Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9127C2D/9E39F9368C9E11EE87C8EE78C4F9AE02/83298B188CDD11EE9C0A8258C4F9AE02.roa
File: 83298B188CDD11EE9C0A8258C4F9AE02.roa (raw, json)
Hash identifier: uYX2IlbgkFVHpSI6ncTYHrhhVumZeL9bEclaECevCas=
Subject key identifier: E2:00:BD:6B:2C:1D:A6:73:E0:58:A9:4A:D7:54:4B:72:D7:7D:08:F4
Certificate issuer: /CN=A9127C2D/serialNumber=8B65A5294377D686378C46B3E9DAD7CDB5B66791
Certificate serial: DB
Authority key identifier: 8B:65:A5:29:43:77:D6:86:37:8C:46:B3:E9:DA:D7:CD:B5:B6:67:91
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i2WlKUN31oY3jEaz6drXzbW2Z5E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9127C2D/9E39F9368C9E11EE87C8EE78C4F9AE02/83298B188CDD11EE9C0A8258C4F9AE02.roa
Signing time: Sun 05 Jan 2025 03:47:16 +0000
ROA not before: Sun 05 Jan 2025 03:47:16 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 9896
IP address blocks: 202.49.252.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 219 (0xdb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9127C2D
Validity
Not Before: Jan 5 03:47:16 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=677a00c3-d5e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:78:b7:b3:50:74:22:04:32:d0:b7:6d:51:2e:
e1:e7:37:12:3d:85:2a:3c:8f:d2:c9:7c:6f:08:f3:
37:4b:a9:0d:3d:3b:d7:d7:42:79:71:7a:86:c1:04:
99:02:e3:b9:63:3b:d7:4e:00:77:a2:5e:05:be:a1:
ae:f0:75:16:01:34:67:2f:95:f4:99:e8:56:86:21:
13:ae:c5:cb:df:18:ab:04:20:c6:40:f9:45:32:5c:
d5:77:2a:aa:c4:c3:ef:af:0d:62:0c:9b:2a:f3:78:
0c:50:4d:0c:15:70:6c:b1:ac:da:04:ae:ee:ed:1d:
3a:ae:1d:0c:db:78:66:79:fb:ad:92:75:44:2b:29:
5b:de:b7:a4:23:9e:cb:3f:53:07:be:19:11:19:4b:
98:e2:f9:23:28:d9:ec:db:f9:f2:50:b8:e0:99:3c:
3b:6a:b2:f2:c8:8a:39:49:eb:0d:56:7d:27:ee:95:
06:27:8b:2e:f3:7b:31:e5:c5:94:7b:28:85:92:3c:
ea:ec:b3:ce:57:71:5b:30:d7:be:5d:84:0c:52:41:
3e:ea:28:f3:f2:ae:7a:e0:f6:74:e3:f3:57:bd:71:
28:0f:e5:74:d9:05:85:0e:2c:84:20:02:d1:0d:8a:
5c:10:1e:8c:0a:51:61:2a:14:0a:26:9e:67:cc:2d:
40:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:00:BD:6B:2C:1D:A6:73:E0:58:A9:4A:D7:54:4B:72:D7:7D:08:F4
X509v3 Authority Key Identifier:
keyid:8B:65:A5:29:43:77:D6:86:37:8C:46:B3:E9:DA:D7:CD:B5:B6:67:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9127C2D/9E39F9368C9E11EE87C8EE78C4F9AE02/i2WlKUN31oY3jEaz6drXzbW2Z5E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i2WlKUN31oY3jEaz6drXzbW2Z5E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127C2D/9E39F9368C9E11EE87C8EE78C4F9AE02/83298B188CDD11EE9C0A8258C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.49.252.0/22
Signature Algorithm: sha256WithRSAEncryption
52:08:5b:a7:b0:5b:05:ca:b7:36:60:82:c6:04:c6:a3:a2:8f:
30:d1:ce:6d:42:9f:8a:8f:d9:a5:ca:61:af:65:f6:a0:04:66:
ea:5a:9c:73:33:25:8c:b5:3c:c9:03:ff:f8:86:88:e5:92:a2:
e7:02:55:f9:d4:2e:ad:2b:92:e3:41:fd:2e:bb:eb:76:ef:c5:
50:65:62:50:80:48:e3:73:c1:8c:13:f1:a4:22:17:09:a6:1e:
33:95:dd:39:74:67:c7:bd:44:55:1b:3a:65:a8:8d:57:51:7a:
ee:1b:96:bc:31:cd:02:da:e9:37:74:5a:5c:92:d3:fa:76:ca:
da:f2:65:91:73:14:f7:16:c3:da:2e:37:e4:a2:ae:cc:2b:88:
53:7d:45:df:79:d0:fe:51:ad:87:55:9e:c7:5e:55:53:b8:97:
59:b3:b8:61:55:32:62:0f:f3:28:90:6c:20:47:ac:90:99:65:
70:e8:8e:14:19:26:e8:a5:e4:e1:be:e5:95:71:58:ba:fa:16:
5c:6e:53:27:c0:9d:cd:0f:fc:4e:af:12:cf:fa:d6:41:a3:9c:
3a:e2:5d:84:85:06:de:a1:b7:4b:96:67:0d:7d:1d:17:5a:f2:
5a:a4:9f:cb:af:77:e5:d0:cd:67:8d:13:f2:c8:c5:b0:ed:e0:
b3:be:f3:77
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICANswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjdDMkQxMTAvBgNVBAUTKDhCNjVBNTI5NDM3N0Q2ODYzNzhDNDZCM0U5REFEN0NE
QjVCNjY3OTEwHhcNMjUwMTA1MDM0NzE2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdhMDBjMy1kNWUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA53i3s1B0IgQy0LdtUS7h5zcSPYUqPI/SyXxvCPM3S6kNPTvX10J5cXqGwQSZ
AuO5YzvXTgB3ol4FvqGu8HUWATRnL5X0mehWhiETrsXL3xirBCDGQPlFMlzVdyqq
xMPvrw1iDJsq83gMUE0MFXBssazaBK7u7R06rh0M23hmefutknVEKylb3rekI57L
P1MHvhkRGUuY4vkjKNns2/nyULjgmTw7arLyyIo5SesNVn0n7pUGJ4su83sx5cWU
eyiFkjzq7LPOV3FbMNe+XYQMUkE+6ijz8q564PZ04/NXvXEoD+V02QWFDiyEIALR
DYpcEB6MClFhKhQKJp5nzC1A7QIDAQABo4IClTCCApEwHQYDVR0OBBYEFOIAvWss
HaZz4FipStdUS3LXfQj0MB8GA1UdIwQYMBaAFItlpSlDd9aGN4xGs+na1821tmeR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyN0MyRC85RTM5RjkzNjhD
OUUxMUVFODdDOEVFNzhDNEY5QUUwMi9pMldsS1VOMzFvWTNqRWF6NmRyWHpiVzJa
NUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2kyV2xLVU4zMW9ZM2pFYXo2ZHJYemJXMlo1RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjdDMkQvOUUzOUY5MzY4QzlFMTFFRTg3QzhFRTc4QzRGOUFFMDIvODMyOThCMTg4
Q0REMTFFRTlDMEE4MjU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALKMfwwDQYJKoZIhvcNAQELBQADggEBAFIIW6ewWwXKtzZg
gsYExqOijzDRzm1Cn4qP2aXKYa9l9qAEZupanHMzJYy1PMkD//iGiOWSoucCVfnU
Lq0rkuNB/S6763bvxVBlYlCASONzwYwT8aQiFwmmHjOV3Tl0Z8e9RFUbOmWojVdR
eu4blrwxzQLa6Td0WlyS0/p2ytryZZFzFPcWw9ouN+SirswriFN9Rd950P5RrYdV
nsdeVVO4l1mzuGFVMmIP8yiQbCBHrJCZZXDojhQZJuil5OG+5ZVxWLr6FlxuUyfA
nc0P/E6vEs/61kGjnDriXYSFBt6ht0uWZw19HRda8lqkn8uvd+XQzWeNE/LIxbDt
4LO+83c=
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:37:30 2025 by rpki-client