Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9138171/75D64D1218BD11EB8B844345C4F9AE02/47B8C6B018BF11EBA5E2E946C4F9AE02.roa
File: 47B8C6B018BF11EBA5E2E946C4F9AE02.roa (raw, json)
Hash identifier: saRxbZnY10CKxPD1pSytKLg8FuSkNaBBrOYD5Hz5qjk=
Subject key identifier: E1:C6:61:00:EA:23:90:29:2C:C1:12:0F:DE:40:B7:E4:64:9D:EC:4F
Certificate issuer: /CN=A9138171/serialNumber=71789EE2B2C8B7FBBAD3F785A5DDECEF15CC15A4
Certificate serial: 075B
Authority key identifier: 71:78:9E:E2:B2:C8:B7:FB:BA:D3:F7:85:A5:DD:EC:EF:15:CC:15:A4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cXie4rLIt_u60_eFpd3s7xXMFaQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9138171/75D64D1218BD11EB8B844345C4F9AE02/47B8C6B018BF11EBA5E2E946C4F9AE02.roa
Signing time: Tue 18 Mar 2025 21:42:26 +0000
ROA not before: Tue 18 Mar 2025 21:42:26 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 4049
IP address blocks: 202.0.124.0/24 maxlen: 24
202.20.63.0/24 maxlen: 24
202.37.26.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1883 (0x75b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9138171
Validity
Not Before: Mar 18 21:42:26 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67d9e8c2-22be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:05:c5:48:43:32:d4:dd:05:ca:98:f3:8a:09:
b1:56:13:78:5a:7e:f1:4b:04:bc:70:a7:49:3d:68:
34:a8:7f:7d:12:59:62:b4:c8:49:b5:3e:36:13:53:
09:a7:b7:ec:be:e3:90:93:cd:68:6e:92:a3:52:ee:
3a:d4:09:68:0c:56:ef:e2:6c:46:2a:c0:22:c5:af:
53:a4:57:de:d2:40:e1:af:13:20:7b:08:34:80:f7:
5b:e7:5f:68:1e:ed:2e:71:9f:3f:48:21:34:a8:0f:
ff:9d:a9:9b:e0:71:d8:2a:31:0a:b6:43:cc:30:ba:
83:97:56:98:4e:42:f8:0c:9e:69:2a:1e:f7:34:a4:
b4:b8:6c:83:98:ee:c0:78:fd:bc:b6:c0:80:44:ae:
7e:df:03:dd:5d:4d:f5:cd:24:78:8c:f0:d8:27:4e:
89:eb:83:85:6e:28:8b:c7:58:79:22:11:1a:97:75:
c3:d3:e8:e0:83:ff:66:85:fe:cb:54:0d:0e:a0:9e:
3a:28:f2:14:30:b9:26:87:23:6f:bd:c2:85:2e:61:
27:70:ed:36:aa:2e:12:43:76:61:da:2e:4a:bb:f8:
b8:fd:4a:ee:09:8a:e1:89:df:aa:54:1d:3a:03:06:
ea:b4:68:1a:53:65:68:a7:4a:f7:07:32:1d:69:83:
2f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:C6:61:00:EA:23:90:29:2C:C1:12:0F:DE:40:B7:E4:64:9D:EC:4F
X509v3 Authority Key Identifier:
keyid:71:78:9E:E2:B2:C8:B7:FB:BA:D3:F7:85:A5:DD:EC:EF:15:CC:15:A4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9138171/75D64D1218BD11EB8B844345C4F9AE02/cXie4rLIt_u60_eFpd3s7xXMFaQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cXie4rLIt_u60_eFpd3s7xXMFaQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9138171/75D64D1218BD11EB8B844345C4F9AE02/47B8C6B018BF11EBA5E2E946C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.0.124.0/24
202.20.63.0/24
202.37.26.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:7e:6f:82:b7:5f:cf:30:ab:ae:ff:e7:49:2a:28:c8:74:97:
ec:86:04:b0:29:f6:7b:82:c7:9a:72:e6:8f:85:6f:8c:00:ae:
ce:70:d5:43:9e:5d:58:04:29:a2:16:4d:2c:a1:dc:11:22:4f:
61:51:3d:aa:42:07:56:0e:3d:27:a7:ad:6f:52:9b:88:d8:4f:
d3:b6:2b:ed:af:3e:56:5f:45:7b:af:f8:fc:f4:62:31:ec:85:
c2:63:3c:66:19:3f:cb:e7:99:68:4e:30:6c:0c:20:a4:49:b2:
9e:f1:09:8d:13:2b:17:38:c9:5d:18:5f:16:2e:79:12:da:b0:
b5:94:f3:d9:80:ff:6f:0c:88:d7:4e:01:2b:21:3a:57:b8:cc:
23:f2:47:ad:1e:27:3e:a9:d6:18:02:67:43:a4:20:9e:92:86:
2b:aa:56:bc:9c:23:5a:b4:8d:76:71:26:5f:7f:07:a7:2d:13:
39:ed:a0:da:85:96:f5:47:c9:e8:b5:7f:d0:85:a0:59:bc:f1:
2d:10:7d:00:fb:4d:7b:dc:49:35:32:57:12:a3:3e:1b:a1:01:
1d:c2:2f:76:d5:3a:bb:3d:c6:17:ba:86:ce:26:47:3f:01:db:
65:4d:32:42:1c:98:02:e0:5a:2e:30:0d:02:97:26:50:84:6e:
44:33:c2:ff
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICB1swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzgxNzExMTAvBgNVBAUTKDcxNzg5RUUyQjJDOEI3RkJCQUQzRjc4NUE1RERFQ0VG
MTVDQzE1QTQwHhcNMjUwMzE4MjE0MjI2WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q5ZThjMi0yMmJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyAXFSEMy1N0FypjzigmxVhN4Wn7xSwS8cKdJPWg0qH99EllitMhJtT42E1MJ
p7fsvuOQk81obpKjUu461AloDFbv4mxGKsAixa9TpFfe0kDhrxMgewg0gPdb519o
Hu0ucZ8/SCE0qA//namb4HHYKjEKtkPMMLqDl1aYTkL4DJ5pKh73NKS0uGyDmO7A
eP28tsCARK5+3wPdXU31zSR4jPDYJ06J64OFbiiLx1h5IhEal3XD0+jgg/9mhf7L
VA0OoJ46KPIUMLkmhyNvvcKFLmEncO02qi4SQ3Zh2i5Ku/i4/UruCYrhid+qVB06
AwbqtGgaU2Vop0r3BzIdaYMvcQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFOHGYQDq
I5ApLMESD95At+RknexPMB8GA1UdIwQYMBaAFHF4nuKyyLf7utP3haXd7O8VzBWk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzODE3MS83NUQ2NEQxMjE4
QkQxMUVCOEI4NDQzNDVDNEY5QUUwMi9jWGllNHJMSXRfdTYwX2VGcGQzczd4WE1G
YVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NYaWU0ckxJdF91NjBfZUZwZDNzN3hYTUZhUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzgxNzEvNzVENjREMTIxOEJEMTFFQjhCODQ0MzQ1QzRGOUFFMDIvNDdCOEM2QjAx
OEJGMTFFQkE1RTJFOTQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBADKAHwDBADKFD8DBADKJRowDQYJKoZIhvcNAQELBQADggEB
AJ9+b4K3X88wq67/50kqKMh0l+yGBLAp9nuCx5py5o+Fb4wArs5w1UOeXVgEKaIW
TSyh3BEiT2FRPapCB1YOPSenrW9Sm4jYT9O2K+2vPlZfRXuv+Pz0YjHshcJjPGYZ
P8vnmWhOMGwMIKRJsp7xCY0TKxc4yV0YXxYueRLasLWU89mA/28MiNdOASshOle4
zCPyR60eJz6p1hgCZ0OkIJ6ShiuqVrycI1q0jXZxJl9/B6ctEzntoNqFlvVHyei1
f9CFoFm88S0QfQD7TXvcSTUyVxKjPhuhAR3CL3bVOrs9xhe6hs4mRz8B22VNMkIc
mALgWi4wDQKXJlCEbkQzwv8=
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:54:37 2025 by rpki-client