Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91372E6/F3590824FDE311EEAA777D11C4F9AE02/44B42A0EFDE511EEAD5A6432C4F9AE02.roa
File: 44B42A0EFDE511EEAD5A6432C4F9AE02.roa (raw, json)
Hash identifier: N/lCfyLCfQ6pGJZnFWlWQxmi4U70D1DfmNioR3drqK8=
Subject key identifier: C4:F5:CD:6F:28:56:2D:9D:10:FD:68:38:C0:44:07:C2:F6:F7:B6:21
Certificate issuer: /CN=A91372E6/serialNumber=E46EACDC214385C142034674E46C68E7BBE29525
Certificate serial: A5
Authority key identifier: E4:6E:AC:DC:21:43:85:C1:42:03:46:74:E4:6C:68:E7:BB:E2:95:25
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5G6s3CFDhcFCA0Z05Gxo57vilSU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91372E6/F3590824FDE311EEAA777D11C4F9AE02/44B42A0EFDE511EEAD5A6432C4F9AE02.roa
Signing time: Mon 03 Mar 2025 07:59:17 +0000
ROA not before: Mon 03 Mar 2025 07:59:17 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 132584
IP address blocks: 203.16.177.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165 (0xa5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91372E6
Validity
Not Before: Mar 3 07:59:17 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67c56155-4002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0a:86:6d:13:e1:bf:7d:90:4d:a7:64:7d:4e:
e7:4e:ab:a8:09:38:69:5e:0d:20:bc:93:a1:99:1d:
72:21:dd:d0:2b:93:6d:32:34:3d:ae:0a:70:cf:3c:
5e:da:25:53:fd:56:7d:51:ed:43:15:7c:d2:13:59:
29:e8:8d:cf:16:47:2b:3e:68:1c:de:49:1a:24:f7:
80:b4:f9:40:07:9e:99:e3:f0:e4:94:b6:c2:a8:62:
6b:ca:8f:97:d3:1e:34:96:98:08:d1:82:67:69:f3:
90:a7:b9:7b:21:96:94:b2:ab:ad:64:53:e3:b4:f6:
fd:14:e1:fa:31:0c:92:8d:8c:bb:f1:b3:8f:a4:4f:
d5:be:ae:58:5f:e7:fd:b5:45:3e:f4:00:33:06:98:
cd:89:3d:7b:95:49:41:ba:33:bc:9b:1e:60:de:3e:
2f:f1:15:0c:47:54:27:70:af:1f:ee:1b:d6:a2:61:
1c:3e:7e:50:2e:fb:d0:1e:77:42:e1:09:37:a5:ac:
4e:9a:12:c3:7e:1a:67:86:7c:d3:f6:65:9a:c7:67:
ab:d9:e6:7d:a2:73:bb:58:f1:00:08:36:e0:a4:77:
77:f1:b6:17:fb:64:a4:0f:1b:2e:77:39:b2:28:b3:
98:f4:19:68:8e:28:b2:55:03:09:6d:02:e4:70:26:
e7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:F5:CD:6F:28:56:2D:9D:10:FD:68:38:C0:44:07:C2:F6:F7:B6:21
X509v3 Authority Key Identifier:
keyid:E4:6E:AC:DC:21:43:85:C1:42:03:46:74:E4:6C:68:E7:BB:E2:95:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91372E6/F3590824FDE311EEAA777D11C4F9AE02/5G6s3CFDhcFCA0Z05Gxo57vilSU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5G6s3CFDhcFCA0Z05Gxo57vilSU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91372E6/F3590824FDE311EEAA777D11C4F9AE02/44B42A0EFDE511EEAD5A6432C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.16.177.0/24
Signature Algorithm: sha256WithRSAEncryption
12:91:9f:07:85:f6:cf:5b:e8:4b:ed:a4:e5:cb:3b:c8:44:90:
c3:48:b6:e2:00:9a:c3:21:34:fc:97:fa:55:8a:d1:e3:2d:58:
bb:61:35:38:b8:b3:c9:59:b4:5a:1b:a3:e3:79:dd:7c:9d:ce:
b4:53:fe:54:78:a9:53:64:77:02:20:16:a8:57:48:ca:b8:80:
98:9a:50:88:cd:73:a9:07:2b:7e:e6:dd:a9:c1:41:61:0b:65:
00:c5:35:ae:ab:fb:3c:0e:c7:a0:a9:18:75:7b:a7:fd:0b:bd:
5b:c6:4a:8b:b0:81:3e:94:40:78:7d:a9:f7:f0:95:eb:a4:49:
06:95:09:13:05:d3:26:3f:cb:f7:dd:56:c8:35:2d:7b:36:6a:
d5:ca:8a:d1:a3:62:f0:ea:49:84:c5:32:36:4b:0d:96:2f:30:
4e:a1:ca:02:3f:19:1c:98:c2:5b:57:7c:39:1b:af:d1:b3:38:
78:ac:39:c8:9c:a1:41:50:9f:d2:b0:16:ee:e4:66:47:c2:95:
4d:80:e5:a1:cc:90:6f:f5:f4:06:2f:1c:cd:e0:4a:72:45:bc:
af:3e:57:88:f3:d4:cb:06:66:26:42:05:ef:3e:94:ce:92:02:
0f:d4:3d:f0:ba:b3:8b:f2:81:a8:8f:a3:a9:7e:88:c2:e0:78:
c4:76:01:00
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAKUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzcyRTYxMTAvBgNVBAUTKEU0NkVBQ0RDMjE0Mzg1QzE0MjAzNDY3NEU0NkM2OEU3
QkJFMjk1MjUwHhcNMjUwMzAzMDc1OTE3WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M1NjE1NS00MDAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvwqGbRPhv32QTadkfU7nTquoCThpXg0gvJOhmR1yId3QK5NtMjQ9rgpwzzxe
2iVT/VZ9Ue1DFXzSE1kp6I3PFkcrPmgc3kkaJPeAtPlAB56Z4/DklLbCqGJryo+X
0x40lpgI0YJnafOQp7l7IZaUsqutZFPjtPb9FOH6MQySjYy78bOPpE/Vvq5YX+f9
tUU+9AAzBpjNiT17lUlBujO8mx5g3j4v8RUMR1QncK8f7hvWomEcPn5QLvvQHndC
4Qk3paxOmhLDfhpnhnzT9mWax2er2eZ9onO7WPEACDbgpHd38bYX+2SkDxsudzmy
KLOY9BlojiiyVQMJbQLkcCbnvQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMT1zW8o
Vi2dEP1oOMBEB8L297YhMB8GA1UdIwQYMBaAFORurNwhQ4XBQgNGdORsaOe74pUl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNzJFNi9GMzU5MDgyNEZE
RTMxMUVFQUE3NzdEMTFDNEY5QUUwMi81RzZzM0NGRGhjRkNBMFowNUd4bzU3dmls
U1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVHNnMzQ0ZEaGNGQ0EwWjA1R3hvNTd2aWxTVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzcyRTYvRjM1OTA4MjRGREUzMTFFRUFBNzc3RDExQzRGOUFFMDIvNDRCNDJBMEVG
REU1MTFFRUFENUE2NDMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLELEwDQYJKoZIhvcNAQELBQADggEBABKRnweF9s9b6Evt
pOXLO8hEkMNItuIAmsMhNPyX+lWK0eMtWLthNTi4s8lZtFobo+N53XydzrRT/lR4
qVNkdwIgFqhXSMq4gJiaUIjNc6kHK37m3anBQWELZQDFNa6r+zwOx6CpGHV7p/0L
vVvGSouwgT6UQHh9qffwleukSQaVCRMF0yY/y/fdVsg1LXs2atXKitGjYvDqSYTF
MjZLDZYvME6hygI/GRyYwltXfDkbr9GzOHisOcicoUFQn9KwFu7kZkfClU2A5aHM
kG/19AYvHM3gSnJFvK8+V4jz1MsGZiZCBe8+lM6SAg/UPfC6s4vygaiPo6l+iMLg
eMR2AQA=
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:22:30 2025 by rpki-client