Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9606/9C9F9F9ADB9011E9A3C12F2CC4F9AE02/645EF9CADB9311E988E56C33C4F9AE02.roa
File: 645EF9CADB9311E988E56C33C4F9AE02.roa (raw, json)
Hash identifier: 9JHcHgmG+w7bGvnU6/Eo85gv0xWCdlnreQQjOwseAsk=
Subject key identifier: BF:A1:6A:21:15:93:E1:54:17:9E:25:A4:EF:E9:85:05:90:7D:5F:9A
Certificate issuer: /CN=A91C9606/serialNumber=1B471DADCD91209335136EACF6CC988828654B2A
Certificate serial: 0CCE
Authority key identifier: 1B:47:1D:AD:CD:91:20:93:35:13:6E:AC:F6:CC:98:88:28:65:4B:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G0cdrc2RIJM1E26s9syYiChlSyo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C9606/9C9F9F9ADB9011E9A3C12F2CC4F9AE02/645EF9CADB9311E988E56C33C4F9AE02.roa
Signing time: Mon 02 Dec 2024 18:07:28 +0000
ROA not before: Mon 02 Dec 2024 18:07:28 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 9789
IP address blocks: 202.131.3.0/24 maxlen: 24
202.131.5.0/24 maxlen: 24
202.131.6.0/24 maxlen: 24
202.131.7.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3278 (0xcce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C9606/serialNumber=1B471DADCD91209335136EACF6CC988828654B2A
Validity
Not Before: Dec 2 18:07:28 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=674df75f-8ea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c5:50:cf:24:f7:52:2a:5e:3c:66:14:f1:4d:
1c:94:df:db:cc:b0:7c:cd:bf:62:01:67:97:43:1f:
fb:15:51:40:0d:95:6d:24:e6:f4:bd:eb:4b:e4:34:
aa:59:22:11:1c:8f:17:ea:03:bb:b8:67:d5:0c:ed:
23:73:2d:ff:54:b7:e5:44:24:92:f4:9f:b4:fc:b8:
09:f2:e1:75:e6:1e:8c:ca:8e:6f:bd:fc:a1:64:bd:
30:e5:9a:4b:08:fc:23:ee:0f:a7:96:80:8c:54:67:
c9:29:8a:ab:47:19:bb:ca:07:56:72:b9:a2:fb:bc:
3c:82:17:09:e7:b4:df:9a:a9:4e:27:67:a0:7c:99:
0f:dd:d6:c2:1e:94:93:6b:93:58:65:ed:01:91:74:
3f:92:75:f2:ce:d1:26:d4:6d:27:d8:07:b0:05:fc:
3c:d9:87:29:ff:ca:32:08:15:7e:87:67:8e:57:9e:
c0:43:34:46:d0:1d:46:0f:7e:d1:96:79:cf:d4:e4:
cb:1d:40:3d:f7:fc:a4:aa:11:55:07:29:72:99:5a:
5b:4d:8a:02:e6:88:f1:e7:7a:d3:f1:6e:f4:2f:a6:
f0:72:b2:ff:28:7f:2d:92:f0:b4:f2:66:84:91:37:
26:24:ec:54:dd:c8:02:f1:c6:7b:ef:3a:8c:ae:4f:
2b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:A1:6A:21:15:93:E1:54:17:9E:25:A4:EF:E9:85:05:90:7D:5F:9A
X509v3 Authority Key Identifier:
keyid:1B:47:1D:AD:CD:91:20:93:35:13:6E:AC:F6:CC:98:88:28:65:4B:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C9606/9C9F9F9ADB9011E9A3C12F2CC4F9AE02/G0cdrc2RIJM1E26s9syYiChlSyo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G0cdrc2RIJM1E26s9syYiChlSyo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9606/9C9F9F9ADB9011E9A3C12F2CC4F9AE02/645EF9CADB9311E988E56C33C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.131.3.0/24
202.131.5.0-202.131.7.255
Signature Algorithm: sha256WithRSAEncryption
8b:39:66:62:48:a6:59:02:7a:e9:8f:2c:39:0d:68:be:f3:2c:
c4:99:3a:da:ab:f3:13:fc:ff:e3:2d:98:c3:89:f5:f7:85:49:
7a:1e:41:25:5e:5e:00:36:8d:ba:25:41:17:ae:3b:95:b4:6c:
5e:2a:5e:5a:34:7b:d8:29:90:58:25:91:ca:0a:99:85:7d:4a:
0d:b3:a0:dc:a2:9f:6f:7e:d3:06:1b:76:b2:ef:24:e6:d7:16:
2c:63:60:d2:c5:c3:b8:68:72:31:19:fb:64:40:ef:38:2d:ff:
b1:27:b7:23:ae:3f:d1:63:4f:73:57:3b:4e:f9:6f:16:81:69:
bf:aa:ee:b6:90:9e:ae:0e:a1:3d:c4:ca:9e:39:86:fe:36:f0:
61:96:ff:8e:b9:63:d4:d6:7b:05:84:e8:a5:f2:f1:bc:3a:12:
b2:ed:63:b2:4e:45:18:07:0b:8c:2f:85:80:72:3c:9b:f6:4d:
9c:0f:76:8a:3e:02:43:37:c9:fe:b9:10:c2:46:a7:5e:b0:fe:
af:5d:e2:59:09:95:9b:09:61:a4:6c:ed:23:5f:06:f8:41:07:
9b:ac:e2:07:b4:e1:a2:a4:63:51:9b:ac:f9:44:60:6f:2d:4a:
63:0c:65:ce:9e:7d:5d:94:7a:2b:33:49:64:8d:7a:43:ec:c1:
ec:16:20:46
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICDM4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qzk2MDYxMTAvBgNVBAUTKDFCNDcxREFEQ0Q5MTIwOTMzNTEzNkVBQ0Y2Q0M5ODg4
Mjg2NTRCMkEwHhcNMjQxMjAyMTgwNzI4WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRkZjc1Zi04ZWEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxMVQzyT3UipePGYU8U0clN/bzLB8zb9iAWeXQx/7FVFADZVtJOb0vetL5DSq
WSIRHI8X6gO7uGfVDO0jcy3/VLflRCSS9J+0/LgJ8uF15h6Myo5vvfyhZL0w5ZpL
CPwj7g+nloCMVGfJKYqrRxm7ygdWcrmi+7w8ghcJ57TfmqlOJ2egfJkP3dbCHpST
a5NYZe0BkXQ/knXyztEm1G0n2AewBfw82Ycp/8oyCBV+h2eOV57AQzRG0B1GD37R
lnnP1OTLHUA99/ykqhFVBylymVpbTYoC5ojx53rT8W70L6bwcrL/KH8tkvC08maE
kTcmJOxU3cgC8cZ77zqMrk8rvwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFL+haiEV
k+FUF54lpO/phQWQfV+aMB8GA1UdIwQYMBaAFBtHHa3NkSCTNRNurPbMmIgoZUsq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTYwNi85QzlGOUY5QURC
OTAxMUU5QTNDMTJGMkNDNEY5QUUwMi9HMGNkcmMyUklKTTFFMjZzOXN5WWlDaGxT
eW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0cwY2RyYzJSSUpNMUUyNnM5c3lZaUNobFN5by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qzk2MDYvOUM5RjlGOUFEQjkwMTFFOUEzQzEyRjJDQzRGOUFFMDIvNjQ1RUY5Q0FE
QjkzMTFFOTg4RTU2QzMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBADKgwMwDAMEAMqDBQMEA8qDADANBgkqhkiG9w0BAQsFAAOC
AQEAizlmYkimWQJ66Y8sOQ1ovvMsxJk62qvzE/z/4y2Yw4n194VJeh5BJV5eADaN
uiVBF647lbRsXipeWjR72CmQWCWRygqZhX1KDbOg3KKfb37TBht2su8k5tcWLGNg
0sXDuGhyMRn7ZEDvOC3/sSe3I64/0WNPc1c7TvlvFoFpv6rutpCerg6hPcTKnjmG
/jbwYZb/jrlj1NZ7BYTopfLxvDoSsu1jsk5FGAcLjC+FgHI8m/ZNnA92ij4CQzfJ
/rkQwkanXrD+r13iWQmVmwlhpGztI18G+EEHm6ziB7ThoqRjUZus+URgby1KYwxl
zp59XZR6KzNJZI16Q+zB7BYgRg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:21:45 2025 by rpki-client