Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/4335BE9C0D0611EFA3ECB057C4F9AE02.roa
File: 4335BE9C0D0611EFA3ECB057C4F9AE02.roa (raw, json)
Hash identifier: Pgph1w1mxcTp0uNqETbmTV9PlZdSoRllVl1EeRomNMs=
Subject key identifier: 8C:95:09:91:31:C8:8B:A6:40:C5:5B:BD:77:98:69:FC:4B:1D:A4:BB
Certificate issuer: /CN=A9161099/serialNumber=03A02E2F5DABF0FF3938628BC4FF5FB61653F045
Certificate serial: 70
Authority key identifier: 03:A0:2E:2F:5D:AB:F0:FF:39:38:62:8B:C4:FF:5F:B6:16:53:F0:45
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A6AuL12r8P85OGKLxP9fthZT8EU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/4335BE9C0D0611EFA3ECB057C4F9AE02.roa
Signing time: Thu 10 Oct 2024 04:49:11 +0000
ROA not before: Thu 10 Oct 2024 04:49:11 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 121.127.32.0/24 maxlen: 24
202.157.180.0/23 maxlen: 24
2401:cb60::/48 maxlen: 48
2401:cb60:1::/48 maxlen: 48
2401:cb60:2::/48 maxlen: 48
2401:cb60:3::/48 maxlen: 48
2401:cb60:4::/48 maxlen: 48
2401:cb60:5::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112 (0x70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9161099/serialNumber=03A02E2F5DABF0FF3938628BC4FF5FB61653F045
Validity
Not Before: Oct 10 04:49:11 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67075cc7-c8a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9c:24:d7:15:c1:ae:1c:12:de:55:4c:55:de:
dc:9d:77:b7:b3:53:8f:c7:97:a2:6a:8f:87:41:94:
e1:12:49:87:b7:a0:c6:df:2a:68:e5:36:cb:70:ef:
f3:69:b5:7f:d6:a3:52:1d:e8:94:d4:bd:3a:52:d9:
37:e1:a9:51:d3:ae:c8:85:47:b6:9a:a8:2c:69:6c:
a1:ce:40:8e:7a:ed:3f:0b:3d:0b:f0:28:25:7f:25:
ec:fd:f8:c2:20:ea:12:6f:8a:35:a0:94:b6:73:a9:
1e:a9:6f:dd:58:88:bb:a0:95:a7:23:49:46:80:e3:
63:f7:66:43:ff:52:5f:95:8f:2f:ba:af:9b:56:db:
d5:ac:bd:d8:9a:33:26:91:c8:af:95:15:8f:31:b2:
34:3e:92:c8:e3:f3:49:6d:b3:6f:6a:c3:99:94:d7:
9b:b3:74:15:43:2b:d2:a0:f1:cb:2b:4d:a6:95:0b:
44:5e:33:83:7d:84:4c:43:61:38:6d:4b:5a:53:38:
70:b6:71:54:f9:69:3d:0e:4a:8d:11:4c:b5:10:f2:
07:d2:37:74:8f:67:ce:d5:da:56:b2:7d:da:44:a6:
3b:a6:e0:a0:a5:14:b7:59:dc:94:fa:5e:a2:f6:ff:
df:f1:84:48:f1:65:e3:52:0a:4b:d1:91:e6:21:f2:
1a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:95:09:91:31:C8:8B:A6:40:C5:5B:BD:77:98:69:FC:4B:1D:A4:BB
X509v3 Authority Key Identifier:
keyid:03:A0:2E:2F:5D:AB:F0:FF:39:38:62:8B:C4:FF:5F:B6:16:53:F0:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/A6AuL12r8P85OGKLxP9fthZT8EU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A6AuL12r8P85OGKLxP9fthZT8EU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/4335BE9C0D0611EFA3ECB057C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
121.127.32.0/24
202.157.180.0/23
IPv6:
2401:cb60::-2401:cb60:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
47:e5:d0:8c:fd:1b:03:84:67:be:bf:c0:97:f1:6f:0a:a2:a5:
87:f5:d8:3e:e1:a9:78:8d:14:1a:d8:c8:42:1b:9b:5b:89:5d:
60:16:b5:45:80:f7:7c:67:6e:19:5b:f4:55:6f:5d:83:ce:5a:
4d:7c:d3:4d:30:16:aa:f0:18:31:da:d7:9a:5b:19:d1:bd:01:
2d:20:29:b5:04:e3:c7:90:01:63:3d:68:08:80:05:e8:1f:3a:
2f:49:8e:b6:50:e9:f7:32:e0:5c:9f:cf:50:b2:9f:3e:25:06:
71:a6:62:41:c0:27:bf:6f:0e:77:91:eb:5b:96:62:bd:d2:48:
aa:f8:69:ba:d6:1c:35:9b:0c:68:26:7d:1b:18:e1:9a:2c:9b:
25:d1:80:60:31:d1:64:48:98:5f:60:43:0b:73:54:24:c9:7a:
39:ca:79:80:2d:18:41:b8:47:7f:7b:f2:18:00:35:00:9e:e2:
df:fe:9f:11:84:d8:16:3e:be:8e:f8:b3:83:53:0a:6b:7c:e6:
2e:51:ed:e0:b4:e2:16:5b:aa:6c:ae:5c:39:b2:7e:30:3b:36:
24:d1:52:22:28:e9:1d:c5:b5:d3:5d:db:a6:ed:a8:27:10:d5:
06:14:3a:d5:dc:f0:a8:a0:b6:d5:d7:9c:4f:42:0c:87:21:93:
de:fc:81:f1
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIBcDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
MTA5OTExMC8GA1UEBRMoMDNBMDJFMkY1REFCRjBGRjM5Mzg2MjhCQzRGRjVGQjYx
NjUzRjA0NTAeFw0yNDEwMTAwNDQ5MTFaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MDc1Y2M3LWM4YTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCqnCTXFcGuHBLeVUxV3tydd7ezU4/Hl6Jqj4dBlOESSYe3oMbfKmjlNstw7/Np
tX/Wo1Id6JTUvTpS2TfhqVHTrsiFR7aaqCxpbKHOQI567T8LPQvwKCV/Jez9+MIg
6hJvijWglLZzqR6pb91YiLuglacjSUaA42P3ZkP/Ul+Vjy+6r5tW29WsvdiaMyaR
yK+VFY8xsjQ+ksjj80lts29qw5mU15uzdBVDK9Kg8csrTaaVC0ReM4N9hExDYTht
S1pTOHC2cVT5aT0OSo0RTLUQ8gfSN3SPZ87V2layfdpEpjum4KClFLdZ3JT6XqL2
/9/xhEjxZeNSCkvRkeYh8hrFAgMBAAGjggK1MIICsTAdBgNVHQ4EFgQUjJUJkTHI
i6ZAxVu9d5hp/EsdpLswHwYDVR0jBBgwFoAUA6AuL12r8P85OGKLxP9fthZT8EUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYxMDk5L0ZEMzY3QzcwMEQw
NDExRUY4NUU0NkY1NUM0RjlBRTAyL0E2QXVMMTJyOFA4NU9HS0x4UDlmdGhaVDhF
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQTZBdUwxMnI4UDg1T0dLTHhQOWZ0aFpUOEVVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
MTA5OS9GRDM2N0M3MDBEMDQxMUVGODVFNDZGNTVDNEY5QUUwMi80MzM1QkU5QzBE
MDYxMUVGQTNFQ0IwNTdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA/BggrBgEFBQcBBwEB/wQw
MC4wEgQCAAEwDAMEAHl/IAMEAcqdtDAYBAIAAjASMBADBQUkActgAwcBJAHLYAAE
MA0GCSqGSIb3DQEBCwUAA4IBAQBH5dCM/RsDhGe+v8CX8W8KoqWH9dg+4al4jRQa
2MhCG5tbiV1gFrVFgPd8Z24ZW/RVb12DzlpNfNNNMBaq8Bgx2teaWxnRvQEtICm1
BOPHkAFjPWgIgAXoHzovSY62UOn3MuBcn89Qsp8+JQZxpmJBwCe/bw53ketblmK9
0kiq+Gm61hw1mwxoJn0bGOGaLJsl0YBgMdFkSJhfYEMLc1QkyXo5ynmALRhBuEd/
e/IYADUAnuLf/p8RhNgWPr6O+LODUwprfOYuUe3gtOIWW6psrlw5sn4wOzYk0VIi
KOkdxbXTXdum7agnENUGFDrV3PCooLbV15xPQgyHIZPe/IHx
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:12:21 2025 by rpki-client