Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912D3CB/A9A439FC69B211EA9779DD48C4F9AE02/C2E32E34466B11EE988B243DC4F9AE02.roa
File: C2E32E34466B11EE988B243DC4F9AE02.roa (raw, json)
Hash identifier: hBn0Qcv2Wj2OFO1BXPRpxsQ8U4zswJ2i/kTyMm1Zr1Y=
Subject key identifier: 42:DE:37:54:E8:62:FC:16:87:85:13:39:52:0F:0E:BE:36:D1:3F:68
Certificate issuer: /CN=A912D3CB/serialNumber=EDD2A69686865256C9B0FDDD6B714966D5378F33
Certificate serial: 0A32
Authority key identifier: ED:D2:A6:96:86:86:52:56:C9:B0:FD:DD:6B:71:49:66:D5:37:8F:33
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7dKmloaGUlbJsP3da3FJZtU3jzM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912D3CB/A9A439FC69B211EA9779DD48C4F9AE02/C2E32E34466B11EE988B243DC4F9AE02.roa
Signing time: Fri 28 Feb 2025 20:59:32 +0000
ROA not before: Fri 28 Feb 2025 20:59:32 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 149419
IP address blocks: 123.108.92.0/24 maxlen: 24
123.108.93.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2610 (0xa32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912D3CB
Validity
Not Before: Feb 28 20:59:32 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67c223b3-a0f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:16:97:bd:de:63:c5:3a:80:01:e3:ef:91:a4:
ec:02:7e:a0:64:96:4b:80:a6:2f:ce:46:40:4f:f8:
06:5b:25:9e:40:dd:db:2f:0c:40:46:e6:da:41:7e:
a0:d5:2e:f1:67:36:05:83:1a:e4:89:d1:32:fb:c2:
6f:a7:3b:b5:82:7c:ae:76:34:af:36:7b:f7:07:17:
1c:92:1f:9c:b5:09:04:d5:99:b8:4e:0f:0d:b2:26:
5f:ae:17:73:94:fd:af:d0:e9:16:ce:3b:d5:a3:b4:
e6:03:ec:85:41:50:97:d3:38:eb:dc:7b:f3:a7:04:
6b:75:a0:a6:c7:e0:13:ce:a7:0e:eb:5c:2f:6e:98:
e7:f9:b3:6f:8f:ad:e4:7f:b2:e7:73:2a:2f:1b:ec:
ee:23:c2:89:d2:a0:53:7b:32:cc:78:b4:9e:72:d7:
94:4b:16:e0:31:5d:3a:fb:93:2c:0c:39:9e:56:3d:
59:c7:82:ee:a9:e1:7f:ee:47:15:41:23:07:fd:9f:
23:bd:1e:df:5d:08:b3:e1:c8:f6:11:ec:c1:08:c8:
fd:e0:38:03:bf:41:fd:9e:a5:b8:be:21:32:8b:45:
e7:a5:0f:cf:b7:96:88:81:75:92:6a:f9:67:11:17:
d1:6e:ed:50:7b:84:64:67:fe:11:ff:6e:33:6f:8e:
30:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:DE:37:54:E8:62:FC:16:87:85:13:39:52:0F:0E:BE:36:D1:3F:68
X509v3 Authority Key Identifier:
keyid:ED:D2:A6:96:86:86:52:56:C9:B0:FD:DD:6B:71:49:66:D5:37:8F:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912D3CB/A9A439FC69B211EA9779DD48C4F9AE02/7dKmloaGUlbJsP3da3FJZtU3jzM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7dKmloaGUlbJsP3da3FJZtU3jzM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912D3CB/A9A439FC69B211EA9779DD48C4F9AE02/C2E32E34466B11EE988B243DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.108.92.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:6e:b3:aa:9a:05:51:f6:fd:54:94:62:bc:4f:3c:c0:dc:fd:
b2:5c:75:4d:0d:13:80:aa:e0:7c:ec:eb:45:9e:9e:3a:da:69:
90:10:9d:2d:2e:8f:6a:df:2a:18:2d:6b:fb:cd:01:ee:d2:1d:
13:43:72:e1:85:a0:61:86:79:09:72:a5:28:b9:46:c5:58:38:
d0:a4:58:38:6d:46:34:f0:68:ea:ec:6e:f3:86:24:40:1f:ca:
d2:ad:ff:c6:a9:a7:ca:18:61:b0:a6:bb:de:7e:0e:4e:e0:51:
89:1d:a6:40:93:ff:65:e9:c6:93:d9:94:29:96:ae:8d:0e:02:
df:a0:43:7a:1f:25:4e:bd:8c:ab:ed:d7:a4:d2:09:c3:d1:9c:
26:6d:be:f8:62:4d:69:e4:ae:6e:2e:10:db:d3:99:7d:60:c2:
11:7c:1f:af:80:7e:90:d5:ef:82:7a:a0:dc:90:6c:e2:66:31:
3e:d7:42:e2:54:b2:bc:6d:3a:b3:74:0c:1f:9b:c4:94:00:9b:
3e:cd:46:c3:39:b7:fa:b6:9d:07:4e:16:ce:96:81:97:79:16:
50:f0:dd:11:d5:6f:84:14:d7:64:38:62:f0:fd:bb:8c:d4:fa:
d2:e9:0c:3c:1e:27:3c:b5:07:c5:27:45:b7:42:db:5a:c6:87:
f8:55:9d:1d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCjIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkQzQ0IxMTAvBgNVBAUTKEVERDJBNjk2ODY4NjUyNTZDOUIwRkRERDZCNzE0OTY2
RDUzNzhGMzMwHhcNMjUwMjI4MjA1OTMyWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MyMjNiMy1hMGYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuxaXvd5jxTqAAePvkaTsAn6gZJZLgKYvzkZAT/gGWyWeQN3bLwxARubaQX6g
1S7xZzYFgxrkidEy+8Jvpzu1gnyudjSvNnv3Bxcckh+ctQkE1Zm4Tg8NsiZfrhdz
lP2v0OkWzjvVo7TmA+yFQVCX0zjr3HvzpwRrdaCmx+ATzqcO61wvbpjn+bNvj63k
f7LncyovG+zuI8KJ0qBTezLMeLSecteUSxbgMV06+5MsDDmeVj1Zx4LuqeF/7kcV
QSMH/Z8jvR7fXQiz4cj2EezBCMj94DgDv0H9nqW4viEyi0XnpQ/Pt5aIgXWSavln
ERfRbu1Qe4RkZ/4R/24zb44wHwIDAQABo4IClTCCApEwHQYDVR0OBBYEFELeN1To
YvwWh4UTOVIPDr420T9oMB8GA1UdIwQYMBaAFO3SppaGhlJWybD93WtxSWbVN48z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRDNDQi9BOUE0MzlGQzY5
QjIxMUVBOTc3OURENDhDNEY5QUUwMi83ZEttbG9hR1VsYkpzUDNkYTNGSlp0VTNq
ek0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdkS21sb2FHVWxiSnNQM2RhM0ZKWnRVM2p6TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkQzQ0IvQTlBNDM5RkM2OUIyMTFFQTk3NzlERDQ4QzRGOUFFMDIvQzJFMzJFMzQ0
NjZCMTFFRTk4OEIyNDNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAF7bFwwDQYJKoZIhvcNAQELBQADggEBAKBus6qaBVH2/VSU
YrxPPMDc/bJcdU0NE4Cq4Hzs60WenjraaZAQnS0uj2rfKhgta/vNAe7SHRNDcuGF
oGGGeQlypSi5RsVYONCkWDhtRjTwaOrsbvOGJEAfytKt/8app8oYYbCmu95+Dk7g
UYkdpkCT/2XpxpPZlCmWro0OAt+gQ3ofJU69jKvt16TSCcPRnCZtvvhiTWnkrm4u
ENvTmX1gwhF8H6+AfpDV74J6oNyQbOJmMT7XQuJUsrxtOrN0DB+bxJQAmz7NRsM5
t/q2nQdOFs6WgZd5FlDw3RHVb4QU12Q4YvD9u4zU+tLpDDweJzy1B8UnRbdC21rG
h/hVnR0=
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:27:33 2025 by rpki-client