Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/17E76F7A9EA811EC95EBD87CC4F9AE02.roa
File: 17E76F7A9EA811EC95EBD87CC4F9AE02.roa (raw, json)
Hash identifier: HSneFdz7BrjoyuZhfsoXIX8oAKKd1pcnAxUY0uGTzCQ=
Subject key identifier: 48:FD:1E:EE:70:4F:95:A1:4A:CE:EB:C0:A7:2F:52:7C:DC:1D:63:9D
Certificate issuer: /CN=A91275FD/serialNumber=4E10F13F295FBF2B359C84DDD1651BC851AA8AF5
Certificate serial: 264E
Authority key identifier: 4E:10:F1:3F:29:5F:BF:2B:35:9C:84:DD:D1:65:1B:C8:51:AA:8A:F5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ThDxPylfvys1nITd0WUbyFGqivU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/17E76F7A9EA811EC95EBD87CC4F9AE02.roa
Signing time: Wed 08 May 2024 16:33:09 +0000
ROA not before: Wed 08 May 2024 16:33:09 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 9386
IP address blocks: 202.8.224.0/19 maxlen: 19
202.128.32.0/19 maxlen: 19
202.128.32.0/22 maxlen: 22
202.128.36.0/22 maxlen: 22
202.128.40.0/22 maxlen: 22
202.128.44.0/22 maxlen: 22
202.128.48.0/22 maxlen: 22
202.128.52.0/22 maxlen: 22
202.128.56.0/22 maxlen: 22
202.128.60.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9806 (0x264e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91275FD
Validity
Not Before: May 8 16:33:09 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=663ba945-cdd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ab:a1:c0:23:9a:0c:4e:5a:d3:f7:76:48:fe:
76:b2:52:4c:6c:73:df:c9:3c:e5:87:bf:e1:e1:65:
a4:d8:08:f8:a4:98:b2:12:4e:f7:fb:46:a7:42:59:
f0:82:8b:09:2d:b8:87:88:b0:ad:c9:2f:ba:e6:49:
96:da:91:e3:da:f1:5b:2e:ab:f3:16:ef:f2:68:6e:
b6:ce:73:56:d2:27:21:65:c6:21:d3:7a:b1:1f:3b:
82:2e:83:2f:46:3d:0e:6b:52:e5:ca:27:4b:7b:73:
8d:38:4a:8c:39:35:46:7f:e9:09:69:6e:81:2d:84:
20:b5:e6:8a:77:09:39:ff:c1:5b:62:d7:6f:ab:1d:
26:0b:42:03:24:f0:89:3b:73:76:b5:ac:5f:7e:50:
e0:44:41:fe:ff:13:8a:70:92:c7:70:8a:d6:83:2b:
fc:68:f9:cd:69:58:5a:4c:3a:b9:0b:56:06:31:16:
be:aa:8e:b1:34:bb:3b:96:2e:df:8f:a7:8a:ff:7d:
31:35:f4:0f:20:0a:b3:8c:d4:f6:2d:50:8c:38:95:
c1:ea:40:4c:43:1a:b5:fe:da:61:1c:89:f9:a4:13:
e2:09:89:bd:e5:b7:fa:e7:fa:9d:ac:76:05:38:f8:
75:87:52:70:d4:7a:b2:54:f4:d3:89:f1:31:f3:44:
62:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:FD:1E:EE:70:4F:95:A1:4A:CE:EB:C0:A7:2F:52:7C:DC:1D:63:9D
X509v3 Authority Key Identifier:
keyid:4E:10:F1:3F:29:5F:BF:2B:35:9C:84:DD:D1:65:1B:C8:51:AA:8A:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/ThDxPylfvys1nITd0WUbyFGqivU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ThDxPylfvys1nITd0WUbyFGqivU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/17E76F7A9EA811EC95EBD87CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.8.224.0/19
202.128.32.0/19
Signature Algorithm: sha256WithRSAEncryption
2f:2d:2e:2d:3f:4d:cf:2c:4f:f2:15:5e:55:06:19:07:e2:49:
a1:7a:2c:3e:32:3c:d7:e3:ae:98:7a:8d:e6:97:f1:6d:e9:94:
75:55:6e:d3:d7:ff:fa:23:d9:56:52:62:64:0b:36:9b:a8:cf:
f3:aa:dd:78:12:27:f3:2d:b0:8c:fb:f9:c9:f7:50:ac:f5:e3:
4d:f7:dc:d7:da:1a:d8:2a:20:46:1a:5d:a0:44:cb:5f:d2:8f:
20:7c:ea:26:73:6e:f7:58:04:cd:86:92:d3:27:c0:1b:2e:e9:
27:c4:ce:54:c6:da:80:83:7f:53:51:4d:ad:08:ec:82:28:56:
0a:5f:7a:8b:53:20:af:91:9c:c8:40:6b:86:ab:e5:5c:fc:29:
e9:99:a8:5f:13:91:0b:b8:fb:b5:74:8d:3b:47:01:8d:be:9f:
a7:e0:9b:7c:cd:be:c0:4b:89:6b:43:b1:4f:91:94:9e:ed:04:
4d:1c:d0:a0:39:25:46:1f:d3:51:a3:a3:9c:2a:b8:63:99:d5:
2b:6d:42:30:86:c8:4f:4d:4f:f1:1a:8e:8e:a7:bc:f0:39:6e:
d9:6f:64:4a:a0:4f:fd:c9:46:00:a1:31:78:7e:5d:ba:f7:7a:
cb:b0:67:26:4c:9a:c0:4e:91:2b:7b:ae:d7:c5:8f:13:28:f0:
f3:24:30:b9
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICJk4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjc1RkQxMTAvBgNVBAUTKDRFMTBGMTNGMjk1RkJGMkIzNTlDODREREQxNjUxQkM4
NTFBQThBRjUwHhcNMjQwNTA4MTYzMzA5WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNiYTk0NS1jZGQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr6uhwCOaDE5a0/d2SP52slJMbHPfyTzlh7/h4WWk2Aj4pJiyEk73+0anQlnw
gosJLbiHiLCtyS+65kmW2pHj2vFbLqvzFu/yaG62znNW0ichZcYh03qxHzuCLoMv
Rj0Oa1LlyidLe3ONOEqMOTVGf+kJaW6BLYQgteaKdwk5/8FbYtdvqx0mC0IDJPCJ
O3N2taxfflDgREH+/xOKcJLHcIrWgyv8aPnNaVhaTDq5C1YGMRa+qo6xNLs7li7f
j6eK/30xNfQPIAqzjNT2LVCMOJXB6kBMQxq1/tphHIn5pBPiCYm95bf65/qdrHYF
OPh1h1Jw1HqyVPTTifEx80RinwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFEj9Hu5w
T5WhSs7rwKcvUnzcHWOdMB8GA1UdIwQYMBaAFE4Q8T8pX78rNZyE3dFlG8hRqor1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzVGRC9FMUVGRDlCNkRF
Q0UxMUU0QTE0RjAwNjhDNEY5QUUwMi9UaER4UHlsZnZ5czFuSVRkMFdVYnlGR3Fp
dlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RoRHhQeWxmdnlzMW5JVGQwV1VieUZHcWl2VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjc1RkQvRTFFRkQ5QjZERUNFMTFFNEExNEYwMDY4QzRGOUFFMDIvMTdFNzZGN0E5
RUE4MTFFQzk1RUJEODdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAXKCOADBAXKgCAwDQYJKoZIhvcNAQELBQADggEBAC8tLi0/
Tc8sT/IVXlUGGQfiSaF6LD4yPNfjrph6jeaX8W3plHVVbtPX//oj2VZSYmQLNpuo
z/Oq3XgSJ/MtsIz7+cn3UKz140333NfaGtgqIEYaXaBEy1/SjyB86iZzbvdYBM2G
ktMnwBsu6SfEzlTG2oCDf1NRTa0I7IIoVgpfeotTIK+RnMhAa4ar5Vz8KemZqF8T
kQu4+7V0jTtHAY2+n6fgm3zNvsBLiWtDsU+RlJ7tBE0c0KA5JUYf01Gjo5wquGOZ
1SttQjCGyE9NT/Eajo6nvPA5btlvZEqgT/3JRgChMXh+Xbr3esuwZyZMmsBOkSt7
rtfFjxMo8PMkMLk=
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:33:38 2025 by rpki-client