Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9137AD6/A2CE6BD8C77611ECB73AD566C4F9AE02/2595D7A6063111EDB15E2E5FC4F9AE02.roa
File: 2595D7A6063111EDB15E2E5FC4F9AE02.roa (raw, json)
Hash identifier: j4AbAcrSNJQt4KCCfWgLsvvoSyCYqNIdVPPppm3Zn7E=
Subject key identifier: 8F:58:E8:4C:BF:CF:CD:11:E0:DE:A3:58:50:C0:0D:76:41:8C:94:31
Certificate issuer: /CN=A9137AD6/serialNumber=2578CBCAFCA26B172057E37AB77A61C81032222D
Certificate serial: 0311
Authority key identifier: 25:78:CB:CA:FC:A2:6B:17:20:57:E3:7A:B7:7A:61:C8:10:32:22:2D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JXjLyvyiaxcgV-N6t3phyBAyIi0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9137AD6/A2CE6BD8C77611ECB73AD566C4F9AE02/2595D7A6063111EDB15E2E5FC4F9AE02.roa
Signing time: Fri 07 Mar 2025 01:17:02 +0000
ROA not before: Fri 07 Mar 2025 01:17:02 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 133120
IP address blocks: 123.253.41.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 785 (0x311)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9137AD6
Validity
Not Before: Mar 7 01:17:02 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67ca490d-5003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6d:03:68:a7:c6:2e:ce:0b:62:0b:4a:7d:8b:
50:e3:4c:e3:98:22:a5:40:c3:f2:d6:4f:a3:3f:af:
7c:9d:df:6f:d3:9d:1c:0b:cc:3a:98:8e:c5:82:9c:
40:89:4d:a8:9e:76:ff:f9:e7:20:e2:27:6f:70:bf:
29:2b:a6:ae:fb:cc:95:be:a2:6a:0a:6f:28:d4:b0:
a5:74:bf:30:c1:f7:e6:01:e6:54:2c:1b:f2:01:b5:
99:e6:f0:1a:b2:57:d5:5a:83:0e:28:ed:69:5e:8b:
20:7b:7a:9f:3c:b3:11:d7:b9:d3:17:18:ec:98:21:
ab:06:93:b2:66:5a:c0:7e:99:ea:fa:49:4a:a4:67:
e4:c1:76:60:bd:f3:0a:1a:46:90:2a:b0:6d:ce:d6:
e6:27:dd:8b:a9:15:02:20:e0:84:ad:80:a4:99:5a:
66:5b:6f:35:67:b3:c7:2f:33:d2:00:30:68:f4:5e:
5e:89:9c:8d:ef:c6:48:fa:26:ae:00:17:3d:c7:47:
54:bb:6e:d3:a9:31:de:e0:39:3e:a9:17:66:ce:04:
eb:71:46:15:fa:6e:71:f7:5b:06:3f:ab:e8:91:ed:
a8:fa:db:c6:cd:08:cf:f3:93:49:bf:64:43:88:b4:
d9:15:70:ec:0e:cb:66:5e:2a:5c:97:e5:4d:81:1c:
92:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:58:E8:4C:BF:CF:CD:11:E0:DE:A3:58:50:C0:0D:76:41:8C:94:31
X509v3 Authority Key Identifier:
keyid:25:78:CB:CA:FC:A2:6B:17:20:57:E3:7A:B7:7A:61:C8:10:32:22:2D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9137AD6/A2CE6BD8C77611ECB73AD566C4F9AE02/JXjLyvyiaxcgV-N6t3phyBAyIi0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JXjLyvyiaxcgV-N6t3phyBAyIi0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137AD6/A2CE6BD8C77611ECB73AD566C4F9AE02/2595D7A6063111EDB15E2E5FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.253.41.0/24
Signature Algorithm: sha256WithRSAEncryption
55:59:11:77:b3:48:35:7b:13:48:65:cd:a5:6a:d4:ff:f6:f0:
24:0b:14:af:d0:be:af:2f:74:8d:c0:63:85:20:22:52:1a:d6:
43:6a:8c:b0:8e:77:20:5b:32:d4:57:ee:be:9e:36:cb:f3:2f:
5d:9e:14:82:3a:96:e8:c5:44:1c:88:01:40:93:5a:be:78:58:
4b:63:65:5f:5a:d3:64:cd:c5:97:6b:17:4b:d0:6f:e8:41:a4:
ab:db:63:ca:b2:74:bf:d1:e3:92:01:77:03:a6:90:fc:74:2a:
26:37:6e:0d:5a:1d:97:dc:77:ea:49:39:c8:c9:9c:f7:63:62:
ba:0f:8e:b0:0c:ad:44:6b:d8:9e:a2:3c:17:38:81:db:41:89:
01:07:79:11:20:99:a0:54:0a:9a:41:ff:64:1f:a5:10:a2:76:
2b:ef:e1:15:eb:95:1b:e4:9b:47:4a:b7:c5:af:c9:ea:e0:72:
24:60:33:d1:3c:c8:f0:9d:e6:52:c4:07:cc:b5:28:f0:22:ff:
f1:42:0f:6e:98:69:e4:9b:1b:53:fd:97:b0:36:b2:7f:06:f0:
b8:03:a5:8e:24:27:59:bb:7b:35:1f:73:63:43:8d:3d:4f:54:
b6:18:98:bb:70:a6:59:52:44:30:0e:4f:29:cf:51:28:ae:77:
e2:72:c5:e9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAxEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBRDYxMTAvBgNVBAUTKDI1NzhDQkNBRkNBMjZCMTcyMDU3RTM3QUI3N0E2MUM4
MTAzMjIyMkQwHhcNMjUwMzA3MDExNzAyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NhNDkwZC01MDAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp20DaKfGLs4LYgtKfYtQ40zjmCKlQMPy1k+jP698nd9v050cC8w6mI7FgpxA
iU2onnb/+ecg4idvcL8pK6au+8yVvqJqCm8o1LCldL8wwffmAeZULBvyAbWZ5vAa
slfVWoMOKO1pXosge3qfPLMR17nTFxjsmCGrBpOyZlrAfpnq+klKpGfkwXZgvfMK
GkaQKrBtztbmJ92LqRUCIOCErYCkmVpmW281Z7PHLzPSADBo9F5eiZyN78ZI+iau
ABc9x0dUu27TqTHe4Dk+qRdmzgTrcUYV+m5x91sGP6voke2o+tvGzQjP85NJv2RD
iLTZFXDsDstmXipcl+VNgRySvQIDAQABo4IClTCCApEwHQYDVR0OBBYEFI9Y6Ey/
z80R4N6jWFDADXZBjJQxMB8GA1UdIwQYMBaAFCV4y8r8omsXIFfjerd6YcgQMiIt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FENi9BMkNFNkJEOEM3
NzYxMUVDQjczQUQ1NjZDNEY5QUUwMi9KWGpMeXZ5aWF4Y2dWLU42dDNwaHlCQXlJ
aTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pYakx5dnlpYXhjZ1YtTjZ0M3BoeUJBeUlpMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBRDYvQTJDRTZCRDhDNzc2MTFFQ0I3M0FENTY2QzRGOUFFMDIvMjU5NUQ3QTYw
NjMxMTFFREIxNUUyRTVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB7/SkwDQYJKoZIhvcNAQELBQADggEBAFVZEXezSDV7E0hl
zaVq1P/28CQLFK/Qvq8vdI3AY4UgIlIa1kNqjLCOdyBbMtRX7r6eNsvzL12eFII6
lujFRByIAUCTWr54WEtjZV9a02TNxZdrF0vQb+hBpKvbY8qydL/R45IBdwOmkPx0
KiY3bg1aHZfcd+pJOcjJnPdjYroPjrAMrURr2J6iPBc4gdtBiQEHeREgmaBUCppB
/2QfpRCidivv4RXrlRvkm0dKt8WvyergciRgM9E8yPCd5lLEB8y1KPAi//FCD26Y
aeSbG1P9l7A2sn8G8LgDpY4kJ1m7ezUfc2NDjT1PVLYYmLtwpllSRDAOTynPUSiu
d+Jyxek=
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:09:07 2025 by rpki-client