Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/7F0270C6721B11EF81654E68C4F9AE02.roa
File: 7F0270C6721B11EF81654E68C4F9AE02.roa (raw, json)
Hash identifier: lIWYlCtzPGagYWDgzxgQUS/VxeDlZZAvuqd+4AQKvmo=
Subject key identifier: 8B:74:8A:BF:E2:1B:EA:A7:D5:A0:38:01:1D:A4:68:30:09:68:4A:E3
Certificate issuer: /CN=A91AAEB2/serialNumber=9B98FB7D468983A2C14772733248EFFA3462E126
Certificate serial: BD
Authority key identifier: 9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/7F0270C6721B11EF81654E68C4F9AE02.roa
Signing time: Sat 21 Dec 2024 05:50:06 +0000
ROA not before: Sat 21 Dec 2024 05:50:06 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 17827
IP address blocks: 202.28.100.0/24 maxlen: 24
202.28.101.0/24 maxlen: 24
202.28.102.0/24 maxlen: 24
202.28.103.0/24 maxlen: 24
2001:3c8:130a::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 189 (0xbd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AAEB2/serialNumber=9B98FB7D468983A2C14772733248EFFA3462E126
Validity
Not Before: Dec 21 05:50:06 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6766570d-3004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e9:5b:d4:d8:ac:81:55:26:97:d5:46:d8:58:
a6:ae:85:61:29:9d:16:e2:87:65:cf:47:50:91:96:
80:ba:99:be:34:2b:78:70:0f:73:cd:68:64:8b:12:
b9:3c:02:8f:e1:d2:9c:a3:dd:35:81:71:f7:c2:1f:
b5:12:67:a6:97:0c:b7:aa:f1:f1:54:5a:ed:af:bd:
ee:0b:d6:5f:90:82:7a:40:11:f9:f3:e8:de:56:80:
5e:bd:4c:7f:84:28:bc:be:51:76:f6:ac:04:ea:30:
91:99:99:c9:1a:5d:54:bf:18:94:ab:07:0e:75:59:
18:3d:7a:79:60:d1:6b:af:fd:50:a2:bf:c3:21:3d:
7f:ed:bb:e2:8f:dc:4d:c7:2a:74:61:3a:5c:0c:fc:
38:be:53:15:b0:5c:b8:5c:c4:76:22:ce:74:c2:b3:
b6:3c:2e:1e:d3:74:a9:c9:2d:2f:69:d0:cb:73:fd:
2d:d6:5e:31:03:8d:50:0d:b8:79:91:1a:e7:74:54:
ed:b2:53:02:1b:f0:d0:b9:10:fa:89:68:80:1e:1b:
0d:3d:3d:58:10:aa:f3:16:b4:a6:5f:70:f4:71:d3:
7e:bb:2a:9f:4d:e7:4e:b6:9a:07:f8:2f:d7:a5:a5:
5a:74:02:40:6a:c5:83:ee:ad:ff:c8:2f:d6:07:69:
e9:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:74:8A:BF:E2:1B:EA:A7:D5:A0:38:01:1D:A4:68:30:09:68:4A:E3
X509v3 Authority Key Identifier:
keyid:9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/7F0270C6721B11EF81654E68C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.28.100.0/22
IPv6:
2001:3c8:130a::/48
Signature Algorithm: sha256WithRSAEncryption
67:d1:14:b9:c1:d0:e9:a7:f9:73:1a:94:9a:a7:fd:d6:03:9a:
30:85:14:18:bc:a5:e7:85:df:4f:c8:78:3c:45:1b:c9:00:9e:
1a:59:9a:f3:ab:d5:30:94:9c:6e:42:92:37:09:f0:e9:25:62:
72:5f:80:04:3d:92:92:89:18:cf:67:b8:5e:a9:a1:23:8a:eb:
2c:42:0a:84:03:b7:0f:6c:82:e6:92:b2:bc:8b:b2:04:5d:42:
8d:a1:8c:d7:00:81:5e:d1:41:4f:69:50:74:40:dd:bf:0d:41:
90:01:fd:99:4d:5a:8c:a8:4d:56:87:d0:18:9d:af:51:6c:2f:
e4:e2:f6:22:af:4c:53:0b:0c:60:80:9c:ac:9f:64:59:e9:39:
fd:5e:2a:65:72:be:a9:09:36:92:2e:7e:a8:4a:e3:5b:4e:e2:
59:81:a0:7b:2a:d2:91:b5:4b:c6:71:9b:1f:06:cc:2b:df:96:
31:d4:02:05:97:d5:5d:b2:dd:dd:b2:28:6b:ca:1c:df:a1:32:
b6:2f:0f:b6:9a:49:84:08:45:d0:8c:81:63:bf:ff:9a:a0:0f:
2e:22:21:b9:d6:8e:13:d6:13:75:f9:4e:43:f2:63:88:e0:c7:
12:0b:f0:23:87:83:27:6b:0e:46:a5:33:b2:bb:f7:f1:1c:96:
10:7c:b0:a6
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAL0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUFFQjIxMTAvBgNVBAUTKDlCOThGQjdENDY4OTgzQTJDMTQ3NzI3MzMyNDhFRkZB
MzQ2MkUxMjYwHhcNMjQxMjIxMDU1MDA2WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY2NTcwZC0zMDA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuulb1NisgVUml9VG2FimroVhKZ0W4odlz0dQkZaAupm+NCt4cA9zzWhkixK5
PAKP4dKco901gXH3wh+1Ememlwy3qvHxVFrtr73uC9ZfkIJ6QBH58+jeVoBevUx/
hCi8vlF29qwE6jCRmZnJGl1UvxiUqwcOdVkYPXp5YNFrr/1Qor/DIT1/7bvij9xN
xyp0YTpcDPw4vlMVsFy4XMR2Is50wrO2PC4e03SpyS0vadDLc/0t1l4xA41QDbh5
kRrndFTtslMCG/DQuRD6iWiAHhsNPT1YEKrzFrSmX3D0cdN+uyqfTedOtpoH+C/X
paVadAJAasWD7q3/yC/WB2npxwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFIt0ir/i
G+qn1aA4AR2kaDAJaErjMB8GA1UdIwQYMBaAFJuY+31GiYOiwUdyczJI7/o0YuEm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUVCMi8zOTUyMTAwRTZF
ODMxMUVGQUI3MjYxODBDNEY5QUUwMi9tNWo3ZlVhSmc2TEJSM0p6TWtqdi1qUmk0
U1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL201ajdmVWFKZzZMQlIzSnpNa2p2LWpSaTRTWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUFFQjIvMzk1MjEwMEU2RTgzMTFFRkFCNzI2MTgwQzRGOUFFMDIvN0YwMjcwQzY3
MjFCMTFFRjgxNjU0RTY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBALKHGQwDwQCAAIwCQMHACABA8gTCjANBgkqhkiG9w0BAQsF
AAOCAQEAZ9EUucHQ6af5cxqUmqf91gOaMIUUGLyl54XfT8h4PEUbyQCeGlma86vV
MJScbkKSNwnw6SVicl+ABD2SkokYz2e4XqmhI4rrLEIKhAO3D2yC5pKyvIuyBF1C
jaGM1wCBXtFBT2lQdEDdvw1BkAH9mU1ajKhNVofQGJ2vUWwv5OL2Iq9MUwsMYICc
rJ9kWek5/V4qZXK+qQk2ki5+qErjW07iWYGgeyrSkbVLxnGbHwbMK9+WMdQCBZfV
XbLd3bIoa8oc36Eyti8PtppJhAhF0IyBY7//mqAPLiIhudaOE9YTdflOQ/JjiODH
EgvwI4eDJ2sORqUzsrv38RyWEHywpg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:38:33 2025 by rpki-client