Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/63FEB4F8D97411EBB8CC3F40C4F9AE02.roa
File: 63FEB4F8D97411EBB8CC3F40C4F9AE02.roa (raw, json)
Hash identifier: UFB8SexISoRuGEO0g4DLDULSBBr/BItnnDdRm0FdCQc=
Subject key identifier: 0C:AA:A2:3B:2B:76:1F:B5:ED:52:6D:3C:97:80:99:96:52:9B:01:AA
Certificate issuer: /CN=A91E4D3D/serialNumber=686AF41BC33DAEF828FAB4AE4A3A0D587BAD0D3F
Certificate serial: 04A2
Authority key identifier: 68:6A:F4:1B:C3:3D:AE:F8:28:FA:B4:AE:4A:3A:0D:58:7B:AD:0D:3F
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aGr0G8M9rvgo-rSuSjoNWHutDT8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/63FEB4F8D97411EBB8CC3F40C4F9AE02.roa
Signing time: Wed 17 Jan 2024 01:03:18 +0000
ROA not before: Wed 17 Jan 2024 01:03:18 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 138627
IP address blocks: 140.82.197.0/24 maxlen: 24
140.82.202.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1186 (0x4a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4D3D/serialNumber=686AF41BC33DAEF828FAB4AE4A3A0D587BAD0D3F
Validity
Not Before: Jan 17 01:03:18 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65a72755-e35b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:10:7f:21:76:33:c2:64:4e:4e:2d:c2:4e:65:
da:98:9d:3b:b9:7a:ff:5b:a6:e1:60:41:f6:e1:dc:
8f:6f:db:da:d3:6d:64:68:12:5e:d5:ad:8f:a7:99:
ce:ed:c5:ac:13:27:a5:94:87:4c:bc:78:15:7d:71:
06:30:58:ac:2a:d7:0f:e4:06:26:70:2a:de:16:6e:
74:d0:2f:77:49:01:73:01:d4:3a:05:9f:60:8a:f9:
a7:6c:64:40:a0:c8:46:e7:34:10:a4:ce:75:8d:f7:
cd:85:0a:48:6e:e4:42:75:2e:29:f9:62:b4:be:13:
04:ef:4d:a7:3a:ff:27:5a:55:ba:5d:eb:90:f2:95:
9b:5c:62:58:5d:1c:7e:ad:24:45:ff:12:39:e5:26:
aa:4d:c6:4e:dc:5a:e7:44:da:b8:bf:81:7d:a3:35:
83:9b:77:6c:ce:ae:b3:5d:9b:a4:6b:e4:b5:5a:ef:
40:a5:c0:f7:9c:bc:35:d5:13:0f:9f:a5:2f:9c:4e:
f5:cf:de:4f:34:98:33:8b:a3:ce:25:d5:dd:4d:e9:
67:40:00:7e:ce:d4:76:9d:c7:93:00:d1:ee:e9:60:
43:c9:86:d6:59:31:fd:46:a6:53:be:1b:3e:97:36:
f0:fb:a0:ab:f1:65:fa:37:db:81:e9:ea:ec:62:50:
6d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:AA:A2:3B:2B:76:1F:B5:ED:52:6D:3C:97:80:99:96:52:9B:01:AA
X509v3 Authority Key Identifier:
keyid:68:6A:F4:1B:C3:3D:AE:F8:28:FA:B4:AE:4A:3A:0D:58:7B:AD:0D:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aGr0G8M9rvgo-rSuSjoNWHutDT8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/63FEB4F8D97411EBB8CC3F40C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
140.82.197.0/24
140.82.202.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:da:d3:cf:2a:93:c0:e5:71:5c:52:a0:0b:cf:f4:d7:65:77:
d2:d2:74:66:e0:c1:9f:3e:d3:c8:7e:86:f4:c5:80:07:68:32:
d6:b4:62:b7:9b:59:a2:4e:2d:c7:43:ea:b0:ae:04:34:34:26:
bd:3d:0f:3d:0e:7e:78:5a:c8:1c:61:aa:06:6d:18:56:35:aa:
bb:30:88:a7:19:14:82:80:7a:66:a7:79:6f:a0:24:22:8f:35:
50:67:bd:d9:af:33:7e:8c:ce:11:98:c5:e1:08:67:24:89:23:
06:da:61:eb:60:c5:cc:d5:5f:c8:2b:2a:d9:61:3e:aa:d7:b0:
37:b1:cf:23:5d:b3:4b:ff:6a:1e:3f:f9:ce:92:49:14:b9:1d:
3f:04:7d:d8:15:ac:cf:aa:49:b4:4c:f2:fe:71:82:37:99:aa:
77:9c:a9:4b:ec:b3:5f:50:b6:31:12:67:a1:eb:b3:9c:ba:e8:
b1:14:fe:38:4a:b9:35:a1:66:35:9a:c3:77:b0:0d:cb:14:af:
0d:05:63:ed:5a:90:4e:66:52:19:3a:d3:fb:07:26:1f:f9:8a:
7f:8e:d4:67:f1:02:e7:05:58:a7:85:45:f1:55:da:5d:d2:4c:
5a:ee:e1:0e:90:01:bf:6e:a9:1f:38:c2:d8:b3:07:86:fa:c8:
38:d0:36:6d
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBKIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTREM0QxMTAvBgNVBAUTKDY4NkFGNDFCQzMzREFFRjgyOEZBQjRBRTRBM0EwRDU4
N0JBRDBEM0YwHhcNMjQwMTE3MDEwMzE4WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWE3Mjc1NS1lMzViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoRB/IXYzwmROTi3CTmXamJ07uXr/W6bhYEH24dyPb9va021kaBJe1a2Pp5nO
7cWsEyellIdMvHgVfXEGMFisKtcP5AYmcCreFm500C93SQFzAdQ6BZ9givmnbGRA
oMhG5zQQpM51jffNhQpIbuRCdS4p+WK0vhME702nOv8nWlW6XeuQ8pWbXGJYXRx+
rSRF/xI55SaqTcZO3FrnRNq4v4F9ozWDm3dszq6zXZuka+S1Wu9ApcD3nLw11RMP
n6UvnE71z95PNJgzi6POJdXdTelnQAB+ztR2nceTANHu6WBDyYbWWTH9RqZTvhs+
lzbw+6Cr8WX6N9uB6ersYlBtnwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAyqojsr
dh+17VJtPJeAmZZSmwGqMB8GA1UdIwQYMBaAFGhq9BvDPa74KPq0rko6DVh7rQ0/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEQzRC9BNzBBOEZFRUQ4
QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi9hR3IwRzhNOXJ2Z28tclN1U2pvTldIdXRE
VDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2FHcjBHOE05cnZnby1yU3VTam9OV0h1dERUOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTREM0QvQTcwQThGRUVEOEI5MTFFQkFCQzFGNDg1QzRGOUFFMDIvNjNGRUI0RjhE
OTc0MTFFQkI4Q0MzRjQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBACMUsUDBACMUsowDQYJKoZIhvcNAQELBQADggEBAH/a088q
k8DlcVxSoAvP9Ndld9LSdGbgwZ8+08h+hvTFgAdoMta0YrebWaJOLcdD6rCuBDQ0
Jr09Dz0OfnhayBxhqgZtGFY1qrswiKcZFIKAemaneW+gJCKPNVBnvdmvM36MzhGY
xeEIZySJIwbaYetgxczVX8grKtlhPqrXsDexzyNds0v/ah4/+c6SSRS5HT8EfdgV
rM+qSbRM8v5xgjeZqnecqUvss19QtjESZ6Hrs5y66LEU/jhKuTWhZjWaw3ewDcsU
rw0FY+1akE5mUhk60/sHJh/5in+O1GfxAucFWKeFRfFV2l3STFru4Q6QAb9uqR84
wtizB4b6yDjQNm0=
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:48:38 2025 by rpki-client