Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A5849/DBAD384EF79E11EEA45AAE2CC4F9AE02/D8346320F7A011EE8BE8843BC4F9AE02.roa
File: D8346320F7A011EE8BE8843BC4F9AE02.roa (raw, json)
Hash identifier: 8W+xFxZgciOpBXooHDbzzZTklV4cRzIRaTe2EGYo2G4=
Subject key identifier: F0:DE:2B:8E:94:B9:E2:82:FB:62:E4:89:FD:D8:7E:5C:C8:7A:CF:CB
Certificate issuer: /CN=A91A5849/serialNumber=536BF8DDCE802667378F47BD4954A90B7C7009C1
Certificate serial: 05
Authority key identifier: 53:6B:F8:DD:CE:80:26:67:37:8F:47:BD:49:54:A9:0B:7C:70:09:C1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U2v43c6AJmc3j0e9SVSpC3xwCcE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A5849/DBAD384EF79E11EEA45AAE2CC4F9AE02/D8346320F7A011EE8BE8843BC4F9AE02.roa
Signing time: Thu 11 Apr 2024 01:15:27 +0000
ROA not before: Thu 11 Apr 2024 01:15:27 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 202.37.173.0/24 maxlen: 24
2001:df3:aac0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A5849/serialNumber=536BF8DDCE802667378F47BD4954A90B7C7009C1
Validity
Not Before: Apr 11 01:15:27 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=661739af-6939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:6e:1a:47:af:12:d3:d7:14:2d:c0:ae:3c:06:
ba:60:8f:fc:53:c6:b0:13:47:6e:8e:db:73:41:04:
3b:ae:ce:84:66:56:ab:95:91:f4:ee:a1:6a:09:20:
90:90:6b:d4:4f:4b:e1:ea:d1:d9:69:63:47:52:13:
ad:f4:fb:8e:6f:fa:ea:66:66:8c:6d:b4:62:59:f5:
c0:5a:71:43:d8:02:8d:ad:83:e9:1e:a4:29:79:df:
dd:50:a2:4d:68:4d:49:9a:0b:e6:e4:8e:36:43:10:
7e:71:13:21:5a:99:ea:f3:3b:c9:28:78:8b:14:9d:
1a:9b:31:5f:ec:82:d0:85:cd:90:90:59:37:48:b2:
c1:2a:61:54:8c:10:e4:7e:af:6b:3b:72:24:10:be:
46:10:82:df:f0:8b:1b:13:68:d4:7d:00:ab:9d:d1:
5e:8c:70:47:b8:ac:6b:47:b6:09:b2:4b:7a:f5:c4:
83:b5:bc:15:30:5c:03:cd:aa:05:88:87:bc:08:63:
7a:c1:9a:e7:84:c8:1e:b0:8c:a3:41:82:29:35:9b:
8f:9f:32:eb:2d:cd:06:0c:66:c5:8f:26:a0:a7:cf:
b7:15:ad:6d:e1:5e:fb:b2:13:27:c8:b7:42:28:4e:
ff:1d:47:1b:0c:75:39:fb:87:bf:1c:78:3b:7b:12:
9b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:DE:2B:8E:94:B9:E2:82:FB:62:E4:89:FD:D8:7E:5C:C8:7A:CF:CB
X509v3 Authority Key Identifier:
keyid:53:6B:F8:DD:CE:80:26:67:37:8F:47:BD:49:54:A9:0B:7C:70:09:C1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A5849/DBAD384EF79E11EEA45AAE2CC4F9AE02/U2v43c6AJmc3j0e9SVSpC3xwCcE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U2v43c6AJmc3j0e9SVSpC3xwCcE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A5849/DBAD384EF79E11EEA45AAE2CC4F9AE02/D8346320F7A011EE8BE8843BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.37.173.0/24
IPv6:
2001:df3:aac0::/48
Signature Algorithm: sha256WithRSAEncryption
39:3c:9e:7e:5b:91:1c:43:1b:0b:2a:b0:8f:02:91:c2:ad:05:
f2:db:8d:84:6a:bb:6c:8b:44:49:d7:0e:2c:29:b8:a8:32:87:
31:e6:86:fc:09:12:67:ef:a9:4c:aa:29:7f:80:e3:fb:47:b3:
4d:6d:28:e1:76:ec:54:d1:ed:b1:1b:88:cb:17:e9:1b:ad:f9:
be:da:7e:25:90:35:a3:01:0d:5e:18:7a:da:09:e0:51:f6:63:
b7:c0:95:28:72:e4:f0:3f:e1:f8:39:b4:61:cf:1c:19:af:e4:
0f:53:0c:4e:0e:70:73:67:63:1e:ca:c3:61:f1:3c:f7:28:ae:
8d:c9:84:ee:09:3a:6b:4e:c1:a7:78:bc:b6:7b:13:d3:29:09:
da:81:21:0e:d6:4d:64:77:3e:bb:02:de:61:c7:58:a2:a0:6d:
2d:61:c5:eb:8f:38:de:2f:b9:3d:6e:13:b3:c5:d2:5b:21:4d:
57:ae:aa:ab:d6:9a:51:f0:2a:1b:6a:cd:9b:8b:23:db:d4:4f:
06:5e:a8:71:d1:77:27:0c:3f:9e:5e:2c:98:85:06:88:cb:95:
9f:19:0c:f2:7e:8c:c4:e8:19:6a:57:f7:be:f3:40:90:c8:04:
20:18:28:5e:14:62:04:ae:ed:ef:0f:71:ad:9b:f0:30:d0:4a:
10:d5:2b:40
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
NTg0OTExMC8GA1UEBRMoNTM2QkY4RERDRTgwMjY2NzM3OEY0N0JENDk1NEE5MEI3
QzcwMDlDMTAeFw0yNDA0MTEwMTE1MjdaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MTczOWFmLTY5MzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLbhpHrxLT1xQtwK48Brpgj/xTxrATR26O23NBBDuuzoRmVquVkfTuoWoJIJCQ
a9RPS+Hq0dlpY0dSE630+45v+upmZoxttGJZ9cBacUPYAo2tg+kepCl5391Qok1o
TUmaC+bkjjZDEH5xEyFamerzO8koeIsUnRqbMV/sgtCFzZCQWTdIssEqYVSMEOR+
r2s7ciQQvkYQgt/wixsTaNR9AKud0V6McEe4rGtHtgmyS3r1xIO1vBUwXAPNqgWI
h7wIY3rBmueEyB6wjKNBgik1m4+fMustzQYMZsWPJqCnz7cVrW3hXvuyEyfIt0Io
Tv8dRxsMdTn7h78ceDt7EputAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU8N4rjpS5
4oL7YuSJ/dh+XMh6z8swHwYDVR0jBBgwFoAUU2v43c6AJmc3j0e9SVSpC3xwCcEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE1ODQ5L0RCQUQzODRFRjc5
RTExRUVBNDVBQUUyQ0M0RjlBRTAyL1UydjQzYzZBSm1jM2owZTlTVlNwQzN4d0Nj
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVTJ2NDNjNkFKbWMzajBlOVNWU3BDM3h3Q2NFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
NTg0OS9EQkFEMzg0RUY3OUUxMUVFQTQ1QUFFMkNDNEY5QUUwMi9EODM0NjMyMEY3
QTAxMUVFOEJFODg0M0JDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAMolrTAPBAIAAjAJAwcAIAEN86rAMA0GCSqGSIb3DQEBCwUA
A4IBAQA5PJ5+W5EcQxsLKrCPApHCrQXy242Eartsi0RJ1w4sKbioMocx5ob8CRJn
76lMqil/gOP7R7NNbSjhduxU0e2xG4jLF+kbrfm+2n4lkDWjAQ1eGHraCeBR9mO3
wJUocuTwP+H4ObRhzxwZr+QPUwxODnBzZ2MeysNh8Tz3KK6NyYTuCTprTsGneLy2
exPTKQnagSEO1k1kdz67At5hx1iioG0tYcXrjzjeL7k9bhOzxdJbIU1Xrqqr1ppR
8Cobas2biyPb1E8GXqhx0XcnDD+eXiyYhQaIy5WfGQzyfozE6BlqV/e+80CQyAQg
GCheFGIEru3vD3Gtm/Aw0EoQ1StA
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:48:44 2025 by rpki-client