:ea:48:09:db:79:77:20:ad:b9:6f:7d:
71:77:e1:aa:e3:f9:be:07:6f:1b:77:b2:53:2c:3f:
d6:ce:73:87:7e:1e:e0:23:02:15:fe:41:ac:7b:ce:
2d:81:d6:80:5b:f5:5f:2e:d4:2a:a2:e9:72:1c:28:
5b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:5D:19:8B:F5:60:A6:9E:B3:50:CF:29:20:50:2F:E8:C4:39:10:E9
X509v3 Authority Key Identifier:
keyid:F3:85:89:F8:46:4A:A5:A9:16:99:F8:08:64:9E:C5:36:83:1B:00:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914DC55/CCBE1BA6176211EC81A0D11EC4F9AE02/84WJ-EZKpakWmfgIZJ7FNoMbAEo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/84WJ-EZKpakWmfgIZJ7FNoMbAEo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914DC55/CCBE1BA6176211EC81A0D11EC4F9AE02/4F1B63805A0A11ECAEA43C36C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.127.32.0/22
103.195.188.0/22
IPv6:
2001:df4:c140::/48
Signature Algorithm: sha256WithRSAEncryption
47:37:4d:19:e3:eb:a1:37:f6:2d:ed:5c:65:f2:b1:58:ee:48:
b3:23:f1:c7:a9:04:63:10:1c:e2:cf:84:70:e7:4b:f4:35:12:
21:26:92:94:e1:c0:23:b6:04:99:af:ec:5d:70:f7:45:90:93:
a6:18:f1:c5:b8:4c:f0:7e:b3:19:5d:8d:d5:f8:f9:4f:3e:e1:
64:5b:17:63:40:14:bd:04:4a:34:a0:8b:bc:17:8a:fe:ac:f7:
f9:35:15:18:d8:1d:ea:dc:66:e2:a3:95:ad:5f:6d:04:62:ff:
25:e3:6e:fe:8b:fe:1f:bd:a4:22:e7:d1:1b:6a:9b:ce:6c:5f:
dc:21:17:fd:96:5e:82:11:91:20:a2:04:b9:36:90:12:5a:66:
77:97:3f:7d:2d:03:2b:94:4e:1d:2b:e7:e9:73:14:3e:85:c1:
60:db:9c:36:ff:f3:ce:e3:0b:17:a1:9d:ea:12:66:4a:eb:12:
aa:01:fd:37:3b:89:18:18:35:97:02:b3:3b:67:6e:23:d2:d8:
5d:2b:15:c6:ef:ee:00:d8:80:b8:fe:50:8f:d7:42:ae:d0:e6:
98:33:99:f9:41:cc:8a:75:8d:8b:48:4a:09:31:97:df:94:5b:
19:f6:fe:7d:c3:d0:38:70:5c:91:3a:d0:dc:e2:d9:19:e9:f2:
4d:fd:2f:8f
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICBM4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NERDNTUxMTAvBgNVBAUTKEYzODU4OUY4NDY0QUE1QTkxNjk5RjgwODY0OUVDNTM2
ODMxQjAwNEEwHhcNMjUwMjA1MDUxNDU1WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EyZjNjZS0wOWM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxmKnzatSPU4LYk0tgt0PPOQBxDWYiqCqUrnkb/ErakQWqplRovjXYxm5Exkc
apoCOPlTSD8GOugweLA9YteDbq9QxwIwGG7NGf/kcNE+uVMl2BieJHNHlK9MTwpq
gf3HlQj0qhW6JXj6to3tMkQIlblqc5cTShWHENy3zHCZ93mYHsSIwRkJtoECDIhz
y+ThePD1iQ1fy0/5wynKyCPpGnIblaSO4a4nK/CG2zAcuGzH/t3LDe/E9DdkNQBh
hMBtosrhndQT6kgJ23l3IK25b31xd+Gq4/m+B28bd7JTLD/WznOHfh7gIwIV/kGs
e84tgdaAW/VfLtQqoulyHChbrwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFLZdGYv1
YKaes1DPKSBQL+jEORDpMB8GA1UdIwQYMBaAFPOFifhGSqWpFpn4CGSexTaDGwBK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0REM1NS9DQ0JFMUJBNjE3
NjIxMUVDODFBMEQxMUVDNEY5QUUwMi84NFdKLUVaS3Bha1dtZmdJWko3Rk5vTWJB
RW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg0V0otRVpLcGFrV21mZ0laSjdGTm9NYkFFby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NERDNTUvQ0NCRTFCQTYxNzYyMTFFQzgxQTBEMTFFQzRGOUFFMDIvNEYxQjYzODA1
QTBBMTFFQ0FFQTQzQzM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAItfyADBAJnw7wwDwQCAAIwCQMHACABDfTBQDANBgkqhkiG
9w0BAQsFAAOCAQEARzdNGeProTf2Le1cZfKxWO5IsyPxx6kEYxAc4s+EcOdL9DUS
ISaSlOHAI7YEma/sXXD3RZCTphjxxbhM8H6zGV2N1fj5Tz7hZFsXY0AUvQRKNKCL
vBeK/qz3+TUVGNgd6txm4qOVrV9tBGL/JeNu/ov+H72kIufRG2qbzmxf3CEX/ZZe
ghGRIKIEuTaQElpmd5c/fS0DK5ROHSvn6XMUPoXBYNucNv/zzuMLF6Gd6hJmSusS
qgH9NzuJGBg1lwKzO2duI9LYXSsVxu/uANiAuP5Qj9dCrtDmmDOZ+UHMinWNi0hK
CTGX35RbGfb+fcPQOHBckTrQ3OLZGenyTf0vjw==
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:22:45 2025 by rpki-client