Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/42D4C3BC0D0611EFA3ECB057C4F9AE02.roa
File: 42D4C3BC0D0611EFA3ECB057C4F9AE02.roa (raw, json)
Hash identifier: WLJNmT8BOYYMNdfpRbPWhPUo9IIV/6pC4TA71i+Sw7k=
Subject key identifier: 6D:02:D0:B0:A2:EA:6C:C9:8A:C2:1B:31:7E:4A:F6:7C:30:87:52:EE
Certificate issuer: /CN=A9161099/serialNumber=03A02E2F5DABF0FF3938628BC4FF5FB61653F045
Certificate serial: 72
Authority key identifier: 03:A0:2E:2F:5D:AB:F0:FF:39:38:62:8B:C4:FF:5F:B6:16:53:F0:45
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A6AuL12r8P85OGKLxP9fthZT8EU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/42D4C3BC0D0611EFA3ECB057C4F9AE02.roa
Signing time: Thu 10 Oct 2024 04:49:54 +0000
ROA not before: Thu 10 Oct 2024 04:49:54 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 121.127.32.0/24 maxlen: 24
202.157.180.0/23 maxlen: 24
2401:cb60::/48 maxlen: 48
2401:cb60:1::/48 maxlen: 48
2401:cb60:2::/48 maxlen: 48
2401:cb60:3::/48 maxlen: 48
2401:cb60:4::/48 maxlen: 48
2401:cb60:5::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114 (0x72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9161099/serialNumber=03A02E2F5DABF0FF3938628BC4FF5FB61653F045
Validity
Not Before: Oct 10 04:49:54 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67075cf2-15c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:84:57:b0:90:3d:ab:0d:a8:9e:11:6a:79:14:
91:a9:55:64:c0:18:bb:e8:07:b9:71:32:5c:d5:35:
58:9b:58:60:8c:ce:61:3d:e6:e9:b7:81:8c:d8:fd:
42:58:94:90:45:1e:f4:cc:ea:0f:cd:4c:d0:ae:64:
4f:77:ad:3b:b1:9f:42:5d:49:cb:2f:67:a8:c1:4c:
6b:ef:53:fe:10:f2:85:ff:06:78:d8:8d:77:ac:b3:
0e:39:c4:ae:b8:af:b9:8c:ff:3b:25:42:a9:03:5f:
7b:57:92:ee:fb:f6:d6:1a:4a:cd:64:82:df:31:e0:
dd:30:18:2d:f0:ef:18:0e:7d:92:a5:04:4b:37:bb:
34:a3:db:e8:d0:31:c9:fc:90:76:95:29:5f:d2:89:
c7:bb:84:35:28:65:c5:a3:c9:ca:ed:3a:5a:d1:8f:
c2:71:fe:f9:58:55:5f:3d:fe:fc:ac:30:26:04:ae:
0a:e7:be:af:85:18:4e:98:37:3e:03:15:33:15:ce:
13:1c:64:19:62:88:5a:ed:5a:b2:35:50:42:7d:35:
b0:c8:71:98:94:05:9d:dc:be:df:90:53:cb:f3:54:
7e:94:e6:28:df:fc:e1:0f:80:ee:6a:6a:ea:e0:1f:
8a:e9:68:8e:11:cc:3f:af:17:38:cb:cc:5b:f3:45:
45:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:02:D0:B0:A2:EA:6C:C9:8A:C2:1B:31:7E:4A:F6:7C:30:87:52:EE
X509v3 Authority Key Identifier:
keyid:03:A0:2E:2F:5D:AB:F0:FF:39:38:62:8B:C4:FF:5F:B6:16:53:F0:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/A6AuL12r8P85OGKLxP9fthZT8EU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A6AuL12r8P85OGKLxP9fthZT8EU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/42D4C3BC0D0611EFA3ECB057C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
121.127.32.0/24
202.157.180.0/23
IPv6:
2401:cb60::-2401:cb60:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
97:b2:79:09:12:90:8c:eb:5a:0c:ad:f4:ac:04:9d:f6:62:26:
f8:db:94:37:0d:d2:89:e8:f4:80:89:87:30:95:02:c7:e4:6a:
b3:73:67:17:06:42:1e:70:32:68:08:d2:77:59:a3:d2:18:87:
2b:2a:b8:cc:ab:cb:03:ac:b2:07:50:70:74:1b:b2:b0:a0:d4:
e0:4e:45:6f:02:75:83:33:ce:d6:0e:df:85:3c:c7:d3:a2:f0:
ee:68:9a:79:8e:c7:4d:90:92:9b:b3:ff:85:87:45:28:98:b7:
48:82:53:4b:73:d6:7b:70:5c:1b:17:c6:b6:18:5e:31:19:91:
fd:73:41:6f:9c:61:c5:63:80:1f:0f:4e:f1:40:f3:b1:80:da:
44:c1:81:2a:9f:62:63:d0:e3:f9:63:37:19:79:ee:f4:ee:a3:
fb:22:ff:9b:cd:8b:ea:97:ce:28:6e:e0:43:98:52:42:7c:18:
0c:df:fb:b4:86:ed:43:77:9b:5b:65:30:7a:f4:53:31:bc:a0:
7b:7b:74:0b:a6:64:ba:b5:cc:96:ff:53:1e:b6:7d:db:c0:c1:
7d:9c:ca:2a:ec:f4:4d:d4:e0:0a:ac:7e:44:c0:cc:3d:a4:dd:
dc:4c:e1:5e:0d:10:9b:ba:55:6a:52:e8:51:36:ec:56:bb:be:
13:1a:5a:e5
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIBcjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
MTA5OTExMC8GA1UEBRMoMDNBMDJFMkY1REFCRjBGRjM5Mzg2MjhCQzRGRjVGQjYx
NjUzRjA0NTAeFw0yNDEwMTAwNDQ5NTRaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MDc1Y2YyLTE1YzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDahFewkD2rDaieEWp5FJGpVWTAGLvoB7lxMlzVNVibWGCMzmE95um3gYzY/UJY
lJBFHvTM6g/NTNCuZE93rTuxn0JdScsvZ6jBTGvvU/4Q8oX/BnjYjXessw45xK64
r7mM/zslQqkDX3tXku779tYaSs1kgt8x4N0wGC3w7xgOfZKlBEs3uzSj2+jQMcn8
kHaVKV/Sice7hDUoZcWjycrtOlrRj8Jx/vlYVV89/vysMCYErgrnvq+FGE6YNz4D
FTMVzhMcZBliiFrtWrI1UEJ9NbDIcZiUBZ3cvt+QU8vzVH6U5ijf/OEPgO5qaurg
H4rpaI4RzD+vFzjLzFvzRUVXAgMBAAGjggK1MIICsTAdBgNVHQ4EFgQUbQLQsKLq
bMmKwhsxfkr2fDCHUu4wHwYDVR0jBBgwFoAUA6AuL12r8P85OGKLxP9fthZT8EUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYxMDk5L0ZEMzY3QzcwMEQw
NDExRUY4NUU0NkY1NUM0RjlBRTAyL0E2QXVMMTJyOFA4NU9HS0x4UDlmdGhaVDhF
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQTZBdUwxMnI4UDg1T0dLTHhQOWZ0aFpUOEVVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
MTA5OS9GRDM2N0M3MDBEMDQxMUVGODVFNDZGNTVDNEY5QUUwMi80MkQ0QzNCQzBE
MDYxMUVGQTNFQ0IwNTdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA/BggrBgEFBQcBBwEB/wQw
MC4wEgQCAAEwDAMEAHl/IAMEAcqdtDAYBAIAAjASMBADBQUkActgAwcBJAHLYAAE
MA0GCSqGSIb3DQEBCwUAA4IBAQCXsnkJEpCM61oMrfSsBJ32Yib425Q3DdKJ6PSA
iYcwlQLH5Gqzc2cXBkIecDJoCNJ3WaPSGIcrKrjMq8sDrLIHUHB0G7KwoNTgTkVv
AnWDM87WDt+FPMfTovDuaJp5jsdNkJKbs/+Fh0UomLdIglNLc9Z7cFwbF8a2GF4x
GZH9c0FvnGHFY4AfD07xQPOxgNpEwYEqn2Jj0OP5YzcZee707qP7Iv+bzYvql84o
buBDmFJCfBgM3/u0hu1Dd5tbZTB69FMxvKB7e3QLpmS6tcyW/1Metn3bwMF9nMoq
7PRN1OAKrH5EwMw9pN3cTOFeDRCbulVqUuhRNuxWu74TGlrl
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:15:50 2025 by rpki-client