Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/9F8B79C2C78E11EBB4983F5BC4F9AE02.roa
File: 9F8B79C2C78E11EBB4983F5BC4F9AE02.roa (raw, json)
Hash identifier: n/ZkcBxXbOU1wyzDS48DMJkcfdrM8k6k+BibFqk5ai8=
Subject key identifier: 18:00:D7:9D:84:F9:38:DC:B3:30:57:3C:BC:FF:06:F8:A9:8D:44:BF
Certificate issuer: /CN=A911B5B4/serialNumber=9DF94C33D3F647AE3D91361E1F172C20686F5989
Certificate serial: 0D60
Authority key identifier: 9D:F9:4C:33:D3:F6:47:AE:3D:91:36:1E:1F:17:2C:20:68:6F:59:89
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nflMM9P2R649kTYeHxcsIGhvWYk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/9F8B79C2C78E11EBB4983F5BC4F9AE02.roa
Signing time: Fri 16 Aug 2024 18:46:20 +0000
ROA not before: Fri 16 Aug 2024 18:46:20 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 23855
IP address blocks: 203.30.38.0/23 maxlen: 24
2001:df0:21a::/48 maxlen: 48
2401:c7c0:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3424 (0xd60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B5B4
Validity
Not Before: Aug 16 18:46:20 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66bf9e7b-1fa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e1:0d:f9:39:b8:35:5a:af:ca:33:0d:e5:a2:
66:ac:3a:37:12:fd:db:d4:84:bd:69:90:f9:b3:b6:
0b:65:5a:fc:9a:4c:d6:60:59:60:d2:b7:34:46:83:
23:aa:b7:1a:dc:81:71:53:4e:9e:b0:73:81:46:eb:
d9:eb:13:99:d9:e8:33:5c:08:a0:2f:3d:7b:9d:ca:
63:aa:ff:0b:51:f7:49:1c:d1:3c:6e:05:2a:ee:7c:
0f:ea:e8:52:cd:60:31:4b:54:3c:29:6c:fa:c5:2a:
64:60:a9:33:1c:18:14:1d:a4:4b:58:1c:c4:85:e8:
d1:1c:d3:cb:6e:d0:5c:e5:5a:7f:d2:ac:c0:1c:29:
9e:1b:ce:f1:2f:32:50:2f:6e:e2:e6:f9:5f:22:93:
61:3b:09:ca:d7:6c:aa:0c:b1:53:e4:07:e0:65:84:
af:01:b4:a5:10:f3:07:ea:c9:c3:84:af:1c:b6:68:
e2:7b:23:68:02:ef:f1:37:1d:1a:8a:2e:cf:ba:3e:
ad:52:36:fc:89:9f:f9:99:2d:f5:9a:d5:48:fa:5a:
a1:c7:e7:db:c4:9e:78:78:29:9a:86:85:28:3b:b9:
43:fd:86:9d:b1:cd:e1:6e:d3:78:11:b9:27:ec:0a:
61:0e:6f:68:b9:32:4f:64:18:4a:36:ee:2d:c0:dd:
81:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:00:D7:9D:84:F9:38:DC:B3:30:57:3C:BC:FF:06:F8:A9:8D:44:BF
X509v3 Authority Key Identifier:
keyid:9D:F9:4C:33:D3:F6:47:AE:3D:91:36:1E:1F:17:2C:20:68:6F:59:89
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/nflMM9P2R649kTYeHxcsIGhvWYk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nflMM9P2R649kTYeHxcsIGhvWYk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/9F8B79C2C78E11EBB4983F5BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.30.38.0/23
IPv6:
2001:df0:21a::/48
2401:c7c0:3::/48
Signature Algorithm: sha256WithRSAEncryption
6d:95:d7:2d:2a:d9:7f:58:ee:74:df:e5:21:e9:9c:c1:0d:85:
0b:17:84:a7:52:50:14:4c:d0:6f:8e:68:05:7c:4e:13:34:85:
dd:0f:69:66:b4:35:28:05:33:76:a6:96:5f:3c:48:c3:54:7b:
90:07:f7:8a:4a:e5:d0:57:35:e7:34:eb:f0:06:cf:ac:ee:27:
ab:23:ab:84:7e:de:07:cb:c0:20:bc:b7:f8:4a:ca:74:7f:05:
1c:fd:ed:d2:4a:c8:aa:55:f9:99:37:5d:bd:b5:a9:b3:0d:ec:
a2:82:d1:b4:3a:8c:99:05:54:91:4a:75:42:4e:69:49:1c:6e:
22:91:a2:e9:1a:b6:a3:c2:0e:0c:8f:42:2f:70:3c:ed:f3:f7:
d6:c3:9d:60:5b:a2:f5:d7:0e:16:e3:97:26:8f:ca:8b:6a:61:
46:5e:b1:2f:45:f3:fb:4a:45:73:54:c1:5b:b5:22:6c:56:eb:
85:91:79:ed:e7:f3:cb:55:96:69:2c:64:91:78:b5:79:23:58:
be:56:83:67:d0:85:c4:03:74:6e:74:37:79:06:67:22:91:c1:
13:1a:da:53:fb:e1:7e:d4:3b:fb:60:71:e9:de:e1:05:a6:70:
a9:41:d9:6f:3f:0d:ad:d8:85:d0:df:60:95:03:31:44:8f:fb:
5e:67:98:13
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICDWAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI1QjQxMTAvBgNVBAUTKDlERjk0QzMzRDNGNjQ3QUUzRDkxMzYxRTFGMTcyQzIw
Njg2RjU5ODkwHhcNMjQwODE2MTg0NjIwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmJmOWU3Yi0xZmE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1+EN+Tm4NVqvyjMN5aJmrDo3Ev3b1IS9aZD5s7YLZVr8mkzWYFlg0rc0RoMj
qrca3IFxU06esHOBRuvZ6xOZ2egzXAigLz17ncpjqv8LUfdJHNE8bgUq7nwP6uhS
zWAxS1Q8KWz6xSpkYKkzHBgUHaRLWBzEhejRHNPLbtBc5Vp/0qzAHCmeG87xLzJQ
L27i5vlfIpNhOwnK12yqDLFT5AfgZYSvAbSlEPMH6snDhK8ctmjieyNoAu/xNx0a
ii7Puj6tUjb8iZ/5mS31mtVI+lqhx+fbxJ54eCmahoUoO7lD/Yadsc3hbtN4Ebkn
7AphDm9ouTJPZBhKNu4twN2BhQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFBgA152E
+TjcszBXPLz/BvipjUS/MB8GA1UdIwQYMBaAFJ35TDPT9keuPZE2Hh8XLCBob1mJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjVCNC83MDlGN0EyNkI4
MjkxMUU5OTM3MzhBMDlDNEY5QUUwMi9uZmxNTTlQMlI2NDlrVFllSHhjc0lHaHZX
WWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25mbE1NOVAyUjY0OWtUWWVIeGNzSUdodldZay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI1QjQvNzA5RjdBMjZCODI5MTFFOTkzNzM4QTA5QzRGOUFFMDIvOUY4Qjc5QzJD
NzhFMTFFQkI0OTgzRjVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMAwEAgABMAYDBAHLHiYwGAQCAAIwEgMHACABDfACGgMHACQBx8AAAzANBgkq
hkiG9w0BAQsFAAOCAQEAbZXXLSrZf1judN/lIemcwQ2FCxeEp1JQFEzQb45oBXxO
EzSF3Q9pZrQ1KAUzdqaWXzxIw1R7kAf3ikrl0Fc15zTr8AbPrO4nqyOrhH7eB8vA
ILy3+ErKdH8FHP3t0krIqlX5mTddvbWpsw3sooLRtDqMmQVUkUp1Qk5pSRxuIpGi
6Rq2o8IODI9CL3A87fP31sOdYFui9dcOFuOXJo/Ki2phRl6xL0Xz+0pFc1TBW7Ui
bFbrhZF57efzy1WWaSxkkXi1eSNYvlaDZ9CFxAN0bnQ3eQZnIpHBExraU/vhftQ7
+2Bx6d7hBaZwqUHZbz8NrdiF0N9glQMxRI/7XmeYEw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:55:14 2025 by rpki-client