Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9128992/FADBC56C87A111E5AEB47F4DC4F9AE02/3FDC5DFEF42011E98CE43179C4F9AE02.roa
File: 3FDC5DFEF42011E98CE43179C4F9AE02.roa (raw, json)
Hash identifier: beJZNg8lxpqAAHJoJpUot8LHQN46ww5o/CHFoYK6NF4=
Subject key identifier: 78:EA:AA:E4:55:FA:B9:44:C7:46:EE:58:CB:34:2E:9E:24:44:FA:44
Certificate issuer: /CN=A9128992/serialNumber=79014A5F07319F0460FCD04FC4AAABCCE09ED344
Certificate serial: 21EE
Authority key identifier: 79:01:4A:5F:07:31:9F:04:60:FC:D0:4F:C4:AA:AB:CC:E0:9E:D3:44
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eQFKXwcxnwRg_NBPxKqrzOCe00Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9128992/FADBC56C87A111E5AEB47F4DC4F9AE02/3FDC5DFEF42011E98CE43179C4F9AE02.roa
Signing time: Wed 16 Aug 2023 16:13:00 +0000
ROA not before: Wed 16 Aug 2023 16:13:00 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 45282
IP address blocks: 123.176.56.0/22 maxlen: 22
123.176.56.0/24 maxlen: 24
123.176.57.0/24 maxlen: 24
123.176.58.0/24 maxlen: 24
123.176.59.0/24 maxlen: 24
202.129.192.0/22 maxlen: 22
202.129.192.0/24 maxlen: 24
202.129.193.0/24 maxlen: 24
202.129.194.0/24 maxlen: 24
202.129.195.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8686 (0x21ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9128992
Validity
Not Before: Aug 16 16:13:00 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64dcf58c-3aaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9e:18:98:ba:35:6c:e7:15:7c:50:d0:91:03:
51:81:d1:7e:e3:9e:12:e8:c9:98:80:2f:21:b1:bd:
36:16:fc:d9:a8:97:14:3b:51:c2:26:f0:2d:08:fc:
79:f7:36:08:50:5c:e9:9c:bc:7b:46:79:04:17:54:
1d:a2:6e:24:d9:a1:43:7f:44:e7:6f:2d:12:5b:c5:
af:e9:ba:4b:28:24:d1:3a:fa:73:c5:54:d2:d7:77:
f5:4f:36:14:3a:19:96:62:8b:87:74:5a:cb:3d:d1:
16:db:b4:46:bd:b5:b5:e6:cb:dd:47:76:30:5b:19:
6c:4c:c1:f4:a1:3e:51:6d:25:9f:26:c7:ad:31:6e:
54:71:66:73:ea:6c:ed:1a:0d:b3:38:74:f9:1a:79:
48:06:be:ca:5e:18:a3:25:2a:3c:79:21:2a:f1:0b:
0d:44:63:19:19:4e:e7:93:08:25:67:51:a6:ca:f7:
93:b9:84:83:83:a6:da:58:01:fa:f6:d1:a9:d6:6a:
8e:36:e1:dd:16:45:a2:bf:bc:52:03:c2:2b:70:b6:
71:eb:44:22:28:88:69:64:5d:30:36:8e:93:72:a5:
68:b2:49:c3:d7:0b:2a:b2:a4:4e:a8:e5:f8:a4:28:
9f:36:9c:89:02:1d:ee:e4:43:e2:86:7b:33:e5:2d:
c3:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:EA:AA:E4:55:FA:B9:44:C7:46:EE:58:CB:34:2E:9E:24:44:FA:44
X509v3 Authority Key Identifier:
keyid:79:01:4A:5F:07:31:9F:04:60:FC:D0:4F:C4:AA:AB:CC:E0:9E:D3:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9128992/FADBC56C87A111E5AEB47F4DC4F9AE02/eQFKXwcxnwRg_NBPxKqrzOCe00Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eQFKXwcxnwRg_NBPxKqrzOCe00Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128992/FADBC56C87A111E5AEB47F4DC4F9AE02/3FDC5DFEF42011E98CE43179C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.176.56.0/22
202.129.192.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:06:14:90:1f:bc:a9:fe:b8:6c:60:8d:00:14:0a:b9:a4:32:
0b:d6:26:17:24:70:b0:81:14:13:f1:ed:10:d0:ed:ee:f8:82:
cd:4f:bf:a7:e2:25:3d:e0:6b:15:3f:9e:bc:3c:76:67:e5:f6:
19:eb:2d:c7:24:ef:7b:29:73:da:d5:30:b8:6c:26:ce:a7:2f:
75:a2:ed:bf:bb:d4:4f:17:f2:eb:36:3c:58:2d:33:07:d7:c0:
e0:7b:d7:00:b9:d3:49:a1:38:e2:4f:30:45:2b:b7:a6:c6:6f:
32:9c:fd:55:64:8a:f8:30:87:bb:29:8e:ba:0f:a0:6b:f5:4e:
41:40:c4:ab:48:5e:97:33:80:8b:78:e8:16:96:d4:a0:b6:bb:
fb:72:e7:00:29:c4:3d:ea:0f:cc:76:e8:b8:d9:b8:fd:92:c5:
02:bc:ca:8e:e1:51:88:9a:fb:10:ad:cb:99:18:1d:93:2a:f6:
d7:64:0a:e3:df:e0:1a:6c:21:a1:55:59:f7:c3:b5:22:7a:34:
9c:ca:32:93:d8:09:a1:47:a7:cd:09:d5:ac:61:48:3d:f6:f1:
48:40:68:d6:c2:5d:f2:9e:9d:0d:41:cb:a0:f0:73:76:1e:8f:
af:c2:82:8a:00:99:b2:9f:f2:44:26:52:44:51:cb:67:5d:02:
3e:78:87:41
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICIe4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjg5OTIxMTAvBgNVBAUTKDc5MDE0QTVGMDczMTlGMDQ2MEZDRDA0RkM0QUFBQkND
RTA5RUQzNDQwHhcNMjMwODE2MTYxMzAwWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRjZjU4Yy0zYWFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw54YmLo1bOcVfFDQkQNRgdF+454S6MmYgC8hsb02FvzZqJcUO1HCJvAtCPx5
9zYIUFzpnLx7RnkEF1Qdom4k2aFDf0Tnby0SW8Wv6bpLKCTROvpzxVTS13f1TzYU
OhmWYouHdFrLPdEW27RGvbW15svdR3YwWxlsTMH0oT5RbSWfJsetMW5UcWZz6mzt
Gg2zOHT5GnlIBr7KXhijJSo8eSEq8QsNRGMZGU7nkwglZ1GmyveTuYSDg6baWAH6
9tGp1mqONuHdFkWiv7xSA8IrcLZx60QiKIhpZF0wNo6TcqVosknD1wsqsqROqOX4
pCifNpyJAh3u5EPihnsz5S3DZQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHjqquRV
+rlEx0buWMs0Lp4kRPpEMB8GA1UdIwQYMBaAFHkBSl8HMZ8EYPzQT8Sqq8zgntNE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyODk5Mi9GQURCQzU2Qzg3
QTExMUU1QUVCNDdGNERDNEY5QUUwMi9lUUZLWHdjeG53UmdfTkJQeEtxcnpPQ2Uw
MFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VRRktYd2N4bndSZ19OQlB4S3Fyek9DZTAwUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjg5OTIvRkFEQkM1NkM4N0ExMTFFNUFFQjQ3RjREQzRGOUFFMDIvM0ZEQzVERkVG
NDIwMTFFOThDRTQzMTc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJ7sDgDBALKgcAwDQYJKoZIhvcNAQELBQADggEBAKEGFJAf
vKn+uGxgjQAUCrmkMgvWJhckcLCBFBPx7RDQ7e74gs1Pv6fiJT3gaxU/nrw8dmfl
9hnrLcck73spc9rVMLhsJs6nL3Wi7b+71E8X8us2PFgtMwfXwOB71wC500mhOOJP
MEUrt6bGbzKc/VVkivgwh7spjroPoGv1TkFAxKtIXpczgIt46BaW1KC2u/ty5wAp
xD3qD8x26LjZuP2SxQK8yo7hUYia+xCty5kYHZMq9tdkCuPf4BpsIaFVWffDtSJ6
NJzKMpPYCaFHp80J1axhSD328UhAaNbCXfKenQ1By6Dwc3Yej6/CgooAmbKf8kQm
UkRRy2ddAj54h0E=
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:59:51 2025 by rpki-client