Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1A14/F7E864468FBC11EAA8C3127BC4F9AE02/7B8BE75E8FBE11EA9797847DC4F9AE02.roa
File: 7B8BE75E8FBE11EA9797847DC4F9AE02.roa (raw, json)
Hash identifier: WsXdtcxy05bdhp08lCgCSuZ3kicYqcpeJDzsGm3Ju+I=
Subject key identifier: A5:CA:30:7B:41:B0:B1:3D:C4:7D:A0:9C:4F:D1:78:C3:34:2D:49:5E
Certificate issuer: /CN=A91C1A14/serialNumber=598DD5A39AE477658AD5BCBFE36264A1A61D6708
Certificate serial: 094B
Authority key identifier: 59:8D:D5:A3:9A:E4:77:65:8A:D5:BC:BF:E3:62:64:A1:A6:1D:67:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WY3Vo5rkd2WK1by_42JkoaYdZwg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C1A14/F7E864468FBC11EAA8C3127BC4F9AE02/7B8BE75E8FBE11EA9797847DC4F9AE02.roa
Signing time: Mon 06 Jan 2025 20:09:35 +0000
ROA not before: Mon 06 Jan 2025 20:09:35 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 136030
IP address blocks: 43.225.98.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2379 (0x94b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C1A14/serialNumber=598DD5A39AE477658AD5BCBFE36264A1A61D6708
Validity
Not Before: Jan 6 20:09:35 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=677c387f-6145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c4:db:a7:7a:a0:93:e4:e8:70:1a:9b:42:0b:
dc:6c:a8:6f:5a:ee:d9:2d:c2:c9:f9:2b:81:3e:b3:
6e:04:d1:37:68:bc:04:36:8b:5b:62:c1:d7:4f:ac:
b8:02:f5:b6:e4:f8:82:30:02:84:7e:ca:a4:01:51:
f7:bc:70:8b:03:d7:1d:09:b9:53:df:a1:10:ea:cd:
25:a2:1d:87:1b:87:5e:bc:4c:50:75:d5:b9:b6:66:
ba:a7:f2:4f:d7:11:1f:7f:cb:47:de:ca:6d:de:2a:
f9:00:3c:9e:ec:49:f2:32:42:16:cf:12:2e:da:3b:
ac:a7:69:b6:7b:80:30:52:95:a4:bb:21:eb:72:e9:
e8:9b:81:4c:b0:8b:b9:b1:7e:48:6e:58:f8:fa:7c:
18:53:41:3a:07:02:9e:e5:c1:5d:17:fc:f3:48:a1:
a0:ed:45:cf:dd:3a:4e:5f:50:b0:1e:8c:41:df:dd:
aa:c0:21:ab:01:8c:62:6b:45:93:7b:95:6c:96:ca:
c2:3b:40:ea:d7:b7:96:ec:94:00:da:3b:74:7a:48:
2f:ae:96:6e:c1:8d:06:80:d9:94:ee:e6:69:6e:b7:
8b:ca:c7:12:6f:73:60:11:96:6e:00:32:bf:60:f7:
38:c7:56:25:9a:8d:00:74:44:ce:20:43:17:0a:14:
b0:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:CA:30:7B:41:B0:B1:3D:C4:7D:A0:9C:4F:D1:78:C3:34:2D:49:5E
X509v3 Authority Key Identifier:
keyid:59:8D:D5:A3:9A:E4:77:65:8A:D5:BC:BF:E3:62:64:A1:A6:1D:67:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C1A14/F7E864468FBC11EAA8C3127BC4F9AE02/WY3Vo5rkd2WK1by_42JkoaYdZwg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WY3Vo5rkd2WK1by_42JkoaYdZwg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1A14/F7E864468FBC11EAA8C3127BC4F9AE02/7B8BE75E8FBE11EA9797847DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.98.0/24
Signature Algorithm: sha256WithRSAEncryption
96:de:f7:96:05:ab:50:e3:a4:17:75:3b:b9:66:ee:0c:46:b4:
d8:ce:9a:df:40:9b:82:98:18:b0:05:e3:d8:ea:6c:23:bc:e1:
c9:5c:a1:b1:90:14:f6:1f:e7:42:9a:a1:53:73:6d:a4:96:e9:
d7:ff:6f:e6:95:f8:b0:ad:13:e1:99:e8:05:27:72:12:d6:52:
e0:a6:31:50:ad:d2:07:dd:f3:d0:8f:ad:33:04:6b:80:b1:46:
78:2d:6d:cf:b5:9c:68:e0:9b:97:5d:c5:7b:34:88:cb:bb:85:
3c:46:a7:85:52:8d:fe:0e:58:d3:1d:c2:87:a3:af:53:cb:f1:
27:79:f9:96:49:a2:4f:09:ef:63:9e:ac:44:63:4e:c0:9d:36:
af:4e:d0:47:58:52:1e:8e:60:35:d4:d4:8d:97:3d:cf:10:8f:
c2:8a:7a:d8:46:93:ce:ff:8c:4c:b7:47:9f:c0:59:04:fa:e7:
b7:ed:69:1a:c9:25:07:ee:61:1c:40:2c:7c:b3:bd:9d:fe:aa:
fb:2e:92:ae:38:bd:5a:d4:3c:a1:96:67:26:b8:2a:2b:7f:80:
7b:d2:11:80:d7:e2:79:c8:e2:2d:00:e4:6b:04:b7:fe:a5:08:
2a:70:7f:71:c2:91:e4:92:1b:3d:a7:aa:1b:96:bb:c9:b7:60:
67:78:53:96
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCUswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzFBMTQxMTAvBgNVBAUTKDU5OERENUEzOUFFNDc3NjU4QUQ1QkNCRkUzNjI2NEEx
QTYxRDY3MDgwHhcNMjUwMTA2MjAwOTM1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdjMzg3Zi02MTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0cTbp3qgk+TocBqbQgvcbKhvWu7ZLcLJ+SuBPrNuBNE3aLwENotbYsHXT6y4
AvW25PiCMAKEfsqkAVH3vHCLA9cdCblT36EQ6s0loh2HG4devExQddW5tma6p/JP
1xEff8tH3spt3ir5ADye7EnyMkIWzxIu2jusp2m2e4AwUpWkuyHrcunom4FMsIu5
sX5Iblj4+nwYU0E6BwKe5cFdF/zzSKGg7UXP3TpOX1CwHoxB392qwCGrAYxia0WT
e5VslsrCO0Dq17eW7JQA2jt0ekgvrpZuwY0GgNmU7uZpbreLyscSb3NgEZZuADK/
YPc4x1Ylmo0AdETOIEMXChSwGQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKXKMHtB
sLE9xH2gnE/ReMM0LUleMB8GA1UdIwQYMBaAFFmN1aOa5HdlitW8v+NiZKGmHWcI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMUExNC9GN0U4NjQ0NjhG
QkMxMUVBQThDMzEyN0JDNEY5QUUwMi9XWTNWbzVya2QyV0sxYnlfNDJKa29hWWRa
d2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dZM1ZvNXJrZDJXSzFieV80Mkprb2FZZFp3Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzFBMTQvRjdFODY0NDY4RkJDMTFFQUE4QzMxMjdCQzRGOUFFMDIvN0I4QkU3NUU4
RkJFMTFFQTk3OTc4NDdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr4WIwDQYJKoZIhvcNAQELBQADggEBAJbe95YFq1DjpBd1
O7lm7gxGtNjOmt9Am4KYGLAF49jqbCO84clcobGQFPYf50KaoVNzbaSW6df/b+aV
+LCtE+GZ6AUnchLWUuCmMVCt0gfd89CPrTMEa4CxRngtbc+1nGjgm5ddxXs0iMu7
hTxGp4VSjf4OWNMdwoejr1PL8Sd5+ZZJok8J72OerERjTsCdNq9O0EdYUh6OYDXU
1I2XPc8Qj8KKethGk87/jEy3R5/AWQT657ftaRrJJQfuYRxALHyzvZ3+qvsukq44
vVrUPKGWZya4Kit/gHvSEYDX4nnI4i0A5GsEt/6lCCpwf3HCkeSSGz2nqhuWu8m3
YGd4U5Y=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:52:00 2025 by rpki-client