Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/1B88FC66823D11EC8E3CB427C4F9AE02.roa
File: 1B88FC66823D11EC8E3CB427C4F9AE02.roa (raw, json)
Hash identifier: mn3sE8XpKvVWd9UbJMQ1OKNZuj9ls9xZNaLI7yAeig4=
Subject key identifier: 5A:11:73:63:A6:72:1E:5B:D4:FB:7C:DB:09:39:E6:20:A9:94:34:01
Certificate issuer: /CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8
Certificate serial: 0EBE
Authority key identifier: AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/1B88FC66823D11EC8E3CB427C4F9AE02.roa
Signing time: Tue 14 Jan 2025 18:16:25 +0000
ROA not before: Tue 14 Jan 2025 18:16:25 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 45250
IP address blocks: 220.232.180.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3774 (0xebe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8
Validity
Not Before: Jan 14 18:16:25 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6786a9f9-b422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b5:ec:1d:be:35:65:5e:18:a4:b5:52:81:97:
2e:fb:8c:50:db:b2:97:e4:1c:0a:5c:2c:70:50:1e:
28:fa:9f:f1:be:32:7d:45:60:46:50:a9:c3:3f:27:
65:41:a2:f2:11:a4:20:96:8f:e6:79:8d:2e:18:ac:
fa:68:56:4e:2e:f1:d2:4d:de:ba:01:59:0c:ff:2e:
f5:d8:f0:9b:ad:a9:01:51:42:a1:6f:fd:52:ba:a9:
77:25:03:a7:56:c0:78:9d:8d:07:7e:90:6d:3a:50:
c4:37:86:78:94:34:9a:51:74:ec:3d:c1:d2:b6:ee:
35:67:b7:9b:e7:ea:65:04:ac:0f:63:0d:27:41:b0:
5d:88:a9:65:3d:f0:26:69:12:f6:a0:d0:aa:9f:ba:
84:aa:90:b7:d7:53:ee:97:97:47:44:e6:b8:92:04:
1a:c9:0b:fe:15:18:ec:71:26:2e:19:b2:d9:22:7f:
0c:a7:7a:ef:37:70:cd:c9:b3:5c:1d:e8:dc:4c:5b:
7b:79:f9:2d:bb:44:ed:6e:45:2e:78:47:cc:8e:9e:
1e:ad:92:aa:07:17:25:9f:c3:d1:98:04:7b:0e:84:
bf:07:aa:73:d1:98:6f:11:3a:91:72:07:b3:ec:40:
79:4b:c3:b4:dd:fd:8a:ea:e8:21:49:6a:da:17:c1:
3f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:11:73:63:A6:72:1E:5B:D4:FB:7C:DB:09:39:E6:20:A9:94:34:01
X509v3 Authority Key Identifier:
keyid:AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/1B88FC66823D11EC8E3CB427C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
220.232.180.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:9b:2f:c4:43:4d:87:7c:b4:9e:8d:eb:81:1b:dc:a0:95:f0:
17:03:e1:c6:44:1d:c9:62:a1:8e:f1:9a:4f:00:60:68:f1:67:
2d:6d:b6:0a:f2:eb:c3:6b:ea:8b:d7:ca:af:ee:b6:4d:61:63:
76:2d:2b:40:31:ac:af:c9:74:a6:96:36:d0:fb:a0:37:94:41:
af:7c:c5:29:0d:ad:44:cd:0c:d0:65:40:ce:78:5c:ee:cf:7f:
a6:1b:29:1c:f0:47:b7:9e:b9:fe:cb:0b:16:ac:a7:fb:94:28:
c0:4e:55:18:36:2b:c2:93:ee:8e:b7:0f:e3:f5:77:1f:1e:67:
3f:54:b6:a9:df:fd:d7:44:b4:64:f8:47:a5:cb:c3:00:8b:85:
80:24:1c:32:40:ec:c4:54:e2:6b:40:3f:29:1f:2a:64:b1:b5:
6c:2d:24:50:f4:9b:5a:fa:8c:58:b4:23:df:4f:ee:f1:99:1a:
de:ad:db:22:fd:35:99:34:bc:b2:ee:49:c9:4e:e3:20:49:0c:
15:14:86:2b:5d:89:77:dd:39:12:01:3f:79:d1:82:72:3c:88:
9c:00:6d:5a:39:33:3e:73:ef:bd:65:6d:87:d5:c2:0d:d0:38:
5b:a0:df:e6:77:e4:81:d4:53:c4:e1:5c:c8:74:50:7e:ce:fd:
aa:28:84:2b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDr4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0ZGQTAxMTAvBgNVBAUTKEFERDk0MThGMEY5QjU1RjNCNzM3NkEwOTNEQjExREJB
RDNBRUZFQzgwHhcNMjUwMTE0MTgxNjI1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg2YTlmOS1iNDIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt7XsHb41ZV4YpLVSgZcu+4xQ27KX5BwKXCxwUB4o+p/xvjJ9RWBGUKnDPydl
QaLyEaQglo/meY0uGKz6aFZOLvHSTd66AVkM/y712PCbrakBUUKhb/1Suql3JQOn
VsB4nY0HfpBtOlDEN4Z4lDSaUXTsPcHStu41Z7eb5+plBKwPYw0nQbBdiKllPfAm
aRL2oNCqn7qEqpC311Pul5dHROa4kgQayQv+FRjscSYuGbLZIn8Mp3rvN3DNybNc
HejcTFt7efktu0TtbkUueEfMjp4erZKqBxcln8PRmAR7DoS/B6pz0ZhvETqRcgez
7EB5S8O03f2K6ughSWraF8E/PwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFoRc2Om
ch5b1Pt82wk55iCplDQBMB8GA1UdIwQYMBaAFK3ZQY8Pm1XztzdqCT2xHbrTrv7I
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xRDY2RDQ4NkQ4
Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9yZGxCanctYlZmTzNOMm9KUGJFZHV0T3Vf
c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JkbEJqdy1iVmZPM04yb0pQYkVkdXRPdV9zZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0ZGQTAvMUQ2NkQ0ODZEOENCMTFFOUJBRTI0RDIxQzRGOUFFMDIvMUI4OEZDNjY4
MjNEMTFFQzhFM0NCNDI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALc6LQwDQYJKoZIhvcNAQELBQADggEBAFybL8RDTYd8tJ6N
64Eb3KCV8BcD4cZEHclioY7xmk8AYGjxZy1ttgry68Nr6ovXyq/utk1hY3YtK0Ax
rK/JdKaWNtD7oDeUQa98xSkNrUTNDNBlQM54XO7Pf6YbKRzwR7eeuf7LCxasp/uU
KMBOVRg2K8KT7o63D+P1dx8eZz9Utqnf/ddEtGT4R6XLwwCLhYAkHDJA7MRU4mtA
PykfKmSxtWwtJFD0m1r6jFi0I99P7vGZGt6t2yL9NZk0vLLuSclO4yBJDBUUhitd
iXfdORIBP3nRgnI8iJwAbVo5Mz5z771lbYfVwg3QOFug3+Z35IHUU8ThXMh0UH7O
/aoohCs=
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:15:19 2025 by rpki-client