Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917AC3B/957B2440CECB11EEB0305587C4F9AE02/2C24CB26CECC11EEAFCD520AC4F9AE02.roa
File: 2C24CB26CECC11EEAFCD520AC4F9AE02.roa (raw, json)
Hash identifier: irE7drsVeTTk7a2RFFZcS/J6SNQBkLx5nAZFgDb1h5M=
Subject key identifier: 4B:D1:FE:60:1B:99:38:47:07:C2:A4:A4:C6:CA:77:D6:68:24:50:EC
Certificate issuer: /CN=A917AC3B/serialNumber=008F2CC864241DE8635E93A57440F9C2EB258BB3
Certificate serial: AE
Authority key identifier: 00:8F:2C:C8:64:24:1D:E8:63:5E:93:A5:74:40:F9:C2:EB:25:8B:B3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AI8syGQkHehjXpOldED5wusli7M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917AC3B/957B2440CECB11EEB0305587C4F9AE02/2C24CB26CECC11EEAFCD520AC4F9AE02.roa
Signing time: Tue 21 Jan 2025 04:37:57 +0000
ROA not before: Tue 21 Jan 2025 04:37:57 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 4049
IP address blocks: 202.49.112.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 174 (0xae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917AC3B/serialNumber=008F2CC864241DE8635E93A57440F9C2EB258BB3
Validity
Not Before: Jan 21 04:37:57 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=678f24a5-8568
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:28:41:a2:e7:e7:2e:52:e3:2c:68:af:fa:fd:
ac:1b:cf:df:c9:fe:12:cd:f5:35:03:f3:61:0b:9c:
6a:8f:1f:4a:77:c8:bc:33:e1:3c:02:75:f6:cb:9d:
da:02:c6:ce:53:77:e1:95:42:3e:0e:a3:78:1b:b3:
5f:36:9f:a0:b1:ac:7b:ce:4a:a4:9d:a5:19:37:c0:
d6:6c:45:95:58:14:44:80:67:14:9f:00:d2:01:e6:
78:a2:8f:af:f0:0d:40:af:3f:19:f4:e5:49:90:e6:
a9:47:d3:13:99:a8:0f:c6:e8:82:d6:a3:f6:d4:f0:
8f:e4:82:4e:92:4b:61:54:22:a5:b7:ec:c6:af:ff:
26:3a:f2:b3:28:b3:34:16:8e:c9:71:70:f4:9c:ab:
07:67:05:4e:ab:3d:9b:ac:e5:53:5c:dc:c3:81:bc:
e1:05:36:f7:51:3d:21:dc:38:97:de:42:c8:d3:6c:
d7:26:83:34:5c:16:ac:b1:4b:5f:fc:97:e3:d7:7b:
7b:8f:cf:8f:01:01:93:55:a2:86:98:58:d6:c7:7f:
1a:4f:db:9d:4f:4b:b1:0c:dd:86:2e:9c:47:fa:98:
50:49:b2:ad:f3:77:25:91:0f:c5:ca:89:4e:f9:74:
d8:51:c6:d1:27:ba:b3:e1:94:03:e8:12:ed:38:19:
6a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:D1:FE:60:1B:99:38:47:07:C2:A4:A4:C6:CA:77:D6:68:24:50:EC
X509v3 Authority Key Identifier:
keyid:00:8F:2C:C8:64:24:1D:E8:63:5E:93:A5:74:40:F9:C2:EB:25:8B:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917AC3B/957B2440CECB11EEB0305587C4F9AE02/AI8syGQkHehjXpOldED5wusli7M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AI8syGQkHehjXpOldED5wusli7M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AC3B/957B2440CECB11EEB0305587C4F9AE02/2C24CB26CECC11EEAFCD520AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.49.112.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:d0:7e:cb:58:f4:55:60:e0:5e:9f:6d:4a:53:18:41:f4:63:
dc:4b:34:59:19:94:2f:b1:27:80:8c:2c:7d:ee:2c:e0:39:e7:
ca:ac:0c:44:4d:b8:cb:ee:bf:5d:17:32:13:53:c6:85:f9:a9:
33:20:b1:f5:48:a8:75:37:b7:5a:13:d1:f2:ad:0f:85:5e:8b:
27:bb:c4:c7:df:f4:ed:16:ba:59:ed:d9:82:60:6f:d9:c1:1a:
94:b0:21:00:d2:ae:16:9a:43:e9:a7:af:0f:f6:f2:e8:7a:35:
44:59:93:18:08:2c:41:2d:7f:e9:47:e1:bf:42:b8:f2:7e:ac:
40:17:8b:a6:7e:c0:56:d0:09:f4:c0:62:d2:47:ed:24:63:b0:
df:fb:b5:c5:47:b5:1b:89:4e:ef:27:5c:40:9a:55:e7:1c:d1:
5e:3b:95:33:bf:90:e1:56:1b:1d:80:6a:0f:1d:d4:6a:ed:43:
2e:40:dc:9d:c4:a2:bc:51:bb:11:ce:0b:66:2b:e4:49:64:45:
3a:04:df:68:0a:18:5d:96:6e:ff:3a:19:8e:a1:5f:ea:19:b8:
ba:cc:81:da:b8:4f:4f:b2:f5:e7:67:a6:d0:24:8c:1c:da:07:
36:c7:19:b3:81:06:fa:30:27:18:79:b2:4b:2a:c6:ae:84:34:
36:46:c4:ee
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAK4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0FDM0IxMTAvBgNVBAUTKDAwOEYyQ0M4NjQyNDFERTg2MzVFOTNBNTc0NDBGOUMy
RUIyNThCQjMwHhcNMjUwMTIxMDQzNzU3WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhmMjRhNS04NTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqihBoufnLlLjLGiv+v2sG8/fyf4SzfU1A/NhC5xqjx9Kd8i8M+E8AnX2y53a
AsbOU3fhlUI+DqN4G7NfNp+gsax7zkqknaUZN8DWbEWVWBREgGcUnwDSAeZ4oo+v
8A1Arz8Z9OVJkOapR9MTmagPxuiC1qP21PCP5IJOkkthVCKlt+zGr/8mOvKzKLM0
Fo7JcXD0nKsHZwVOqz2brOVTXNzDgbzhBTb3UT0h3DiX3kLI02zXJoM0XBassUtf
/Jfj13t7j8+PAQGTVaKGmFjWx38aT9udT0uxDN2GLpxH+phQSbKt83clkQ/FyolO
+XTYUcbRJ7qz4ZQD6BLtOBlqjwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEvR/mAb
mThHB8KkpMbKd9ZoJFDsMB8GA1UdIwQYMBaAFACPLMhkJB3oY16TpXRA+cLrJYuz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUMzQi85NTdCMjQ0MENF
Q0IxMUVFQjAzMDU1ODdDNEY5QUUwMi9BSThzeUdRa0hlaGpYcE9sZEVENXd1c2xp
N00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FJOHN5R1FrSGVoalhwT2xkRUQ1d3VzbGk3TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0FDM0IvOTU3QjI0NDBDRUNCMTFFRUIwMzA1NTg3QzRGOUFFMDIvMkMyNENCMjZD
RUNDMTFFRUFGQ0Q1MjBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAHKMXAwDQYJKoZIhvcNAQELBQADggEBAJ3QfstY9FVg4F6f
bUpTGEH0Y9xLNFkZlC+xJ4CMLH3uLOA558qsDERNuMvuv10XMhNTxoX5qTMgsfVI
qHU3t1oT0fKtD4Veiye7xMff9O0Wulnt2YJgb9nBGpSwIQDSrhaaQ+mnrw/28uh6
NURZkxgILEEtf+lH4b9CuPJ+rEAXi6Z+wFbQCfTAYtJH7SRjsN/7tcVHtRuJTu8n
XECaVecc0V47lTO/kOFWGx2Aag8d1GrtQy5A3J3EorxRuxHOC2Yr5ElkRToE32gK
GF2Wbv86GY6hX+oZuLrMgdq4T0+y9ednptAkjBzaBzbHGbOBBvowJxh5sksqxq6E
NDZGxO4=
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:42:01 2025 by rpki-client