Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAE16/174885505BB111E98B103B13C4F9AE02/B2409F28DF9311EEBF6BC36DC4F9AE02.roa
File: B2409F28DF9311EEBF6BC36DC4F9AE02.roa (raw, json)
Hash identifier: J6dUTU+B3rYnE6IuMVXfZpLt706z/3t+VN2bTVaCwns=
Subject key identifier: BA:A9:F3:DF:03:20:99:A5:38:7C:1D:C9:F3:A7:50:C8:DE:EC:B0:F7
Certificate issuer: /CN=A91AAE16/serialNumber=394EA086895C6F17D936548A32238B82CF79294D
Certificate serial: 0EF0
Authority key identifier: 39:4E:A0:86:89:5C:6F:17:D9:36:54:8A:32:23:8B:82:CF:79:29:4D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OU6gholcbxfZNlSKMiOLgs95KU0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AAE16/174885505BB111E98B103B13C4F9AE02/B2409F28DF9311EEBF6BC36DC4F9AE02.roa
Signing time: Wed 08 May 2024 18:37:03 +0000
ROA not before: Wed 08 May 2024 18:37:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134584
IP address blocks: 202.58.140.0/24 maxlen: 24
202.58.142.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3824 (0xef0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AAE16/serialNumber=394EA086895C6F17D936548A32238B82CF79294D
Validity
Not Before: May 8 18:37:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=663bc64f-523d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b8:f1:5b:3e:65:1a:1c:22:61:1c:8e:b7:c8:
b8:77:8c:58:25:dd:58:62:80:32:bf:91:55:56:ac:
38:1f:49:86:18:b7:e6:18:9e:d5:77:02:31:3e:20:
d3:5f:77:c4:f9:43:53:60:2a:33:1d:3c:24:ea:7c:
be:9d:0b:40:48:3c:95:2f:71:ea:89:c1:eb:9a:e6:
19:c4:d1:1d:f1:71:55:46:fd:e1:19:61:11:79:17:
3a:5d:a4:9e:18:39:28:46:aa:cf:26:32:8c:b4:be:
46:74:83:7d:bb:22:c2:b3:fe:a0:c8:0c:78:f1:4d:
e2:cf:8d:dc:77:14:7f:66:26:1b:fb:5e:cb:70:13:
17:71:26:2c:43:8d:c6:c2:61:18:af:18:2d:04:7c:
e1:a6:1a:20:f1:2a:2f:f5:84:d8:88:5e:5b:60:72:
65:50:64:e8:a3:54:30:76:87:0f:43:3d:16:3d:06:
68:1b:d6:2e:57:34:75:ea:6a:9b:23:36:a9:6b:aa:
fe:b5:5a:ea:28:20:e2:f3:f4:5d:93:e8:bb:bd:00:
c2:6c:ca:52:c8:d5:27:ae:04:82:41:e7:d3:55:94:
a8:66:62:21:05:72:a2:6b:74:9d:0c:44:92:b0:8c:
66:3b:29:d6:9a:92:52:32:8e:26:c7:ea:59:2d:39:
3d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:A9:F3:DF:03:20:99:A5:38:7C:1D:C9:F3:A7:50:C8:DE:EC:B0:F7
X509v3 Authority Key Identifier:
keyid:39:4E:A0:86:89:5C:6F:17:D9:36:54:8A:32:23:8B:82:CF:79:29:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AAE16/174885505BB111E98B103B13C4F9AE02/OU6gholcbxfZNlSKMiOLgs95KU0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OU6gholcbxfZNlSKMiOLgs95KU0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAE16/174885505BB111E98B103B13C4F9AE02/B2409F28DF9311EEBF6BC36DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.58.140.0/24
202.58.142.0/24
Signature Algorithm: sha256WithRSAEncryption
28:fb:e5:d0:83:4e:48:23:0d:27:e5:dd:b4:5f:a0:81:ed:da:
39:52:1b:59:1d:df:8f:cb:7a:61:c5:f9:90:80:2e:3f:0a:87:
ff:c2:33:ed:79:db:9e:01:57:e3:d8:0c:bc:a5:91:bf:eb:21:
61:57:82:64:53:c7:99:e9:2d:1e:02:c3:01:04:7c:2a:12:03:
a5:a4:6a:46:78:de:ba:b5:f3:ff:ca:8c:50:9f:52:d0:7b:f9:
d5:17:1c:d8:c5:11:d3:06:7e:c7:9d:d3:d5:48:df:25:09:d9:
c8:75:93:f3:00:22:2f:3b:de:d4:b3:b9:cf:7d:bc:90:7e:e9:
82:3f:a3:8a:23:3b:9c:01:c6:b8:85:fc:5e:eb:49:4a:e3:08:
ce:3c:e0:e7:98:c3:8f:0e:88:bb:35:7a:63:1d:74:b7:3b:4e:
0b:b2:64:8a:a5:b2:1b:f1:92:86:f4:23:ee:63:f3:d0:74:5d:
fb:6d:11:27:c0:48:e6:07:94:a5:25:85:04:8d:c9:9b:0f:59:
e1:16:53:9f:5a:96:79:f8:55:1f:1c:eb:e1:a4:f3:82:73:cf:
db:ee:dd:07:6b:5d:cc:cc:3b:41:35:54:a2:9c:a7:78:db:6c:
fc:28:c7:ee:e3:86:dd:ec:61:34:9f:c6:dd:19:86:77:69:21:
d9:6c:94:88
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDvAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUFFMTYxMTAvBgNVBAUTKDM5NEVBMDg2ODk1QzZGMTdEOTM2NTQ4QTMyMjM4Qjgy
Q0Y3OTI5NEQwHhcNMjQwNTA4MTgzNzAzWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNiYzY0Zi01MjNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAybjxWz5lGhwiYRyOt8i4d4xYJd1YYoAyv5FVVqw4H0mGGLfmGJ7VdwIxPiDT
X3fE+UNTYCozHTwk6ny+nQtASDyVL3HqicHrmuYZxNEd8XFVRv3hGWEReRc6XaSe
GDkoRqrPJjKMtL5GdIN9uyLCs/6gyAx48U3iz43cdxR/ZiYb+17LcBMXcSYsQ43G
wmEYrxgtBHzhphog8Sov9YTYiF5bYHJlUGToo1QwdocPQz0WPQZoG9YuVzR16mqb
Izapa6r+tVrqKCDi8/Rdk+i7vQDCbMpSyNUnrgSCQefTVZSoZmIhBXKia3SdDESS
sIxmOynWmpJSMo4mx+pZLTk9rwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFLqp898D
IJmlOHwdyfOnUMje7LD3MB8GA1UdIwQYMBaAFDlOoIaJXG8X2TZUijIji4LPeSlN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUUxNi8xNzQ4ODU1MDVC
QjExMUU5OEIxMDNCMTNDNEY5QUUwMi9PVTZnaG9sY2J4ZlpObFNLTWlPTGdzOTVL
VTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09VNmdob2xjYnhmWk5sU0tNaU9MZ3M5NUtVMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUFFMTYvMTc0ODg1NTA1QkIxMTFFOThCMTAzQjEzQzRGOUFFMDIvQjI0MDlGMjhE
RjkzMTFFRUJGNkJDMzZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBADKOowDBADKOo4wDQYJKoZIhvcNAQELBQADggEBACj75dCD
TkgjDSfl3bRfoIHt2jlSG1kd34/LemHF+ZCALj8Kh//CM+15254BV+PYDLylkb/r
IWFXgmRTx5npLR4CwwEEfCoSA6WkakZ43rq18//KjFCfUtB7+dUXHNjFEdMGfsed
09VI3yUJ2ch1k/MAIi873tSzuc99vJB+6YI/o4ojO5wBxriF/F7rSUrjCM484OeY
w48OiLs1emMddLc7TguyZIqlshvxkob0I+5j89B0XfttESfASOYHlKUlhQSNyZsP
WeEWU59alnn4VR8c6+Gk84Jzz9vu3QdrXczMO0E1VKKcp3jbbPwox+7jht3sYTSf
xt0ZhndpIdlslIg=
-----END CERTIFICATE-----
Generated at Mon Apr 28 09:24:32 2025 by rpki-client