Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/99CFA3844DF511ED91A8AB4BC4F9AE02.roa
File: 99CFA3844DF511ED91A8AB4BC4F9AE02.roa (raw, json)
Hash identifier: GuMyFs8mowkXrX6mHMVeKiU6aeZe3E0B32jb5heztzI=
Subject key identifier: BE:29:04:97:2B:23:CC:61:88:24:41:76:6C:66:A4:79:A7:CD:26:11
Certificate issuer: /CN=A9123F5D/serialNumber=BF522D9925A5846280F60530AD39D766E4ABF093
Certificate serial: 09C3
Authority key identifier: BF:52:2D:99:25:A5:84:62:80:F6:05:30:AD:39:D7:66:E4:AB:F0:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v1ItmSWlhGKA9gUwrTnXZuSr8JM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/99CFA3844DF511ED91A8AB4BC4F9AE02.roa
Signing time: Wed 12 Jun 2024 21:17:14 +0000
ROA not before: Wed 12 Jun 2024 21:17:14 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 141731
IP address blocks: 123.253.96.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2499 (0x9c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9123F5D
Validity
Not Before: Jun 12 21:17:14 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=666a1059-f369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:05:44:02:48:90:ea:80:d9:34:79:43:73:dd:
aa:71:e4:40:23:3b:f2:a4:2b:b5:6f:6a:55:58:f2:
8f:84:58:aa:de:d3:8b:41:88:a7:82:1a:d6:84:e5:
74:a8:41:89:83:da:2f:af:e3:5e:07:e8:35:fd:28:
93:0c:0c:48:5d:12:f5:8e:53:34:75:c1:41:5a:2b:
4f:1d:ee:63:e7:00:1a:1d:fe:4c:fc:08:16:28:6e:
3d:eb:0b:f6:0f:95:6f:96:6a:05:31:7f:6a:48:4a:
bf:6d:ac:9b:19:f1:a6:69:25:e6:37:d6:77:2a:8d:
bb:b6:52:7c:e4:cb:6e:cb:0c:d7:46:16:de:da:06:
13:1f:2f:72:7d:23:67:c0:bb:87:b8:28:b0:01:db:
79:5e:38:a9:c0:ee:c0:dc:50:71:23:2c:ae:b6:93:
76:42:db:a9:1e:d2:c5:f3:21:71:88:7c:5b:c3:82:
12:08:2f:50:b4:6f:e6:98:61:7c:ea:f3:20:fb:58:
b7:45:3f:16:55:00:d2:43:ee:06:a6:c9:59:ac:5f:
de:5d:c1:4e:ea:8a:e9:bf:84:82:eb:fe:ba:3c:2c:
e2:da:ae:cc:db:30:aa:1f:46:d4:c5:1a:08:51:91:
b6:3b:c3:5f:3a:ca:b3:8f:79:9d:d6:49:1c:06:e9:
bb:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:29:04:97:2B:23:CC:61:88:24:41:76:6C:66:A4:79:A7:CD:26:11
X509v3 Authority Key Identifier:
keyid:BF:52:2D:99:25:A5:84:62:80:F6:05:30:AD:39:D7:66:E4:AB:F0:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/v1ItmSWlhGKA9gUwrTnXZuSr8JM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v1ItmSWlhGKA9gUwrTnXZuSr8JM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/99CFA3844DF511ED91A8AB4BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.253.96.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:c1:17:07:38:01:5a:c8:f5:3b:d8:94:a0:02:52:6e:9f:56:
f9:d9:78:12:8a:e1:b6:14:22:1e:28:0e:5a:84:2f:23:04:3a:
97:c3:2f:46:0e:1a:46:45:49:4f:42:a2:9a:de:97:f9:1f:19:
95:78:2d:29:6f:3e:bf:b6:7b:4d:cf:09:9e:34:9d:2f:b3:4c:
0e:60:44:27:8d:bd:4e:b0:43:68:07:20:9e:3b:c5:b0:62:fc:
4b:4f:a7:0f:ca:e7:68:81:b5:9c:b6:43:cd:ba:85:46:6d:22:
bd:d0:07:c5:52:56:a3:18:f5:c1:8e:2c:e8:a2:c4:96:ae:5d:
fc:83:bb:ee:ad:cd:ce:da:fa:8e:8f:51:ac:d3:d8:44:d5:2b:
bc:3c:0d:24:05:95:09:90:aa:cb:8a:7a:07:7f:72:44:24:74:
ae:51:ed:08:54:6b:a4:3f:1c:8f:6c:0a:36:b0:08:d1:6f:d9:
26:dc:77:03:c2:74:98:78:ae:81:1c:25:a8:9f:db:54:64:a3:
97:91:86:f5:25:37:ea:c4:77:53:ae:60:74:b1:f5:e8:52:14:
d9:31:17:40:dd:77:f6:f2:96:43:62:dc:a9:ec:fb:93:f3:71:
08:8c:47:6a:b0:e0:e2:c2:7c:e2:bf:ad:9a:a1:a1:84:97:bc:
53:2c:0c:4b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCcMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjNGNUQxMTAvBgNVBAUTKEJGNTIyRDk5MjVBNTg0NjI4MEY2MDUzMEFEMzlENzY2
RTRBQkYwOTMwHhcNMjQwNjEyMjExNzE0WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjZhMTA1OS1mMzY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvwVEAkiQ6oDZNHlDc92qceRAIzvypCu1b2pVWPKPhFiq3tOLQYinghrWhOV0
qEGJg9ovr+NeB+g1/SiTDAxIXRL1jlM0dcFBWitPHe5j5wAaHf5M/AgWKG496wv2
D5VvlmoFMX9qSEq/baybGfGmaSXmN9Z3Ko27tlJ85MtuywzXRhbe2gYTHy9yfSNn
wLuHuCiwAdt5XjipwO7A3FBxIyyutpN2QtupHtLF8yFxiHxbw4ISCC9QtG/mmGF8
6vMg+1i3RT8WVQDSQ+4GpslZrF/eXcFO6orpv4SC6/66PCzi2q7M2zCqH0bUxRoI
UZG2O8NfOsqzj3md1kkcBum7WQIDAQABo4IClTCCApEwHQYDVR0OBBYEFL4pBJcr
I8xhiCRBdmxmpHmnzSYRMB8GA1UdIwQYMBaAFL9SLZklpYRigPYFMK0512bkq/CT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyM0Y1RC83NUY4NzVGMjY2
OTAxMUVBOTY4M0ZCMkZDNEY5QUUwMi92MUl0bVNXbGhHS0E5Z1V3clRuWFp1U3I4
Sk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3YxSXRtU1dsaEdLQTlnVXdyVG5YWnVTcjhKTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjNGNUQvNzVGODc1RjI2NjkwMTFFQTk2ODNGQjJGQzRGOUFFMDIvOTlDRkEzODQ0
REY1MTFFRDkxQThBQjRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB7/WAwDQYJKoZIhvcNAQELBQADggEBAMDBFwc4AVrI9TvY
lKACUm6fVvnZeBKK4bYUIh4oDlqELyMEOpfDL0YOGkZFSU9Coprel/kfGZV4LSlv
Pr+2e03PCZ40nS+zTA5gRCeNvU6wQ2gHIJ47xbBi/EtPpw/K52iBtZy2Q826hUZt
Ir3QB8VSVqMY9cGOLOiixJauXfyDu+6tzc7a+o6PUazT2ETVK7w8DSQFlQmQqsuK
egd/ckQkdK5R7QhUa6Q/HI9sCjawCNFv2SbcdwPCdJh4roEcJaif21Rko5eRhvUl
N+rEd1OuYHSx9ehSFNkxF0Ddd/bylkNi3Kns+5PzcQiMR2qw4OLCfOK/rZqhoYSX
vFMsDEs=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:20:14 2025 by rpki-client