Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911EEF8/9799E6D0BBC411EFB985BE3FC4F9AE02/51412D6EBBC511EFBF86AE41C4F9AE02.roa
File: 51412D6EBBC511EFBF86AE41C4F9AE02.roa (raw, json)
Hash identifier: oR368B9VoklfmB6x5ZXa/WREBzCj9960ynIOX366CPc=
Subject key identifier: DC:75:D2:63:D3:1C:63:A9:97:C3:32:38:C4:22:65:41:BA:B4:7D:5A
Certificate issuer: /CN=A911EEF8/serialNumber=56C69305B5EBA542555D8C78C561AB7A6CD1AA2C
Certificate serial: 0A
Authority key identifier: 56:C6:93:05:B5:EB:A5:42:55:5D:8C:78:C5:61:AB:7A:6C:D1:AA:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VsaTBbXrpUJVXYx4xWGremzRqiw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911EEF8/9799E6D0BBC411EFB985BE3FC4F9AE02/51412D6EBBC511EFBF86AE41C4F9AE02.roa
Signing time: Tue 31 Dec 2024 00:53:55 +0000
ROA not before: Tue 31 Dec 2024 00:53:55 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 18383
IP address blocks: 202.10.96.0/20 maxlen: 20
2403:1800::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911EEF8
Validity
Not Before: Dec 31 00:53:55 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=677340a2-4b31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:34:1a:a4:ac:53:60:ac:3b:5e:5c:23:bd:e7:
d4:29:7b:90:a9:dd:7a:8b:f8:08:78:1d:ac:1f:75:
73:7e:0a:11:63:76:cc:0e:1e:94:a4:77:21:ec:9c:
cd:55:a2:10:0f:31:cb:c6:2c:80:0c:3f:cd:15:9c:
6a:a4:95:4e:59:71:8b:2a:30:c0:fc:1b:03:b6:f7:
c9:06:ee:0b:43:56:ee:68:1d:a2:8a:36:89:f5:48:
80:ba:80:ee:4a:76:a6:ed:2b:cf:60:e9:ae:12:74:
94:fb:64:8d:24:ca:ad:86:c2:73:8c:fa:f0:69:44:
6a:e0:3b:4a:5c:eb:a3:15:44:b6:70:bf:02:21:d6:
3c:26:0a:80:5c:22:dc:ce:45:eb:a9:9a:f5:1f:45:
5d:7e:39:99:73:56:d3:40:f4:cc:ce:0a:dc:ae:28:
b2:ed:19:e4:ab:49:17:dc:64:fd:ec:fb:f7:18:cb:
f0:4c:ca:69:a6:6a:c4:ca:cd:06:73:8d:87:2f:e1:
90:2d:5d:b9:eb:07:3c:82:59:8e:7f:c9:25:8b:41:
2d:67:83:b3:19:44:61:36:d4:ca:f5:e6:f8:3a:c7:
09:65:8c:ff:d9:fe:b6:7d:1e:50:7c:16:99:2b:85:
af:7a:c1:4c:b5:aa:da:d2:d8:bf:44:70:24:1e:df:
fd:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:75:D2:63:D3:1C:63:A9:97:C3:32:38:C4:22:65:41:BA:B4:7D:5A
X509v3 Authority Key Identifier:
keyid:56:C6:93:05:B5:EB:A5:42:55:5D:8C:78:C5:61:AB:7A:6C:D1:AA:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911EEF8/9799E6D0BBC411EFB985BE3FC4F9AE02/VsaTBbXrpUJVXYx4xWGremzRqiw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VsaTBbXrpUJVXYx4xWGremzRqiw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911EEF8/9799E6D0BBC411EFB985BE3FC4F9AE02/51412D6EBBC511EFBF86AE41C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.10.96.0/20
IPv6:
2403:1800::/32
Signature Algorithm: sha256WithRSAEncryption
74:35:d8:b4:5f:35:c4:79:19:41:bb:49:00:15:d7:cd:f3:d8:
d6:18:dc:b9:3e:0d:51:10:fb:47:e2:20:9c:0b:1f:7c:e9:1d:
64:1c:e2:53:b2:00:1e:96:46:62:c5:e4:eb:a6:e7:c6:22:2d:
70:61:42:ff:48:1d:40:d8:20:99:eb:3b:bf:84:e4:bb:1c:39:
3d:7e:b3:81:fa:24:16:c6:d8:19:5c:8b:f6:31:4c:06:4a:6d:
79:2d:06:1d:7e:61:98:52:cc:38:dc:fd:73:0f:43:3e:44:94:
c6:0d:9d:c1:b8:1b:d3:1f:08:c4:b1:5e:6a:e5:ae:23:59:a0:
f1:7f:63:38:ed:8c:6b:49:e0:64:e1:74:4f:f4:62:4a:b8:3f:
80:2b:fa:06:77:78:a3:d9:0f:10:fd:c0:38:35:9e:91:fe:62:
c2:de:fd:5d:d8:cf:79:c9:ea:fc:03:9a:f9:29:b0:96:33:4a:
9e:37:22:47:3b:4c:8a:09:89:07:bd:f5:b4:8e:f1:f3:da:e0:
fa:1b:61:27:b0:3f:fe:e0:7c:27:2d:2c:cc:25:26:ab:cd:b8:
b2:e1:47:68:38:02:a3:51:c3:92:1f:39:14:46:f9:f5:09:8b:
d4:22:47:c8:98:9d:d3:85:24:32:3c:97:53:ee:c2:7a:07:ec:
6f:18:8b:b7
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
RUVGODExMC8GA1UEBRMoNTZDNjkzMDVCNUVCQTU0MjU1NUQ4Qzc4QzU2MUFCN0E2
Q0QxQUEyQzAeFw0yNDEyMzEwMDUzNTVaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NzM0MGEyLTRiMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCmNBqkrFNgrDteXCO959Qpe5Cp3XqL+Ah4HawfdXN+ChFjdswOHpSkdyHsnM1V
ohAPMcvGLIAMP80VnGqklU5ZcYsqMMD8GwO298kG7gtDVu5oHaKKNon1SIC6gO5K
dqbtK89g6a4SdJT7ZI0kyq2GwnOM+vBpRGrgO0pc66MVRLZwvwIh1jwmCoBcItzO
ReupmvUfRV1+OZlzVtNA9MzOCtyuKLLtGeSrSRfcZP3s+/cYy/BMymmmasTKzQZz
jYcv4ZAtXbnrBzyCWY5/ySWLQS1ng7MZRGE21Mr15vg6xwlljP/Z/rZ9HlB8Fpkr
ha96wUy1qtrS2L9EcCQe3/0XAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQU3HXSY9Mc
Y6mXwzI4xCJlQbq0fVowHwYDVR0jBBgwFoAUVsaTBbXrpUJVXYx4xWGremzRqiww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFFRUY4Lzk3OTlFNkQwQkJD
NDExRUZCOTg1QkUzRkM0RjlBRTAyL1ZzYVRCYlhycFVKVlhZeDR4V0dyZW16UnFp
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVnNhVEJiWHJwVUpWWFl4NHhXR3JlbXpScWl3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
RUVGOC85Nzk5RTZEMEJCQzQxMUVGQjk4NUJFM0ZDNEY5QUUwMi81MTQxMkQ2RUJC
QzUxMUVGQkY4NkFFNDFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEBMoKYDANBAIAAjAHAwUAJAMYADANBgkqhkiG9w0BAQsFAAOC
AQEAdDXYtF81xHkZQbtJABXXzfPY1hjcuT4NURD7R+IgnAsffOkdZBziU7IAHpZG
YsXk66bnxiItcGFC/0gdQNggmes7v4Tkuxw5PX6zgfokFsbYGVyL9jFMBkpteS0G
HX5hmFLMONz9cw9DPkSUxg2dwbgb0x8IxLFeauWuI1mg8X9jOO2Ma0ngZOF0T/Ri
Srg/gCv6Bnd4o9kPEP3AODWekf5iwt79XdjPecnq/AOa+SmwljNKnjciRztMigmJ
B731tI7x89rg+hthJ7A//uB8Jy0szCUmq824suFHaDgCo1HDkh85FEb59QmL1CJH
yJid04UkMjyXU+7CegfsbxiLtw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:10:19 2025 by rpki-client