Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91324D4/1A6E751CA71F11EB848AF030C4F9AE02/DD643EBCE00C11ED8C71C709C4F9AE02.roa
File: DD643EBCE00C11ED8C71C709C4F9AE02.roa (raw, json)
Hash identifier: apLdblhrz6YyStUbSoSCzL9c+6GMVbSzf8gMIFt1QZk=
Subject key identifier: 29:28:B1:73:01:8D:08:EE:D6:5F:F7:E3:2A:69:65:7D:1C:07:26:0E
Certificate issuer: /CN=A91324D4/serialNumber=BF74E7E614D4B22E4B7FE40B6BECEFD1705ACFC1
Certificate serial: 054A
Authority key identifier: BF:74:E7:E6:14:D4:B2:2E:4B:7F:E4:0B:6B:EC:EF:D1:70:5A:CF:C1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v3Tn5hTUsi5Lf-QLa-zv0XBaz8E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91324D4/1A6E751CA71F11EB848AF030C4F9AE02/DD643EBCE00C11ED8C71C709C4F9AE02.roa
Signing time: Tue 05 Mar 2024 01:03:33 +0000
ROA not before: Tue 05 Mar 2024 01:03:33 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 150683
IP address blocks: 203.215.167.0/24 maxlen: 24
203.215.174.0/24 maxlen: 24
203.215.178.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1354 (0x54a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91324D4/serialNumber=BF74E7E614D4B22E4B7FE40B6BECEFD1705ACFC1
Validity
Not Before: Mar 5 01:03:33 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65e66f64-b67c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:54:07:35:a6:1e:e5:49:fd:d4:9c:4f:82:a2:
f6:a7:69:a2:91:cc:f5:8a:40:ee:46:2c:ce:6f:7c:
b9:05:62:4a:ff:c5:84:31:30:f7:c8:aa:9e:60:6b:
08:58:a1:6c:2f:f9:63:c9:e7:bb:b0:05:b2:d4:10:
da:09:3e:47:ff:21:92:71:be:88:51:b8:79:01:9a:
6f:ab:e2:3b:35:04:53:7d:f4:47:58:07:f9:82:0f:
2c:da:df:86:99:5f:25:22:b1:a3:eb:1f:7e:49:9e:
d8:1f:91:af:42:f1:5d:f0:16:51:7b:7f:fe:08:ad:
52:17:4d:cb:73:fe:79:8d:d8:a1:50:c0:a9:e5:b5:
19:f0:f1:73:14:91:e4:a4:67:35:07:ae:74:b7:e6:
53:28:92:dc:58:6e:ca:20:e4:08:7a:26:81:47:a3:
ed:b3:ff:84:9b:0d:92:44:af:49:04:2f:c5:f0:57:
15:7b:c8:5a:8d:1c:2a:11:c9:10:7d:3f:48:6c:46:
ee:b5:f6:c5:b5:6b:0e:38:a9:72:fe:81:e6:c4:78:
a2:06:ce:bf:9e:4e:88:8b:c7:83:83:66:4e:7d:60:
cb:bc:a2:6d:f8:15:37:9d:3b:dd:d7:cb:06:50:8f:
2b:80:9f:23:3c:d3:ac:59:99:a0:f5:49:e3:e2:a2:
f6:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:28:B1:73:01:8D:08:EE:D6:5F:F7:E3:2A:69:65:7D:1C:07:26:0E
X509v3 Authority Key Identifier:
keyid:BF:74:E7:E6:14:D4:B2:2E:4B:7F:E4:0B:6B:EC:EF:D1:70:5A:CF:C1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91324D4/1A6E751CA71F11EB848AF030C4F9AE02/v3Tn5hTUsi5Lf-QLa-zv0XBaz8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v3Tn5hTUsi5Lf-QLa-zv0XBaz8E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91324D4/1A6E751CA71F11EB848AF030C4F9AE02/DD643EBCE00C11ED8C71C709C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.215.167.0/24
203.215.174.0/24
203.215.178.0/24
Signature Algorithm: sha256WithRSAEncryption
85:a5:06:27:0c:7a:17:f8:43:b0:0b:23:41:fe:a3:5b:6e:ff:
8c:bb:54:76:25:22:fe:70:7a:ad:1b:6c:d3:43:5c:af:ec:ba:
bc:42:d3:35:2d:d7:80:1b:95:c7:71:af:60:d1:83:b4:18:bb:
43:66:6d:19:27:34:7e:5f:c7:58:ca:76:f4:3c:09:f8:18:92:
11:9f:28:00:14:20:3e:9a:a8:a1:7e:aa:40:b6:c7:9d:d9:0c:
85:f3:96:80:62:dd:21:72:d2:bf:eb:71:ac:2e:fa:26:a8:d5:
b2:4c:1b:98:c4:11:7e:f5:d0:49:3e:52:9a:1b:9f:b1:f8:4c:
73:fe:40:c4:65:c3:71:c6:0d:65:9c:59:ff:fc:3d:70:6e:a5:
18:16:00:38:a8:90:d6:f6:bd:24:5e:40:11:f5:5f:f8:fb:a4:
04:ac:6c:26:fb:0f:11:d3:ce:f5:20:c9:d8:9d:26:e0:ee:5f:
be:be:4d:ad:61:6a:d0:93:d4:2c:d2:01:12:fa:db:cc:d8:02:
b7:10:93:02:4e:57:86:6a:3e:67:cd:47:dd:e2:89:a7:64:fc:
88:fd:e2:b0:87:49:09:75:d3:77:1f:74:7c:fa:61:2c:02:01:
79:85:c7:5b:46:f8:05:61:82:e2:f2:ca:eb:8e:ec:24:ab:2f:
ec:8c:98:f7
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBUowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzI0RDQxMTAvBgNVBAUTKEJGNzRFN0U2MTRENEIyMkU0QjdGRTQwQjZCRUNFRkQx
NzA1QUNGQzEwHhcNMjQwMzA1MDEwMzMzWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWU2NmY2NC1iNjdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw1QHNaYe5Un91JxPgqL2p2mikcz1ikDuRizOb3y5BWJK/8WEMTD3yKqeYGsI
WKFsL/ljyee7sAWy1BDaCT5H/yGScb6IUbh5AZpvq+I7NQRTffRHWAf5gg8s2t+G
mV8lIrGj6x9+SZ7YH5GvQvFd8BZRe3/+CK1SF03Lc/55jdihUMCp5bUZ8PFzFJHk
pGc1B650t+ZTKJLcWG7KIOQIeiaBR6Pts/+Emw2SRK9JBC/F8FcVe8hajRwqEckQ
fT9IbEbutfbFtWsOOKly/oHmxHiiBs6/nk6Ii8eDg2ZOfWDLvKJt+BU3nTvd18sG
UI8rgJ8jPNOsWZmg9Unj4qL2bQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFCkosXMB
jQju1l/34yppZX0cByYOMB8GA1UdIwQYMBaAFL905+YU1LIuS3/kC2vs79FwWs/B
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMjRENC8xQTZFNzUxQ0E3
MUYxMUVCODQ4QUYwMzBDNEY5QUUwMi92M1RuNWhUVXNpNUxmLVFMYS16djBYQmF6
OEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3YzVG41aFRVc2k1TGYtUUxhLXp2MFhCYXo4RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzI0RDQvMUE2RTc1MUNBNzFGMTFFQjg0OEFGMDMwQzRGOUFFMDIvREQ2NDNFQkNF
MDBDMTFFRDhDNzFDNzA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBADL16cDBADL164DBADL17IwDQYJKoZIhvcNAQELBQADggEB
AIWlBicMehf4Q7ALI0H+o1tu/4y7VHYlIv5weq0bbNNDXK/surxC0zUt14Ablcdx
r2DRg7QYu0NmbRknNH5fx1jKdvQ8CfgYkhGfKAAUID6aqKF+qkC2x53ZDIXzloBi
3SFy0r/rcawu+iao1bJMG5jEEX710Ek+Upobn7H4THP+QMRlw3HGDWWcWf/8PXBu
pRgWADiokNb2vSReQBH1X/j7pASsbCb7DxHTzvUgydidJuDuX76+Ta1hatCT1CzS
ARL628zYArcQkwJOV4ZqPmfNR93iiadk/Ij94rCHSQl103cfdHz6YSwCAXmFx1tG
+AVhguLyyuuO7CSrL+yMmPc=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:50:02 2025 by rpki-client