Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913150F/57719854D13311EEAA20DC84C4F9AE02/BAFF9DF8D13311EEB88A8D85C4F9AE02.roa
File: BAFF9DF8D13311EEB88A8D85C4F9AE02.roa (raw, json)
Hash identifier: hU10WaMZMWvcWJ+v9bo24BcgNYMioZ0sb+F6hOJfmbc=
Subject key identifier: 91:DC:21:F5:45:A5:10:AD:1C:4E:F5:8D:42:D9:19:CA:59:F7:00:A8
Certificate issuer: /CN=A913150F/serialNumber=663F4D5FC8270A4420FE1E61F91ADFA837FF1EE4
Certificate serial: AC
Authority key identifier: 66:3F:4D:5F:C8:27:0A:44:20:FE:1E:61:F9:1A:DF:A8:37:FF:1E:E4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zj9NX8gnCkQg_h5h-RrfqDf_HuQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913150F/57719854D13311EEAA20DC84C4F9AE02/BAFF9DF8D13311EEB88A8D85C4F9AE02.roa
Signing time: Wed 15 Jan 2025 04:47:16 +0000
ROA not before: Wed 15 Jan 2025 04:47:16 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 131164
IP address blocks: 112.78.52.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172 (0xac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913150F
Validity
Not Before: Jan 15 04:47:16 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67873dd4-099e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:23:6a:30:cc:a6:93:e3:49:1f:d4:31:b9:9c:
37:62:7c:63:55:4a:bf:e8:cd:3b:25:29:b9:e4:74:
8e:ed:a2:02:7d:f6:4c:2c:18:6c:51:e0:00:ec:3b:
9c:6d:0c:ab:c9:10:28:71:ea:8f:a2:f5:ef:c6:9b:
b5:fd:f0:df:62:e5:fe:3c:37:af:71:e4:ef:22:9f:
79:3f:74:57:21:c0:ce:c4:28:f8:93:fe:47:85:c6:
45:a2:15:1c:ef:d9:c3:71:f3:f2:f9:c1:af:44:e7:
1f:25:2e:1a:0a:41:fe:5f:1b:bb:a5:15:63:7c:24:
b8:fc:78:a6:7c:5b:77:2b:1a:54:ba:a7:12:24:2c:
fb:13:2e:7f:a9:48:8c:0e:0c:5e:ff:31:d2:a4:15:
7e:bc:45:0b:5f:ac:9b:bf:be:89:60:76:53:ad:76:
fe:61:03:ff:cb:ba:fe:7f:a7:39:18:33:9a:b9:f7:
59:55:cc:23:68:c5:8a:c6:cd:ec:30:11:a7:fa:09:
5c:c5:b7:35:0d:a8:08:41:c0:7a:ca:05:87:63:0c:
00:39:7e:e1:99:1f:84:23:1a:be:d1:ad:bc:36:10:
ad:54:86:80:9c:d0:d1:82:08:e6:4e:a1:99:27:88:
03:9f:72:a1:88:85:1c:ad:22:0e:83:8f:0b:f2:7b:
8b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:DC:21:F5:45:A5:10:AD:1C:4E:F5:8D:42:D9:19:CA:59:F7:00:A8
X509v3 Authority Key Identifier:
keyid:66:3F:4D:5F:C8:27:0A:44:20:FE:1E:61:F9:1A:DF:A8:37:FF:1E:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913150F/57719854D13311EEAA20DC84C4F9AE02/Zj9NX8gnCkQg_h5h-RrfqDf_HuQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zj9NX8gnCkQg_h5h-RrfqDf_HuQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913150F/57719854D13311EEAA20DC84C4F9AE02/BAFF9DF8D13311EEB88A8D85C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
112.78.52.0/22
Signature Algorithm: sha256WithRSAEncryption
10:a0:34:e8:2f:00:d8:65:5b:71:bc:98:fb:b8:ad:a3:0b:8f:
a3:65:62:4f:dd:30:2e:10:bc:91:9b:79:76:8a:d4:d6:95:e9:
bf:93:65:b8:8a:ff:90:0e:76:00:cd:de:c0:b8:d3:65:2e:89:
ad:99:40:eb:39:0e:fa:8e:e8:3d:a4:ad:5b:04:26:ec:93:0a:
bb:fa:89:d7:3a:df:97:8a:31:23:d5:8d:62:e3:33:7a:19:c0:
ef:70:f0:88:9b:ce:f7:77:75:17:5d:fe:bb:08:e0:2b:70:5b:
14:65:df:2b:b7:a2:c3:4b:41:65:60:fc:22:da:65:f5:d3:93:
22:96:ef:46:e0:5e:3c:d7:4f:15:ae:7d:85:9c:56:40:20:18:
54:19:2a:9f:11:45:67:58:42:9b:08:5e:87:02:2e:70:9b:62:
bd:42:fa:61:91:7d:72:18:dd:0a:84:b8:4f:f2:0b:0b:f1:e0:
f8:54:59:ae:d1:f0:56:c3:7e:57:1b:4b:b7:89:15:56:00:62:
d9:f7:7a:d7:cf:05:aa:55:37:3a:f8:38:c0:e0:36:9d:bc:01:
30:c6:2c:8f:11:d5:d0:c2:b0:15:e0:97:af:23:d5:f2:57:91:
14:4c:34:18:ea:9f:17:b9:4d:39:cc:3a:d3:4d:57:3d:a5:51:
44:5d:1f:e7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAKwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzE1MEYxMTAvBgNVBAUTKDY2M0Y0RDVGQzgyNzBBNDQyMEZFMUU2MUY5MUFERkE4
MzdGRjFFRTQwHhcNMjUwMTE1MDQ0NzE2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg3M2RkNC0wOTllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0SNqMMymk+NJH9QxuZw3YnxjVUq/6M07JSm55HSO7aICffZMLBhsUeAA7Duc
bQyryRAoceqPovXvxpu1/fDfYuX+PDevceTvIp95P3RXIcDOxCj4k/5HhcZFohUc
79nDcfPy+cGvROcfJS4aCkH+Xxu7pRVjfCS4/HimfFt3KxpUuqcSJCz7Ey5/qUiM
Dgxe/zHSpBV+vEULX6ybv76JYHZTrXb+YQP/y7r+f6c5GDOaufdZVcwjaMWKxs3s
MBGn+glcxbc1DagIQcB6ygWHYwwAOX7hmR+EIxq+0a28NhCtVIaAnNDRggjmTqGZ
J4gDn3KhiIUcrSIOg48L8nuLxQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJHcIfVF
pRCtHE71jULZGcpZ9wCoMB8GA1UdIwQYMBaAFGY/TV/IJwpEIP4eYfka36g3/x7k
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMTUwRi81NzcxOTg1NEQx
MzMxMUVFQUEyMERDODRDNEY5QUUwMi9aajlOWDhnbkNrUWdfaDVoLVJyZnFEZl9I
dVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pqOU5YOGduQ2tRZ19oNWgtUnJmcURmX0h1US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzE1MEYvNTc3MTk4NTREMTMzMTFFRUFBMjBEQzg0QzRGOUFFMDIvQkFGRjlERjhE
MTMzMTFFRUI4OEE4RDg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJwTjQwDQYJKoZIhvcNAQELBQADggEBABCgNOgvANhlW3G8
mPu4raMLj6NlYk/dMC4QvJGbeXaK1NaV6b+TZbiK/5AOdgDN3sC402Uuia2ZQOs5
DvqO6D2krVsEJuyTCrv6idc635eKMSPVjWLjM3oZwO9w8Iibzvd3dRdd/rsI4Ctw
WxRl3yu3osNLQWVg/CLaZfXTkyKW70bgXjzXTxWufYWcVkAgGFQZKp8RRWdYQpsI
XocCLnCbYr1C+mGRfXIY3QqEuE/yCwvx4PhUWa7R8FbDflcbS7eJFVYAYtn3etfP
BapVNzr4OMDgNp28ATDGLI8R1dDCsBXgl68j1fJXkRRMNBjqnxe5TTnMOtNNVz2l
UURdH+c=
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:26:56 2025 by rpki-client