Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/8B0EC9621D0611EDBAB65333C4F9AE02.roa
File: 8B0EC9621D0611EDBAB65333C4F9AE02.roa (raw, json)
Hash identifier: hncV0VkKM0GHDpxNiR5xutYPqnkMPO9a8qqBVzFUIdw=
Subject key identifier: 78:9F:34:92:10:BA:6A:11:E2:6D:46:25:CF:68:3C:40:2F:64:62:E2
Certificate issuer: /CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8
Certificate serial: 0EB4
Authority key identifier: AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/8B0EC9621D0611EDBAB65333C4F9AE02.roa
Signing time: Tue 14 Jan 2025 18:16:17 +0000
ROA not before: Tue 14 Jan 2025 18:16:17 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 15224
IP address blocks: 202.42.38.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3764 (0xeb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8
Validity
Not Before: Jan 14 18:16:17 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6786a9f1-c476
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:84:a0:02:d0:a7:1e:d5:ff:08:be:29:94:99:
52:fa:01:67:12:ec:83:ce:b1:ad:17:6c:69:71:14:
63:76:aa:20:5f:fc:cd:c3:0f:4d:16:66:a6:03:54:
29:18:1a:6e:19:21:12:ea:0e:01:42:39:2f:f6:79:
95:6d:26:70:21:2a:dc:6b:17:ed:5d:c9:a5:77:1e:
84:34:ad:7c:69:c5:7f:c6:f8:17:1c:16:6a:b3:db:
fd:d9:14:e1:c6:17:18:87:f4:b0:88:00:a0:98:de:
d7:28:25:bc:34:22:bb:42:72:6c:43:87:f2:3b:86:
64:a5:57:68:08:b5:76:6f:0c:b0:cc:b1:73:91:b5:
46:41:02:e8:b1:ed:fe:d5:1b:ad:73:76:b1:eb:da:
5f:82:c2:70:ef:78:88:1f:d4:c4:ae:9a:62:1e:f7:
c9:c3:da:ad:46:7b:ca:b4:7b:0d:2c:59:e7:11:8e:
d8:54:85:17:12:e9:10:ac:43:eb:3b:73:9d:b9:ad:
e5:84:3d:59:e7:49:25:e8:b9:db:d7:35:24:ea:43:
2a:da:2a:7a:6f:33:f4:9f:bf:23:e0:6b:4c:0f:85:
91:41:09:b8:4f:30:aa:0f:ea:15:13:62:27:31:1b:
43:96:e3:59:35:ff:12:a2:99:e4:eb:3f:43:de:80:
1f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:9F:34:92:10:BA:6A:11:E2:6D:46:25:CF:68:3C:40:2F:64:62:E2
X509v3 Authority Key Identifier:
keyid:AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/8B0EC9621D0611EDBAB65333C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.42.38.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:66:80:f9:90:a7:3e:04:36:c9:9c:2c:16:56:da:43:08:2c:
ac:21:70:5d:c8:44:38:5b:24:c1:eb:89:c5:e2:4a:2d:ec:ae:
d1:f0:97:03:59:82:ea:47:61:da:98:ea:64:bc:3f:57:f5:a8:
e9:20:16:9a:5a:62:ce:91:c8:a2:76:f6:e5:bb:f0:a7:19:8e:
04:7f:a2:63:ec:00:e2:e7:6b:b2:ba:c5:8e:a6:62:2d:03:06:
c2:0b:96:54:d1:47:3c:46:01:ba:ca:a9:60:72:de:40:72:e4:
01:4a:16:7e:9e:68:95:7d:ab:e7:7e:aa:2d:6d:45:f9:0d:14:
0e:f7:8a:01:43:06:8f:42:32:c8:cf:c7:6b:3d:9c:d4:bb:94:
d8:93:76:42:f6:62:5c:b2:9a:a9:24:d3:61:43:47:cc:e4:06:
6e:0f:c5:2f:af:25:be:dd:a3:77:f0:33:3c:0a:e1:8d:92:bf:
b2:a1:fe:3f:04:50:af:5a:0e:ad:3f:98:58:51:9a:a6:a7:98:
d9:ef:42:11:24:0d:9f:32:0f:ed:e5:67:6d:1d:bd:39:f0:28:
7b:f4:23:9c:78:6e:6b:28:da:88:7b:6a:55:21:3d:77:f0:f3:
7b:ba:c8:2a:f3:a6:ca:24:67:fd:dc:c9:90:f1:7c:25:90:c0:
0b:fa:ee:bb
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDrQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0ZGQTAxMTAvBgNVBAUTKEFERDk0MThGMEY5QjU1RjNCNzM3NkEwOTNEQjExREJB
RDNBRUZFQzgwHhcNMjUwMTE0MTgxNjE3WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg2YTlmMS1jNDc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1ISgAtCnHtX/CL4plJlS+gFnEuyDzrGtF2xpcRRjdqogX/zNww9NFmamA1Qp
GBpuGSES6g4BQjkv9nmVbSZwISrcaxftXcmldx6ENK18acV/xvgXHBZqs9v92RTh
xhcYh/SwiACgmN7XKCW8NCK7QnJsQ4fyO4ZkpVdoCLV2bwywzLFzkbVGQQLose3+
1Rutc3ax69pfgsJw73iIH9TErppiHvfJw9qtRnvKtHsNLFnnEY7YVIUXEukQrEPr
O3Odua3lhD1Z50kl6Lnb1zUk6kMq2ip6bzP0n78j4GtMD4WRQQm4TzCqD+oVE2In
MRtDluNZNf8Sopnk6z9D3oAf9QIDAQABo4IClTCCApEwHQYDVR0OBBYEFHifNJIQ
umoR4m1GJc9oPEAvZGLiMB8GA1UdIwQYMBaAFK3ZQY8Pm1XztzdqCT2xHbrTrv7I
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xRDY2RDQ4NkQ4
Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9yZGxCanctYlZmTzNOMm9KUGJFZHV0T3Vf
c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JkbEJqdy1iVmZPM04yb0pQYkVkdXRPdV9zZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0ZGQTAvMUQ2NkQ0ODZEOENCMTFFOUJBRTI0RDIxQzRGOUFFMDIvOEIwRUM5NjIx
RDA2MTFFREJBQjY1MzMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKKiYwDQYJKoZIhvcNAQELBQADggEBAKlmgPmQpz4ENsmc
LBZW2kMILKwhcF3IRDhbJMHricXiSi3srtHwlwNZgupHYdqY6mS8P1f1qOkgFppa
Ys6RyKJ29uW78KcZjgR/omPsAOLna7K6xY6mYi0DBsILllTRRzxGAbrKqWBy3kBy
5AFKFn6eaJV9q+d+qi1tRfkNFA73igFDBo9CMsjPx2s9nNS7lNiTdkL2Ylyymqkk
02FDR8zkBm4PxS+vJb7do3fwMzwK4Y2Sv7Kh/j8EUK9aDq0/mFhRmqanmNnvQhEk
DZ8yD+3lZ20dvTnwKHv0I5x4bmso2oh7alUhPXfw83u6yCrzpsokZ/3cyZDxfCWQ
wAv67rs=
-----END CERTIFICATE-----
Generated at Fri Apr 25 17:04:10 2025 by rpki-client