Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913EF1D/BA9CD8ACECE611EEAAE9E81EC4F9AE02/1AE7ED46ECE711EEB12F9A1FC4F9AE02.roa
File: 1AE7ED46ECE711EEB12F9A1FC4F9AE02.roa (raw, json)
Hash identifier: m9zx1AVUACe9KzDw479cfbbFriC6mFsG6T1S/u9b5og=
Subject key identifier: 40:05:74:A8:53:9E:DA:BD:DC:F0:7A:E2:80:E2:C3:D8:CD:D2:6B:03
Certificate issuer: /CN=A913EF1D/serialNumber=8FE5A7C998FB8B78AC331EAE83BC178623EE3C9E
Certificate serial: 4F
Authority key identifier: 8F:E5:A7:C9:98:FB:8B:78:AC:33:1E:AE:83:BC:17:86:23:EE:3C:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/j-WnyZj7i3isMx6ug7wXhiPuPJ4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913EF1D/BA9CD8ACECE611EEAAE9E81EC4F9AE02/1AE7ED46ECE711EEB12F9A1FC4F9AE02.roa
Signing time: Tue 27 Aug 2024 10:42:10 +0000
ROA not before: Tue 27 Aug 2024 10:42:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 152661
IP address blocks: 203.28.104.0/23 maxlen: 23
203.28.104.0/24 maxlen: 24
203.28.105.0/24 maxlen: 24
2401:8d60::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79 (0x4f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913EF1D/serialNumber=8FE5A7C998FB8B78AC331EAE83BC178623EE3C9E
Validity
Not Before: Aug 27 10:42:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66cdad82-5845
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:13:dd:c1:e1:27:0f:69:21:ab:0e:73:1d:9c:
60:55:e0:75:d2:4d:68:e4:1a:ae:ec:34:88:90:4d:
e0:84:40:40:d2:ba:17:dc:f0:c7:d0:6d:11:93:61:
ff:50:1b:af:6e:4b:2c:35:7a:b2:2a:9a:4b:7b:bb:
d7:d3:eb:e3:3d:14:f4:5e:46:9f:8a:b0:aa:c3:b0:
f3:00:34:1e:a1:31:cb:a5:aa:79:c6:df:98:01:d2:
82:8b:21:a7:04:58:ad:b7:21:d6:9c:bb:8f:7e:98:
53:be:64:f5:c7:68:52:ba:2f:02:19:d5:f5:ea:e6:
69:de:b3:e4:b2:8c:85:25:9a:0f:a1:7c:80:23:bd:
ef:26:2f:bb:b0:20:7e:f4:bb:73:34:12:cb:bb:68:
2a:72:02:34:e8:92:a8:3c:20:9d:77:d1:ec:07:aa:
01:3b:6e:0e:80:80:3e:fb:91:1b:0b:ff:05:71:58:
6b:9d:19:05:a8:78:22:a7:e9:d5:81:00:95:d9:dc:
82:5f:19:57:62:f3:b6:16:a6:36:60:dd:96:ab:b8:
62:41:c1:19:f3:0e:cc:d0:97:0e:64:bb:35:ce:94:
2c:9b:15:e7:43:67:a1:c6:a1:92:33:94:9a:50:75:
fa:13:8d:55:82:78:aa:37:05:76:fa:e7:f7:bb:8b:
ad:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:05:74:A8:53:9E:DA:BD:DC:F0:7A:E2:80:E2:C3:D8:CD:D2:6B:03
X509v3 Authority Key Identifier:
keyid:8F:E5:A7:C9:98:FB:8B:78:AC:33:1E:AE:83:BC:17:86:23:EE:3C:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913EF1D/BA9CD8ACECE611EEAAE9E81EC4F9AE02/j-WnyZj7i3isMx6ug7wXhiPuPJ4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/j-WnyZj7i3isMx6ug7wXhiPuPJ4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913EF1D/BA9CD8ACECE611EEAAE9E81EC4F9AE02/1AE7ED46ECE711EEB12F9A1FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.28.104.0/23
IPv6:
2401:8d60::/32
Signature Algorithm: sha256WithRSAEncryption
23:dc:92:27:c9:38:a8:ee:b6:d4:41:90:b9:ac:25:bc:ea:f5:
d5:1b:2a:a2:47:3e:96:7f:8d:3f:d8:e8:bf:23:56:9b:80:7c:
8d:86:42:63:4d:73:7b:d9:64:74:23:ff:37:38:0f:15:e9:1a:
92:9a:0c:e6:7c:c6:42:08:80:be:73:74:42:e2:4d:ad:0d:17:
b2:e5:a3:b2:cb:10:a0:4e:db:a1:9b:da:19:90:c4:99:b4:b9:
32:0c:e2:73:97:97:dd:64:e8:82:06:43:fd:28:c0:b4:f8:3c:
4c:8b:64:79:1b:88:1e:c2:0e:59:aa:70:0f:6b:21:0c:c9:4c:
8a:5a:d2:eb:42:7a:af:ce:bc:1e:85:ba:6f:83:e4:47:93:fb:
8e:43:f3:8c:bf:14:e3:e0:fb:58:97:8a:b1:4c:28:41:86:4d:
c0:dd:2a:97:ba:05:9c:da:dd:7c:df:72:f2:13:b0:db:23:18:
d7:6c:e1:35:4b:c4:42:2c:ed:3a:7b:49:ce:44:18:86:a6:07:
50:54:47:d0:6f:8c:70:a3:74:1d:64:e8:db:ab:26:40:3f:40:
ad:e7:e0:d5:e3:08:e4:57:3c:72:a7:ad:9e:25:79:13:d9:bd:
ab:4c:f6:d7:57:a9:4e:58:fe:85:4c:95:a0:92:ad:d2:b3:6d:
20:63:59:42
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBTzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
RUYxRDExMC8GA1UEBRMoOEZFNUE3Qzk5OEZCOEI3OEFDMzMxRUFFODNCQzE3ODYy
M0VFM0M5RTAeFw0yNDA4MjcxMDQyMTBaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2Y2RhZDgyLTU4NDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC0E93B4ScPaSGrDnMdnGBV4HXSTWjkGq7sNIiQTeCEQEDSuhfc8MfQbRGTYf9Q
G69uSyw1erIqmkt7u9fT6+M9FPReRp+KsKrDsPMANB6hMculqnnG35gB0oKLIacE
WK23Idacu49+mFO+ZPXHaFK6LwIZ1fXq5mnes+SyjIUlmg+hfIAjve8mL7uwIH70
u3M0Esu7aCpyAjTokqg8IJ130ewHqgE7bg6AgD77kRsL/wVxWGudGQWoeCKn6dWB
AJXZ3IJfGVdi87YWpjZg3ZaruGJBwRnzDszQlw5kuzXOlCybFedDZ6HGoZIzlJpQ
dfoTjVWCeKo3BXb65/e7i60BAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUQAV0qFOe
2r3c8HrigOLD2M3SawMwHwYDVR0jBBgwFoAUj+WnyZj7i3isMx6ug7wXhiPuPJ4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTNFRjFEL0JBOUNEOEFDRUNF
NjExRUVBQUU5RTgxRUM0RjlBRTAyL2otV255Wmo3aTNpc014NnVnN3dYaGlQdVBK
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvai1XbnlaajdpM2lzTXg2dWc3d1hoaVB1UEo0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
RUYxRC9CQTlDRDhBQ0VDRTYxMUVFQUFFOUU4MUVDNEY5QUUwMi8xQUU3RUQ0NkVD
RTcxMUVFQjEyRjlBMUZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAcscaDANBAIAAjAHAwUAJAGNYDANBgkqhkiG9w0BAQsFAAOC
AQEAI9ySJ8k4qO621EGQuawlvOr11Rsqokc+ln+NP9jovyNWm4B8jYZCY01ze9lk
dCP/NzgPFekakpoM5nzGQgiAvnN0QuJNrQ0XsuWjsssQoE7boZvaGZDEmbS5Mgzi
c5eX3WToggZD/SjAtPg8TItkeRuIHsIOWapwD2shDMlMilrS60J6r868HoW6b4Pk
R5P7jkPzjL8U4+D7WJeKsUwoQYZNwN0ql7oFnNrdfN9y8hOw2yMY12zhNUvEQizt
OntJzkQYhqYHUFRH0G+McKN0HWTo26smQD9Arefg1eMI5Fc8cqetniV5E9m9q0z2
11epTlj+hUyVoJKt0rNtIGNZQg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 19:46:39 2025 by rpki-client