Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917F051/5AAD9D7ED8DD11ECA5DD0C50C4F9AE02/00F0B7EEA87411EF88F5C638C4F9AE02.roa
File: 00F0B7EEA87411EF88F5C638C4F9AE02.roa (raw, json)
Hash identifier: sGJBxLCH9iu9CcWMb6plXCanRkikajpBvxJ9Q78R1qo=
Subject key identifier: 4D:BA:0E:1C:EA:77:5B:16:B0:D2:E1:2C:13:B9:5F:E4:15:F1:81:95
Certificate issuer: /CN=A917F051/serialNumber=84DA8927CDEF503396F52720194EB931209D3F3A
Certificate serial: 02A9
Authority key identifier: 84:DA:89:27:CD:EF:50:33:96:F5:27:20:19:4E:B9:31:20:9D:3F:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hNqJJ83vUDOW9ScgGU65MSCdPzo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917F051/5AAD9D7ED8DD11ECA5DD0C50C4F9AE02/00F0B7EEA87411EF88F5C638C4F9AE02.roa
Signing time: Fri 22 Nov 2024 01:49:26 +0000
ROA not before: Fri 22 Nov 2024 01:49:26 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 58468
IP address blocks: 202.5.130.0/24 maxlen: 24
202.5.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 681 (0x2a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917F051/serialNumber=84DA8927CDEF503396F52720194EB931209D3F3A
Validity
Not Before: Nov 22 01:49:26 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=673fe325-6617
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:92:e3:68:42:e8:8e:62:cc:47:1f:95:65:9c:
0d:1c:24:28:80:9d:04:ab:06:de:f0:04:d7:a7:3d:
c8:29:a3:35:ea:20:9d:c1:3c:de:a2:ed:a9:39:91:
7c:99:9b:4f:7b:d8:19:9f:5e:99:f2:cf:4c:c0:4f:
a1:60:9b:01:56:32:18:97:10:7b:08:15:12:98:37:
43:b0:ef:bd:1e:b8:3b:27:c6:33:ef:06:43:f8:61:
50:60:61:79:d1:36:6e:f9:56:11:f7:fc:ed:5d:15:
4b:98:17:76:63:e2:e0:15:b3:de:25:4c:d7:33:10:
ee:90:15:f3:87:da:79:24:f2:11:0e:60:24:6e:1e:
9a:6c:d8:82:76:55:40:33:e0:e0:88:88:bf:c3:ae:
e3:03:e1:11:23:ab:b2:5c:e1:8f:7d:39:bb:ec:81:
a6:ab:31:7a:32:2c:90:7b:48:85:8f:00:c7:01:a8:
11:40:a5:72:5c:67:14:7c:50:37:95:d2:0a:cd:e3:
29:0b:1a:4b:cd:00:b7:28:f7:32:b7:3a:c0:b3:3d:
8f:07:50:4d:bd:b3:2c:f6:cf:b4:2f:7d:2d:78:34:
86:6c:83:b0:03:3b:50:a6:92:ba:e8:78:51:fc:65:
64:37:de:ea:18:77:36:fd:4b:e1:47:aa:0c:6b:74:
4a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:BA:0E:1C:EA:77:5B:16:B0:D2:E1:2C:13:B9:5F:E4:15:F1:81:95
X509v3 Authority Key Identifier:
keyid:84:DA:89:27:CD:EF:50:33:96:F5:27:20:19:4E:B9:31:20:9D:3F:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917F051/5AAD9D7ED8DD11ECA5DD0C50C4F9AE02/hNqJJ83vUDOW9ScgGU65MSCdPzo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hNqJJ83vUDOW9ScgGU65MSCdPzo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F051/5AAD9D7ED8DD11ECA5DD0C50C4F9AE02/00F0B7EEA87411EF88F5C638C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.5.130.0/23
Signature Algorithm: sha256WithRSAEncryption
54:29:8a:98:08:71:83:a7:35:20:b3:9f:20:ed:fa:5b:9f:69:
f0:cb:0e:aa:cf:cb:5a:6d:53:f5:4d:d7:fa:bc:cf:32:d1:a6:
35:46:49:8c:80:41:ae:97:7c:a3:e8:14:e4:2a:5a:e1:2b:5b:
53:ab:a3:26:b9:d6:37:cc:01:cb:a0:33:5e:92:e4:7f:23:89:
da:77:4d:2c:02:80:a3:49:30:f6:f6:cc:5b:66:e8:41:73:aa:
c5:05:f6:fd:d7:6f:7e:b8:6d:57:d0:09:a5:4a:ac:13:df:a2:
ff:ce:84:42:8f:19:30:46:c8:ee:77:fc:09:c4:72:77:63:d9:
26:64:5d:06:82:1c:e8:42:91:d1:ce:a7:ea:8a:49:d1:84:93:
8e:84:43:27:c2:a3:93:fd:3b:16:8a:25:5d:b9:86:2c:d7:b3:
9e:47:f2:df:50:a2:3b:b4:17:c3:7b:a8:57:9b:ba:db:5e:ca:
51:77:17:c3:7e:78:6f:e0:04:fb:10:b8:f8:5b:f8:af:6c:f1:
f5:36:a5:bc:8b:e8:76:62:30:20:ca:7a:70:89:5c:23:42:37:
ff:6b:09:7d:b9:fe:6e:d0:6e:61:c4:94:2d:8d:30:c0:27:0e:
56:43:55:8e:4e:71:47:34:bf:39:a4:dd:9b:f8:61:b6:49:24:
79:02:34:2e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAqkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0YwNTExMTAvBgNVBAUTKDg0REE4OTI3Q0RFRjUwMzM5NkY1MjcyMDE5NEVCOTMx
MjA5RDNGM0EwHhcNMjQxMTIyMDE0OTI2WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NzNmZTMyNS02NjE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1ZLjaELojmLMRx+VZZwNHCQogJ0Eqwbe8ATXpz3IKaM16iCdwTzeou2pOZF8
mZtPe9gZn16Z8s9MwE+hYJsBVjIYlxB7CBUSmDdDsO+9Hrg7J8Yz7wZD+GFQYGF5
0TZu+VYR9/ztXRVLmBd2Y+LgFbPeJUzXMxDukBXzh9p5JPIRDmAkbh6abNiCdlVA
M+DgiIi/w67jA+ERI6uyXOGPfTm77IGmqzF6MiyQe0iFjwDHAagRQKVyXGcUfFA3
ldIKzeMpCxpLzQC3KPcytzrAsz2PB1BNvbMs9s+0L30teDSGbIOwAztQppK66HhR
/GVkN97qGHc2/UvhR6oMa3RKuQIDAQABo4IClTCCApEwHQYDVR0OBBYEFE26Dhzq
d1sWsNLhLBO5X+QV8YGVMB8GA1UdIwQYMBaAFITaiSfN71AzlvUnIBlOuTEgnT86
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RjA1MS81QUFEOUQ3RUQ4
REQxMUVDQTVERDBDNTBDNEY5QUUwMi9oTnFKSjgzdlVET1c5U2NnR1U2NU1TQ2RQ
em8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hOcUpKODN2VURPVzlTY2dHVTY1TVNDZFB6by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0YwNTEvNUFBRDlEN0VEOEREMTFFQ0E1REQwQzUwQzRGOUFFMDIvMDBGMEI3RUVB
ODc0MTFFRjg4RjVDNjM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAHKBYIwDQYJKoZIhvcNAQELBQADggEBAFQpipgIcYOnNSCz
nyDt+lufafDLDqrPy1ptU/VN1/q8zzLRpjVGSYyAQa6XfKPoFOQqWuErW1Oroya5
1jfMAcugM16S5H8jidp3TSwCgKNJMPb2zFtm6EFzqsUF9v3Xb364bVfQCaVKrBPf
ov/OhEKPGTBGyO53/AnEcndj2SZkXQaCHOhCkdHOp+qKSdGEk46EQyfCo5P9OxaK
JV25hizXs55H8t9Qoju0F8N7qFebutteylF3F8N+eG/gBPsQuPhb+K9s8fU2pbyL
6HZiMCDKenCJXCNCN/9rCX25/m7QbmHElC2NMMAnDlZDVY5OcUc0vzmk3Zv4YbZJ
JHkCNC4=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:04:10 2025 by rpki-client