Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/BF9C655E7A4711EF9C7A0E5AC4F9AE02.roa
File: BF9C655E7A4711EF9C7A0E5AC4F9AE02.roa (raw, json)
Hash identifier: uQ0xM+tf9Zdt224mn5nQbkjtgHrQ+h9vkVs1cgS+enE=
Subject key identifier: 53:D9:24:C2:AC:DD:51:6D:22:3B:F3:38:E4:6F:2C:75:44:E5:50:99
Certificate issuer: /CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Certificate serial: 2851
Authority key identifier: 7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/BF9C655E7A4711EF9C7A0E5AC4F9AE02.roa
Signing time: Mon 06 Jan 2025 15:42:17 +0000
ROA not before: Mon 06 Jan 2025 15:42:17 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 141718
IP address blocks: 43.250.124.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10321 (0x2851)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Validity
Not Before: Jan 6 15:42:17 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=677bf9d8-5fde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b1:cd:b2:2f:da:13:0f:2e:17:bf:0c:c9:51:
52:d3:49:67:d7:83:0b:8d:ab:df:00:94:39:dd:0e:
ba:c6:39:b9:f1:4f:cb:72:34:95:4a:04:e2:1a:df:
18:4c:d4:b1:8d:4a:c8:26:d2:45:40:4d:96:02:61:
ad:43:ba:1c:78:38:a5:8d:3a:fc:fd:5c:06:22:02:
c7:c2:8e:c2:88:ab:65:76:51:55:0d:c7:42:d1:9c:
de:41:be:e7:99:af:66:49:a3:b9:5b:0e:3e:c2:16:
1f:56:e7:78:5b:bb:7a:46:e7:99:05:fc:eb:35:6b:
ae:05:62:b0:49:16:3f:63:36:74:90:0b:30:b6:1a:
b5:97:01:5f:67:a7:49:b7:22:02:f4:c4:34:da:95:
f9:b0:b5:b5:8a:aa:3a:fb:22:a1:ea:d8:7d:0d:13:
ac:c0:9a:b1:9a:c7:8d:bd:07:47:9c:b4:1b:38:04:
f8:85:ef:04:53:60:d7:1d:43:59:8f:00:64:2f:cc:
4a:59:76:fd:5b:7d:81:3f:87:52:2c:ba:2c:13:80:
71:fc:d5:a9:71:f0:4c:5e:2e:d9:da:c9:c9:9f:78:
9b:c8:fc:22:48:11:da:40:7f:b3:fe:f6:85:e9:d4:
a9:11:54:97:5d:eb:04:3d:4b:3c:31:06:d0:5f:a0:
86:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D9:24:C2:AC:DD:51:6D:22:3B:F3:38:E4:6F:2C:75:44:E5:50:99
X509v3 Authority Key Identifier:
keyid:7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/fqwMLLJ6MKE47kdbB_6X6Okz_co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/BF9C655E7A4711EF9C7A0E5AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.124.0/24
Signature Algorithm: sha256WithRSAEncryption
52:44:65:33:45:e4:bf:29:03:f0:47:0b:53:03:ad:0f:b7:80:
38:ce:00:1b:94:51:0b:1e:63:7f:88:78:5d:4c:a1:c1:c7:aa:
fa:a5:21:4f:fc:4e:55:54:23:e2:8d:02:fe:bb:1e:99:f0:cf:
30:c2:64:b6:5b:6c:cd:0a:14:7c:4b:9f:57:19:5b:76:76:76:
54:84:28:ed:6a:56:b9:42:1e:76:5d:19:96:d3:48:2c:2e:ba:
9f:01:d3:48:c7:25:02:de:91:fa:6e:ea:bf:96:e5:10:dd:47:
56:fd:ea:c1:0e:37:d7:84:c2:27:f7:c4:8e:a4:10:10:b2:7e:
3a:44:a8:3f:bd:ce:65:a0:d4:ff:66:b2:79:d7:4a:da:2e:4c:
c4:1e:76:45:b8:24:8e:73:9b:9f:f7:0d:21:e1:fb:fd:09:57:
6e:47:5c:80:24:99:74:5f:bc:89:b5:0b:2e:4a:cb:26:0d:3d:
6a:a5:d0:69:f9:20:de:d2:1a:02:6d:f1:f6:7f:62:c8:33:84:
08:d6:e2:08:c0:1e:c0:02:d9:2c:c4:3c:89:38:02:d4:03:03:
86:45:6f:40:b1:8e:f7:e3:cf:c4:05:65:cc:13:10:96:d1:9c:
0d:b7:b5:e0:dd:ce:e7:33:37:f3:b7:a1:98:c4:13:33:ed:6b:
3f:bb:6c:02
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICKFEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjEzQjkxMTAvBgNVBAUTKDdFQUMwQzJDQjI3QTMwQTEzOEVFNDc1QjA3RkU5N0U4
RTkzM0ZEQ0EwHhcNMjUwMTA2MTU0MjE3WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdiZjlkOC01ZmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr7HNsi/aEw8uF78MyVFS00ln14MLjavfAJQ53Q66xjm58U/LcjSVSgTiGt8Y
TNSxjUrIJtJFQE2WAmGtQ7oceDiljTr8/VwGIgLHwo7CiKtldlFVDcdC0ZzeQb7n
ma9mSaO5Ww4+whYfVud4W7t6RueZBfzrNWuuBWKwSRY/YzZ0kAswthq1lwFfZ6dJ
tyIC9MQ02pX5sLW1iqo6+yKh6th9DROswJqxmseNvQdHnLQbOAT4he8EU2DXHUNZ
jwBkL8xKWXb9W32BP4dSLLosE4Bx/NWpcfBMXi7Z2snJn3ibyPwiSBHaQH+z/vaF
6dSpEVSXXesEPUs8MQbQX6CG1QIDAQABo4IClTCCApEwHQYDVR0OBBYEFFPZJMKs
3VFtIjvzOORvLHVE5VCZMB8GA1UdIwQYMBaAFH6sDCyyejChOO5HWwf+l+jpM/3K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTNCOS8xODk3QjI1MjlG
OUQxMUU0OTYxOTUzMkRDNEY5QUUwMi9mcXdNTExKNk1LRTQ3a2RiQl82WDZPa3pf
Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Zxd01MTEo2TUtFNDdrZGJCXzZYNk9rel9jby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjEzQjkvMTg5N0IyNTI5RjlEMTFFNDk2MTk1MzJEQzRGOUFFMDIvQkY5QzY1NUU3
QTQ3MTFFRjlDN0EwRTVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr+nwwDQYJKoZIhvcNAQELBQADggEBAFJEZTNF5L8pA/BH
C1MDrQ+3gDjOABuUUQseY3+IeF1MocHHqvqlIU/8TlVUI+KNAv67HpnwzzDCZLZb
bM0KFHxLn1cZW3Z2dlSEKO1qVrlCHnZdGZbTSCwuup8B00jHJQLekfpu6r+W5RDd
R1b96sEON9eEwif3xI6kEBCyfjpEqD+9zmWg1P9msnnXStouTMQedkW4JI5zm5/3
DSHh+/0JV25HXIAkmXRfvIm1Cy5KyyYNPWql0Gn5IN7SGgJt8fZ/YsgzhAjW4gjA
HsAC2SzEPIk4AtQDA4ZFb0Cxjvfjz8QFZcwTEJbRnA23teDdzuczN/O3oZjEEzPt
az+7bAI=
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:46:42 2025 by rpki-client