Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91356BB/5CEA549416D511ECA7F3F46AC4F9AE02/D8CA5BF0D91811EFA4F02F4EC4F9AE02.roa
File: D8CA5BF0D91811EFA4F02F4EC4F9AE02.roa (raw, json)
Hash identifier: 8hrfhcSqxa/4SRCjVtFAn+SSuJB9rQ+nvWhtPYLut4w=
Subject key identifier: F8:99:82:DC:53:42:65:F7:38:C8:06:D1:05:AB:C7:EB:24:D3:A5:40
Certificate issuer: /CN=A91356BB/serialNumber=2CCA13540F013B93B23C9DF14D9617DA40CB2677
Certificate serial: 04CE
Authority key identifier: 2C:CA:13:54:0F:01:3B:93:B2:3C:9D:F1:4D:96:17:DA:40:CB:26:77
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LMoTVA8BO5OyPJ3xTZYX2kDLJnc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91356BB/5CEA549416D511ECA7F3F46AC4F9AE02/D8CA5BF0D91811EFA4F02F4EC4F9AE02.roa
Signing time: Wed 22 Jan 2025 23:47:14 +0000
ROA not before: Wed 22 Jan 2025 23:47:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 203.20.192.0/24 maxlen: 24
203.20.193.0/24 maxlen: 24
203.20.194.0/24 maxlen: 24
203.20.195.0/24 maxlen: 24
203.20.196.0/24 maxlen: 24
203.20.198.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1230 (0x4ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91356BB
Validity
Not Before: Jan 22 23:47:14 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67918382-bb92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d4:6a:78:f3:f3:31:a9:56:d2:b4:0a:8a:b8:
63:f4:63:db:3d:9e:50:5e:e2:f5:b3:00:d0:21:83:
41:41:4f:fa:6a:ff:28:c4:4f:41:08:e1:61:48:5b:
20:5c:67:84:6a:cb:f4:f8:66:92:ea:2f:83:76:3a:
04:db:f4:15:74:d9:84:d8:ea:a0:2d:c4:2c:86:1b:
96:c5:1f:45:ed:32:6b:c2:1d:0b:c3:77:33:06:44:
c0:d3:d4:99:a6:01:99:3a:8d:d7:37:46:f4:82:0a:
f9:cf:99:04:48:55:df:15:44:26:cb:52:6f:19:8e:
ce:7a:bb:34:09:83:f0:2f:78:2c:34:71:6a:cd:2e:
a8:9d:db:a2:0c:91:4a:32:b7:cd:e3:ad:ae:ec:cc:
e0:ba:a1:e2:55:57:61:eb:4c:2f:dd:aa:0a:c1:e6:
4f:05:eb:55:bc:4c:ba:f5:8c:70:17:a3:fe:00:79:
e9:df:f4:b6:d2:a4:56:11:29:b5:bc:70:20:09:2e:
b9:ec:00:84:1a:59:b1:7c:e2:34:a8:6a:1f:f2:f2:
70:51:31:28:68:09:2b:08:8d:94:b4:8e:af:b2:6f:
f3:61:e6:3d:60:f7:40:ca:65:ac:4c:ba:d6:3d:f8:
4e:67:a4:65:9a:c1:2a:99:9f:81:35:e4:e8:17:ac:
60:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:99:82:DC:53:42:65:F7:38:C8:06:D1:05:AB:C7:EB:24:D3:A5:40
X509v3 Authority Key Identifier:
keyid:2C:CA:13:54:0F:01:3B:93:B2:3C:9D:F1:4D:96:17:DA:40:CB:26:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91356BB/5CEA549416D511ECA7F3F46AC4F9AE02/LMoTVA8BO5OyPJ3xTZYX2kDLJnc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LMoTVA8BO5OyPJ3xTZYX2kDLJnc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91356BB/5CEA549416D511ECA7F3F46AC4F9AE02/D8CA5BF0D91811EFA4F02F4EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.20.192.0-203.20.196.255
203.20.198.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:97:8a:bb:d8:4a:cf:06:f4:1a:a4:84:65:b6:12:ff:ff:e2:
dd:8d:c9:cb:c5:1f:46:c6:48:f5:db:16:2e:32:84:8a:b7:8a:
8b:77:92:3b:b9:c9:96:f5:95:e2:da:fc:d5:42:93:9e:86:38:
a8:72:ed:96:bd:23:d4:be:77:73:c8:30:47:06:2b:1a:d0:b4:
87:da:29:c6:a8:73:6c:d2:e8:a6:71:6a:9c:76:75:b7:5a:7f:
7e:3b:08:f0:30:81:1a:32:e7:60:c0:aa:4c:34:03:9f:ee:8b:
91:b6:55:39:38:87:12:0a:9f:c7:69:c6:c2:f2:ca:80:40:fb:
29:6b:26:57:ba:88:ac:c5:b5:0f:9b:c4:99:e4:b1:ae:c0:25:
89:15:be:cb:ff:ac:81:24:e4:6b:09:fd:f0:ab:2f:89:5e:5f:
02:c1:4e:e5:0b:e5:ec:21:08:2a:36:c9:99:d7:c0:27:33:43:
61:88:eb:32:6b:9f:4d:ad:67:65:43:5b:44:ba:9a:3a:77:74:
44:8a:ee:c8:39:78:aa:67:f0:73:ed:dd:40:de:14:40:c5:fd:
bd:fa:10:1e:ce:87:1e:43:90:0b:06:bc:a2:92:d1:7a:ec:22:
89:95:6b:86:bb:27:79:e1:db:ad:be:8c:64:19:96:b7:bb:39:
00:d1:87:c5
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICBM4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzU2QkIxMTAvBgNVBAUTKDJDQ0ExMzU0MEYwMTNCOTNCMjNDOURGMTREOTYxN0RB
NDBDQjI2NzcwHhcNMjUwMTIyMjM0NzE0WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkxODM4Mi1iYjkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxdRqePPzMalW0rQKirhj9GPbPZ5QXuL1swDQIYNBQU/6av8oxE9BCOFhSFsg
XGeEasv0+GaS6i+DdjoE2/QVdNmE2OqgLcQshhuWxR9F7TJrwh0Lw3czBkTA09SZ
pgGZOo3XN0b0ggr5z5kESFXfFUQmy1JvGY7Oers0CYPwL3gsNHFqzS6onduiDJFK
MrfN462u7MzguqHiVVdh60wv3aoKweZPBetVvEy69YxwF6P+AHnp3/S20qRWESm1
vHAgCS657ACEGlmxfOI0qGof8vJwUTEoaAkrCI2UtI6vsm/zYeY9YPdAymWsTLrW
PfhOZ6RlmsEqmZ+BNeToF6xgJQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFPiZgtxT
QmX3OMgG0QWrx+sk06VAMB8GA1UdIwQYMBaAFCzKE1QPATuTsjyd8U2WF9pAyyZ3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNTZCQi81Q0VBNTQ5NDE2
RDUxMUVDQTdGM0Y0NkFDNEY5QUUwMi9MTW9UVkE4Qk81T3lQSjN4VFpZWDJrRExK
bmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xNb1RWQThCTzVPeVBKM3hUWllYMmtETEpuYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzU2QkIvNUNFQTU0OTQxNkQ1MTFFQ0E3RjNGNDZBQzRGOUFFMDIvRDhDQTVCRjBE
OTE4MTFFRkE0RjAyRjRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEBssUwAMEAMsUxAMEAMsUxjANBgkqhkiG9w0BAQsFAAOC
AQEAmpeKu9hKzwb0GqSEZbYS///i3Y3Jy8UfRsZI9dsWLjKEireKi3eSO7nJlvWV
4tr81UKTnoY4qHLtlr0j1L53c8gwRwYrGtC0h9opxqhzbNLopnFqnHZ1t1p/fjsI
8DCBGjLnYMCqTDQDn+6LkbZVOTiHEgqfx2nGwvLKgED7KWsmV7qIrMW1D5vEmeSx
rsAliRW+y/+sgSTkawn98KsviV5fAsFO5Qvl7CEIKjbJmdfAJzNDYYjrMmufTa1n
ZUNbRLqaOnd0RIruyDl4qmfwc+3dQN4UQMX9vfoQHs6HHkOQCwa8opLReuwiiZVr
hrsneeHbrb6MZBmWt7s5ANGHxQ==
-----END CERTIFICATE-----
Generated at Fri Apr 11 16:31:47 2025 by rpki-client