Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911F316/A1DF1520774C11EDB826BC0BC4F9AE02/590A6A9A792E11EEA5AAB840C4F9AE02.roa
File: 590A6A9A792E11EEA5AAB840C4F9AE02.roa (raw, json)
Hash identifier: TjgZvd8NTyfnTIYx+SMzczM6IMYvFc5scP1aWMMbHyE=
Subject key identifier: 9C:C2:B6:04:88:74:90:89:15:DE:3C:EA:FE:1F:9F:40:34:B6:2B:75
Certificate issuer: /CN=A911F316/serialNumber=D9641945D5B4CF7D63FC9131AFCF727AE36D9020
Certificate serial: 01A2
Authority key identifier: D9:64:19:45:D5:B4:CF:7D:63:FC:91:31:AF:CF:72:7A:E3:6D:90:20
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2WQZRdW0z31j_JExr89yeuNtkCA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911F316/A1DF1520774C11EDB826BC0BC4F9AE02/590A6A9A792E11EEA5AAB840C4F9AE02.roa
Signing time: Sun 09 Feb 2025 02:24:53 +0000
ROA not before: Sun 09 Feb 2025 02:24:53 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 132029
IP address blocks: 203.7.140.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 418 (0x1a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911F316
Validity
Not Before: Feb 9 02:24:53 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67a811f5-a18f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ee:c4:bb:a8:d1:34:1c:bf:01:d2:64:fd:c6:
4c:97:4c:74:e5:d2:f9:39:98:d7:88:ac:fa:4f:bc:
cd:06:9f:a6:67:9d:62:a3:a5:d6:2e:84:eb:f5:b7:
91:86:a0:0e:2a:58:16:df:32:a5:cf:35:7a:0b:6c:
94:3b:c6:24:eb:58:1c:5a:76:48:80:79:c7:68:3c:
90:ef:46:4d:a2:b1:9c:fd:8b:da:2f:d2:9c:e9:2a:
2a:cb:49:07:c7:8f:e1:f4:33:1f:03:48:e7:fe:a8:
b9:d8:b8:a7:8a:f5:d1:7e:00:ef:ad:79:28:22:88:
1e:dc:40:82:e5:cb:d6:78:a1:f1:d0:5b:b9:4d:6c:
12:73:97:0c:81:3c:09:9c:4d:f0:ee:33:da:28:56:
ee:4a:66:fe:c1:30:04:fc:25:2e:19:2f:0d:d0:85:
9f:ba:db:3c:af:e1:41:88:ee:f6:02:13:09:fb:24:
be:b5:16:40:de:3c:07:f3:d5:23:05:60:58:1f:d4:
28:73:8c:1b:2f:1e:ab:29:9e:77:5f:93:71:55:25:
9d:5a:c3:e4:3c:f2:03:24:22:db:78:af:98:29:6d:
07:21:e9:39:87:1e:b7:96:79:89:27:bf:0a:cf:39:
a4:6c:bb:e0:70:c4:22:60:7d:3a:ce:4a:af:39:41:
96:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:C2:B6:04:88:74:90:89:15:DE:3C:EA:FE:1F:9F:40:34:B6:2B:75
X509v3 Authority Key Identifier:
keyid:D9:64:19:45:D5:B4:CF:7D:63:FC:91:31:AF:CF:72:7A:E3:6D:90:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911F316/A1DF1520774C11EDB826BC0BC4F9AE02/2WQZRdW0z31j_JExr89yeuNtkCA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2WQZRdW0z31j_JExr89yeuNtkCA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911F316/A1DF1520774C11EDB826BC0BC4F9AE02/590A6A9A792E11EEA5AAB840C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.7.140.0/22
Signature Algorithm: sha256WithRSAEncryption
89:71:44:fb:24:09:b2:72:ff:76:2b:ce:ad:9f:ac:f3:14:68:
52:9b:19:35:14:c9:e5:f0:dd:6a:b3:3a:39:9e:f0:10:ff:63:
de:e3:70:c6:41:c4:a3:0a:b4:a3:1d:9d:19:e8:ac:a9:0f:48:
7f:46:de:d1:09:ee:68:1d:a6:d0:e1:1f:23:12:70:ba:ce:fb:
9b:99:cc:6f:20:94:1f:ac:aa:cd:6e:90:b2:42:de:86:e5:33:
34:9a:0b:c5:bc:a8:4c:2c:3f:0f:76:8e:c6:3a:bd:91:9e:48:
3e:52:42:cc:6f:0f:79:cd:8d:ac:ad:de:03:c1:1c:e1:ab:26:
ef:a4:19:29:ce:78:08:4e:42:0f:32:66:86:33:c7:ca:2c:80:
69:7b:25:a3:74:7f:ed:2e:55:fe:38:8d:22:87:14:3e:48:c7:
85:6a:9d:e8:29:bd:06:a7:bf:ab:c3:d1:5c:6c:00:ea:a0:af:
69:8f:8f:00:64:cb:93:57:41:b0:7c:e3:c1:88:dd:5b:6d:c0:
a4:58:31:4c:4c:3a:03:6b:84:67:51:3a:23:66:b3:05:56:f3:
50:3b:39:d7:ac:2c:a8:f4:3c:78:c1:50:3a:cf:e5:b2:ff:5e:
14:7c:1e:e9:d9:0f:ab:88:b0:cc:2a:6d:14:0c:ec:73:7a:d7:
4f:13:e2:9a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAaIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUYzMTYxMTAvBgNVBAUTKEQ5NjQxOTQ1RDVCNENGN0Q2M0ZDOTEzMUFGQ0Y3MjdB
RTM2RDkwMjAwHhcNMjUwMjA5MDIyNDUzWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E4MTFmNS1hMThmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxO7Eu6jRNBy/AdJk/cZMl0x05dL5OZjXiKz6T7zNBp+mZ51io6XWLoTr9beR
hqAOKlgW3zKlzzV6C2yUO8Yk61gcWnZIgHnHaDyQ70ZNorGc/YvaL9Kc6Soqy0kH
x4/h9DMfA0jn/qi52LinivXRfgDvrXkoIoge3ECC5cvWeKHx0Fu5TWwSc5cMgTwJ
nE3w7jPaKFbuSmb+wTAE/CUuGS8N0IWfuts8r+FBiO72AhMJ+yS+tRZA3jwH89Uj
BWBYH9Qoc4wbLx6rKZ53X5NxVSWdWsPkPPIDJCLbeK+YKW0HIek5hx63lnmJJ78K
zzmkbLvgcMQiYH06zkqvOUGWJQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJzCtgSI
dJCJFd486v4fn0A0tit1MB8GA1UdIwQYMBaAFNlkGUXVtM99Y/yRMa/PcnrjbZAg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRjMxNi9BMURGMTUyMDc3
NEMxMUVEQjgyNkJDMEJDNEY5QUUwMi8yV1FaUmRXMHozMWpfSkV4cjg5eWV1TnRr
Q0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJXUVpSZFcwejMxal9KRXhyODl5ZXVOdGtDQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUYzMTYvQTFERjE1MjA3NzRDMTFFREI4MjZCQzBCQzRGOUFFMDIvNTkwQTZBOUE3
OTJFMTFFRUE1QUFCODQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALLB4wwDQYJKoZIhvcNAQELBQADggEBAIlxRPskCbJy/3Yr
zq2frPMUaFKbGTUUyeXw3WqzOjme8BD/Y97jcMZBxKMKtKMdnRnorKkPSH9G3tEJ
7mgdptDhHyMScLrO+5uZzG8glB+sqs1ukLJC3oblMzSaC8W8qEwsPw92jsY6vZGe
SD5SQsxvD3nNjayt3gPBHOGrJu+kGSnOeAhOQg8yZoYzx8osgGl7JaN0f+0uVf44
jSKHFD5Ix4VqnegpvQanv6vD0VxsAOqgr2mPjwBky5NXQbB848GI3VttwKRYMUxM
OgNrhGdROiNmswVW81A7OdesLKj0PHjBUDrP5bL/XhR8HunZD6uIsMwqbRQM7HN6
108T4po=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:19:32 2025 by rpki-client