Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91232C2/1E7FFF9AF0CD11EE881D3C16C4F9AE02/85035A64F0CD11EE8CC1FC16C4F9AE02.roa
File: 85035A64F0CD11EE8CC1FC16C4F9AE02.roa (raw, json)
Hash identifier: hIArzUTqWHT4MqlhM8xybTzjqQskXt82VMmP1skP/zo=
Subject key identifier: 1E:FC:3F:FD:27:7C:56:4E:3A:C6:F9:51:E1:60:C2:20:A4:E9:0F:F9
Certificate issuer: /CN=A91232C2/serialNumber=6FE8C1618FFAFFB2CCFF569E8EA915DAFA4D4E36
Certificate serial: 02
Authority key identifier: 6F:E8:C1:61:8F:FA:FF:B2:CC:FF:56:9E:8E:A9:15:DA:FA:4D:4E:36
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b-jBYY_6_7LM_1aejqkV2vpNTjY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91232C2/1E7FFF9AF0CD11EE881D3C16C4F9AE02/85035A64F0CD11EE8CC1FC16C4F9AE02.roa
Signing time: Tue 02 Apr 2024 08:46:39 +0000
ROA not before: Tue 02 Apr 2024 08:46:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55482
IP address blocks: 203.32.86.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91232C2/serialNumber=6FE8C1618FFAFFB2CCFF569E8EA915DAFA4D4E36
Validity
Not Before: Apr 2 08:46:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=660bc5ee-f7bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:9e:50:07:8d:2b:48:fe:45:88:09:cc:c1:77:
b5:96:dd:9d:24:7b:bc:59:1c:cf:75:e7:56:95:4b:
54:38:b9:a5:fa:02:7e:5f:ec:c5:5a:94:68:8a:99:
34:79:27:80:b9:9a:1d:90:51:dc:e0:0c:b4:da:74:
b8:a0:04:f4:1c:3b:f4:5b:bd:19:55:9a:75:f7:8a:
29:0a:2b:18:31:55:9a:ae:34:b1:da:e0:6a:44:13:
2c:a7:36:92:fc:5e:05:fc:58:cc:f8:6c:62:74:b3:
8b:6c:22:44:ac:0c:82:85:8c:25:b0:a8:a4:54:f3:
3c:e8:60:3f:20:10:d1:cb:63:99:ad:e6:5a:ae:13:
4e:26:c2:04:33:23:e0:dd:69:0e:5c:57:5b:1d:29:
ea:70:43:71:a2:0e:7f:f5:20:ea:18:ac:a9:25:84:
50:b6:9a:cc:58:2b:17:d1:8b:d3:34:88:37:b2:cd:
72:f9:40:14:8d:00:14:5e:d4:b4:cd:b3:52:89:64:
c1:a8:7a:fb:07:e8:75:1f:20:e3:c0:db:67:e0:36:
cc:fd:d1:51:d1:d3:13:b3:ff:c7:6f:bf:5e:0e:8a:
15:61:db:ef:ce:24:e4:e5:a3:5b:9a:2e:18:b1:02:
85:7d:12:de:84:f1:53:d0:f4:c4:0a:b7:73:f6:ef:
63:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:FC:3F:FD:27:7C:56:4E:3A:C6:F9:51:E1:60:C2:20:A4:E9:0F:F9
X509v3 Authority Key Identifier:
keyid:6F:E8:C1:61:8F:FA:FF:B2:CC:FF:56:9E:8E:A9:15:DA:FA:4D:4E:36
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91232C2/1E7FFF9AF0CD11EE881D3C16C4F9AE02/b-jBYY_6_7LM_1aejqkV2vpNTjY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b-jBYY_6_7LM_1aejqkV2vpNTjY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91232C2/1E7FFF9AF0CD11EE881D3C16C4F9AE02/85035A64F0CD11EE8CC1FC16C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.86.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:b9:7a:b6:1c:7d:89:24:14:61:5a:63:6d:e3:a7:c5:42:bc:
17:a8:41:b3:95:95:0e:c5:d4:dc:8d:d6:f3:dc:92:7d:f1:a0:
cf:2b:06:c4:60:3b:e4:24:de:18:36:2e:dc:66:24:8d:4d:af:
6e:ab:de:65:ee:f9:3e:4f:2a:ec:d0:79:24:78:6b:31:a6:a7:
20:bf:09:55:dd:4b:1a:a8:c9:1f:65:59:ec:e3:69:23:49:77:
48:e1:45:3f:b1:1e:b2:0d:3e:7e:44:c3:52:28:ac:8b:6f:35:
21:a2:bd:82:d8:b7:60:bb:45:32:9e:59:a3:1a:8d:22:d7:97:
f5:aa:28:94:f2:40:cb:4f:9a:4e:d7:d5:86:99:f7:c4:0c:b6:
58:75:c1:b0:64:27:61:6f:5e:85:54:99:65:45:5e:12:96:90:
db:07:08:c3:d0:9b:f9:de:95:2a:6d:84:53:bd:4f:97:43:fe:
83:b3:04:3e:45:21:27:f2:59:83:c1:54:2a:dc:2b:cb:64:2b:
85:b1:1d:51:25:8e:63:f2:90:03:ae:6b:c3:ec:a1:b6:1f:2b:
f4:dd:e7:28:f7:22:28:e3:85:c7:98:1e:87:e4:4e:0e:08:1b:
15:13:2c:c3:cb:6d:82:3d:ab:d6:a4:8f:6f:2b:0d:64:db:2e:
1d:0f:9b:c9
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
MzJDMjExMC8GA1UEBRMoNkZFOEMxNjE4RkZBRkZCMkNDRkY1NjlFOEVBOTE1REFG
QTRENEUzNjAeFw0yNDA0MDIwODQ2MzlaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MGJjNWVlLWY3YmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDOnlAHjStI/kWICczBd7WW3Z0ke7xZHM9151aVS1Q4uaX6An5f7MValGiKmTR5
J4C5mh2QUdzgDLTadLigBPQcO/RbvRlVmnX3iikKKxgxVZquNLHa4GpEEyynNpL8
XgX8WMz4bGJ0s4tsIkSsDIKFjCWwqKRU8zzoYD8gENHLY5mt5lquE04mwgQzI+Dd
aQ5cV1sdKepwQ3GiDn/1IOoYrKklhFC2msxYKxfRi9M0iDeyzXL5QBSNABRe1LTN
s1KJZMGoevsH6HUfIOPA22fgNsz90VHR0xOz/8dvv14OihVh2+/OJOTlo1uaLhix
AoV9Et6E8VPQ9MQKt3P272OXAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUHvw//Sd8
Vk46xvlR4WDCIKTpD/kwHwYDVR0jBBgwFoAUb+jBYY/6/7LM/1aejqkV2vpNTjYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTIzMkMyLzFFN0ZGRjlBRjBD
RDExRUU4ODFEM0MxNkM0RjlBRTAyL2ItakJZWV82XzdMTV8xYWVqcWtWMnZwTlRq
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYi1qQllZXzZfN0xNXzFhZWpxa1YydnBOVGpZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
MzJDMi8xRTdGRkY5QUYwQ0QxMUVFODgxRDNDMTZDNEY5QUUwMi84NTAzNUE2NEYw
Q0QxMUVFOENDMUZDMTZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAcsgVjANBgkqhkiG9w0BAQsFAAOCAQEAXrl6thx9iSQUYVpj
beOnxUK8F6hBs5WVDsXU3I3W89ySffGgzysGxGA75CTeGDYu3GYkjU2vbqveZe75
Pk8q7NB5JHhrMaanIL8JVd1LGqjJH2VZ7ONpI0l3SOFFP7Eesg0+fkTDUiisi281
IaK9gti3YLtFMp5ZoxqNIteX9aoolPJAy0+aTtfVhpn3xAy2WHXBsGQnYW9ehVSZ
ZUVeEpaQ2wcIw9Cb+d6VKm2EU71Pl0P+g7MEPkUhJ/JZg8FUKtwry2QrhbEdUSWO
Y/KQA65rw+yhth8r9N3nKPciKOOFx5geh+RODggbFRMsw8ttgj2r1qSPbysNZNsu
HQ+byQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:54:26 2025 by rpki-client