Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE0C4/63A92766F14711E99A9AB712C4F9AE02/D5F1F8B2482411ECA1A68F13C4F9AE02.roa
File: D5F1F8B2482411ECA1A68F13C4F9AE02.roa (raw, json)
Hash identifier: d9dM1XFRDb4kknUYg4dlNJ0j9gbnO1g6t4umzPAGO1k=
Subject key identifier: 8A:28:1C:86:0B:45:A9:E8:7A:8F:DE:AA:29:F3:94:8E:B0:6D:91:25
Certificate issuer: /CN=A91AE0C4/serialNumber=412B480176124E0884602689602C2AE574F0B876
Certificate serial: 0921
Authority key identifier: 41:2B:48:01:76:12:4E:08:84:60:26:89:60:2C:2A:E5:74:F0:B8:76
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QStIAXYSTgiEYCaJYCwq5XTwuHY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AE0C4/63A92766F14711E99A9AB712C4F9AE02/D5F1F8B2482411ECA1A68F13C4F9AE02.roa
Signing time: Tue 01 Feb 2022 22:25:45 +0000
ROA not before: Tue 01 Feb 2022 22:25:45 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 9790
IP address blocks: 131.203.0.0/16 maxlen: 18
131.203.2.0/23 maxlen: 24
131.203.29.0/24 maxlen: 24
131.203.49.0/24 maxlen: 24
131.203.79.0/24 maxlen: 24
131.203.100.0/24 maxlen: 24
131.203.118.0/24 maxlen: 24
131.203.176.0/20 maxlen: 20
131.203.200.0/23 maxlen: 23
131.203.202.0/24 maxlen: 24
131.203.231.0/24 maxlen: 24
161.29.0.0/16 maxlen: 18
161.29.32.0/19 maxlen: 20
161.29.144.0/20 maxlen: 20
161.29.160.0/19 maxlen: 20
161.29.224.0/19 maxlen: 20
161.65.0.0/19 maxlen: 19
161.65.64.0/18 maxlen: 18
161.65.128.0/19 maxlen: 19
161.65.224.0/19 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2337 (0x921)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AE0C4
Validity
Not Before: Feb 1 22:25:45 2022 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=61f9b369-4108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f5:da:b3:fe:24:ca:fb:3c:df:ff:29:28:e4:
75:15:61:1a:62:23:a0:13:95:3a:73:2c:91:6f:d5:
aa:13:11:4d:5c:a2:81:bb:bb:1e:ae:12:69:be:17:
87:df:71:c1:6c:3a:6f:9b:49:30:41:25:5e:05:a3:
e7:ed:1b:a8:ae:89:82:24:1e:e5:03:76:5b:f2:3c:
34:9a:91:8e:43:eb:1f:5b:63:7c:4f:4b:f2:51:e9:
1c:02:90:18:d1:16:0a:05:5d:35:78:56:9c:e0:2e:
e0:1d:62:6b:1c:6a:60:fd:f0:31:5b:88:06:a9:66:
f8:6d:7c:f3:6b:ae:1d:7f:a3:df:99:b5:67:af:fd:
fd:45:5a:ec:6c:ef:d5:9e:bb:ab:cb:2c:05:f5:2a:
07:b2:4e:3a:96:db:33:d4:53:a2:ed:0e:db:a0:fc:
6f:30:71:84:e5:db:fe:c8:90:93:be:58:20:7b:d2:
13:2b:5c:78:b6:31:17:ed:38:2e:f8:87:37:bb:c9:
4c:63:7e:b9:29:af:fb:66:e2:5e:ec:ac:69:21:a3:
3b:d2:65:ec:37:3f:ec:5b:2a:74:0d:30:f3:93:81:
85:3a:92:4d:65:27:f2:80:05:c3:35:45:b2:59:71:
e1:bf:4e:4e:8f:9f:c9:0d:52:8a:77:2f:bb:8b:58:
74:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:28:1C:86:0B:45:A9:E8:7A:8F:DE:AA:29:F3:94:8E:B0:6D:91:25
X509v3 Authority Key Identifier:
keyid:41:2B:48:01:76:12:4E:08:84:60:26:89:60:2C:2A:E5:74:F0:B8:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AE0C4/63A92766F14711E99A9AB712C4F9AE02/QStIAXYSTgiEYCaJYCwq5XTwuHY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QStIAXYSTgiEYCaJYCwq5XTwuHY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE0C4/63A92766F14711E99A9AB712C4F9AE02/D5F1F8B2482411ECA1A68F13C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
131.203.0.0/16
161.29.0.0/16
161.65.0.0/19
161.65.64.0-161.65.159.255
161.65.224.0/19
Signature Algorithm: sha256WithRSAEncryption
92:8d:d8:02:0f:2b:ff:47:38:22:da:92:7a:ae:28:5a:2f:6e:
4b:fe:cc:00:7a:c7:92:42:61:dd:9b:80:4d:b3:19:70:31:1f:
b0:c3:2e:b1:bd:d0:60:c4:86:41:d5:d5:08:66:4d:c2:f6:7e:
d8:ae:70:2d:7e:c4:26:8c:e2:1a:08:50:fc:95:b6:f9:b5:5c:
c3:9f:60:7b:56:67:a1:ca:6b:c9:2b:f2:ad:5d:5e:c6:c8:fc:
cd:1a:4f:86:12:0a:e2:79:d8:f9:51:68:8c:68:9e:d7:5b:51:
09:86:e2:f1:a5:38:ea:a1:2a:1e:03:be:23:b0:95:f3:e2:6c:
09:a6:85:4d:9e:05:e7:d4:7c:02:b2:c1:e3:f3:5f:56:10:d3:
f9:39:f9:4c:4a:c9:6d:a0:4c:6c:11:43:78:27:d8:d5:c6:13:
85:f6:dd:b9:15:93:47:5d:a0:0b:26:2f:60:b4:71:35:3e:0a:
b2:89:c8:78:f6:ad:29:ce:54:97:ae:ac:72:ff:0a:72:87:fe:
79:6f:9b:b5:50:dc:d2:26:b4:9a:d4:62:49:b2:1c:6e:5b:71:
d7:db:ee:fe:f4:e6:c0:0a:a9:e9:b6:3d:60:24:4f:ed:ef:2b:
f2:ab:68:10:45:83:3b:c5:97:20:f4:6d:54:72:d9:cb:dc:de:
60:e0:2b:5b
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICCSEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUUwQzQxMTAvBgNVBAUTKDQxMkI0ODAxNzYxMjRFMDg4NDYwMjY4OTYwMkMyQUU1
NzRGMEI4NzYwHhcNMjIwMjAxMjIyNTQ1WhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWY5YjM2OS00MTA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3vXas/4kyvs83/8pKOR1FWEaYiOgE5U6cyyRb9WqExFNXKKBu7serhJpvheH
33HBbDpvm0kwQSVeBaPn7RuoromCJB7lA3Zb8jw0mpGOQ+sfW2N8T0vyUekcApAY
0RYKBV01eFac4C7gHWJrHGpg/fAxW4gGqWb4bXzza64df6PfmbVnr/39RVrsbO/V
nruryywF9SoHsk46ltsz1FOi7Q7boPxvMHGE5dv+yJCTvlgge9ITK1x4tjEX7Tgu
+Ic3u8lMY365Ka/7ZuJe7KxpIaM70mXsNz/sWyp0DTDzk4GFOpJNZSfygAXDNUWy
WXHhv05Oj5/JDVKKdy+7i1h0/wIDAQABo4ICszCCAq8wHQYDVR0OBBYEFIooHIYL
Ranoeo/eqinzlI6wbZElMB8GA1UdIwQYMBaAFEErSAF2Ek4IhGAmiWAsKuV08Lh2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTBDNC82M0E5Mjc2NkYx
NDcxMUU5OUE5QUI3MTJDNEY5QUUwMi9RU3RJQVhZU1RnaUVZQ2FKWUN3cTVYVHd1
SFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1FTdElBWFlTVGdpRVlDYUpZQ3dxNVhUd3VIWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUUwQzQvNjNBOTI3NjZGMTQ3MTFFOTlBOUFCNzEyQzRGOUFFMDIvRDVGMUY4QjI0
ODI0MTFFQ0ExQTY4RjEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDAwCDywMDAKEdAwQFoUEAMAwDBAahQUADBAWhQYADBAWhQeAw
DQYJKoZIhvcNAQELBQADggEBAJKN2AIPK/9HOCLaknquKFovbkv+zAB6x5JCYd2b
gE2zGXAxH7DDLrG90GDEhkHV1QhmTcL2ftiucC1+xCaM4hoIUPyVtvm1XMOfYHtW
Z6HKa8kr8q1dXsbI/M0aT4YSCuJ52PlRaIxontdbUQmG4vGlOOqhKh4DviOwlfPi
bAmmhU2eBefUfAKywePzX1YQ0/k5+UxKyW2gTGwRQ3gn2NXGE4X23bkVk0ddoAsm
L2C0cTU+CrKJyHj2rSnOVJeurHL/CnKH/nlvm7VQ3NImtJrUYkmyHG5bcdfb7v70
5sAKqem2PWAkT+3vK/KraBBFgzvFlyD0bVRy2cvc3mDgK1s=
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:52:32 2025 by rpki-client