Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/D6C060C27E1811EEB9B4FE4AC4F9AE02.roa
File: D6C060C27E1811EEB9B4FE4AC4F9AE02.roa (raw, json)
Hash identifier: H6lUECWs/LnmCnEJB/ye5BlXZoehdKlxdmR5+P/1VOY=
Subject key identifier: 3B:AD:46:E1:A6:4F:D4:82:B4:DF:7F:DE:15:FB:F0:D7:23:34:EE:26
Certificate issuer: /CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
Certificate serial: 04E5
Authority key identifier: 2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/D6C060C27E1811EEB9B4FE4AC4F9AE02.roa
Signing time: Sat 28 Dec 2024 23:32:34 +0000
ROA not before: Sat 28 Dec 2024 23:32:34 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 61317
IP address blocks: 202.43.6.0/24 maxlen: 24
202.43.7.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1253 (0x4e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
Validity
Not Before: Dec 28 23:32:34 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67708a92-ea27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e0:be:4e:2b:9b:b9:03:7d:4b:aa:58:37:48:
a4:c2:38:57:2d:c1:38:ac:dd:db:b0:0e:c1:73:58:
dc:f9:9d:67:27:bb:26:1a:fa:1c:69:03:38:93:50:
9d:20:be:fe:60:4a:2f:d1:76:c7:2d:d5:47:9e:43:
b4:c5:31:7b:b9:95:76:6f:ef:d0:d6:8a:85:9b:15:
61:0b:2c:6d:e6:7b:aa:74:05:7d:19:24:22:1f:be:
7f:09:48:f1:50:37:ad:10:f7:d8:d0:98:62:b3:55:
fe:1f:d0:b7:b6:b5:c8:ec:c2:d3:63:7c:5d:1c:86:
c6:2b:d6:92:4d:17:06:5f:1f:de:c3:82:89:5e:93:
2d:4f:3e:ec:c2:4b:32:e3:a2:db:f2:17:b0:bc:16:
e9:b7:86:2b:1b:40:c9:91:fc:c4:e5:f5:03:16:b5:
e9:8e:b3:f1:91:92:96:98:37:7c:d2:51:fc:b3:42:
f0:c9:f9:39:10:0e:c9:c6:5c:6a:20:d6:d3:26:3b:
9b:dc:98:bc:d7:26:a8:58:26:89:ac:12:3d:7d:94:
a1:dc:e0:98:bb:d8:df:cb:3f:f4:39:b9:cc:43:08:
f6:4a:1f:7d:df:fc:56:12:25:50:52:93:34:b5:6c:
03:52:38:75:e6:86:9d:da:48:61:ce:2c:1e:83:cd:
d4:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:AD:46:E1:A6:4F:D4:82:B4:DF:7F:DE:15:FB:F0:D7:23:34:EE:26
X509v3 Authority Key Identifier:
keyid:2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/D6C060C27E1811EEB9B4FE4AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.43.6.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:01:f4:70:8c:99:cb:ed:19:c9:d8:60:62:cf:d7:3a:98:0d:
ba:ac:39:74:89:6e:c0:ac:a5:54:fd:b9:bf:c3:1a:16:47:8b:
4a:2b:e2:8a:13:1d:2a:82:08:aa:58:66:19:ca:dc:86:9a:45:
e8:4d:9a:09:f0:8d:7d:27:46:5a:fa:d7:25:d4:47:39:6a:2b:
37:de:49:5f:06:64:fc:8f:d8:20:9f:b4:f8:69:14:59:d4:d2:
74:f7:65:f4:0b:eb:40:f7:83:af:7b:10:2f:0f:b8:65:f1:2f:
ad:e1:e7:5e:31:98:39:60:ae:55:d9:81:b6:1a:e6:8d:2e:da:
3b:a4:fa:bd:d5:9c:fd:f8:75:7e:28:dc:94:e8:1a:12:96:99:
77:03:2b:12:1b:b6:27:4e:8d:ac:39:ed:ba:9d:f6:6f:bd:b2:
2f:8e:19:94:52:41:29:08:02:3d:4a:e2:e4:d5:db:e2:45:d1:
a8:b0:58:be:ec:06:5c:83:2c:6c:98:ac:60:62:a9:01:2c:72:
2a:7f:42:89:77:c5:61:66:1d:84:3c:8e:9b:7e:86:aa:c0:df:
5d:8b:d7:e4:57:49:ed:8a:32:a7:e5:98:ca:33:a0:2b:fe:da:
4a:0e:57:7f:c5:85:98:44:e0:9b:17:37:8f:9b:0a:6f:9c:0b:
f0:8e:f2:49
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBOUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUNENzIxMTAvBgNVBAUTKDJDMTkxNzUzMjVBNUYzNkMwQkI1OEY5MjExOUU2NTgy
MEM4RkQ1N0IwHhcNMjQxMjI4MjMzMjM0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzcwOGE5Mi1lYTI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuOC+TiubuQN9S6pYN0ikwjhXLcE4rN3bsA7Bc1jc+Z1nJ7smGvocaQM4k1Cd
IL7+YEov0XbHLdVHnkO0xTF7uZV2b+/Q1oqFmxVhCyxt5nuqdAV9GSQiH75/CUjx
UDetEPfY0Jhis1X+H9C3trXI7MLTY3xdHIbGK9aSTRcGXx/ew4KJXpMtTz7swksy
46Lb8hewvBbpt4YrG0DJkfzE5fUDFrXpjrPxkZKWmDd80lH8s0Lwyfk5EA7Jxlxq
INbTJjub3Ji81yaoWCaJrBI9fZSh3OCYu9jfyz/0ObnMQwj2Sh993/xWEiVQUpM0
tWwDUjh15oad2khhziweg83UJwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDutRuGm
T9SCtN9/3hX78NcjNO4mMB8GA1UdIwQYMBaAFCwZF1MlpfNsC7WPkhGeZYIMj9V7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q3Mi80NTc2QTY3MjI2
MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgyd0x0WS1TRVo1bGdneVAx
WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xCa1hVeVdsODJ3THRZLVNFWjVsZ2d5UDFYcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUNENzIvNDU3NkE2NzIyNjEyMTFFQ0I5MzE5OTQyQzRGOUFFMDIvRDZDMDYwQzI3
RTE4MTFFRUI5QjRGRTRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAHKKwYwDQYJKoZIhvcNAQELBQADggEBAHoB9HCMmcvtGcnY
YGLP1zqYDbqsOXSJbsCspVT9ub/DGhZHi0or4ooTHSqCCKpYZhnK3IaaRehNmgnw
jX0nRlr61yXURzlqKzfeSV8GZPyP2CCftPhpFFnU0nT3ZfQL60D3g697EC8PuGXx
L63h514xmDlgrlXZgbYa5o0u2juk+r3VnP34dX4o3JToGhKWmXcDKxIbtidOjaw5
7bqd9m+9si+OGZRSQSkIAj1K4uTV2+JF0aiwWL7sBlyDLGyYrGBiqQEscip/Qol3
xWFmHYQ8jpt+hqrA312L1+RXSe2KMqflmMozoCv+2koOV3/FhZhE4JsXN4+bCm+c
C/CO8kk=
-----END CERTIFICATE-----
Generated at Sun Apr 27 15:47:50 2025 by rpki-client