Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF3E2/DA622E9A5B9E11EFBCDBC55BC4F9AE02/1CDD9EF85B9F11EFACE3275CC4F9AE02.roa
File: 1CDD9EF85B9F11EFACE3275CC4F9AE02.roa (raw, json)
Hash identifier: pt3TVE6FWWML9qDR6bF+JwKplcatGSeeBfxTZrbxiy4=
Subject key identifier: 17:57:87:F8:5E:F0:77:36:4B:89:72:E6:6C:31:C7:1A:07:C5:31:C3
Certificate issuer: /CN=A91AF3E2/serialNumber=F6BA6E630A6AA98D821568264E027B988DF5C9BA
Certificate serial: 02
Authority key identifier: F6:BA:6E:63:0A:6A:A9:8D:82:15:68:26:4E:02:7B:98:8D:F5:C9:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9rpuYwpqqY2CFWgmTgJ7mI31ybo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AF3E2/DA622E9A5B9E11EFBCDBC55BC4F9AE02/1CDD9EF85B9F11EFACE3275CC4F9AE02.roa
Signing time: Fri 16 Aug 2024 07:14:01 +0000
ROA not before: Fri 16 Aug 2024 07:14:01 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 26658
IP address blocks: 27.0.156.0/22 maxlen: 22
103.208.8.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AF3E2/serialNumber=F6BA6E630A6AA98D821568264E027B988DF5C9BA
Validity
Not Before: Aug 16 07:14:01 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=66befc39-9106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:42:bb:af:07:03:7d:e7:ac:21:cc:fc:8a:67:
9c:79:66:07:66:f5:06:51:39:43:3d:fd:75:b3:f4:
18:e5:f4:5b:e8:00:26:86:a5:e1:a7:f4:7e:06:b2:
c3:d6:03:85:e4:19:94:60:14:76:23:b8:a8:2c:05:
c2:c6:df:2a:11:9c:0e:d0:d1:50:ac:62:b9:b9:88:
77:88:00:5c:f0:17:fe:e8:1a:e8:aa:c5:35:2b:6c:
ff:07:51:33:b4:8d:87:ab:f7:8e:d1:49:27:09:36:
12:fe:b8:fd:73:d0:3a:16:19:0c:93:8e:3a:7e:37:
13:b4:1a:e1:a4:ea:1e:27:28:42:0b:b8:a4:9f:ec:
a8:4a:2c:a2:90:1e:40:1b:06:5e:cc:7f:d5:d0:02:
38:68:15:c7:7c:b4:35:61:d6:db:43:97:be:ed:15:
8d:7a:02:b9:12:48:2a:6c:9f:c5:70:76:5b:3c:f9:
09:cb:81:84:08:1a:6e:40:0c:0d:ed:36:be:1c:96:
dd:38:37:fc:5d:69:eb:ea:69:6b:a6:30:6d:75:7e:
4d:1e:d0:ca:1b:f9:b0:55:95:25:18:f1:cc:29:ad:
ed:5a:40:72:d8:1f:e3:8c:74:6c:f5:e7:e4:bd:d3:
4a:a8:c2:c2:2d:fe:ff:ff:08:3e:2f:aa:b3:5c:8d:
f2:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:57:87:F8:5E:F0:77:36:4B:89:72:E6:6C:31:C7:1A:07:C5:31:C3
X509v3 Authority Key Identifier:
keyid:F6:BA:6E:63:0A:6A:A9:8D:82:15:68:26:4E:02:7B:98:8D:F5:C9:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AF3E2/DA622E9A5B9E11EFBCDBC55BC4F9AE02/9rpuYwpqqY2CFWgmTgJ7mI31ybo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9rpuYwpqqY2CFWgmTgJ7mI31ybo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF3E2/DA622E9A5B9E11EFBCDBC55BC4F9AE02/1CDD9EF85B9F11EFACE3275CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.0.156.0/22
103.208.8.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:6d:fd:e6:71:df:92:48:7d:c7:5a:1b:7f:8e:ec:1d:50:c4:
e7:64:07:d6:92:a4:84:47:a8:ec:c0:e9:0d:7a:13:ea:b7:5a:
7f:8b:81:1f:fb:16:bd:be:24:7f:b7:e7:91:69:77:59:8e:74:
dd:74:f3:09:20:c4:34:87:c9:72:12:51:3e:42:ee:87:a2:38:
5a:6d:98:ab:98:84:15:9f:22:a4:48:ec:74:ce:bd:92:45:5d:
4a:e4:93:bf:3b:2a:a0:53:16:9c:4c:c7:3d:a3:bb:be:46:16:
08:9b:28:03:1b:63:c0:b8:8a:06:29:14:b2:e3:52:99:fa:e4:
be:29:60:d1:b5:cf:b6:8f:a6:da:fa:db:15:f1:c6:d4:26:67:
4f:de:27:82:b2:8e:39:19:b4:20:dd:52:82:1b:18:d8:c4:6e:
d2:a4:82:06:30:8b:fd:c9:20:08:f4:8b:f2:52:bd:34:42:5c:
2f:16:55:83:16:1f:be:5c:12:ba:51:ec:c6:fb:76:ea:45:c0:
1e:e8:9b:11:d9:37:47:73:7a:05:ee:be:b4:db:c0:63:6c:77:
2d:06:56:06:1f:75:b2:cc:7a:dd:9d:3f:fc:bf:26:b0:5a:7e:
0d:a8:47:bb:7d:5c:e1:e9:24:01:8f:2c:8a:53:6f:a3:30:45:
e3:7a:15:96
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
RjNFMjExMC8GA1UEBRMoRjZCQTZFNjMwQTZBQTk4RDgyMTU2ODI2NEUwMjdCOTg4
REY1QzlCQTAeFw0yNDA4MTYwNzE0MDFaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YmVmYzM5LTkxMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDDQruvBwN956whzPyKZ5x5Zgdm9QZROUM9/XWz9Bjl9FvoACaGpeGn9H4GssPW
A4XkGZRgFHYjuKgsBcLG3yoRnA7Q0VCsYrm5iHeIAFzwF/7oGuiqxTUrbP8HUTO0
jYer947RSScJNhL+uP1z0DoWGQyTjjp+NxO0GuGk6h4nKEILuKSf7KhKLKKQHkAb
Bl7Mf9XQAjhoFcd8tDVh1ttDl77tFY16ArkSSCpsn8Vwdls8+QnLgYQIGm5ADA3t
Nr4clt04N/xdaevqaWumMG11fk0e0Mob+bBVlSUY8cwpre1aQHLYH+OMdGz15+S9
00qowsIt/v//CD4vqrNcjfKVAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUF1eH+F7w
dzZLiXLmbDHHGgfFMcMwHwYDVR0jBBgwFoAU9rpuYwpqqY2CFWgmTgJ7mI31ybow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFGM0UyL0RBNjIyRTlBNUI5
RTExRUZCQ0RCQzU1QkM0RjlBRTAyLzlycHVZd3BxcVkyQ0ZXZ21UZ0o3bUkzMXli
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOXJwdVl3cHFxWTJDRldnbVRnSjdtSTMxeWJvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
RjNFMi9EQTYyMkU5QTVCOUUxMUVGQkNEQkM1NUJDNEY5QUUwMi8xQ0REOUVGODVC
OUYxMUVGQUNFMzI3NUNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAhsAnAMEAmfQCDANBgkqhkiG9w0BAQsFAAOCAQEAW2395nHf
kkh9x1obf47sHVDE52QH1pKkhEeo7MDpDXoT6rdaf4uBH/sWvb4kf7fnkWl3WY50
3XTzCSDENIfJchJRPkLuh6I4Wm2Yq5iEFZ8ipEjsdM69kkVdSuSTvzsqoFMWnEzH
PaO7vkYWCJsoAxtjwLiKBikUsuNSmfrkvilg0bXPto+m2vrbFfHG1CZnT94ngrKO
ORm0IN1SghsY2MRu0qSCBjCL/ckgCPSL8lK9NEJcLxZVgxYfvlwSulHsxvt26kXA
HuibEdk3R3N6Be6+tNvAY2x3LQZWBh91ssx63Z0//L8msFp+DahHu31c4ekkAY8s
ilNvozBF43oVlg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:43:01 2025 by rpki-client