Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91324D4/1A6E751CA71F11EB848AF030C4F9AE02/DD643EBCE00C11ED8C71C709C4F9AE02.roa
File: DD643EBCE00C11ED8C71C709C4F9AE02.roa (raw, json)
Hash identifier: tNDEmIxy5H25Y3zlO9rXFUC8hfA45BbpRsPK4rM8u7s=
Subject key identifier: BA:89:A2:2F:DC:33:FA:55:2B:0F:17:42:68:AE:A2:56:2C:AE:FE:D1
Certificate issuer: /CN=A91324D4/serialNumber=BF74E7E614D4B22E4B7FE40B6BECEFD1705ACFC1
Certificate serial: 05FF
Authority key identifier: BF:74:E7:E6:14:D4:B2:2E:4B:7F:E4:0B:6B:EC:EF:D1:70:5A:CF:C1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v3Tn5hTUsi5Lf-QLa-zv0XBaz8E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91324D4/1A6E751CA71F11EB848AF030C4F9AE02/DD643EBCE00C11ED8C71C709C4F9AE02.roa
Signing time: Thu 13 Feb 2025 00:31:39 +0000
ROA not before: Thu 13 Feb 2025 00:31:39 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 150683
IP address blocks: 203.215.167.0/24 maxlen: 24
203.215.174.0/24 maxlen: 24
203.215.178.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1535 (0x5ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91324D4
Validity
Not Before: Feb 13 00:31:39 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67ad3d6b-d4cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:39:5a:d0:66:a4:a2:51:cd:6f:18:dd:e8:53:
12:32:03:74:49:e5:17:4e:10:86:ee:84:3b:9f:55:
ea:21:f5:70:a8:ec:d6:e1:60:89:d7:34:23:5a:dc:
cd:b6:2e:80:7a:7e:01:64:a8:70:90:b1:51:31:ea:
fe:d9:e3:12:50:68:86:36:bb:bb:1e:82:4f:5d:e0:
2f:02:65:54:60:00:84:51:cb:a6:03:78:b2:de:61:
77:18:3b:34:be:c2:8b:88:43:6d:10:c7:1c:cb:64:
da:0b:ec:73:37:b2:85:e0:19:b3:5a:ec:0c:e5:ba:
cf:cc:23:ba:3a:50:e5:c7:25:22:3e:f5:9b:a4:45:
0a:da:28:98:31:55:e5:2d:17:96:b5:d7:cb:84:d8:
1c:52:03:16:a3:ff:7f:7e:62:ff:30:ef:a1:59:d6:
48:c0:78:95:59:30:a0:e7:3c:fa:16:87:3b:53:40:
61:7a:4b:fa:2e:66:49:cf:42:62:a7:53:24:40:84:
f6:1e:28:e2:31:2e:6b:50:67:60:85:07:87:b8:ec:
ab:74:5c:74:84:45:f3:32:b6:1d:2c:b7:ab:f8:1f:
dd:5d:a8:8c:ce:d5:5d:cb:e1:9f:6a:d1:fc:e3:76:
44:54:f6:f8:61:0f:a2:dd:33:0b:19:d8:c2:dd:8e:
06:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:89:A2:2F:DC:33:FA:55:2B:0F:17:42:68:AE:A2:56:2C:AE:FE:D1
X509v3 Authority Key Identifier:
keyid:BF:74:E7:E6:14:D4:B2:2E:4B:7F:E4:0B:6B:EC:EF:D1:70:5A:CF:C1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91324D4/1A6E751CA71F11EB848AF030C4F9AE02/v3Tn5hTUsi5Lf-QLa-zv0XBaz8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v3Tn5hTUsi5Lf-QLa-zv0XBaz8E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91324D4/1A6E751CA71F11EB848AF030C4F9AE02/DD643EBCE00C11ED8C71C709C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.215.167.0/24
203.215.174.0/24
203.215.178.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:c0:e7:85:b3:1e:ee:c1:42:13:c4:4c:17:09:41:c7:ad:04:
22:8b:13:bc:03:77:92:bb:3f:d0:4c:c0:37:45:e9:e7:6a:dc:
87:3d:c3:1e:73:d7:60:2c:1a:9f:68:15:e3:a1:ae:99:d8:95:
b0:3e:84:e9:21:d9:e4:f9:1e:38:79:ea:78:0b:18:8f:93:3f:
50:9f:04:46:e8:d7:e7:8d:cb:0b:4a:d8:e8:1c:1e:64:2c:ad:
7e:e4:8e:af:b4:46:66:9b:79:09:88:b0:8d:b0:51:dc:36:e1:
3e:02:4a:23:c2:cd:2e:3d:ea:f6:c6:eb:5e:09:a2:a9:23:6c:
0d:b7:f1:cb:2f:53:99:44:60:e8:5c:0f:e5:77:7f:35:df:09:
c7:37:2f:ad:f3:b2:81:48:c9:90:6d:06:7b:bc:fc:e5:9a:28:
cd:af:14:1d:a1:2c:3f:fb:1e:04:3c:94:ff:4b:a5:36:ee:09:
a9:de:b8:d4:18:3f:10:b4:37:6d:25:96:da:d4:be:aa:c0:b8:
8a:e0:c1:19:5c:2f:0d:80:01:85:0f:46:3e:66:d1:91:38:d7:
54:ca:c4:8e:a5:a7:2f:01:8b:70:9e:f2:4a:30:89:ee:85:b8:
63:2b:87:3b:17:0a:5b:48:81:f8:0a:a5:ff:05:01:48:3c:47:
85:41:72:d6
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBf8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzI0RDQxMTAvBgNVBAUTKEJGNzRFN0U2MTRENEIyMkU0QjdGRTQwQjZCRUNFRkQx
NzA1QUNGQzEwHhcNMjUwMjEzMDAzMTM5WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FkM2Q2Yi1kNGNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAszla0GakolHNbxjd6FMSMgN0SeUXThCG7oQ7n1XqIfVwqOzW4WCJ1zQjWtzN
ti6Aen4BZKhwkLFRMer+2eMSUGiGNru7HoJPXeAvAmVUYACEUcumA3iy3mF3GDs0
vsKLiENtEMccy2TaC+xzN7KF4BmzWuwM5brPzCO6OlDlxyUiPvWbpEUK2iiYMVXl
LReWtdfLhNgcUgMWo/9/fmL/MO+hWdZIwHiVWTCg5zz6Foc7U0Bhekv6LmZJz0Ji
p1MkQIT2HijiMS5rUGdghQeHuOyrdFx0hEXzMrYdLLer+B/dXaiMztVdy+GfatH8
43ZEVPb4YQ+i3TMLGdjC3Y4GiQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFLqJoi/c
M/pVKw8XQmiuolYsrv7RMB8GA1UdIwQYMBaAFL905+YU1LIuS3/kC2vs79FwWs/B
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMjRENC8xQTZFNzUxQ0E3
MUYxMUVCODQ4QUYwMzBDNEY5QUUwMi92M1RuNWhUVXNpNUxmLVFMYS16djBYQmF6
OEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3YzVG41aFRVc2k1TGYtUUxhLXp2MFhCYXo4RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzI0RDQvMUE2RTc1MUNBNzFGMTFFQjg0OEFGMDMwQzRGOUFFMDIvREQ2NDNFQkNF
MDBDMTFFRDhDNzFDNzA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBADL16cDBADL164DBADL17IwDQYJKoZIhvcNAQELBQADggEB
ALfA54WzHu7BQhPETBcJQcetBCKLE7wDd5K7P9BMwDdF6edq3Ic9wx5z12AsGp9o
FeOhrpnYlbA+hOkh2eT5Hjh56ngLGI+TP1CfBEbo1+eNywtK2OgcHmQsrX7kjq+0
RmabeQmIsI2wUdw24T4CSiPCzS496vbG614JoqkjbA238csvU5lEYOhcD+V3fzXf
Ccc3L63zsoFIyZBtBnu8/OWaKM2vFB2hLD/7HgQ8lP9LpTbuCaneuNQYPxC0N20l
ltrUvqrAuIrgwRlcLw2AAYUPRj5m0ZE411TKxI6lpy8Bi3Ce8kowie6FuGMrhzsX
CltIgfgKpf8FAUg8R4VBctY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:46:38 2025 by rpki-client