Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F223F/0969127C8CAA11EE864DFD6DC4F9AE02/63E8E1AA8CAA11EE8B20D86EC4F9AE02.roa
File: 63E8E1AA8CAA11EE8B20D86EC4F9AE02.roa (raw, json)
Hash identifier: FS0NZn6HmMNUVE243zK4MTv8yDH9emQLgpWFOPvCnxU=
Subject key identifier: A3:DE:3A:3E:E5:6C:EF:46:77:DD:13:6C:7F:F9:7F:12:0F:F3:CD:CC
Certificate issuer: /CN=A91F223F/serialNumber=DBDAD009017D91DFB438D70D1B8D4D34862F068E
Certificate serial: D2
Authority key identifier: DB:DA:D0:09:01:7D:91:DF:B4:38:D7:0D:1B:8D:4D:34:86:2F:06:8E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/29rQCQF9kd-0ONcNG41NNIYvBo4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F223F/0969127C8CAA11EE864DFD6DC4F9AE02/63E8E1AA8CAA11EE8B20D86EC4F9AE02.roa
Signing time: Fri 27 Dec 2024 03:57:54 +0000
ROA not before: Fri 27 Dec 2024 03:57:54 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 45359
IP address blocks: 202.49.172.0/24 maxlen: 24
202.49.173.0/24 maxlen: 24
202.49.174.0/24 maxlen: 24
202.49.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 210 (0xd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F223F/serialNumber=DBDAD009017D91DFB438D70D1B8D4D34862F068E
Validity
Not Before: Dec 27 03:57:54 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=676e25c2-7edf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:94:62:41:9c:a3:7d:f3:c4:96:a8:db:6c:9c:
17:38:7c:51:47:ee:fa:3a:fc:54:26:23:b3:92:c6:
be:e2:98:fe:32:f9:38:fe:b7:bc:cb:fa:c7:81:6d:
79:a4:89:af:31:11:6d:2d:b3:30:3e:04:77:ea:19:
c8:73:3f:19:e6:56:3a:f0:b9:c6:b4:e6:66:60:98:
06:ad:4b:89:28:7d:5c:93:cf:22:4a:ad:0d:b6:19:
7c:6f:2f:6b:f0:db:ea:b5:26:ca:e5:b5:92:6b:b7:
5a:78:7a:b1:61:d4:c1:fb:d1:cb:62:1e:90:4e:d9:
e8:09:4b:8b:c4:f7:62:0c:9b:26:0a:93:e4:41:a8:
c8:f1:5c:62:ab:72:63:0a:2e:df:be:b8:ee:d2:c1:
24:19:81:9e:d9:a9:47:94:eb:9e:ed:9b:03:c8:1e:
9d:10:cf:74:95:7c:d7:fe:14:a4:4b:f9:4a:25:69:
ba:0b:d2:a5:c0:c8:b1:69:5f:f9:29:6a:0c:1a:6f:
3d:f8:2f:99:7a:c1:70:13:18:f3:65:3b:96:d6:f0:
a3:f8:19:62:16:52:a2:6b:59:3a:00:7a:da:91:67:
30:b9:45:76:88:52:36:17:74:2f:3b:c7:13:82:90:
09:13:3b:8f:80:19:ea:db:3e:d0:2f:50:07:98:42:
58:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:DE:3A:3E:E5:6C:EF:46:77:DD:13:6C:7F:F9:7F:12:0F:F3:CD:CC
X509v3 Authority Key Identifier:
keyid:DB:DA:D0:09:01:7D:91:DF:B4:38:D7:0D:1B:8D:4D:34:86:2F:06:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F223F/0969127C8CAA11EE864DFD6DC4F9AE02/29rQCQF9kd-0ONcNG41NNIYvBo4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/29rQCQF9kd-0ONcNG41NNIYvBo4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F223F/0969127C8CAA11EE864DFD6DC4F9AE02/63E8E1AA8CAA11EE8B20D86EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.49.172.0/22
Signature Algorithm: sha256WithRSAEncryption
42:16:03:03:f8:aa:6b:fe:b6:9c:f2:a3:0b:7f:20:e7:c9:a9:
be:b8:e5:9b:73:d3:25:bb:ed:95:b0:3f:0f:22:d0:3b:2f:36:
3a:2d:96:75:57:5c:10:f0:d5:92:38:51:be:3e:a1:50:bf:cf:
06:6d:8a:de:11:dd:31:b6:49:31:bc:84:b7:33:55:e4:fc:4d:
20:9b:f7:39:ed:81:ef:32:3c:76:74:6e:87:2d:94:9a:2e:29:
21:ee:d5:95:d9:56:e5:01:c5:56:bc:17:0d:bc:84:0b:bc:d2:
a8:ba:b3:e8:f3:f5:7d:ad:75:53:18:71:24:09:64:85:4f:68:
50:b8:7f:bf:86:b2:0c:82:e3:fa:02:a4:60:99:dc:5e:7e:43:
f6:8b:ed:a8:a9:b1:01:e5:32:9e:8e:e5:03:3e:31:7f:38:03:
8b:e1:c7:4e:d1:57:a2:ac:1b:fe:ee:62:67:52:a1:e1:85:73:
91:92:3c:98:19:c2:dc:5f:56:98:a4:d9:d7:18:a6:a1:8b:bf:
bd:e8:b2:de:ee:5f:35:4a:9d:12:32:e8:a9:cf:13:a1:5c:56:
2c:60:d3:be:7d:2d:04:9d:1e:a5:8f:07:4f:84:a2:7b:ac:04:
34:fe:6a:53:64:9a:14:82:7a:1a:de:b5:5e:56:19:28:60:9c:
94:0a:a8:e7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICANIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjIyM0YxMTAvBgNVBAUTKERCREFEMDA5MDE3RDkxREZCNDM4RDcwRDFCOEQ0RDM0
ODYyRjA2OEUwHhcNMjQxMjI3MDM1NzU0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZlMjVjMi03ZWRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArZRiQZyjffPElqjbbJwXOHxRR+76OvxUJiOzksa+4pj+Mvk4/re8y/rHgW15
pImvMRFtLbMwPgR36hnIcz8Z5lY68LnGtOZmYJgGrUuJKH1ck88iSq0Nthl8by9r
8NvqtSbK5bWSa7daeHqxYdTB+9HLYh6QTtnoCUuLxPdiDJsmCpPkQajI8Vxiq3Jj
Ci7fvrju0sEkGYGe2alHlOue7ZsDyB6dEM90lXzX/hSkS/lKJWm6C9KlwMixaV/5
KWoMGm89+C+ZesFwExjzZTuW1vCj+BliFlKia1k6AHrakWcwuUV2iFI2F3QvO8cT
gpAJEzuPgBnq2z7QL1AHmEJYdwIDAQABo4IClTCCApEwHQYDVR0OBBYEFKPeOj7l
bO9Gd90TbH/5fxIP883MMB8GA1UdIwQYMBaAFNva0AkBfZHftDjXDRuNTTSGLwaO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjIzRi8wOTY5MTI3QzhD
QUExMUVFODY0REZENkRDNEY5QUUwMi8yOXJRQ1FGOWtkLTBPTmNORzQxTk5JWXZC
bzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzI5clFDUUY5a2QtME9OY05HNDFOTklZdkJvNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjIyM0YvMDk2OTEyN0M4Q0FBMTFFRTg2NERGRDZEQzRGOUFFMDIvNjNFOEUxQUE4
Q0FBMTFFRThCMjBEODZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALKMawwDQYJKoZIhvcNAQELBQADggEBAEIWAwP4qmv+tpzy
owt/IOfJqb645Ztz0yW77ZWwPw8i0DsvNjotlnVXXBDw1ZI4Ub4+oVC/zwZtit4R
3TG2STG8hLczVeT8TSCb9zntge8yPHZ0boctlJouKSHu1ZXZVuUBxVa8Fw28hAu8
0qi6s+jz9X2tdVMYcSQJZIVPaFC4f7+GsgyC4/oCpGCZ3F5+Q/aL7aipsQHlMp6O
5QM+MX84A4vhx07RV6KsG/7uYmdSoeGFc5GSPJgZwtxfVpik2dcYpqGLv73ost7u
XzVKnRIy6KnPE6FcVixg0759LQSdHqWPB0+EonusBDT+alNkmhSCehretV5WGShg
nJQKqOc=
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:54:48 2025 by rpki-client