Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/B34368F8BA9311EEB0A64B2AC4F9AE02.roa
File: B34368F8BA9311EEB0A64B2AC4F9AE02.roa (raw, json)
Hash identifier: hbcyS6DwPCtBqKVBG5WmrWNdNFB962BI6jMzmVkyHyk=
Subject key identifier: 32:A2:75:CB:A8:3D:E5:F7:76:1D:EF:6B:91:9D:99:38:B0:87:AF:12
Certificate issuer: /CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Certificate serial: 35D8
Authority key identifier: 9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/B34368F8BA9311EEB0A64B2AC4F9AE02.roa
Signing time: Thu 04 Apr 2024 15:20:54 +0000
ROA not before: Thu 04 Apr 2024 15:20:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 58.181.127.0/24 maxlen: 24
2001:df2:b940::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13784 (0x35d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Validity
Not Before: Apr 4 15:20:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=660ec556-ec5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:9b:b9:c6:79:d6:e1:8a:b1:26:9a:87:f3:53:
e5:1d:9f:30:56:8c:ab:d8:94:fe:9d:9d:d7:c7:2b:
c0:48:e7:38:37:ea:c2:74:64:54:d2:b5:a4:70:08:
88:fd:66:a8:58:a6:68:e3:a0:ff:87:85:ae:9c:36:
49:44:b2:1c:e3:01:f8:70:5e:78:e5:6d:5e:6a:5b:
a1:d7:9a:d8:cf:51:bf:1c:00:3c:68:ac:dd:15:f4:
4b:6d:99:84:59:d1:8e:91:e2:b9:07:5e:21:bb:f8:
8b:3b:5e:fb:51:91:00:c9:c3:d3:d9:6a:8a:c5:dd:
65:37:49:59:30:6e:ad:39:54:d4:b5:cc:a1:86:3b:
b5:3b:b1:0a:bb:1d:47:d0:5c:2f:40:5d:7a:39:54:
32:29:9d:02:f2:4e:31:45:50:b9:b2:24:94:17:8c:
90:84:a6:81:b0:6c:fe:6c:2a:42:6f:ba:10:98:af:
f2:45:b9:52:e7:57:9b:c6:b3:5c:cf:c2:b3:e8:03:
f8:23:8f:f4:d5:ad:7f:c1:72:d2:18:d3:b0:18:b9:
87:40:5d:06:28:08:87:b1:05:f5:32:bb:fe:8f:3c:
f2:1e:95:d4:de:17:64:81:ee:a9:97:18:cc:61:b0:
1b:cf:cd:85:21:07:b4:46:c4:2d:47:0a:06:ce:61:
b7:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:A2:75:CB:A8:3D:E5:F7:76:1D:EF:6B:91:9D:99:38:B0:87:AF:12
X509v3 Authority Key Identifier:
keyid:9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/B34368F8BA9311EEB0A64B2AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.181.127.0/24
IPv6:
2001:df2:b940::/48
Signature Algorithm: sha256WithRSAEncryption
4d:4c:27:1a:fd:23:7b:2e:ce:78:2e:91:ac:3f:fd:3a:ca:68:
c6:77:24:5b:eb:10:78:83:59:15:14:de:28:a2:8c:13:4b:21:
25:6f:b6:3c:95:aa:22:a3:14:b7:85:09:de:5e:ab:89:ab:00:
29:18:71:6e:e6:b7:a3:ea:cd:38:b5:f9:25:ce:18:ba:87:c0:
4b:e6:de:75:26:d8:ff:dc:c9:f7:e8:29:cb:cc:0d:9a:90:39:
a1:5b:5a:ee:a2:f1:ea:24:33:bc:47:a7:73:45:e6:f7:5b:56:
ef:53:f6:62:06:f4:65:5a:f0:29:e2:ad:dc:99:53:02:fc:fd:
a3:91:3b:87:04:2a:38:b5:e1:fb:62:f8:ca:fa:05:17:53:42:
84:e8:aa:d7:96:f8:81:9d:7c:7d:4c:30:d7:07:79:db:b4:2b:
b0:62:a5:ef:98:b1:ad:c9:f2:7f:11:8b:d3:e4:ca:ce:06:5c:
25:b1:92:48:76:99:e8:11:70:56:b1:59:d0:ad:07:6d:1a:8c:
e6:79:34:47:e4:63:32:c0:8a:b8:8e:ad:b3:16:a0:48:81:67:
be:20:a8:26:f5:9d:11:46:65:e9:17:c9:de:5f:93:68:1c:61:
85:cd:92:7f:63:b5:9c:0b:43:09:f8:45:3a:c8:57:32:50:40:
d5:fa:cc:cf
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICNdgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTA4MzIxMTAvBgNVBAUTKDlFRDkwNTUxMDdDNzBGODVCQjkxQThEQTAyNzBCNUNB
NzYwQUVCNTQwHhcNMjQwNDA0MTUyMDU0WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBlYzU1Ni1lYzVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA55u5xnnW4YqxJpqH81PlHZ8wVoyr2JT+nZ3XxyvASOc4N+rCdGRU0rWkcAiI
/WaoWKZo46D/h4WunDZJRLIc4wH4cF545W1ealuh15rYz1G/HAA8aKzdFfRLbZmE
WdGOkeK5B14hu/iLO177UZEAycPT2WqKxd1lN0lZMG6tOVTUtcyhhju1O7EKux1H
0FwvQF16OVQyKZ0C8k4xRVC5siSUF4yQhKaBsGz+bCpCb7oQmK/yRblS51ebxrNc
z8Kz6AP4I4/01a1/wXLSGNOwGLmHQF0GKAiHsQX1Mrv+jzzyHpXU3hdkge6plxjM
YbAbz82FIQe0RsQtRwoGzmG3kQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDKidcuo
PeX3dh3va5GdmTiwh68SMB8GA1UdIwQYMBaAFJ7ZBVEHxw+Fu5Go2gJwtcp2CutU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDgzMi85REFGNzgwRTFE
OTQxMUUyOTkwMUYzRjgwOEIwMkNEMi9udGtGVVFmSEQ0VzdrYWphQW5DMXluWUs2
MVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL250a0ZVUWZIRDRXN2thamFBbkMxeW5ZSzYxUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTA4MzIvOURBRjc4MEUxRDk0MTFFMjk5MDFGM0Y4MDhCMDJDRDIvQjM0MzY4RjhC
QTkzMTFFRUIwQTY0QjJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAA6tX8wDwQCAAIwCQMHACABDfK5QDANBgkqhkiG9w0BAQsF
AAOCAQEATUwnGv0jey7OeC6RrD/9OspoxnckW+sQeINZFRTeKKKME0shJW+2PJWq
IqMUt4UJ3l6riasAKRhxbua3o+rNOLX5Jc4YuofAS+bedSbY/9zJ9+gpy8wNmpA5
oVta7qLx6iQzvEenc0Xm91tW71P2Ygb0ZVrwKeKt3JlTAvz9o5E7hwQqOLXh+2L4
yvoFF1NChOiq15b4gZ18fUww1wd527QrsGKl75ixrcnyfxGL0+TKzgZcJbGSSHaZ
6BFwVrFZ0K0HbRqM5nk0R+RjMsCKuI6tsxagSIFnviCoJvWdEUZl6RfJ3l+TaBxh
hc2Sf2O1nAtDCfhFOshXMlBA1frMzw==
-----END CERTIFICATE-----
Generated at Thu Apr 24 19:09:32 2025 by rpki-client