Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148B17/EA4B165E68ED11EEB4B5D362C4F9AE02/4495F306772E11EEB7DE544FC4F9AE02.roa
File: 4495F306772E11EEB7DE544FC4F9AE02.roa (raw, json)
Hash identifier: ccDaM+xIQE3p2Y5zhdqiVD5sdxLAr7SXV+gu36JLnEc=
Subject key identifier: B6:86:FA:8A:69:86:73:B5:14:48:02:55:3E:48:B0:84:0F:F1:DD:4C
Certificate issuer: /CN=A9148B17/serialNumber=8D923098CD67F6D1BF24CFBE2C3DCA0B665ABB8C
Certificate serial: E6
Authority key identifier: 8D:92:30:98:CD:67:F6:D1:BF:24:CF:BE:2C:3D:CA:0B:66:5A:BB:8C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jZIwmM1n9tG_JM--LD3KC2Zau4w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148B17/EA4B165E68ED11EEB4B5D362C4F9AE02/4495F306772E11EEB7DE544FC4F9AE02.roa
Signing time: Wed 27 Nov 2024 04:08:15 +0000
ROA not before: Wed 27 Nov 2024 04:08:15 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 151957
IP address blocks: 202.61.82.0/24 maxlen: 24
202.61.83.0/24 maxlen: 24
2401:4460::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 230 (0xe6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148B17
Validity
Not Before: Nov 27 04:08:15 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67469b2f-b474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:41:4b:5a:31:3f:19:74:d0:c4:d6:e7:22:0f:
d5:cb:a4:1d:93:5f:88:a2:c5:da:96:8d:59:31:43:
d0:cd:35:94:44:a3:71:58:a7:5e:48:7d:c0:e1:21:
a1:49:a6:3c:95:83:97:c5:c8:4c:9e:be:0d:ac:70:
3b:88:c1:eb:5b:28:b3:36:f3:15:78:4b:30:02:22:
80:7c:88:40:43:a2:34:c4:b2:30:d3:60:2b:93:ef:
a2:c4:83:de:81:19:15:fd:93:67:c8:a4:88:ed:a5:
ed:d8:fc:ab:7c:a5:66:26:ea:8d:72:f0:e2:22:30:
68:3d:3d:61:35:f0:16:51:40:24:31:18:fe:33:16:
8c:cf:bf:31:97:fc:1a:ee:c6:41:a3:e5:79:82:84:
7d:33:c2:a2:9b:ef:58:b8:d7:43:49:ba:4d:a0:de:
88:95:0a:eb:3b:fc:d3:b3:78:79:29:e0:e7:b2:37:
c0:b4:e3:a3:81:6f:5b:9c:53:15:14:c2:93:cd:a9:
25:0a:6b:d2:96:31:4f:16:d7:59:1a:d6:22:bf:10:
cb:ad:1b:48:04:cd:8e:e3:3b:c2:0b:71:dc:e3:4f:
76:c0:40:2c:d4:49:ed:55:0d:32:73:ee:32:f3:05:
37:d5:2d:d7:67:31:cb:63:9a:08:94:8a:2a:fa:a2:
95:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:86:FA:8A:69:86:73:B5:14:48:02:55:3E:48:B0:84:0F:F1:DD:4C
X509v3 Authority Key Identifier:
keyid:8D:92:30:98:CD:67:F6:D1:BF:24:CF:BE:2C:3D:CA:0B:66:5A:BB:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148B17/EA4B165E68ED11EEB4B5D362C4F9AE02/jZIwmM1n9tG_JM--LD3KC2Zau4w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jZIwmM1n9tG_JM--LD3KC2Zau4w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148B17/EA4B165E68ED11EEB4B5D362C4F9AE02/4495F306772E11EEB7DE544FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.61.82.0/23
IPv6:
2401:4460::/32
Signature Algorithm: sha256WithRSAEncryption
1a:f7:dd:42:ea:5e:e3:49:58:11:d0:f6:f9:7d:a8:dc:3e:cf:
44:4d:e9:28:8d:e9:df:5a:26:c1:e9:b6:96:29:3b:03:96:9c:
de:86:a0:4e:02:c2:c0:f5:41:a4:d9:ff:47:3e:4f:ac:ce:e6:
6b:b0:32:6c:79:38:10:aa:e2:a0:f0:e4:09:07:8d:93:c7:d2:
4a:66:9c:96:4d:28:bd:67:19:b0:62:9b:5f:93:5c:47:8c:53:
d7:fc:4e:79:4b:6d:db:77:5d:df:58:7c:13:c8:79:0d:6e:34:
a6:6c:1b:b8:aa:2b:1b:c0:77:c9:9a:16:b1:40:e7:dd:27:ed:
38:e2:bf:a9:c7:44:f9:40:58:21:37:67:d2:e4:3b:40:10:53:
d2:5f:b8:45:ff:c1:3c:ce:7c:1a:3a:a3:5c:8b:a9:b6:15:51:
c8:ec:e5:8a:6f:a4:2f:05:57:65:a0:a4:1d:f7:06:b9:b1:ee:
7d:61:f0:12:10:92:d6:31:7d:cc:49:b0:4d:9d:71:d8:ce:6a:
c6:f2:10:52:14:6a:0e:35:a5:c2:18:37:3c:18:d5:57:24:83:
c4:41:bb:c2:3e:5f:63:65:2c:c0:d6:6c:d5:c4:36:9b:72:3f:
2e:14:a5:22:c3:39:49:70:93:17:05:82:5f:fa:d8:f4:fa:51:
c7:f4:6a:eb
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAOYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhCMTcxMTAvBgNVBAUTKDhEOTIzMDk4Q0Q2N0Y2RDFCRjI0Q0ZCRTJDM0RDQTBC
NjY1QUJCOEMwHhcNMjQxMTI3MDQwODE1WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ2OWIyZi1iNDc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmkFLWjE/GXTQxNbnIg/Vy6Qdk1+IosXalo1ZMUPQzTWURKNxWKdeSH3A4SGh
SaY8lYOXxchMnr4NrHA7iMHrWyizNvMVeEswAiKAfIhAQ6I0xLIw02Ark++ixIPe
gRkV/ZNnyKSI7aXt2PyrfKVmJuqNcvDiIjBoPT1hNfAWUUAkMRj+MxaMz78xl/wa
7sZBo+V5goR9M8Kim+9YuNdDSbpNoN6IlQrrO/zTs3h5KeDnsjfAtOOjgW9bnFMV
FMKTzaklCmvSljFPFtdZGtYivxDLrRtIBM2O4zvCC3Hc4092wEAs1EntVQ0yc+4y
8wU31S3XZzHLY5oIlIoq+qKVbQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFLaG+opp
hnO1FEgCVT5IsIQP8d1MMB8GA1UdIwQYMBaAFI2SMJjNZ/bRvyTPviw9ygtmWruM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEIxNy9FQTRCMTY1RTY4
RUQxMUVFQjRCNUQzNjJDNEY5QUUwMi9qWkl3bU0xbjl0R19KTS0tTEQzS0MyWmF1
NHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2paSXdtTTFuOXRHX0pNLS1MRDNLQzJaYXU0dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDhCMTcvRUE0QjE2NUU2OEVEMTFFRUI0QjVEMzYyQzRGOUFFMDIvNDQ5NUYzMDY3
NzJFMTFFRUI3REU1NDRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAHKPVIwDQQCAAIwBwMFACQBRGAwDQYJKoZIhvcNAQELBQAD
ggEBABr33ULqXuNJWBHQ9vl9qNw+z0RN6SiN6d9aJsHptpYpOwOWnN6GoE4CwsD1
QaTZ/0c+T6zO5muwMmx5OBCq4qDw5AkHjZPH0kpmnJZNKL1nGbBim1+TXEeMU9f8
TnlLbdt3Xd9YfBPIeQ1uNKZsG7iqKxvAd8maFrFA590n7Tjiv6nHRPlAWCE3Z9Lk
O0AQU9JfuEX/wTzOfBo6o1yLqbYVUcjs5YpvpC8FV2WgpB33Brmx7n1h8BIQktYx
fcxJsE2dcdjOasbyEFIUag41pcIYNzwY1Vckg8RBu8I+X2NlLMDWbNXENptyPy4U
pSLDOUlwkxcFgl/62PT6Ucf0aus=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:12:14 2025 by rpki-client