Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4849/087D3EE8E66D11EE8A31A960C4F9AE02/530BDDACE69A11EEA6CE3D1FC4F9AE02.roa
File: 530BDDACE69A11EEA6CE3D1FC4F9AE02.roa (raw, json)
Hash identifier: ZfM8fwEWg7Cl4U2TTJqmh5c5IOhoGVnknztqF/uNSss=
Subject key identifier: 24:D2:7F:00:CC:A5:6E:F2:A6:5E:2C:74:9F:3F:05:7A:A4:14:C4:63
Certificate issuer: /CN=A91A4849/serialNumber=B6CC02A7DB8A4DB530F112B6224F19080868FBD9
Certificate serial: 22
Authority key identifier: B6:CC:02:A7:DB:8A:4D:B5:30:F1:12:B6:22:4F:19:08:08:68:FB:D9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tswCp9uKTbUw8RK2Ik8ZCAho-9k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4849/087D3EE8E66D11EE8A31A960C4F9AE02/530BDDACE69A11EEA6CE3D1FC4F9AE02.roa
Signing time: Fri 12 Apr 2024 06:32:12 +0000
ROA not before: Fri 12 Apr 2024 06:32:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151151
IP address blocks: 202.71.184.0/23 maxlen: 23
202.71.184.0/24 maxlen: 24
202.71.185.0/24 maxlen: 24
2401:8ea0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34 (0x22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4849/serialNumber=B6CC02A7DB8A4DB530F112B6224F19080868FBD9
Validity
Not Before: Apr 12 06:32:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6618d56c-4146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0c:a5:db:d3:04:92:f6:91:33:cc:5a:f9:b1:
a8:35:ca:ec:44:e1:ba:5a:59:55:80:15:26:25:d9:
cf:fc:f8:7c:c3:46:28:88:30:3e:8c:4f:98:50:f4:
2a:d6:2f:dc:b7:c8:ea:27:47:fa:80:06:9f:8a:48:
15:f9:0e:ce:54:43:0d:51:e4:93:23:91:20:78:6d:
1d:57:45:6d:c3:ba:da:b2:09:a9:c5:81:82:5b:bb:
2e:46:82:68:ea:10:e5:50:33:23:d0:8c:c5:4c:d2:
0f:af:b7:d9:61:cb:c2:4d:34:43:be:ac:13:f9:88:
ee:b5:3d:55:47:0c:af:82:f8:41:25:b1:2d:d1:bb:
71:a6:b4:37:9d:a5:27:f4:0e:b4:6d:2d:e5:37:95:
1a:98:0e:d2:0b:80:39:12:68:6b:62:e0:32:56:88:
eb:e6:d7:5c:90:4d:70:61:3a:07:e5:fd:67:16:7b:
3f:0a:69:26:06:54:2c:21:4d:48:44:b3:63:66:35:
b1:59:6c:d9:58:8d:b2:aa:43:c9:a0:35:dd:d5:f0:
07:0c:8e:54:4e:37:27:66:ec:ba:f3:a1:7d:b9:a0:
02:3c:23:b3:51:0f:ce:c3:f1:50:94:05:5f:9d:10:
f2:01:96:e5:eb:b9:80:8e:f8:88:8d:e6:23:b6:a1:
74:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:D2:7F:00:CC:A5:6E:F2:A6:5E:2C:74:9F:3F:05:7A:A4:14:C4:63
X509v3 Authority Key Identifier:
keyid:B6:CC:02:A7:DB:8A:4D:B5:30:F1:12:B6:22:4F:19:08:08:68:FB:D9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4849/087D3EE8E66D11EE8A31A960C4F9AE02/tswCp9uKTbUw8RK2Ik8ZCAho-9k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tswCp9uKTbUw8RK2Ik8ZCAho-9k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4849/087D3EE8E66D11EE8A31A960C4F9AE02/530BDDACE69A11EEA6CE3D1FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.71.184.0/23
IPv6:
2401:8ea0::/32
Signature Algorithm: sha256WithRSAEncryption
49:c7:69:8b:52:07:16:00:ad:fa:ca:de:02:62:86:29:fa:27:
20:06:e2:24:dc:75:82:6c:17:92:de:e9:47:ae:41:d2:7f:2b:
30:3e:4b:23:5a:30:c6:56:ca:0b:dd:07:c7:9f:ae:98:e6:fd:
c5:80:eb:b2:a6:1f:77:cd:d0:10:00:2c:46:27:63:55:7d:ad:
dd:79:dc:b3:c9:c4:a0:00:01:ea:53:e9:66:d7:3c:f5:37:bd:
35:3b:17:8a:04:aa:d2:67:c4:ce:fa:2a:dc:d5:2d:92:b5:6d:
4f:c2:d0:43:05:22:7c:34:79:60:e9:95:63:b0:31:b9:8b:f1:
09:ef:27:9d:a3:f5:fb:2e:f8:f9:e1:df:b2:2b:68:36:f6:11:
b1:9c:b9:db:ad:98:f3:87:a6:e7:ce:84:6a:a9:13:9a:e2:8f:
b7:c3:e6:cf:3b:79:4c:31:f6:04:70:fd:d3:e1:cb:ed:78:b8:
ff:4b:c2:e6:4e:84:d8:f1:11:93:c5:4d:c1:8c:ff:4b:ad:0a:
bd:24:fb:18:f5:6f:01:5c:40:32:e0:6f:a8:92:63:e7:f9:ba:
d4:e5:6b:68:e3:f4:0d:60:a6:5d:bd:7a:de:52:7a:77:6f:da:
e6:ad:f1:ea:21:4a:19:af:48:3d:bb:95:35:78:08:95:b3:92:
6c:b1:ba:ac
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBIjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
NDg0OTExMC8GA1UEBRMoQjZDQzAyQTdEQjhBNERCNTMwRjExMkI2MjI0RjE5MDgw
ODY4RkJEOTAeFw0yNDA0MTIwNjMyMTJaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MThkNTZjLTQxNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6DKXb0wSS9pEzzFr5sag1yuxE4bpaWVWAFSYl2c/8+HzDRiiIMD6MT5hQ9CrW
L9y3yOonR/qABp+KSBX5Ds5UQw1R5JMjkSB4bR1XRW3DutqyCanFgYJbuy5Ggmjq
EOVQMyPQjMVM0g+vt9lhy8JNNEO+rBP5iO61PVVHDK+C+EElsS3Ru3GmtDedpSf0
DrRtLeU3lRqYDtILgDkSaGti4DJWiOvm11yQTXBhOgfl/WcWez8KaSYGVCwhTUhE
s2NmNbFZbNlYjbKqQ8mgNd3V8AcMjlRONydm7LrzoX25oAI8I7NRD87D8VCUBV+d
EPIBluXruYCO+IiN5iO2oXRnAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUJNJ/AMyl
bvKmXix0nz8FeqQUxGMwHwYDVR0jBBgwFoAUtswCp9uKTbUw8RK2Ik8ZCAho+9kw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE0ODQ5LzA4N0QzRUU4RTY2
RDExRUU4QTMxQTk2MEM0RjlBRTAyL3Rzd0NwOXVLVGJVdzhSSzJJazhaQ0Foby05
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdHN3Q3A5dUtUYlV3OFJLMklrOFpDQWhvLTlrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
NDg0OS8wODdEM0VFOEU2NkQxMUVFOEEzMUE5NjBDNEY5QUUwMi81MzBCRERBQ0U2
OUExMUVFQTZDRTNEMUZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAcpHuDANBAIAAjAHAwUAJAGOoDANBgkqhkiG9w0BAQsFAAOC
AQEAScdpi1IHFgCt+sreAmKGKfonIAbiJNx1gmwXkt7pR65B0n8rMD5LI1owxlbK
C90Hx5+umOb9xYDrsqYfd83QEAAsRidjVX2t3Xncs8nEoAAB6lPpZtc89Te9NTsX
igSq0mfEzvoq3NUtkrVtT8LQQwUifDR5YOmVY7AxuYvxCe8nnaP1+y74+eHfsito
NvYRsZy5262Y84em586EaqkTmuKPt8Pmzzt5TDH2BHD90+HL7Xi4/0vC5k6E2PER
k8VNwYz/S60KvST7GPVvAVxAMuBvqJJj5/m61OVraOP0DWCmXb163lJ6d2/a5q3x
6iFKGa9IPbuVNXgIlbOSbLG6rA==
-----END CERTIFICATE-----
Generated at Sun Apr 27 06:35:18 2025 by rpki-client