Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/5354E6D2DEC411EF8FDA1417C4F9AE02.roa
File: 5354E6D2DEC411EF8FDA1417C4F9AE02.roa (raw, json)
Hash identifier: UvWKns144QkbKtBlCs3U7c+HECBec3nEHRYK9S7sLx0=
Subject key identifier: AE:BB:1C:C8:58:19:FB:81:37:0E:0F:14:A3:AA:FC:C4:1D:43:3D:86
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 042D
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/5354E6D2DEC411EF8FDA1417C4F9AE02.roa
Signing time: Thu 30 Jan 2025 04:40:26 +0000
ROA not before: Thu 30 Jan 2025 04:40:26 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 20326
IP address blocks: 203.32.38.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1069 (0x42d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Validity
Not Before: Jan 30 04:40:26 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=679b02ba-13f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b4:c3:55:80:91:a9:04:cc:4f:c0:39:12:fc:
62:77:34:4f:ce:07:5e:0f:0b:5f:9a:73:ff:9d:26:
6c:7d:ce:df:9e:a8:2b:66:89:b3:46:b8:88:f9:e0:
73:ac:f3:58:ca:a7:73:30:3b:19:a2:0b:c4:57:59:
cc:c7:42:c5:a2:2d:2a:5a:cd:97:43:03:b1:27:1c:
cc:3f:4b:4b:0b:f3:59:2b:08:16:0e:8b:ef:f5:b4:
fa:85:3d:bf:1e:56:a1:d5:c9:e0:c6:fc:64:5c:78:
92:48:94:67:92:33:56:25:0c:c8:fb:54:99:dc:26:
5b:0a:e6:97:cb:b9:e4:3f:c5:4d:06:ce:e0:7a:52:
87:3b:e7:3d:95:3a:28:44:8a:0a:01:8d:f7:c9:76:
8a:23:b2:40:60:11:ab:c4:17:eb:04:07:3e:91:1c:
c1:72:97:36:cf:4f:d8:f0:3c:12:0b:53:8b:f7:a4:
dc:2a:96:53:da:42:77:d0:79:f0:14:12:49:4d:63:
70:9b:97:e8:a9:09:e1:cc:35:a3:26:8f:bc:0b:58:
a6:72:7b:ff:b9:57:60:db:9b:25:97:7b:b5:8c:de:
01:f2:6d:3e:ab:42:90:eb:2c:82:27:8c:c0:15:8d:
e7:20:a4:04:32:87:18:3a:44:20:36:d5:ec:4d:c7:
ad:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:BB:1C:C8:58:19:FB:81:37:0E:0F:14:A3:AA:FC:C4:1D:43:3D:86
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/5354E6D2DEC411EF8FDA1417C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.38.0/24
Signature Algorithm: sha256WithRSAEncryption
67:7f:32:e5:53:c0:3e:e8:2e:89:ff:5b:13:92:ec:ed:01:7b:
f1:24:25:ae:58:6c:49:ad:88:ca:4f:8b:49:07:6b:13:21:1f:
47:0f:0f:82:6b:17:0b:99:4b:23:6e:69:a5:e0:ec:5f:b9:37:
fa:cc:69:8e:9a:4b:95:d6:e8:0b:73:23:4d:54:ba:a5:1f:3a:
22:af:13:82:0e:1c:b5:c4:f9:13:6b:3b:28:07:3d:34:5b:ad:
33:57:94:31:3b:f9:18:18:f3:e4:c7:95:24:86:14:fa:6e:56:
28:d0:88:a2:9d:7b:ab:37:ed:39:ab:bd:26:ad:49:5b:27:f1:
a2:7e:c0:42:fb:71:cd:2c:e6:8e:bc:b8:ef:71:b4:5e:86:bc:
9b:12:72:83:ee:45:81:33:4d:0a:44:b7:40:c4:28:e1:f5:f1:
2f:bf:14:e1:53:cb:9a:e9:45:01:57:58:19:4f:27:2f:c5:f0:
d9:b4:09:6e:7b:1f:d0:44:d4:33:f9:5d:48:65:7c:e6:58:85:
9c:d7:d6:a4:14:58:22:20:60:d6:a9:21:d5:79:13:7b:fe:bb:
a8:75:55:57:a0:0d:1a:9e:e4:aa:57:90:d2:d7:fa:98:47:24:
34:bb:ef:cb:e6:3c:4f:e1:5e:7f:65:d9:d0:cd:bb:e1:14:f9:
8c:b3:43:d8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBC0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjUwMTMwMDQ0MDI2WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzliMDJiYS0xM2YyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0rTDVYCRqQTMT8A5EvxidzRPzgdeDwtfmnP/nSZsfc7fnqgrZomzRriI+eBz
rPNYyqdzMDsZogvEV1nMx0LFoi0qWs2XQwOxJxzMP0tLC/NZKwgWDovv9bT6hT2/
Hlah1cngxvxkXHiSSJRnkjNWJQzI+1SZ3CZbCuaXy7nkP8VNBs7gelKHO+c9lToo
RIoKAY33yXaKI7JAYBGrxBfrBAc+kRzBcpc2z0/Y8DwSC1OL96TcKpZT2kJ30Hnw
FBJJTWNwm5foqQnhzDWjJo+8C1imcnv/uVdg25sll3u1jN4B8m0+q0KQ6yyCJ4zA
FY3nIKQEMocYOkQgNtXsTcetWwIDAQABo4IClTCCApEwHQYDVR0OBBYEFK67HMhY
GfuBNw4PFKOq/MQdQz2GMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvNTM1NEU2RDJE
RUM0MTFFRjhGREExNDE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLICYwDQYJKoZIhvcNAQELBQADggEBAGd/MuVTwD7oLon/
WxOS7O0Be/EkJa5YbEmtiMpPi0kHaxMhH0cPD4JrFwuZSyNuaaXg7F+5N/rMaY6a
S5XW6AtzI01UuqUfOiKvE4IOHLXE+RNrOygHPTRbrTNXlDE7+RgY8+THlSSGFPpu
VijQiKKde6s37TmrvSatSVsn8aJ+wEL7cc0s5o68uO9xtF6GvJsScoPuRYEzTQpE
t0DEKOH18S+/FOFTy5rpRQFXWBlPJy/F8Nm0CW57H9BE1DP5XUhlfOZYhZzX1qQU
WCIgYNapIdV5E3v+u6h1VVegDRqe5KpXkNLX+phHJDS778vmPE/hXn9l2dDNu+EU
+YyzQ9g=
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:38:48 2025 by rpki-client