Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/AF4E5B08483911EEB846EA36C4F9AE02.roa
File: AF4E5B08483911EEB846EA36C4F9AE02.roa (raw, json)
Hash identifier: lYCr6kAfGaxdZr+eWwEYwFIaASsvVDDBGvokBcs3KLg=
Subject key identifier: 30:DB:BB:14:20:50:78:D6:C1:40:D9:50:5F:9B:4C:9B:98:17:D3:8C
Certificate issuer: /CN=A9123F5D/serialNumber=BF522D9925A5846280F60530AD39D766E4ABF093
Certificate serial: 09C4
Authority key identifier: BF:52:2D:99:25:A5:84:62:80:F6:05:30:AD:39:D7:66:E4:AB:F0:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v1ItmSWlhGKA9gUwrTnXZuSr8JM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/AF4E5B08483911EEB846EA36C4F9AE02.roa
Signing time: Wed 12 Jun 2024 21:17:15 +0000
ROA not before: Wed 12 Jun 2024 21:17:15 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 150744
IP address blocks: 123.253.96.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2500 (0x9c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9123F5D
Validity
Not Before: Jun 12 21:17:15 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=666a105b-290d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:47:be:1f:f3:dd:30:80:80:19:e3:d2:54:69:
e6:24:96:77:6a:41:53:f2:69:cc:2a:55:b8:84:a1:
f5:7e:30:28:29:a8:30:af:29:17:db:76:9a:df:b8:
e7:9c:8c:99:48:65:63:5c:d7:93:b6:8f:87:1c:dc:
84:6b:ba:d2:77:90:53:27:85:af:5e:e3:a8:2b:3d:
48:bf:a2:6b:c6:30:10:36:52:9f:1a:4d:06:22:bc:
5e:dd:a9:e7:5a:c1:3d:2b:c4:12:1c:6e:38:7c:7e:
cc:d2:91:2a:af:fe:6f:6c:9c:ca:46:80:30:d2:8a:
05:fd:e6:4a:38:16:ec:8c:28:2c:d8:c6:0f:dd:f7:
03:64:2e:41:83:f1:5f:73:42:88:e2:16:89:bf:5d:
ea:d2:f7:c4:cc:64:57:74:f9:cb:46:b3:35:84:89:
97:db:23:26:2d:3b:41:32:d8:65:8e:72:b9:1a:ed:
5e:ac:22:7b:f2:b4:2b:75:20:18:d3:c0:0c:9a:df:
0d:19:8a:5f:86:9f:18:db:d5:e9:24:7f:da:c6:74:
be:8d:2e:85:b3:30:50:81:63:2b:8f:fd:85:ae:88:
6e:49:56:32:5f:a1:dd:f2:0c:01:d2:7c:4a:fa:8c:
1d:e6:59:9a:ba:46:86:98:b4:df:ad:4e:39:d0:9f:
8f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:DB:BB:14:20:50:78:D6:C1:40:D9:50:5F:9B:4C:9B:98:17:D3:8C
X509v3 Authority Key Identifier:
keyid:BF:52:2D:99:25:A5:84:62:80:F6:05:30:AD:39:D7:66:E4:AB:F0:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/v1ItmSWlhGKA9gUwrTnXZuSr8JM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v1ItmSWlhGKA9gUwrTnXZuSr8JM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/AF4E5B08483911EEB846EA36C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.253.96.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:97:03:ca:00:c8:11:44:57:9e:63:22:80:dc:9e:3e:a4:23:
5e:ae:78:78:50:21:d7:d8:13:65:dc:11:fe:10:55:f4:9f:30:
e3:63:33:66:26:f6:17:df:ba:6f:3d:cb:e6:ab:cd:0b:ed:42:
4a:5d:74:56:74:ed:92:4e:3c:06:4b:bc:5c:bd:c5:dc:f3:a0:
96:d7:76:75:b8:3d:55:f5:f3:84:fd:82:64:fc:fa:a4:f6:b4:
d3:08:c7:a1:97:03:f4:3a:77:cd:e7:94:22:ac:b8:30:6b:f8:
b9:d7:3c:77:98:7f:0a:60:e1:19:d4:f0:b6:1d:dd:07:d3:4c:
22:fd:4e:84:e8:e5:53:ef:1d:2f:de:93:da:0c:6d:46:ea:17:
4a:e6:ee:90:bc:5f:12:ee:4d:2f:d9:8e:0e:26:6b:8c:32:0f:
7e:19:8f:96:b7:71:7a:75:15:5b:f3:2a:f3:9d:f0:8b:34:21:
6c:f5:f2:73:e1:73:21:67:ed:20:c3:a4:f4:a7:9e:f5:20:64:
ac:c5:08:72:53:4b:ff:d1:30:9d:4a:45:0f:36:04:fa:f7:68:
22:74:bb:e2:19:41:a3:c7:1f:a2:d1:bd:d8:a5:9c:72:df:7b:
86:7b:d2:09:73:3e:60:46:7c:2a:e4:49:4e:dd:76:c3:97:77:
c3:76:d8:54
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCcQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjNGNUQxMTAvBgNVBAUTKEJGNTIyRDk5MjVBNTg0NjI4MEY2MDUzMEFEMzlENzY2
RTRBQkYwOTMwHhcNMjQwNjEyMjExNzE1WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjZhMTA1Yi0yOTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyUe+H/PdMICAGePSVGnmJJZ3akFT8mnMKlW4hKH1fjAoKagwrykX23aa37jn
nIyZSGVjXNeTto+HHNyEa7rSd5BTJ4WvXuOoKz1Iv6JrxjAQNlKfGk0GIrxe3ann
WsE9K8QSHG44fH7M0pEqr/5vbJzKRoAw0ooF/eZKOBbsjCgs2MYP3fcDZC5Bg/Ff
c0KI4haJv13q0vfEzGRXdPnLRrM1hImX2yMmLTtBMthljnK5Gu1erCJ78rQrdSAY
08AMmt8NGYpfhp8Y29XpJH/axnS+jS6FszBQgWMrj/2FrohuSVYyX6Hd8gwB0nxK
+owd5lmaukaGmLTfrU450J+PbwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDDbuxQg
UHjWwUDZUF+bTJuYF9OMMB8GA1UdIwQYMBaAFL9SLZklpYRigPYFMK0512bkq/CT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyM0Y1RC83NUY4NzVGMjY2
OTAxMUVBOTY4M0ZCMkZDNEY5QUUwMi92MUl0bVNXbGhHS0E5Z1V3clRuWFp1U3I4
Sk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3YxSXRtU1dsaEdLQTlnVXdyVG5YWnVTcjhKTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjNGNUQvNzVGODc1RjI2NjkwMTFFQTk2ODNGQjJGQzRGOUFFMDIvQUY0RTVCMDg0
ODM5MTFFRUI4NDZFQTM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB7/WAwDQYJKoZIhvcNAQELBQADggEBAMSXA8oAyBFEV55j
IoDcnj6kI16ueHhQIdfYE2XcEf4QVfSfMONjM2Ym9hffum89y+arzQvtQkpddFZ0
7ZJOPAZLvFy9xdzzoJbXdnW4PVX184T9gmT8+qT2tNMIx6GXA/Q6d83nlCKsuDBr
+LnXPHeYfwpg4RnU8LYd3QfTTCL9ToTo5VPvHS/ek9oMbUbqF0rm7pC8XxLuTS/Z
jg4ma4wyD34Zj5a3cXp1FVvzKvOd8Is0IWz18nPhcyFn7SDDpPSnnvUgZKzFCHJT
S//RMJ1KRQ82BPr3aCJ0u+IZQaPHH6LRvdilnHLfe4Z70glzPmBGfCrkSU7ddsOX
d8N22FQ=
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:34:53 2025 by rpki-client