Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917EA0F/30C46C32FCB511EA82B5EC0BC4F9AE02/E31FD938FCB611EA9B245911C4F9AE02.roa
File: E31FD938FCB611EA9B245911C4F9AE02.roa (raw, json)
Hash identifier: NqP7PBBx+X/2ql8y8TXve4j3D6nTmj4kw2mv1cS0Ick=
Subject key identifier: 0B:BF:31:6B:F7:61:93:19:E6:E5:84:44:C7:FF:C0:07:B1:7A:5F:69
Certificate issuer: /CN=A917EA0F/serialNumber=B6A07A52DDDA2E139D1D1B265686D6CEB1B65D4E
Certificate serial: 06A7
Authority key identifier: B6:A0:7A:52:DD:DA:2E:13:9D:1D:1B:26:56:86:D6:CE:B1:B6:5D:4E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tqB6Ut3aLhOdHRsmVobWzrG2XU4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917EA0F/30C46C32FCB511EA82B5EC0BC4F9AE02/E31FD938FCB611EA9B245911C4F9AE02.roa
Signing time: Fri 08 Dec 2023 22:29:45 +0000
ROA not before: Fri 08 Dec 2023 22:29:45 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 55699
IP address blocks: 45.127.204.0/22 maxlen: 22
103.78.216.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1703 (0x6a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917EA0F, serialNumber=B6A07A52DDDA2E139D1D1B265686D6CEB1B65D4E
Validity
Not Before: Dec 8 22:29:45 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=657398d9-ab15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:0d:33:d6:f7:1c:33:a7:64:4a:0a:ef:b1:17:
d1:5d:91:2b:2f:ab:b6:5c:e1:e3:26:58:0b:dd:18:
53:8d:83:52:db:45:23:6c:8e:f4:fb:ec:79:85:82:
95:c1:32:6b:49:c7:db:8b:72:81:7f:d6:3e:c3:bb:
49:c2:8e:4d:92:23:9d:91:51:ba:d2:28:32:74:62:
d4:6c:06:80:c1:a1:49:e5:e7:25:ff:cb:aa:c1:5b:
97:2d:e6:90:8b:75:48:63:ee:72:88:8d:75:1d:a6:
10:4d:16:db:a0:07:13:90:9b:f5:7c:84:1a:eb:bf:
7c:4f:b6:dc:00:93:ba:a4:95:70:48:65:49:dd:57:
1d:79:b3:94:5b:fe:3e:19:ac:5d:2a:91:26:aa:ee:
65:13:50:07:f0:a7:d1:ef:6c:01:0b:af:1a:4e:c7:
bc:fb:c6:87:2d:36:dd:e1:cc:16:ac:a3:98:64:96:
41:e6:ca:76:b5:9d:5f:08:23:9f:77:18:67:7c:18:
16:5e:35:55:35:9c:26:2f:76:78:a2:6f:ff:d2:78:
69:cd:c0:3e:8c:36:f0:1e:fb:a4:5e:de:d3:6c:27:
4d:ec:e9:ac:43:bf:e4:cf:0d:2a:17:92:6a:87:ef:
b4:4b:35:60:87:d7:0a:f3:ce:49:35:33:c0:93:5a:
5a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:BF:31:6B:F7:61:93:19:E6:E5:84:44:C7:FF:C0:07:B1:7A:5F:69
X509v3 Authority Key Identifier:
keyid:B6:A0:7A:52:DD:DA:2E:13:9D:1D:1B:26:56:86:D6:CE:B1:B6:5D:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917EA0F/30C46C32FCB511EA82B5EC0BC4F9AE02/tqB6Ut3aLhOdHRsmVobWzrG2XU4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tqB6Ut3aLhOdHRsmVobWzrG2XU4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917EA0F/30C46C32FCB511EA82B5EC0BC4F9AE02/E31FD938FCB611EA9B245911C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.127.204.0/22
103.78.216.0/22
Signature Algorithm: sha256WithRSAEncryption
00:e9:47:41:ce:97:16:78:59:94:c5:96:42:5f:f9:b0:66:45:
9c:2c:93:8d:8f:a9:b8:20:fa:a2:29:77:a4:c1:9c:50:07:66:
a7:45:a3:65:62:ef:72:8d:be:bd:5e:7b:47:60:7d:db:66:c4:
dd:7c:5e:81:39:6b:82:82:28:c3:8b:eb:7e:5f:9d:f7:97:8c:
e3:de:e1:26:b2:1e:21:f4:11:19:20:f8:4f:50:d5:a1:c3:0f:
ed:87:49:15:55:c5:df:19:9b:78:96:92:a4:8c:4e:5c:ea:2a:
8b:f3:69:73:e1:5c:de:e8:07:bc:c6:67:fb:79:e4:0d:04:f5:
56:26:dd:b2:ba:29:87:b2:cc:55:58:35:36:0f:d4:68:68:7c:
b2:30:a3:1c:b8:26:52:39:84:d1:db:f0:88:88:94:fd:6d:21:
be:b8:9b:ae:e5:d0:2b:a7:fe:2a:a5:83:3c:04:f0:be:8d:04:
7f:11:80:c4:24:cb:4f:97:7c:46:d9:19:f2:cf:f3:ca:af:8e:
e3:56:97:ab:f6:29:ac:d6:9b:87:4a:f8:69:27:24:74:9d:b4:
85:75:e3:f9:a0:89:6c:aa:b6:ef:97:63:91:15:29:e4:e4:6b:
ea:3b:8a:96:ab:52:98:d8:80:2d:a8:f3:be:9d:83:2e:e5:90:
ed:94:16:89
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBqcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0VBMEYxMTAvBgNVBAUTKEI2QTA3QTUyREREQTJFMTM5RDFEMUIyNjU2ODZENkNF
QjFCNjVENEUwHhcNMjMxMjA4MjIyOTQ1WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTczOThkOS1hYjE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyw0z1vccM6dkSgrvsRfRXZErL6u2XOHjJlgL3RhTjYNS20UjbI70++x5hYKV
wTJrScfbi3KBf9Y+w7tJwo5NkiOdkVG60igydGLUbAaAwaFJ5ecl/8uqwVuXLeaQ
i3VIY+5yiI11HaYQTRbboAcTkJv1fIQa6798T7bcAJO6pJVwSGVJ3VcdebOUW/4+
GaxdKpEmqu5lE1AH8KfR72wBC68aTse8+8aHLTbd4cwWrKOYZJZB5sp2tZ1fCCOf
dxhnfBgWXjVVNZwmL3Z4om//0nhpzcA+jDbwHvukXt7TbCdN7OmsQ7/kzw0qF5Jq
h++0SzVgh9cK885JNTPAk1pa8QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAu/MWv3
YZMZ5uWERMf/wAexel9pMB8GA1UdIwQYMBaAFLagelLd2i4TnR0bJlaG1s6xtl1O
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUEwRi8zMEM0NkMzMkZD
QjUxMUVBODJCNUVDMEJDNEY5QUUwMi90cUI2VXQzYUxoT2RIUnNtVm9iV3pyRzJY
VTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RxQjZVdDNhTGhPZEhSc21Wb2JXenJHMlhVNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0VBMEYvMzBDNDZDMzJGQ0I1MTFFQTgyQjVFQzBCQzRGOUFFMDIvRTMxRkQ5MzhG
Q0I2MTFFQTlCMjQ1OTExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAItf8wDBAJnTtgwDQYJKoZIhvcNAQELBQADggEBAADpR0HO
lxZ4WZTFlkJf+bBmRZwsk42Pqbgg+qIpd6TBnFAHZqdFo2Vi73KNvr1ee0dgfdtm
xN18XoE5a4KCKMOL635fnfeXjOPe4SayHiH0ERkg+E9Q1aHDD+2HSRVVxd8Zm3iW
kqSMTlzqKovzaXPhXN7oB7zGZ/t55A0E9VYm3bK6KYeyzFVYNTYP1GhofLIwoxy4
JlI5hNHb8IiIlP1tIb64m67l0Cun/iqlgzwE8L6NBH8RgMQky0+XfEbZGfLP88qv
juNWl6v2KazWm4dK+GknJHSdtIV14/mgiWyqtu+XY5EVKeTka+o7iparUpjYgC2o
876dgy7lkO2UFok=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:13:15 2025 by rpki-client