Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919D6BB/3AB0F76AFB6211E9A82B394AC4F9AE02/B647F704090C11EFB666C967C4F9AE02.roa
File: B647F704090C11EFB666C967C4F9AE02.roa (raw, json)
Hash identifier: C/GK3qZr1DIfgcq87pT0/h+xz6IT2+9Jo03Tvm4UR1g=
Subject key identifier: BB:09:04:B0:00:AA:22:A3:B4:BE:41:DB:F0:90:3A:2C:E4:1E:59:89
Certificate issuer: /CN=A919D6BB/serialNumber=3753728E54F09A48513DFFD2FA71804411FCDB20
Certificate serial: 0C40
Authority key identifier: 37:53:72:8E:54:F0:9A:48:51:3D:FF:D2:FA:71:80:44:11:FC:DB:20
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/N1NyjlTwmkhRPf_S-nGARBH82yA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919D6BB/3AB0F76AFB6211E9A82B394AC4F9AE02/B647F704090C11EFB666C967C4F9AE02.roa
Signing time: Sat 28 Dec 2024 18:06:39 +0000
ROA not before: Sat 28 Dec 2024 18:06:39 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 134525
IP address blocks: 202.1.171.0/24 maxlen: 24
202.1.179.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3136 (0xc40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919D6BB/serialNumber=3753728E54F09A48513DFFD2FA71804411FCDB20
Validity
Not Before: Dec 28 18:06:39 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67703e2f-1a58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:92:02:20:2d:d8:0f:21:5e:52:6d:6c:5c:06:
7d:a9:29:11:55:6b:ad:77:3e:ee:84:1d:0d:6a:ec:
1c:72:65:65:9f:ae:8c:82:cd:41:8e:50:aa:56:9e:
ba:3f:e6:56:4d:b5:f9:4e:30:eb:46:13:d5:81:f5:
e4:b4:70:67:b2:b7:b2:ed:39:87:cb:93:6b:ae:4d:
b2:5d:45:f9:b8:68:13:0f:10:d9:b3:f6:5f:0f:cb:
b2:01:a4:e9:a1:6f:3e:96:4a:80:8a:11:00:0b:70:
30:b5:66:12:0d:ed:5b:b3:73:9a:a3:4c:50:04:3e:
0b:84:c0:07:bc:6b:91:46:0a:45:04:cd:5b:6b:af:
0f:13:4b:30:e4:ab:f6:9a:74:43:25:13:7a:57:1a:
65:c7:c9:7f:f6:cb:ea:fa:09:c3:ec:a4:2f:5e:97:
3e:9b:6e:98:0e:3f:5f:e0:69:00:ef:7b:a3:33:02:
90:fd:52:3d:4b:30:88:81:99:00:c3:cd:20:c1:d4:
d7:ba:e0:d4:7a:e0:9a:a3:b8:f7:74:d7:4e:af:1b:
1a:ee:11:2b:79:15:0e:c6:ca:3e:f2:7e:fc:08:4b:
d5:ee:61:c4:42:e8:70:a4:b3:b1:7a:35:bc:bf:c1:
01:03:89:a7:1b:99:b2:9d:31:de:e3:1d:77:b3:0a:
40:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:09:04:B0:00:AA:22:A3:B4:BE:41:DB:F0:90:3A:2C:E4:1E:59:89
X509v3 Authority Key Identifier:
keyid:37:53:72:8E:54:F0:9A:48:51:3D:FF:D2:FA:71:80:44:11:FC:DB:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919D6BB/3AB0F76AFB6211E9A82B394AC4F9AE02/N1NyjlTwmkhRPf_S-nGARBH82yA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/N1NyjlTwmkhRPf_S-nGARBH82yA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919D6BB/3AB0F76AFB6211E9A82B394AC4F9AE02/B647F704090C11EFB666C967C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.1.171.0/24
202.1.179.0/24
Signature Algorithm: sha256WithRSAEncryption
30:86:ca:76:c9:e9:8a:b3:c6:4b:d0:46:5c:27:bd:d2:13:3c:
cb:86:69:f6:36:b8:d7:c1:f7:87:b8:51:75:74:43:0c:49:0e:
4b:9c:af:0a:81:20:61:54:82:b3:1b:59:64:3c:81:76:ef:61:
f2:bb:24:7b:fb:68:50:5f:e4:19:94:2c:f0:d1:7c:b6:f4:48:
a7:d9:d9:f3:42:57:47:bd:98:9a:66:22:db:a5:ec:09:12:a0:
9a:d6:ad:a6:f5:73:44:29:12:cb:9b:9b:4d:48:81:ab:43:35:
5c:1b:cc:49:38:cd:4d:be:44:40:1a:1d:ef:3f:b6:0d:f9:2d:
cb:58:b8:54:eb:28:cb:52:99:12:71:55:6c:ee:e7:d3:35:bd:
ec:e6:dd:e5:86:c4:23:81:0e:37:b6:29:b4:64:d8:a8:88:3a:
fe:b5:e8:58:55:9a:29:2d:4d:c4:3a:63:27:77:a4:a7:1d:80:
80:ae:15:70:2c:7d:fb:f2:9c:6b:45:3b:ec:54:73:06:f8:1e:
12:54:34:44:35:28:a3:70:c8:03:20:8b:9b:01:67:b2:0a:0a:
be:78:d3:1e:94:61:02:62:42:ce:f7:a8:d4:74:08:ac:86:36:
6c:6b:5c:ee:56:0a:49:87:a7:3c:94:f5:1c:50:8e:d1:04:1e:
71:4c:52:3b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDEAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUQ2QkIxMTAvBgNVBAUTKDM3NTM3MjhFNTRGMDlBNDg1MTNERkZEMkZBNzE4MDQ0
MTFGQ0RCMjAwHhcNMjQxMjI4MTgwNjM5WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzcwM2UyZi0xYTU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1ZICIC3YDyFeUm1sXAZ9qSkRVWutdz7uhB0NauwccmVln66Mgs1BjlCqVp66
P+ZWTbX5TjDrRhPVgfXktHBnsrey7TmHy5Nrrk2yXUX5uGgTDxDZs/ZfD8uyAaTp
oW8+lkqAihEAC3AwtWYSDe1bs3Oao0xQBD4LhMAHvGuRRgpFBM1ba68PE0sw5Kv2
mnRDJRN6Vxplx8l/9svq+gnD7KQvXpc+m26YDj9f4GkA73ujMwKQ/VI9SzCIgZkA
w80gwdTXuuDUeuCao7j3dNdOrxsa7hEreRUOxso+8n78CEvV7mHEQuhwpLOxejW8
v8EBA4mnG5mynTHe4x13swpAPQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFLsJBLAA
qiKjtL5B2/CQOizkHlmJMB8GA1UdIwQYMBaAFDdTco5U8JpIUT3/0vpxgEQR/Nsg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RDZCQi8zQUIwRjc2QUZC
NjIxMUU5QTgyQjM5NEFDNEY5QUUwMi9OMU55amxUd21raFJQZl9TLW5HQVJCSDgy
eUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL04xTnlqbFR3bWtoUlBmX1MtbkdBUkJIODJ5QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUQ2QkIvM0FCMEY3NkFGQjYyMTFFOUE4MkIzOTRBQzRGOUFFMDIvQjY0N0Y3MDQw
OTBDMTFFRkI2NjZDOTY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBADKAasDBADKAbMwDQYJKoZIhvcNAQELBQADggEBADCGynbJ
6YqzxkvQRlwnvdITPMuGafY2uNfB94e4UXV0QwxJDkucrwqBIGFUgrMbWWQ8gXbv
YfK7JHv7aFBf5BmULPDRfLb0SKfZ2fNCV0e9mJpmItul7AkSoJrWrab1c0QpEsub
m01IgatDNVwbzEk4zU2+REAaHe8/tg35LctYuFTrKMtSmRJxVWzu59M1vezm3eWG
xCOBDje2KbRk2KiIOv616FhVmiktTcQ6Yyd3pKcdgICuFXAsffvynGtFO+xUcwb4
HhJUNEQ1KKNwyAMgi5sBZ7IKCr540x6UYQJiQs73qNR0CKyGNmxrXO5WCkmHpzyU
9RxQjtEEHnFMUjs=
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:53:15 2025 by rpki-client