Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9125475/8D9471F6290611E593BFC626C4F9AE02/3373DB98902C11EA898EFD7FC4F9AE02.roa
File: 3373DB98902C11EA898EFD7FC4F9AE02.roa (raw, json)
Hash identifier: IbE+JWM/Bgx4LvXRfO5AkKCxabxFW5QHg0Anl0b9X1Q=
Subject key identifier: 8F:4D:E8:2A:5E:D0:DE:92:C5:4D:13:37:2A:34:41:60:8C:87:81:EB
Certificate issuer: /CN=A9125475/serialNumber=DE9D64016291EA2A16F3B7956A0F4035B709E547
Certificate serial: 251C
Authority key identifier: DE:9D:64:01:62:91:EA:2A:16:F3:B7:95:6A:0F:40:35:B7:09:E5:47
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3p1kAWKR6ioW87eVag9ANbcJ5Uc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9125475/8D9471F6290611E593BFC626C4F9AE02/3373DB98902C11EA898EFD7FC4F9AE02.roa
Signing time: Mon 02 Dec 2024 14:30:19 +0000
ROA not before: Mon 02 Dec 2024 14:30:19 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 36492
IP address blocks: 159.192.27.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9500 (0x251c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9125475
Validity
Not Before: Dec 2 14:30:19 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=674dc47b-44a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fa:e8:a2:4e:f4:84:8e:47:29:42:12:45:b7:
39:64:c8:e5:a9:91:e2:89:d4:51:f5:06:f6:9a:20:
f6:08:57:e5:63:0e:fd:b5:ec:3e:88:2e:8a:df:31:
0e:76:9a:73:11:79:15:75:0b:32:13:ad:ea:b9:73:
07:bd:6f:79:96:15:b2:c4:24:b6:f9:03:06:e6:e4:
ec:9b:11:a9:7b:82:c3:41:48:9f:49:94:71:7e:15:
aa:0f:cd:3d:ae:76:ca:15:dd:3e:58:de:fb:45:1d:
b3:f0:16:af:e9:45:5f:39:5a:00:6f:c7:a1:a5:dd:
09:2e:29:e4:21:92:e3:07:99:ea:ea:43:01:a4:4e:
89:84:e0:4d:94:fb:34:dd:7b:6d:81:ab:a7:7d:69:
33:e7:76:25:38:61:ec:cd:79:8b:95:96:a0:e0:f1:
ab:69:c7:58:68:b8:ae:54:55:c6:7d:f8:49:9e:52:
8d:d8:e0:f1:fb:e2:97:ad:cb:42:aa:60:58:10:23:
9d:b0:f5:98:e0:f5:6f:6f:6c:bc:e0:bc:d3:60:c2:
c6:a3:ba:86:dd:bc:f5:1d:c6:96:56:ac:7b:90:d5:
da:e8:4a:54:16:45:22:c5:0e:53:6e:b1:d4:ef:22:
5d:24:0f:d0:8b:41:3c:95:fc:fc:c3:3a:ce:78:66:
a0:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:4D:E8:2A:5E:D0:DE:92:C5:4D:13:37:2A:34:41:60:8C:87:81:EB
X509v3 Authority Key Identifier:
keyid:DE:9D:64:01:62:91:EA:2A:16:F3:B7:95:6A:0F:40:35:B7:09:E5:47
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9125475/8D9471F6290611E593BFC626C4F9AE02/3p1kAWKR6ioW87eVag9ANbcJ5Uc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3p1kAWKR6ioW87eVag9ANbcJ5Uc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125475/8D9471F6290611E593BFC626C4F9AE02/3373DB98902C11EA898EFD7FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
159.192.27.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:91:93:18:b0:cc:f5:ab:c5:cc:90:45:54:41:04:73:e2:e9:
c0:ea:81:cc:30:08:2e:e3:27:8c:4f:1f:8a:64:b7:23:e7:b1:
84:5c:5d:48:8b:c1:48:94:ee:ee:75:bb:24:21:a3:6b:24:38:
87:51:60:68:48:e4:ad:73:e4:50:95:34:a4:76:45:39:5c:31:
8a:8e:dc:1d:73:5f:fc:9a:22:98:81:99:b1:a8:b0:02:11:cd:
d7:aa:74:16:63:96:d4:37:59:d0:45:33:47:ad:09:11:c3:2c:
bc:3d:58:bc:6b:4e:6d:d7:e0:34:18:c1:5c:6f:b7:d6:97:08:
8b:2a:33:db:41:4a:be:cc:e0:e2:0c:b5:f7:b5:02:5f:de:a1:
cc:41:5b:29:34:89:af:3d:3f:08:41:75:5f:6c:b3:f6:f1:82:
a1:8c:b4:09:56:4b:d1:05:06:f7:4b:59:7d:bf:bf:57:0f:da:
ff:a5:3e:1d:4b:b7:69:aa:73:1a:1b:e4:7a:c2:da:29:a3:4a:
74:20:9e:f6:a4:32:2c:76:7f:62:b2:37:a5:4e:9c:c9:8b:5c:
83:2e:d2:f1:57:ea:19:fb:a4:22:61:8a:0c:dd:fb:7b:a5:b0:
f6:aa:e6:32:b9:84:2d:b1:b1:86:71:8d:12:05:1b:01:ab:2c:
a1:c8:a4:28
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJRwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjU0NzUxMTAvBgNVBAUTKERFOUQ2NDAxNjI5MUVBMkExNkYzQjc5NTZBMEY0MDM1
QjcwOUU1NDcwHhcNMjQxMjAyMTQzMDE5WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRkYzQ3Yi00NGE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyfrook70hI5HKUISRbc5ZMjlqZHiidRR9Qb2miD2CFflYw79tew+iC6K3zEO
dppzEXkVdQsyE63quXMHvW95lhWyxCS2+QMG5uTsmxGpe4LDQUifSZRxfhWqD809
rnbKFd0+WN77RR2z8Bav6UVfOVoAb8ehpd0JLinkIZLjB5nq6kMBpE6JhOBNlPs0
3XttgaunfWkz53YlOGHszXmLlZag4PGracdYaLiuVFXGffhJnlKN2ODx++KXrctC
qmBYECOdsPWY4PVvb2y84LzTYMLGo7qG3bz1HcaWVqx7kNXa6EpUFkUixQ5TbrHU
7yJdJA/Qi0E8lfz8wzrOeGagFQIDAQABo4IClTCCApEwHQYDVR0OBBYEFI9N6Cpe
0N6SxU0TNyo0QWCMh4HrMB8GA1UdIwQYMBaAFN6dZAFikeoqFvO3lWoPQDW3CeVH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNTQ3NS84RDk0NzFGNjI5
MDYxMUU1OTNCRkM2MjZDNEY5QUUwMi8zcDFrQVdLUjZpb1c4N2VWYWc5QU5iY0o1
VWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzNwMWtBV0tSNmlvVzg3ZVZhZzlBTmJjSjVVYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjU0NzUvOEQ5NDcxRjYyOTA2MTFFNTkzQkZDNjI2QzRGOUFFMDIvMzM3M0RCOTg5
MDJDMTFFQTg5OEVGRDdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACfwBswDQYJKoZIhvcNAQELBQADggEBAI2RkxiwzPWrxcyQ
RVRBBHPi6cDqgcwwCC7jJ4xPH4pktyPnsYRcXUiLwUiU7u51uyQho2skOIdRYGhI
5K1z5FCVNKR2RTlcMYqO3B1zX/yaIpiBmbGosAIRzdeqdBZjltQ3WdBFM0etCRHD
LLw9WLxrTm3X4DQYwVxvt9aXCIsqM9tBSr7M4OIMtfe1Al/eocxBWyk0ia89PwhB
dV9ss/bxgqGMtAlWS9EFBvdLWX2/v1cP2v+lPh1Lt2mqcxob5HrC2imjSnQgnvak
Mix2f2KyN6VOnMmLXIMu0vFX6hn7pCJhigzd+3ulsPaq5jK5hC2xsYZxjRIFGwGr
LKHIpCg=
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:36:08 2025 by rpki-client