Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8A49/47D0446447B711EE8A0A9C43C4F9AE02/B78CCA4E4C5711EE9FE2EA35C4F9AE02.roa
File: B78CCA4E4C5711EE9FE2EA35C4F9AE02.roa (raw, json)
Hash identifier: NOo2BnyVmoQUbobYIwzq2E7OOmbrldi8xBbykWbWG40=
Subject key identifier: 07:18:E7:FB:7F:76:E1:ED:33:F6:CB:B1:43:AC:F4:C8:16:F4:4C:26
Certificate issuer: /CN=A91F8A49/serialNumber=D5871E9FC6FBDE7DC71B7E895C8A04C3D0021D85
Certificate serial: 0100
Authority key identifier: D5:87:1E:9F:C6:FB:DE:7D:C7:1B:7E:89:5C:8A:04:C3:D0:02:1D:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1Ycen8b73n3HG36JXIoEw9ACHYU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F8A49/47D0446447B711EE8A0A9C43C4F9AE02/B78CCA4E4C5711EE9FE2EA35C4F9AE02.roa
Signing time: Wed 01 Jan 2025 03:36:26 +0000
ROA not before: Wed 01 Jan 2025 03:36:26 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 134783
IP address blocks: 202.6.120.0/22 maxlen: 24
202.58.248.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 256 (0x100)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F8A49/serialNumber=D5871E9FC6FBDE7DC71B7E895C8A04C3D0021D85
Validity
Not Before: Jan 1 03:36:26 2025 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=6774b839-83c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:42:95:88:b5:96:c2:cf:b0:7f:0f:34:f0:85:
28:50:10:12:89:2e:2b:8c:a9:4a:7a:13:ab:a0:3a:
e0:8f:89:8f:ce:d6:93:61:11:73:4e:84:3c:23:12:
3b:6b:d0:2a:a9:89:5c:f7:da:53:fd:0f:2b:5a:05:
3f:a2:ef:b3:f2:e6:7e:46:a7:23:91:26:ef:fb:e2:
80:89:05:68:cf:27:e3:f6:50:46:15:3a:a0:8a:d1:
6d:26:d2:d1:18:12:f7:95:95:a1:6d:9e:e1:17:7d:
5c:57:eb:c7:82:2b:16:64:aa:24:12:1d:be:77:37:
f2:9c:00:25:29:43:70:98:59:8a:5f:e0:75:a7:dc:
7c:50:e5:91:62:12:4f:1d:61:97:e8:8c:71:56:f3:
b9:17:4a:de:be:65:9c:a1:bf:e8:7d:66:b8:2f:7c:
c9:22:84:a1:d6:70:d1:ed:ec:b8:17:e0:b6:5f:31:
25:f8:f8:2c:5f:f9:c4:c9:88:70:75:42:86:8d:e1:
49:d5:4a:3c:14:f1:f9:a6:18:95:6f:9f:4e:6d:ac:
2a:80:b4:3c:31:e3:62:f7:c3:68:ec:8d:d9:32:d8:
6a:a1:60:10:41:30:ce:4c:31:9c:63:08:49:44:4f:
87:86:81:84:42:35:29:d8:c3:32:0a:37:90:37:86:
64:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:18:E7:FB:7F:76:E1:ED:33:F6:CB:B1:43:AC:F4:C8:16:F4:4C:26
X509v3 Authority Key Identifier:
keyid:D5:87:1E:9F:C6:FB:DE:7D:C7:1B:7E:89:5C:8A:04:C3:D0:02:1D:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F8A49/47D0446447B711EE8A0A9C43C4F9AE02/1Ycen8b73n3HG36JXIoEw9ACHYU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1Ycen8b73n3HG36JXIoEw9ACHYU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8A49/47D0446447B711EE8A0A9C43C4F9AE02/B78CCA4E4C5711EE9FE2EA35C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.6.120.0/22
202.58.248.0/22
Signature Algorithm: sha256WithRSAEncryption
34:91:8c:8f:5a:2f:63:1c:a9:4e:04:97:f5:8d:44:aa:7c:fd:
5b:1e:f5:b4:a3:d3:ff:46:6b:fc:ce:0b:cf:cf:9a:fa:2b:4a:
53:58:90:6f:9b:32:9b:98:dd:83:a6:0a:d4:01:01:6a:15:36:
0b:3d:ee:4f:32:b0:a0:c4:57:e2:4c:c7:94:a9:36:2c:84:39:
f8:92:b6:e8:ba:59:30:11:45:c2:4c:2d:85:63:78:08:42:f6:
f4:c6:ee:eb:bd:fe:a0:a2:e0:5a:54:4a:17:aa:0f:bb:66:15:
97:5a:ef:e7:02:09:48:47:a1:07:e7:48:31:a5:e1:7d:f6:b4:
70:95:5c:57:52:d7:3d:ac:70:0d:de:26:99:c1:8e:18:ca:1d:
26:53:61:ca:a5:e3:62:be:7a:29:e2:15:af:cb:94:a7:90:5a:
8c:ff:86:9b:ae:74:27:7f:74:15:f9:f6:75:f3:70:5a:ba:e5:
3c:2d:6d:9c:40:bb:a0:34:d8:13:30:5f:39:6e:a5:b0:69:8b:
40:dc:65:f8:e4:e4:35:32:70:cc:fd:3e:d6:25:e4:4e:58:dd:
d3:be:24:89:2c:08:b1:45:b9:44:13:a2:3b:db:91:74:00:d5:
aa:06:0f:42:b9:5e:b8:44:93:c4:a8:df:aa:80:54:d4:a9:1e:
47:22:87:09
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAQAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjhBNDkxMTAvBgNVBAUTKEQ1ODcxRTlGQzZGQkRFN0RDNzFCN0U4OTVDOEEwNEMz
RDAwMjFEODUwHhcNMjUwMTAxMDMzNjI2WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc0YjgzOS04M2M5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+EKViLWWws+wfw808IUoUBASiS4rjKlKehOroDrgj4mPztaTYRFzToQ8IxI7
a9AqqYlc99pT/Q8rWgU/ou+z8uZ+RqcjkSbv++KAiQVozyfj9lBGFTqgitFtJtLR
GBL3lZWhbZ7hF31cV+vHgisWZKokEh2+dzfynAAlKUNwmFmKX+B1p9x8UOWRYhJP
HWGX6IxxVvO5F0revmWcob/ofWa4L3zJIoSh1nDR7ey4F+C2XzEl+PgsX/nEyYhw
dUKGjeFJ1Uo8FPH5phiVb59ObawqgLQ8MeNi98No7I3ZMthqoWAQQTDOTDGcYwhJ
RE+HhoGEQjUp2MMyCjeQN4ZkmQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAcY5/t/
duHtM/bLsUOs9MgW9EwmMB8GA1UdIwQYMBaAFNWHHp/G+959xxt+iVyKBMPQAh2F
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOEE0OS80N0QwNDQ2NDQ3
QjcxMUVFOEEwQTlDNDNDNEY5QUUwMi8xWWNlbjhiNzNuM0hHMzZKWElvRXc5QUNI
WVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFZY2VuOGI3M24zSEczNkpYSW9FdzlBQ0hZVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjhBNDkvNDdEMDQ0NjQ0N0I3MTFFRThBMEE5QzQzQzRGOUFFMDIvQjc4Q0NBNEU0
QzU3MTFFRTlGRTJFQTM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBALKBngDBALKOvgwDQYJKoZIhvcNAQELBQADggEBADSRjI9a
L2McqU4El/WNRKp8/Vse9bSj0/9Ga/zOC8/PmvorSlNYkG+bMpuY3YOmCtQBAWoV
Ngs97k8ysKDEV+JMx5SpNiyEOfiStui6WTARRcJMLYVjeAhC9vTG7uu9/qCi4FpU
SheqD7tmFZda7+cCCUhHoQfnSDGl4X32tHCVXFdS1z2scA3eJpnBjhjKHSZTYcql
42K+einiFa/LlKeQWoz/hpuudCd/dBX59nXzcFq65TwtbZxAu6A02BMwXzlupbBp
i0DcZfjk5DUycMz9PtYl5E5Y3dO+JIksCLFFuUQTojvbkXQA1aoGD0K5XrhEk8So
36qAVNSpHkcihwk=
-----END CERTIFICATE-----
Generated at Sun Apr 27 06:29:10 2025 by rpki-client