Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143921/E95C7DACB28811EEAA235519C4F9AE02/FD252B2CB8FF11EE96506121C4F9AE02.roa
File: FD252B2CB8FF11EE96506121C4F9AE02.roa (raw, json)
Hash identifier: NtM1gljDSWkXNtqDJR3psbzkHxJ8rzF6tLIeyvY/heg=
Subject key identifier: 85:77:C1:58:C0:40:52:42:6F:C8:0D:83:F5:A8:DB:76:40:96:1E:E6
Certificate issuer: /CN=A9143921/serialNumber=C37568234ABEC7980F6E177D48D0B431640DD33A
Certificate serial: CB
Authority key identifier: C3:75:68:23:4A:BE:C7:98:0F:6E:17:7D:48:D0:B4:31:64:0D:D3:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/w3VoI0q-x5gPbhd9SNC0MWQN0zo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143921/E95C7DACB28811EEAA235519C4F9AE02/FD252B2CB8FF11EE96506121C4F9AE02.roa
Signing time: Tue 21 Jan 2025 04:08:15 +0000
ROA not before: Tue 21 Jan 2025 04:08:15 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 152140
IP address blocks: 210.87.126.0/23 maxlen: 23
210.87.126.0/24 maxlen: 24
210.87.127.0/24 maxlen: 24
2001:df3:4040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 203 (0xcb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143921/serialNumber=C37568234ABEC7980F6E177D48D0B431640DD33A
Validity
Not Before: Jan 21 04:08:15 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=678f1daf-d447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f3:b6:0a:b5:ad:a8:ba:85:b8:83:d2:2e:95:
eb:dd:b9:c0:74:c4:ef:d5:7e:9f:bc:97:52:50:8a:
00:2d:06:b9:02:6a:01:b2:97:12:40:e5:44:ed:ef:
c5:d8:e0:1b:27:4d:ac:cc:96:84:85:8e:e2:b5:a1:
c2:08:19:55:96:fc:88:68:52:28:b6:26:e4:85:aa:
9f:ee:b9:98:ad:7e:2f:ff:8b:16:d6:fc:4b:05:22:
64:8e:9a:81:59:4a:14:4e:e1:9c:e9:8c:e8:ae:6c:
88:30:96:9f:78:05:ce:8a:d1:da:d0:99:62:5b:1e:
8c:03:ff:38:f1:62:16:16:84:70:34:37:d5:5c:71:
40:5b:6b:3d:67:76:b6:8f:d5:34:c7:fb:dc:dc:90:
c6:6b:9c:69:65:77:14:1c:35:fd:b6:00:db:f3:d7:
23:7d:0b:aa:2f:e4:98:6d:e1:75:c8:ac:50:20:b1:
d3:e1:fc:af:aa:4c:38:24:71:1c:1b:29:bd:f5:23:
89:4e:38:08:00:ac:82:c6:c1:dd:1e:ca:f3:55:31:
8f:b3:a5:2c:a5:68:2a:db:df:3d:6d:c5:32:cb:1a:
a2:bd:1a:ae:4f:01:6e:86:fe:2a:10:46:cc:0c:bc:
bf:d3:af:8f:29:7d:cf:e5:b2:88:cf:ea:b5:dd:bf:
a6:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:77:C1:58:C0:40:52:42:6F:C8:0D:83:F5:A8:DB:76:40:96:1E:E6
X509v3 Authority Key Identifier:
keyid:C3:75:68:23:4A:BE:C7:98:0F:6E:17:7D:48:D0:B4:31:64:0D:D3:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143921/E95C7DACB28811EEAA235519C4F9AE02/w3VoI0q-x5gPbhd9SNC0MWQN0zo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/w3VoI0q-x5gPbhd9SNC0MWQN0zo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143921/E95C7DACB28811EEAA235519C4F9AE02/FD252B2CB8FF11EE96506121C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
210.87.126.0/23
IPv6:
2001:df3:4040::/48
Signature Algorithm: sha256WithRSAEncryption
8a:26:01:8d:e4:70:96:00:ad:45:90:df:ba:74:a2:2a:12:41:
1f:f1:14:c7:cc:3a:4d:cd:35:4c:f8:67:c6:e5:76:81:8a:92:
76:fa:9e:e7:03:54:88:9a:0f:4d:24:87:09:7a:f0:6a:34:a3:
40:83:0e:47:82:4b:a3:e1:75:1e:96:49:3b:73:f8:73:7e:99:
02:27:e1:5e:dc:18:1b:cc:0e:56:52:89:16:ef:53:93:93:2b:
df:f2:e1:9b:fa:c6:96:48:d6:8a:02:b3:a3:52:0f:ec:c3:50:
d5:fa:36:52:57:0e:d4:8c:84:12:ed:27:d2:25:61:f0:97:0d:
75:6c:7a:a8:c6:70:32:44:c5:08:fc:d6:7c:5e:7c:ad:5b:0b:
d7:19:b2:48:c2:79:51:45:21:d7:6c:fd:e7:ab:7d:89:97:44:
82:6a:39:53:b2:ec:25:19:36:00:6e:9a:3a:0b:7d:0d:f5:7a:
1c:74:00:b9:b9:7d:34:b8:8c:ce:0d:8e:9d:f7:a2:cd:d3:68:
db:7f:69:e0:9f:2f:d2:65:26:2b:17:a4:89:e4:e9:0b:6e:cc:
56:24:b3:cc:b0:02:eb:5f:35:4a:30:83:f9:ba:2f:fb:fa:68:
52:d9:d0:04:e2:88:b7:96:f0:0b:4f:4e:34:70:d0:01:ca:79:
33:44:44:bd
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAMswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDM5MjExMTAvBgNVBAUTKEMzNzU2ODIzNEFCRUM3OTgwRjZFMTc3RDQ4RDBCNDMx
NjQwREQzM0EwHhcNMjUwMTIxMDQwODE1WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhmMWRhZi1kNDQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnfO2CrWtqLqFuIPSLpXr3bnAdMTv1X6fvJdSUIoALQa5AmoBspcSQOVE7e/F
2OAbJ02szJaEhY7itaHCCBlVlvyIaFIotibkhaqf7rmYrX4v/4sW1vxLBSJkjpqB
WUoUTuGc6YzormyIMJafeAXOitHa0JliWx6MA/848WIWFoRwNDfVXHFAW2s9Z3a2
j9U0x/vc3JDGa5xpZXcUHDX9tgDb89cjfQuqL+SYbeF1yKxQILHT4fyvqkw4JHEc
Gym99SOJTjgIAKyCxsHdHsrzVTGPs6UspWgq2989bcUyyxqivRquTwFuhv4qEEbM
DLy/06+PKX3P5bKIz+q13b+mdQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFIV3wVjA
QFJCb8gNg/Wo23ZAlh7mMB8GA1UdIwQYMBaAFMN1aCNKvseYD24XfUjQtDFkDdM6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MzkyMS9FOTVDN0RBQ0Iy
ODgxMUVFQUEyMzU1MTlDNEY5QUUwMi93M1ZvSTBxLXg1Z1BiaGQ5U05DME1XUU4w
em8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3czVm9JMHEteDVnUGJoZDlTTkMwTVdRTjB6by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDM5MjEvRTk1QzdEQUNCMjg4MTFFRUFBMjM1NTE5QzRGOUFFMDIvRkQyNTJCMkNC
OEZGMTFFRTk2NTA2MTIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAHSV34wDwQCAAIwCQMHACABDfNAQDANBgkqhkiG9w0BAQsF
AAOCAQEAiiYBjeRwlgCtRZDfunSiKhJBH/EUx8w6Tc01TPhnxuV2gYqSdvqe5wNU
iJoPTSSHCXrwajSjQIMOR4JLo+F1HpZJO3P4c36ZAifhXtwYG8wOVlKJFu9Tk5Mr
3/Lhm/rGlkjWigKzo1IP7MNQ1fo2UlcO1IyEEu0n0iVh8JcNdWx6qMZwMkTFCPzW
fF58rVsL1xmySMJ5UUUh12z956t9iZdEgmo5U7LsJRk2AG6aOgt9DfV6HHQAubl9
NLiMzg2OnfeizdNo239p4J8v0mUmKxekieTpC27MViSzzLAC6181SjCD+bov+/po
UtnQBOKIt5bwC09ONHDQAcp5M0REvQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:00:42 2025 by rpki-client