Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9153134/E65FA8A0545311EF8AD77409C4F9AE02/F3B36C48545411EFA3BC6B2BC4F9AE02.roa
File: F3B36C48545411EFA3BC6B2BC4F9AE02.roa (raw, json)
Hash identifier: XyZFxo5dk/YKYCu8Vu1hnlg71wL2V/Va24kQXoHz5hE=
Subject key identifier: AA:A1:9E:A5:F7:19:C8:70:86:94:3B:B6:68:C8:D4:62:5F:EF:8C:4A
Certificate issuer: /CN=A9153134/serialNumber=8442DC46024006011AD5CF48CD7E4C48BB97A11E
Certificate serial: 4F
Authority key identifier: 84:42:DC:46:02:40:06:01:1A:D5:CF:48:CD:7E:4C:48:BB:97:A1:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hELcRgJABgEa1c9IzX5MSLuXoR4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9153134/E65FA8A0545311EF8AD77409C4F9AE02/F3B36C48545411EFA3BC6B2BC4F9AE02.roa
Signing time: Thu 24 Oct 2024 23:42:30 +0000
ROA not before: Thu 24 Oct 2024 23:42:30 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 24005
IP address blocks: 202.170.160.0/24 maxlen: 24
202.170.161.0/24 maxlen: 24
202.170.162.0/24 maxlen: 24
202.170.163.0/24 maxlen: 24
202.170.164.0/24 maxlen: 24
202.170.165.0/24 maxlen: 24
202.170.166.0/24 maxlen: 24
202.170.167.0/24 maxlen: 24
202.170.168.0/24 maxlen: 24
202.170.169.0/24 maxlen: 24
202.170.170.0/24 maxlen: 24
202.170.171.0/24 maxlen: 24
202.170.172.0/24 maxlen: 24
202.170.173.0/24 maxlen: 24
202.170.174.0/24 maxlen: 24
202.170.175.0/24 maxlen: 24
2407:1000::/32 maxlen: 32
2407:1000:1000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79 (0x4f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9153134/serialNumber=8442DC46024006011AD5CF48CD7E4C48BB97A11E
Validity
Not Before: Oct 24 23:42:30 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=671adb66-aa6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c1:a8:05:77:ef:dd:58:39:e7:5b:f4:3a:6f:
cd:37:4e:a5:f6:13:6c:c1:9f:26:ea:3e:95:f1:79:
02:27:77:34:89:e7:f2:1b:72:a2:53:71:01:c3:32:
71:4d:bf:6a:d6:11:4b:e2:f8:5b:e7:94:a0:c8:23:
39:fa:81:82:4a:3c:37:9a:df:d5:a9:01:7a:37:cb:
12:e8:45:48:c9:1e:36:f4:d9:43:56:db:04:18:8e:
5e:50:19:37:a7:43:dd:c8:89:c4:f5:bd:85:bf:02:
2c:e0:d5:95:81:13:6e:a0:5b:d0:49:d8:79:59:46:
63:18:65:b2:d9:8a:db:99:27:0c:b5:24:a2:3f:f5:
e7:61:59:aa:bf:73:13:83:b7:30:42:4a:73:a9:77:
eb:14:dd:2c:31:35:9c:3f:b2:79:da:e2:14:c9:26:
36:c0:f1:d1:4e:97:48:b9:3e:a5:6a:d1:e9:42:f4:
59:2d:27:8c:ca:d3:6e:b8:4f:bc:97:97:09:91:2d:
b0:33:2a:34:4f:b5:71:9c:26:e8:32:2c:5f:52:63:
e4:b1:1f:ef:5c:86:8b:56:40:37:b9:60:57:3e:b3:
54:9c:45:42:66:86:83:ea:77:88:c5:45:25:1a:8b:
70:2c:ef:3a:1b:90:07:ed:d2:96:4b:7f:2b:ef:b6:
d9:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:A1:9E:A5:F7:19:C8:70:86:94:3B:B6:68:C8:D4:62:5F:EF:8C:4A
X509v3 Authority Key Identifier:
keyid:84:42:DC:46:02:40:06:01:1A:D5:CF:48:CD:7E:4C:48:BB:97:A1:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9153134/E65FA8A0545311EF8AD77409C4F9AE02/hELcRgJABgEa1c9IzX5MSLuXoR4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hELcRgJABgEa1c9IzX5MSLuXoR4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153134/E65FA8A0545311EF8AD77409C4F9AE02/F3B36C48545411EFA3BC6B2BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.170.160.0/20
IPv6:
2407:1000::/32
Signature Algorithm: sha256WithRSAEncryption
27:1a:ee:9c:2a:f7:67:2b:ad:9f:cc:be:30:46:66:83:0b:f0:
db:ff:f1:7d:8c:da:9b:9a:33:20:e9:b3:4b:32:53:b6:66:ee:
e2:90:78:6f:43:97:63:2a:62:02:f7:ef:d0:bc:3a:1e:7d:16:
d5:f2:56:7f:eb:b0:05:1a:b0:8a:90:8d:c1:65:b2:99:cf:6b:
a5:18:38:7e:34:ea:aa:d5:3f:13:94:af:c4:52:9c:14:1a:b0:
87:7f:ff:a6:8c:0f:05:ad:e1:fd:18:ae:ca:f4:b1:1b:45:13:
60:16:1c:52:28:90:5f:09:d2:68:ff:d6:f5:e0:90:61:f9:22:
a8:65:2d:25:c5:7b:58:2c:99:76:67:ee:1d:71:a7:ea:36:81:
ca:e3:61:7a:1f:a1:af:54:4c:84:b6:3b:74:13:58:94:d7:9a:
43:1b:16:f5:63:9a:74:34:32:15:90:f7:21:24:21:24:5e:20:
4d:44:ff:46:6a:82:aa:82:e2:9a:c5:85:bf:e8:c4:ca:a6:bb:
da:58:ae:d7:7d:a2:b4:fa:18:42:dc:51:8d:5a:4b:cf:2a:42:
05:f9:36:d8:2f:0e:bd:3b:58:ae:cf:12:ff:e1:50:11:09:29:
a2:18:35:4a:ad:09:d2:f3:11:e8:ff:1f:65:6a:9c:f4:63:8b:
cd:99:a3:62
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBTzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
MzEzNDExMC8GA1UEBRMoODQ0MkRDNDYwMjQwMDYwMTFBRDVDRjQ4Q0Q3RTRDNDhC
Qjk3QTExRTAeFw0yNDEwMjQyMzQyMzBaFw0yNTEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MWFkYjY2LWFhNmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCewagFd+/dWDnnW/Q6b803TqX2E2zBnybqPpXxeQIndzSJ5/IbcqJTcQHDMnFN
v2rWEUvi+FvnlKDIIzn6gYJKPDea39WpAXo3yxLoRUjJHjb02UNW2wQYjl5QGTen
Q93IicT1vYW/Aizg1ZWBE26gW9BJ2HlZRmMYZbLZituZJwy1JKI/9edhWaq/cxOD
tzBCSnOpd+sU3SwxNZw/snna4hTJJjbA8dFOl0i5PqVq0elC9FktJ4zK0264T7yX
lwmRLbAzKjRPtXGcJugyLF9SY+SxH+9chotWQDe5YFc+s1ScRUJmhoPqd4jFRSUa
i3As7zobkAft0pZLfyvvttmLAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUqqGepfcZ
yHCGlDu2aMjUYl/vjEowHwYDVR0jBBgwFoAUhELcRgJABgEa1c9IzX5MSLuXoR4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUzMTM0L0U2NUZBOEEwNTQ1
MzExRUY4QUQ3NzQwOUM0RjlBRTAyL2hFTGNSZ0pBQmdFYTFjOUl6WDVNU0x1WG9S
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaEVMY1JnSkFCZ0VhMWM5SXpYNU1TTHVYb1I0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
MzEzNC9FNjVGQThBMDU0NTMxMUVGOEFENzc0MDlDNEY5QUUwMi9GM0IzNkM0ODU0
NTQxMUVGQTNCQzZCMkJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEBMqqoDANBAIAAjAHAwUAJAcQADANBgkqhkiG9w0BAQsFAAOC
AQEAJxrunCr3Zyutn8y+MEZmgwvw2//xfYzam5ozIOmzSzJTtmbu4pB4b0OXYypi
Avfv0Lw6Hn0W1fJWf+uwBRqwipCNwWWymc9rpRg4fjTqqtU/E5SvxFKcFBqwh3//
powPBa3h/RiuyvSxG0UTYBYcUiiQXwnSaP/W9eCQYfkiqGUtJcV7WCyZdmfuHXGn
6jaByuNheh+hr1RMhLY7dBNYlNeaQxsW9WOadDQyFZD3ISQhJF4gTUT/RmqCqoLi
msWFv+jEyqa72liu132itPoYQtxRjVpLzypCBfk22C8OvTtYrs8S/+FQEQkpohg1
Sq0J0vMR6P8fZWqc9GOLzZmjYg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:20:29 2025 by rpki-client