Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915180C/9A7CD3EA96B511E684F73411C4F9AE02/5F313E6A99D611E6BB89D557C4F9AE02.roa
File: 5F313E6A99D611E6BB89D557C4F9AE02.roa (raw, json)
Hash identifier: quQxqNwWkulIRmJT2I6ZYZNStKYWsMI4R3sbyT8S9tA=
Subject key identifier: 3D:E0:A8:0E:11:1C:D6:66:50:BC:4F:2F:DC:98:1B:CC:EF:DC:0F:C8
Certificate issuer: /CN=A915180C/serialNumber=9A665201D6160F31D76B9D217A1DFFEAD12CBA82
Certificate serial: 1D32
Authority key identifier: 9A:66:52:01:D6:16:0F:31:D7:6B:9D:21:7A:1D:FF:EA:D1:2C:BA:82
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mmZSAdYWDzHXa50heh3_6tEsuoI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915180C/9A7CD3EA96B511E684F73411C4F9AE02/5F313E6A99D611E6BB89D557C4F9AE02.roa
Signing time: Fri 26 Jul 2024 16:34:19 +0000
ROA not before: Fri 26 Jul 2024 16:34:19 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 45264
IP address blocks: 202.90.40.0/24 maxlen: 24
202.90.192.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7474 (0x1d32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915180C/serialNumber=9A665201D6160F31D76B9D217A1DFFEAD12CBA82
Validity
Not Before: Jul 26 16:34:19 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66a3d00b-c950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:02:bd:a8:bf:2e:c8:ea:b9:37:31:46:01:a2:
55:44:72:02:7a:52:d6:05:ae:fa:83:37:e6:74:08:
e8:b8:0c:ae:c8:68:15:0f:95:6c:59:df:d7:b0:64:
e5:d1:0c:a7:c4:6d:d4:07:ba:e2:49:10:a6:f4:5a:
ac:bd:3b:da:39:97:31:ec:eb:8c:e9:e1:c5:f4:8b:
8c:67:44:8f:6f:21:7a:a4:57:5c:bd:85:78:7a:70:
c1:27:c3:20:7d:62:ce:e0:fb:e7:e4:95:2c:36:10:
87:af:0b:23:64:fd:99:6e:97:69:20:df:a3:39:68:
81:da:5d:a1:c1:cc:3a:86:3f:1a:f3:12:bf:a3:52:
da:65:f0:40:e2:7f:2b:d9:11:f4:20:32:d8:68:ab:
30:45:4e:fa:4e:44:bc:25:81:fe:bb:53:75:6a:8e:
2e:02:9a:fa:81:13:b8:bb:60:cd:8b:72:ba:89:a6:
90:8d:5b:f1:21:6c:46:0b:69:2e:5a:ba:70:9d:57:
41:e9:9c:10:3b:45:a0:f8:63:90:43:9c:08:be:3f:
3d:e0:76:9f:7b:9a:36:5b:19:eb:10:c3:5c:7d:06:
1b:85:51:94:3e:2b:69:f1:d7:26:0f:1b:cf:f9:1b:
d6:40:b8:ce:c2:8b:3c:a2:91:d2:51:53:15:6d:02:
3d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:E0:A8:0E:11:1C:D6:66:50:BC:4F:2F:DC:98:1B:CC:EF:DC:0F:C8
X509v3 Authority Key Identifier:
keyid:9A:66:52:01:D6:16:0F:31:D7:6B:9D:21:7A:1D:FF:EA:D1:2C:BA:82
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915180C/9A7CD3EA96B511E684F73411C4F9AE02/mmZSAdYWDzHXa50heh3_6tEsuoI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mmZSAdYWDzHXa50heh3_6tEsuoI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915180C/9A7CD3EA96B511E684F73411C4F9AE02/5F313E6A99D611E6BB89D557C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.90.40.0/24
202.90.192.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:a1:36:dc:44:8a:52:5e:8b:2a:84:c9:37:03:91:72:2e:47:
f5:7c:b1:aa:f5:99:92:d8:f6:73:00:dc:fc:94:dc:21:56:0e:
93:bb:6c:a6:d4:84:22:6f:a6:c2:64:31:8a:4b:90:b3:b9:86:
20:c0:6a:57:0f:d4:41:b8:0c:92:dd:02:ee:64:fa:b6:49:a7:
9f:fc:5e:1d:61:77:62:b2:4e:db:5f:16:7a:10:5f:4e:65:56:
f3:3d:3f:97:ed:cf:89:00:2c:7e:07:35:a9:b5:88:5b:10:a6:
e6:6c:f1:0b:eb:b7:f8:9d:85:90:14:c2:bb:69:27:08:78:61:
a1:d2:69:b2:ec:13:6c:4e:40:b3:7c:ca:51:3a:78:cc:2d:bb:
ec:84:6b:8b:38:d7:c3:21:7b:7b:33:0c:b8:d2:bf:2c:2e:e3:
ae:9c:33:0d:b8:83:0d:61:9f:ba:e4:09:05:27:1b:a5:a4:4d:
89:09:a0:75:79:86:7c:68:86:b9:4e:5b:36:ef:1e:76:d4:cb:
75:0a:00:5b:8a:54:c0:5c:b9:0b:3a:ba:b0:6c:60:74:00:e8:
90:b5:83:f6:d9:e2:f8:e0:6b:fe:1c:51:49:04:48:d4:a1:5e:
7f:2e:ef:20:8c:59:b2:8e:6a:6a:28:74:18:de:4c:d8:cc:77:
ed:f9:4a:97
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICHTIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTE4MEMxMTAvBgNVBAUTKDlBNjY1MjAxRDYxNjBGMzFENzZCOUQyMTdBMURGRkVB
RDEyQ0JBODIwHhcNMjQwNzI2MTYzNDE5WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmEzZDAwYi1jOTUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvAK9qL8uyOq5NzFGAaJVRHICelLWBa76gzfmdAjouAyuyGgVD5VsWd/XsGTl
0QynxG3UB7riSRCm9FqsvTvaOZcx7OuM6eHF9IuMZ0SPbyF6pFdcvYV4enDBJ8Mg
fWLO4Pvn5JUsNhCHrwsjZP2ZbpdpIN+jOWiB2l2hwcw6hj8a8xK/o1LaZfBA4n8r
2RH0IDLYaKswRU76TkS8JYH+u1N1ao4uApr6gRO4u2DNi3K6iaaQjVvxIWxGC2ku
WrpwnVdB6ZwQO0Wg+GOQQ5wIvj894Hafe5o2WxnrEMNcfQYbhVGUPitp8dcmDxvP
+RvWQLjOwos8opHSUVMVbQI9WQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFD3gqA4R
HNZmULxPL9yYG8zv3A/IMB8GA1UdIwQYMBaAFJpmUgHWFg8x12udIXod/+rRLLqC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTgwQy85QTdDRDNFQTk2
QjUxMUU2ODRGNzM0MTFDNEY5QUUwMi9tbVpTQWRZV0R6SFhhNTBoZWgzXzZ0RXN1
b0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21tWlNBZFlXRHpIWGE1MGhlaDNfNnRFc3VvSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTE4MEMvOUE3Q0QzRUE5NkI1MTFFNjg0RjczNDExQzRGOUFFMDIvNUYzMTNFNkE5
OUQ2MTFFNkJCODlENTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBADKWigDBADKWsAwDQYJKoZIhvcNAQELBQADggEBAIqhNtxE
ilJeiyqEyTcDkXIuR/V8sar1mZLY9nMA3PyU3CFWDpO7bKbUhCJvpsJkMYpLkLO5
hiDAalcP1EG4DJLdAu5k+rZJp5/8Xh1hd2KyTttfFnoQX05lVvM9P5ftz4kALH4H
Nam1iFsQpuZs8Qvrt/idhZAUwrtpJwh4YaHSabLsE2xOQLN8ylE6eMwtu+yEa4s4
18Mhe3szDLjSvywu466cMw24gw1hn7rkCQUnG6WkTYkJoHV5hnxohrlOWzbvHnbU
y3UKAFuKVMBcuQs6urBsYHQA6JC1g/bZ4vjga/4cUUkESNShXn8u7yCMWbKOamoo
dBjeTNjMd+35Spc=
-----END CERTIFICATE-----
Generated at Tue May 13 03:37:30 2025 by rpki-client