Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91658EF/D24337964AEC11E88417F34AC4F9AE02/CD0ACC3AD9CE11EFA393BC6AC4F9AE02.roa
File: CD0ACC3AD9CE11EFA393BC6AC4F9AE02.roa (raw, json)
Hash identifier: +0aLF83TGQFFH5lnNHLVGdwtITWpI0fA1IvHIrOGTdQ=
Subject key identifier: 6E:C3:17:65:7E:83:4D:00:BB:9A:BC:D1:8E:75:F5:A6:32:C5:A9:42
Certificate issuer: /CN=A91658EF/serialNumber=DDD53F5225ED2F8DA8D09E7AAD982C80B6CEADA8
Certificate serial: 0748
Authority key identifier: DD:D5:3F:52:25:ED:2F:8D:A8:D0:9E:7A:AD:98:2C:80:B6:CE:AD:A8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3dU_UiXtL42o0J56rZgsgLbOrag.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91658EF/D24337964AEC11E88417F34AC4F9AE02/CD0ACC3AD9CE11EFA393BC6AC4F9AE02.roa
Signing time: Thu 23 Jan 2025 21:12:50 +0000
ROA not before: Thu 23 Jan 2025 21:12:50 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 153038
IP address blocks: 203.89.126.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1864 (0x748)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91658EF/serialNumber=DDD53F5225ED2F8DA8D09E7AAD982C80B6CEADA8
Validity
Not Before: Jan 23 21:12:50 2025 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=6792b0d2-f39b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ac:85:d2:67:2b:04:3b:ba:0d:96:e0:62:ce:
a3:3d:9f:48:50:45:7f:8d:86:37:b7:4a:85:79:41:
99:67:18:1d:17:8b:bc:2b:2d:19:89:54:33:c8:b0:
6b:92:48:87:7a:ca:55:41:82:f6:48:4f:cc:2f:56:
fe:41:37:74:36:72:ed:93:9a:05:74:d4:d4:03:7e:
5b:de:52:fa:b6:0f:a6:36:82:49:1f:8b:21:44:6d:
19:18:ed:68:47:a3:fd:e8:ef:48:5d:47:9a:fc:13:
7b:da:f8:25:6d:6d:f2:ca:70:ec:f4:2b:a5:8d:18:
e1:63:9b:b4:84:45:1d:a0:83:04:c3:d5:1a:01:7c:
56:c9:84:64:21:a0:9e:72:0e:50:2e:55:67:7d:ad:
7e:29:66:6f:24:40:43:66:64:50:af:66:57:22:29:
ab:e5:d7:de:70:7c:1b:75:fe:ed:39:47:6a:e6:19:
a0:b9:fb:a8:ac:a0:40:ff:c1:5d:26:67:50:04:e3:
13:fa:dd:67:1b:0b:6d:5d:f3:58:b0:ef:c2:f0:b0:
29:0e:72:4d:5a:52:ad:40:24:3b:b2:2e:56:ce:ce:
6a:50:57:8b:b6:e9:a5:f8:cd:db:af:47:d9:31:0a:
e9:f2:27:9e:50:0a:c1:0c:44:c9:51:6c:52:a7:71:
5b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:C3:17:65:7E:83:4D:00:BB:9A:BC:D1:8E:75:F5:A6:32:C5:A9:42
X509v3 Authority Key Identifier:
keyid:DD:D5:3F:52:25:ED:2F:8D:A8:D0:9E:7A:AD:98:2C:80:B6:CE:AD:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91658EF/D24337964AEC11E88417F34AC4F9AE02/3dU_UiXtL42o0J56rZgsgLbOrag.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3dU_UiXtL42o0J56rZgsgLbOrag.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91658EF/D24337964AEC11E88417F34AC4F9AE02/CD0ACC3AD9CE11EFA393BC6AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.89.126.0/24
Signature Algorithm: sha256WithRSAEncryption
17:8c:1a:56:d0:68:d7:06:b9:93:5e:88:46:54:8f:9f:e3:ca:
3d:bf:c2:67:95:6b:74:76:26:0d:a7:74:10:b9:78:cb:ad:19:
38:ac:97:ad:f9:97:06:f7:11:7f:03:13:b1:b5:dc:2f:ca:18:
ac:c1:85:37:dd:1f:1e:3a:28:34:55:26:21:c8:24:4b:6f:32:
75:56:50:96:c8:16:c3:4e:3c:88:58:21:85:e0:04:b0:50:23:
d5:fa:8b:84:19:e1:22:a9:da:d8:a0:d0:28:3c:87:65:89:00:
44:3d:ab:89:60:d6:44:40:ca:4d:cd:e3:75:a9:ae:c1:22:11:
5c:83:b5:e8:93:fd:93:53:2d:82:55:4e:4d:61:12:17:45:5c:
02:c0:2e:35:11:21:78:8f:c9:81:20:9a:a4:6d:b8:d4:61:66:
41:34:83:0c:a5:6c:b0:b1:79:23:0d:c5:d8:b6:50:e3:e1:99:
99:e4:85:f1:0f:c4:db:35:4a:1c:e9:eb:4c:2b:d9:4e:f3:bb:
de:c9:82:e7:50:a4:07:54:66:30:72:36:99:c8:4f:a3:11:d0:
eb:8a:23:a7:59:06:61:7d:83:61:c9:75:9b:fe:20:6e:fe:4a:
85:79:fb:65:d4:81:3c:d7:bf:34:84:cf:81:0a:55:06:9c:af:
9c:6a:6d:87
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB0gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjU4RUYxMTAvBgNVBAUTKERERDUzRjUyMjVFRDJGOERBOEQwOUU3QUFEOTgyQzgw
QjZDRUFEQTgwHhcNMjUwMTIzMjExMjUwWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkyYjBkMi1mMzliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5KyF0mcrBDu6DZbgYs6jPZ9IUEV/jYY3t0qFeUGZZxgdF4u8Ky0ZiVQzyLBr
kkiHespVQYL2SE/ML1b+QTd0NnLtk5oFdNTUA35b3lL6tg+mNoJJH4shRG0ZGO1o
R6P96O9IXUea/BN72vglbW3yynDs9CuljRjhY5u0hEUdoIMEw9UaAXxWyYRkIaCe
cg5QLlVnfa1+KWZvJEBDZmRQr2ZXIimr5dfecHwbdf7tOUdq5hmgufuorKBA/8Fd
JmdQBOMT+t1nGwttXfNYsO/C8LApDnJNWlKtQCQ7si5Wzs5qUFeLtuml+M3br0fZ
MQrp8ieeUArBDETJUWxSp3Fb9QIDAQABo4IClTCCApEwHQYDVR0OBBYEFG7DF2V+
g00Au5q80Y519aYyxalCMB8GA1UdIwQYMBaAFN3VP1Il7S+NqNCeeq2YLIC2zq2o
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NThFRi9EMjQzMzc5NjRB
RUMxMUU4ODQxN0YzNEFDNEY5QUUwMi8zZFVfVWlYdEw0Mm8wSjU2clpnc2dMYk9y
YWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNkVV9VaVh0TDQybzBKNTZyWmdzZ0xiT3JhZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjU4RUYvRDI0MzM3OTY0QUVDMTFFODg0MTdGMzRBQzRGOUFFMDIvQ0QwQUNDM0FE
OUNFMTFFRkEzOTNCQzZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLWX4wDQYJKoZIhvcNAQELBQADggEBABeMGlbQaNcGuZNe
iEZUj5/jyj2/wmeVa3R2Jg2ndBC5eMutGTisl635lwb3EX8DE7G13C/KGKzBhTfd
Hx46KDRVJiHIJEtvMnVWUJbIFsNOPIhYIYXgBLBQI9X6i4QZ4SKp2tig0Cg8h2WJ
AEQ9q4lg1kRAyk3N43WprsEiEVyDteiT/ZNTLYJVTk1hEhdFXALALjURIXiPyYEg
mqRtuNRhZkE0gwylbLCxeSMNxdi2UOPhmZnkhfEPxNs1Shzp60wr2U7zu97JgudQ
pAdUZjByNpnIT6MR0OuKI6dZBmF9g2HJdZv+IG7+SoV5+2XUgTzXvzSEz4EKVQac
r5xqbYc=
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:21:04 2025 by rpki-client