Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6EFE/E4C00D3C6CA111EDB44E765BC4F9AE02/8367C13A6CA411ED9DD6425CC4F9AE02.roa
File: 8367C13A6CA411ED9DD6425CC4F9AE02.roa (raw, json)
Hash identifier: epEQzlTejdqNKSVjeWewYuMv5R1UDEWC39y/ho6SoUA=
Subject key identifier: 36:9B:88:1E:E5:00:DD:90:EF:C0:70:5E:6C:8C:A5:B8:A8:40:73:F4
Certificate issuer: /CN=A91E6EFE/serialNumber=E871728C3A2C26D0E608004BA7D1E5A35830956C
Certificate serial: 011E
Authority key identifier: E8:71:72:8C:3A:2C:26:D0:E6:08:00:4B:A7:D1:E5:A3:58:30:95:6C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6HFyjDosJtDmCABLp9Hlo1gwlWw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6EFE/E4C00D3C6CA111EDB44E765BC4F9AE02/8367C13A6CA411ED9DD6425CC4F9AE02.roa
Signing time: Tue 21 May 2024 05:40:49 +0000
ROA not before: Tue 21 May 2024 05:40:49 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 9509
IP address blocks: 203.22.222.0/24 maxlen: 24
221.121.64.0/19 maxlen: 19
2406:4c00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 286 (0x11e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6EFE/serialNumber=E871728C3A2C26D0E608004BA7D1E5A35830956C
Validity
Not Before: May 21 05:40:49 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=664c33e1-d706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:55:c9:74:f3:38:c3:08:ce:4c:2f:d3:4f:52:
b4:1c:e1:38:f9:8b:56:5e:45:60:7c:8e:ed:4d:ec:
59:01:10:0f:df:5f:8d:5b:98:f8:b6:cd:99:be:1e:
25:e3:ec:bb:58:9d:f3:08:6d:e7:43:a8:2e:3e:d3:
4c:69:c5:aa:98:9d:83:a8:6a:77:6a:9c:34:f7:80:
99:81:3e:77:35:38:fe:0f:44:51:be:45:53:4a:ec:
a4:24:f0:2f:d9:da:89:fb:56:03:53:63:7e:b3:11:
f2:80:d2:56:62:37:88:49:a4:33:84:25:de:cf:44:
ce:50:2d:c7:18:a5:b3:65:e8:b1:83:18:11:59:46:
c6:83:16:b1:1d:74:b2:8e:65:b5:a9:3e:fe:45:78:
ac:b5:91:6b:62:12:c1:39:e5:5d:f0:b6:5c:08:66:
52:5b:f7:91:3f:77:3e:59:7a:76:91:37:84:32:9a:
a7:d9:c5:9d:5e:53:b6:5e:83:2f:05:0c:bc:fb:2b:
c5:a7:b8:f7:bd:02:0b:78:39:0a:d1:0e:d1:13:9c:
f5:c7:81:5f:d3:d8:e2:9a:29:17:a1:9d:e5:49:dd:
be:60:a8:fa:d7:5b:a7:25:f0:3a:a2:c7:63:1e:0d:
31:e7:8d:f2:6d:12:bc:cf:49:c0:85:47:0c:4e:33:
5d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:9B:88:1E:E5:00:DD:90:EF:C0:70:5E:6C:8C:A5:B8:A8:40:73:F4
X509v3 Authority Key Identifier:
keyid:E8:71:72:8C:3A:2C:26:D0:E6:08:00:4B:A7:D1:E5:A3:58:30:95:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6EFE/E4C00D3C6CA111EDB44E765BC4F9AE02/6HFyjDosJtDmCABLp9Hlo1gwlWw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6HFyjDosJtDmCABLp9Hlo1gwlWw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6EFE/E4C00D3C6CA111EDB44E765BC4F9AE02/8367C13A6CA411ED9DD6425CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.22.222.0/24
221.121.64.0/19
IPv6:
2406:4c00::/32
Signature Algorithm: sha256WithRSAEncryption
b5:b3:f4:a8:b4:14:6a:36:1f:ec:3e:e7:7a:69:a0:a6:8e:99:
50:60:13:4e:5e:35:55:b2:b0:e1:37:94:ea:5c:7b:14:15:b4:
66:66:98:1e:95:10:9f:55:7f:d8:43:60:e9:08:d2:56:8b:5b:
c5:1b:44:4f:12:0f:14:1e:12:15:9f:c6:5d:34:18:3a:e9:3e:
7a:61:35:90:89:7a:d9:82:92:15:8f:6f:b2:ba:40:f2:cd:af:
88:88:53:f4:58:d8:ad:cc:23:89:8c:fc:84:cd:e4:ea:69:c4:
63:3b:02:d4:9f:97:aa:bb:3a:ee:39:be:bf:4e:bf:4d:8a:89:
bf:4c:37:55:66:e3:9f:a4:83:1a:92:e4:c4:bc:b0:1c:4d:c6:
69:40:aa:a4:a8:43:0e:51:6f:b4:04:d0:0a:31:30:7f:d9:e4:
89:3b:60:13:10:20:b8:5b:5b:f7:01:6e:8d:6a:0d:29:de:b8:
9f:d8:b4:bd:9d:d7:5a:1b:24:2f:a6:3b:07:e9:4c:88:54:f2:
de:6b:2a:27:14:55:ab:87:3f:32:a8:84:1d:2c:79:9e:98:e2:
14:ea:a5:2d:7c:bf:13:86:df:d0:84:ae:76:f1:d0:7c:a8:59:
62:d7:01:c4:f4:ca:38:03:51:77:cd:14:af:37:4f:9a:46:1d:
bb:74:db:67
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICAR4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTZFRkUxMTAvBgNVBAUTKEU4NzE3MjhDM0EyQzI2RDBFNjA4MDA0QkE3RDFFNUEz
NTgzMDk1NkMwHhcNMjQwNTIxMDU0MDQ5WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjRjMzNlMS1kNzA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvFXJdPM4wwjOTC/TT1K0HOE4+YtWXkVgfI7tTexZARAP31+NW5j4ts2Zvh4l
4+y7WJ3zCG3nQ6guPtNMacWqmJ2DqGp3apw094CZgT53NTj+D0RRvkVTSuykJPAv
2dqJ+1YDU2N+sxHygNJWYjeISaQzhCXez0TOUC3HGKWzZeixgxgRWUbGgxaxHXSy
jmW1qT7+RXistZFrYhLBOeVd8LZcCGZSW/eRP3c+WXp2kTeEMpqn2cWdXlO2XoMv
BQy8+yvFp7j3vQILeDkK0Q7RE5z1x4Ff09jimikXoZ3lSd2+YKj611unJfA6osdj
Hg0x543ybRK8z0nAhUcMTjNdBwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFDabiB7l
AN2Q78BwXmyMpbioQHP0MB8GA1UdIwQYMBaAFOhxcow6LCbQ5ggAS6fR5aNYMJVs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNkVGRS9FNEMwMEQzQzZD
QTExMUVEQjQ0RTc2NUJDNEY5QUUwMi82SEZ5akRvc0p0RG1DQUJMcDlIbG8xZ3ds
V3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZIRnlqRG9zSnREbUNBQkxwOUhsbzFnd2xXdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTZFRkUvRTRDMDBEM0M2Q0ExMTFFREI0NEU3NjVCQzRGOUFFMDIvODM2N0MxM0E2
Q0E0MTFFRDlERDY0MjVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBADLFt4DBAXdeUAwDQQCAAIwBwMFACQGTAAwDQYJKoZIhvcN
AQELBQADggEBALWz9Ki0FGo2H+w+53ppoKaOmVBgE05eNVWysOE3lOpcexQVtGZm
mB6VEJ9Vf9hDYOkI0laLW8UbRE8SDxQeEhWfxl00GDrpPnphNZCJetmCkhWPb7K6
QPLNr4iIU/RY2K3MI4mM/ITN5OppxGM7AtSfl6q7Ou45vr9Ov02Kib9MN1Vm45+k
gxqS5MS8sBxNxmlAqqSoQw5Rb7QE0AoxMH/Z5Ik7YBMQILhbW/cBbo1qDSneuJ/Y
tL2d11obJC+mOwfpTIhU8t5rKicUVauHPzKohB0seZ6Y4hTqpS18vxOG39CErnbx
0HyoWWLXAcT0yjgDUXfNFK83T5pGHbt022c=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:11:58 2025 by rpki-client