Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/F86E9DE46B9811ED9330AC4CC4F9AE02.roa
File: F86E9DE46B9811ED9330AC4CC4F9AE02.roa (raw, json)
Hash identifier: NQ44ywkdXvwjY8pBPw8S7NRNivsvd48rEIIAsaIuTIc=
Subject key identifier: 7E:28:2A:33:7E:AD:7A:88:26:B1:36:7B:05:FD:6C:DD:D5:87:CE:54
Certificate issuer: /CN=A91D92FB/serialNumber=4C36F812E76D827ECE6E59BD1560585C51ECD992
Certificate serial: 348A
Authority key identifier: 4C:36:F8:12:E7:6D:82:7E:CE:6E:59:BD:15:60:58:5C:51:EC:D9:92
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDb4Eudtgn7Oblm9FWBYXFHs2ZI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/F86E9DE46B9811ED9330AC4CC4F9AE02.roa
Signing time: Fri 24 Jan 2025 14:50:45 +0000
ROA not before: Fri 24 Jan 2025 14:50:45 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 17408
IP address blocks: 43.243.252.0/22 maxlen: 24
202.133.224.0/19 maxlen: 24
2405:7e00:17::/48 maxlen: 48
2405:7e00:1000::/36 maxlen: 36
2405:7e00:1000::/48 maxlen: 48
2405:7e00:1002::/64 maxlen: 64
2405:7e00:1003::/48 maxlen: 48
2405:7e00:100a::/48 maxlen: 48
2405:7e00:100b::/48 maxlen: 48
2405:7e00:100c::/48 maxlen: 48
2405:7e00:100d::/48 maxlen: 48
2405:7e00:100e::/48 maxlen: 48
2405:7e00:100f::/48 maxlen: 48
2405:7e00:1011::/48 maxlen: 48
2405:7e00:1012::/48 maxlen: 48
2405:7e00:1013::/48 maxlen: 48
2405:7e00:1014::/48 maxlen: 48
2405:7e00:1015::/48 maxlen: 48
2405:7e00:1016::/48 maxlen: 48
2405:7e00:101a::/48 maxlen: 48
2405:7e00:101b::/48 maxlen: 48
2405:7e00:4000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13450 (0x348a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D92FB
Validity
Not Before: Jan 24 14:50:45 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6793a8c4-e9ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:cd:29:ea:28:12:b6:62:5b:ed:e3:59:b7:95:
22:d1:21:23:1c:e3:b9:0b:8c:f4:9d:55:96:45:38:
e9:14:55:92:52:15:30:01:f2:4f:dd:d4:60:cf:1e:
f5:ad:d9:be:c4:fd:a4:ee:18:06:12:6a:4e:2f:b8:
79:f5:ce:a1:a7:19:54:63:39:43:f5:a1:ce:01:f9:
5e:36:c1:da:fb:2f:87:1f:a9:fe:8a:e2:8e:f7:b9:
92:6d:22:d0:77:88:71:7b:cc:dc:95:ca:84:aa:7e:
b8:5c:eb:66:fb:a9:37:52:49:44:de:b3:dd:5f:5c:
ce:4f:84:72:23:56:31:2c:56:5b:6c:2f:b7:0b:c4:
8e:c4:53:61:90:a4:49:ba:6d:1b:23:33:11:fe:1a:
b1:64:2a:7d:83:37:aa:0d:fd:d2:a3:a7:5f:71:cb:
ea:6b:8f:a0:0b:1e:af:ef:57:2d:35:b7:17:aa:f4:
8f:42:ee:5b:3b:e6:a9:cb:e8:7c:5c:09:19:59:70:
36:93:0f:48:a3:f8:4b:02:b9:bd:98:a2:c2:97:81:
0f:06:c0:4f:91:e0:f0:75:71:cd:33:d7:1d:99:d5:
7c:42:8f:e7:0b:e9:42:e4:f6:a3:42:09:b8:2f:a2:
89:47:90:d7:d9:7b:9a:02:e0:41:5b:30:04:e0:90:
01:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:28:2A:33:7E:AD:7A:88:26:B1:36:7B:05:FD:6C:DD:D5:87:CE:54
X509v3 Authority Key Identifier:
keyid:4C:36:F8:12:E7:6D:82:7E:CE:6E:59:BD:15:60:58:5C:51:EC:D9:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/TDb4Eudtgn7Oblm9FWBYXFHs2ZI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDb4Eudtgn7Oblm9FWBYXFHs2ZI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/F86E9DE46B9811ED9330AC4CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.252.0/22
202.133.224.0/19
IPv6:
2405:7e00:17::/48
2405:7e00:1000::/36
2405:7e00:4000::/36
Signature Algorithm: sha256WithRSAEncryption
79:9a:0f:16:fb:99:4b:0a:ff:11:7d:a8:74:ae:3c:18:dd:ab:
25:cb:3b:14:02:f4:d5:3f:cc:ca:3e:87:f2:01:ef:05:87:00:
f2:41:d5:98:e1:6a:d5:92:2f:88:35:57:d6:21:b7:9a:c5:b5:
ee:db:47:5a:6f:7f:dd:b3:e5:aa:68:ca:70:48:02:f3:8c:68:
c8:17:b3:3c:2c:94:23:8b:ab:01:a8:2f:29:78:68:b6:a0:b0:
a2:f8:92:7b:ee:d6:fa:08:ad:ce:35:e4:e1:b3:d2:8b:0c:11:
5a:cb:c4:46:13:77:f9:aa:25:39:e0:c4:6b:dc:9a:46:92:14:
21:20:0d:a7:97:e5:95:b0:57:ce:46:91:00:2a:81:d1:eb:c2:
6f:d5:ed:73:47:f5:10:e4:7f:d5:ef:07:95:06:b4:b9:28:fa:
80:e5:aa:bb:8e:0b:55:e0:37:65:54:32:f9:57:74:2f:bf:d7:
54:ca:c8:00:c7:5b:0a:6c:91:c3:8f:ef:10:60:ce:0b:ca:0a:
54:03:5e:a6:34:c5:57:9e:1a:c6:73:33:99:8c:27:35:f1:4c:
53:1f:3f:84:33:70:a3:fb:93:ad:32:03:be:72:c6:05:7d:53:
d3:ec:7e:6b:28:8c:ca:d9:55:8b:f2:05:8c:f3:c1:11:9e:f9:
9e:03:19:11
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICNIowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDkyRkIxMTAvBgNVBAUTKDRDMzZGODEyRTc2RDgyN0VDRTZFNTlCRDE1NjA1ODVD
NTFFQ0Q5OTIwHhcNMjUwMTI0MTQ1MDQ1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkzYThjNC1lOWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA680p6igStmJb7eNZt5Ui0SEjHOO5C4z0nVWWRTjpFFWSUhUwAfJP3dRgzx71
rdm+xP2k7hgGEmpOL7h59c6hpxlUYzlD9aHOAfleNsHa+y+HH6n+iuKO97mSbSLQ
d4hxe8zclcqEqn64XOtm+6k3UklE3rPdX1zOT4RyI1YxLFZbbC+3C8SOxFNhkKRJ
um0bIzMR/hqxZCp9gzeqDf3So6dfccvqa4+gCx6v71ctNbcXqvSPQu5bO+apy+h8
XAkZWXA2kw9Io/hLArm9mKLCl4EPBsBPkeDwdXHNM9cdmdV8Qo/nC+lC5PajQgm4
L6KJR5DX2XuaAuBBWzAE4JABbwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFH4oKjN+
rXqIJrE2ewX9bN3Vh85UMB8GA1UdIwQYMBaAFEw2+BLnbYJ+zm5ZvRVgWFxR7NmS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOTJGQi8zMjdGQzZCMjFE
ODgxMUUyOThGM0EzRTAwOEIwMkNEMi9URGI0RXVkdGduN09ibG05RldCWVhGSHMy
WkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1REYjRFdWR0Z243T2JsbTlGV0JZWEZIczJaSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDkyRkIvMzI3RkM2QjIxRDg4MTFFMjk4RjNBM0UwMDhCMDJDRDIvRjg2RTlERTQ2
Qjk4MTFFRDkzMzBBQzRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MBIEAgABMAwDBAIr8/wDBAXKheAwHwQCAAIwGQMHACQFfgAAFwMGBCQFfgAQ
AwYEJAV+AEAwDQYJKoZIhvcNAQELBQADggEBAHmaDxb7mUsK/xF9qHSuPBjdqyXL
OxQC9NU/zMo+h/IB7wWHAPJB1ZjhatWSL4g1V9Yht5rFte7bR1pvf92z5apoynBI
AvOMaMgXszwslCOLqwGoLyl4aLagsKL4knvu1voIrc415OGz0osMEVrLxEYTd/mq
JTngxGvcmkaSFCEgDaeX5ZWwV85GkQAqgdHrwm/V7XNH9RDkf9XvB5UGtLko+oDl
qruOC1XgN2VUMvlXdC+/11TKyADHWwpskcOP7xBgzgvKClQDXqY0xVeeGsZzM5mM
JzXxTFMfP4QzcKP7k60yA75yxgV9U9PsfmsojMrZVYvyBYzzwRGe+Z4DGRE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:22:42 2025 by rpki-client