Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91324D4/1A6E751CA71F11EB848AF030C4F9AE02/236C6906A73F11EBA1751E33C4F9AE02.roa
File: 236C6906A73F11EBA1751E33C4F9AE02.roa (raw, json)
Hash identifier: kct2b7luZDVQOa8YrqBwyvHjQUSitXwj0nspiCjY8kY=
Subject key identifier: 7E:73:47:93:47:A3:D9:64:EE:11:CC:1A:45:4A:4B:B6:AD:3A:63:A6
Certificate issuer: /CN=A91324D4/serialNumber=BF74E7E614D4B22E4B7FE40B6BECEFD1705ACFC1
Certificate serial: 054B
Authority key identifier: BF:74:E7:E6:14:D4:B2:2E:4B:7F:E4:0B:6B:EC:EF:D1:70:5A:CF:C1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v3Tn5hTUsi5Lf-QLa-zv0XBaz8E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91324D4/1A6E751CA71F11EB848AF030C4F9AE02/236C6906A73F11EBA1751E33C4F9AE02.roa
Signing time: Tue 05 Mar 2024 01:03:33 +0000
ROA not before: Tue 05 Mar 2024 01:03:33 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 17787
IP address blocks: 203.215.160.0/24 maxlen: 24
203.215.161.0/24 maxlen: 24
203.215.162.0/24 maxlen: 24
203.215.164.0/24 maxlen: 24
203.215.172.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1355 (0x54b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91324D4/serialNumber=BF74E7E614D4B22E4B7FE40B6BECEFD1705ACFC1
Validity
Not Before: Mar 5 01:03:33 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65e66f65-5123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e9:a0:49:75:a7:cb:0a:b4:24:39:b1:9d:a9:
77:11:7d:26:ac:a5:f1:5e:80:c2:d5:b4:81:9b:01:
92:87:8f:40:23:8d:c4:29:1f:fe:c8:5c:e5:3e:2e:
4a:8b:f7:8f:54:fa:1e:60:9c:e7:70:af:e6:e8:69:
fa:f3:97:32:d9:2a:36:20:9a:fb:a6:d5:44:ec:cf:
40:12:7e:c8:00:6f:7f:75:90:27:67:29:dd:8f:dc:
fa:3c:57:5b:69:8f:09:46:de:64:e5:15:1e:d2:b6:
21:d9:58:28:40:97:50:26:ef:17:1b:90:67:79:32:
2e:63:d3:a1:24:85:cd:dd:e3:21:e3:a5:29:70:9b:
25:16:4a:88:87:46:d8:cb:08:57:71:c6:ae:40:d5:
23:3d:25:fa:65:5f:45:84:29:00:67:c5:ca:c1:39:
bf:06:cb:90:d8:89:67:1b:02:ed:77:87:12:2c:6c:
28:cb:8a:8f:1c:95:36:67:b8:47:71:af:16:7d:83:
ff:24:14:3d:46:09:48:57:b6:e5:79:be:8a:81:65:
3e:8b:17:0f:71:9c:64:3f:37:1c:1d:c8:dc:81:37:
15:21:48:2b:b9:d7:bb:20:3a:98:d5:5a:ed:52:b6:
41:ad:f6:b8:58:84:57:45:3b:e7:8e:ff:10:d9:76:
f8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:73:47:93:47:A3:D9:64:EE:11:CC:1A:45:4A:4B:B6:AD:3A:63:A6
X509v3 Authority Key Identifier:
keyid:BF:74:E7:E6:14:D4:B2:2E:4B:7F:E4:0B:6B:EC:EF:D1:70:5A:CF:C1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91324D4/1A6E751CA71F11EB848AF030C4F9AE02/v3Tn5hTUsi5Lf-QLa-zv0XBaz8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v3Tn5hTUsi5Lf-QLa-zv0XBaz8E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91324D4/1A6E751CA71F11EB848AF030C4F9AE02/236C6906A73F11EBA1751E33C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.215.160.0-203.215.162.255
203.215.164.0/24
203.215.172.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:08:03:53:3d:e3:78:47:59:bf:24:6e:45:b5:68:5b:32:e3:
c1:f3:7f:35:18:ee:d4:02:34:3b:50:1e:37:7b:af:bb:50:52:
71:c2:ca:97:71:4d:c1:13:7c:a9:a3:d3:7b:d4:59:f4:e7:25:
11:52:71:ee:8e:52:5f:c1:0e:e4:fb:0a:6d:41:66:7b:24:2d:
09:3f:ce:f1:87:49:a9:77:6c:6d:61:ff:e0:22:5a:a8:97:e8:
bf:2e:48:eb:c1:e7:c3:70:24:37:4d:4d:d4:d4:c0:1a:c0:bc:
ab:fd:40:1c:8b:ca:eb:fe:56:df:38:d4:0e:7f:96:fd:80:5f:
0f:5a:c8:d8:d5:ef:4e:a9:98:62:e1:1f:b3:40:ae:cc:90:d1:
a1:32:87:ad:06:ce:c2:1b:b4:3c:c2:fe:4f:39:8f:ef:9d:00:
4f:3a:fd:a4:95:8f:d6:2f:2c:5b:0e:45:b1:74:85:ee:9c:94:
f6:0e:eb:93:29:f5:8d:10:7e:6e:62:a8:c0:84:d0:62:e6:2d:
95:e4:72:fa:61:0e:d1:36:b8:af:df:53:d8:84:f1:ab:20:f2:
37:12:7c:95:93:80:00:ba:51:97:48:00:53:4f:e8:bb:1a:1b:
cb:05:40:4d:19:d1:3e:e4:b9:1b:9c:4d:c7:6d:1b:0a:03:46:
c6:a6:e4:94
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICBUswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzI0RDQxMTAvBgNVBAUTKEJGNzRFN0U2MTRENEIyMkU0QjdGRTQwQjZCRUNFRkQx
NzA1QUNGQzEwHhcNMjQwMzA1MDEwMzMzWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWU2NmY2NS01MTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1umgSXWnywq0JDmxnal3EX0mrKXxXoDC1bSBmwGSh49AI43EKR/+yFzlPi5K
i/ePVPoeYJzncK/m6Gn685cy2So2IJr7ptVE7M9AEn7IAG9/dZAnZyndj9z6PFdb
aY8JRt5k5RUe0rYh2VgoQJdQJu8XG5BneTIuY9OhJIXN3eMh46UpcJslFkqIh0bY
ywhXccauQNUjPSX6ZV9FhCkAZ8XKwTm/BsuQ2IlnGwLtd4cSLGwoy4qPHJU2Z7hH
ca8WfYP/JBQ9RglIV7bleb6KgWU+ixcPcZxkPzccHcjcgTcVIUgrude7IDqY1Vrt
UrZBrfa4WIRXRTvnjv8Q2Xb45wIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFH5zR5NH
o9lk7hHMGkVKS7atOmOmMB8GA1UdIwQYMBaAFL905+YU1LIuS3/kC2vs79FwWs/B
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMjRENC8xQTZFNzUxQ0E3
MUYxMUVCODQ4QUYwMzBDNEY5QUUwMi92M1RuNWhUVXNpNUxmLVFMYS16djBYQmF6
OEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3YzVG41aFRVc2k1TGYtUUxhLXp2MFhCYXo4RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzI0RDQvMUE2RTc1MUNBNzFGMTFFQjg0OEFGMDMwQzRGOUFFMDIvMjM2QzY5MDZB
NzNGMTFFQkExNzUxRTMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBowDAMEBcvXoAMEAMvXogMEAMvXpAMEAMvXrDANBgkqhkiG9w0B
AQsFAAOCAQEAxQgDUz3jeEdZvyRuRbVoWzLjwfN/NRju1AI0O1AeN3uvu1BSccLK
l3FNwRN8qaPTe9RZ9OclEVJx7o5SX8EO5PsKbUFmeyQtCT/O8YdJqXdsbWH/4CJa
qJfovy5I68Hnw3AkN01N1NTAGsC8q/1AHIvK6/5W3zjUDn+W/YBfD1rI2NXvTqmY
YuEfs0CuzJDRoTKHrQbOwhu0PML+TzmP750ATzr9pJWP1i8sWw5FsXSF7pyU9g7r
kyn1jRB+bmKowITQYuYtleRy+mEO0Ta4r99T2ITxqyDyNxJ8lZOAALpRl0gAU0/o
uxobywVATRnRPuS5G5xNx20bCgNGxqbklA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:00:43 2025 by rpki-client