Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914C90B/92842702E71011EEA9DBC252C4F9AE02/52BD65B4E7D511EE8C353D2AC4F9AE02.roa
File: 52BD65B4E7D511EE8C353D2AC4F9AE02.roa (raw, json)
Hash identifier: v7bT+lzlhBzHYXIgxw7CXDLlyYjEfCYhNYxtpgDCkMo=
Subject key identifier: C2:87:A9:5B:4D:1D:65:BA:B5:45:A2:E4:25:A7:0E:87:76:A1:F5:81
Certificate issuer: /CN=A914C90B/serialNumber=07EECC4426A8C33D4590BCDA12D9750C4904857D
Certificate serial: AF
Authority key identifier: 07:EE:CC:44:26:A8:C3:3D:45:90:BC:DA:12:D9:75:0C:49:04:85:7D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B-7MRCaowz1FkLzaEtl1DEkEhX0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914C90B/92842702E71011EEA9DBC252C4F9AE02/52BD65B4E7D511EE8C353D2AC4F9AE02.roa
Signing time: Fri 21 Feb 2025 07:38:37 +0000
ROA not before: Fri 21 Feb 2025 07:38:37 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 135400
IP address blocks: 203.176.122.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175 (0xaf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914C90B
Validity
Not Before: Feb 21 07:38:37 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67b82d7d-7860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:fe:a7:e9:a7:19:97:1f:9b:87:5e:3d:5c:b9:
86:ac:b1:7d:b6:14:b8:bc:e6:1f:8b:79:d8:cb:a0:
eb:dd:05:6d:5b:2c:b1:7f:ee:12:e2:fe:2b:52:46:
f7:d4:9b:be:98:a2:09:0c:1b:46:99:f3:5f:a2:b9:
1f:05:7a:b7:e7:42:58:fd:71:57:1c:3e:01:9c:8b:
39:39:03:a7:05:f6:34:60:a8:16:5c:06:3f:fc:2c:
0d:e0:f4:b6:45:a0:44:8d:19:c9:6f:83:a6:82:79:
41:3a:5e:0b:54:84:34:a5:a4:4d:e2:7a:39:d9:f6:
01:8e:5d:25:c8:e2:72:d5:6b:4a:6b:f0:78:e5:c0:
4f:12:07:ee:bd:47:de:17:9a:7a:2a:a3:ac:a9:23:
bd:46:8f:d9:bf:19:e6:fa:6e:e2:67:14:3f:fd:f4:
99:dc:7c:50:bf:97:fd:b4:b5:7b:34:a7:15:7d:b2:
62:6f:dc:58:71:d3:7f:bc:7e:b7:34:eb:4c:2b:fe:
8a:22:bd:43:81:cd:95:47:03:4b:ad:f8:a4:99:70:
24:9c:67:7e:04:31:3c:1d:23:59:07:6b:1f:3d:e1:
73:e0:f0:09:6e:b2:6f:e6:ac:44:5a:3f:f6:0c:f8:
33:d2:60:53:db:63:63:2f:9a:d8:0c:b3:04:92:59:
8d:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:87:A9:5B:4D:1D:65:BA:B5:45:A2:E4:25:A7:0E:87:76:A1:F5:81
X509v3 Authority Key Identifier:
keyid:07:EE:CC:44:26:A8:C3:3D:45:90:BC:DA:12:D9:75:0C:49:04:85:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914C90B/92842702E71011EEA9DBC252C4F9AE02/B-7MRCaowz1FkLzaEtl1DEkEhX0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B-7MRCaowz1FkLzaEtl1DEkEhX0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C90B/92842702E71011EEA9DBC252C4F9AE02/52BD65B4E7D511EE8C353D2AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.176.122.0/23
Signature Algorithm: sha256WithRSAEncryption
11:92:6f:22:40:4b:cb:07:bb:e8:22:d8:35:e3:c1:ed:bf:44:
e1:3f:32:a3:bd:46:61:0f:37:8b:8a:d5:ac:c6:bb:7c:d1:6f:
49:87:c6:1d:95:cc:30:40:e6:a8:29:ec:29:9b:df:ca:1b:72:
aa:c5:a2:bd:c8:a2:0e:34:d9:c9:3d:85:fd:aa:fd:82:93:fc:
00:c7:d8:11:1d:67:aa:a7:96:3f:5e:6c:67:df:57:48:5c:88:
e0:a7:c3:81:f1:26:a5:2b:70:ed:28:f3:3a:05:57:2d:07:74:
79:18:cf:cb:be:86:00:e8:0e:9e:ce:d5:b9:ea:e1:f9:a9:36:
9c:31:27:92:46:d8:58:a8:0b:bf:2d:e3:a0:8f:d2:9f:24:41:
0b:14:a9:e7:6f:1e:c0:53:36:6f:54:b3:9f:9e:56:ce:1b:44:
08:cf:87:e6:fc:8b:12:5c:7b:ee:1c:87:c5:9c:9c:94:86:89:
e4:47:2f:cd:12:97:43:d8:ff:0b:a3:cd:02:f4:93:1e:81:59:
da:6d:ec:35:9d:04:be:db:22:18:94:fc:9e:13:9e:84:b8:53:
87:d4:b0:ee:2d:c5:c7:e7:4e:33:75:4b:c7:9e:bf:08:8a:fb:
a2:9a:c5:80:df:3a:f5:3a:19:5d:b3:a0:cb:a9:73:c3:2c:ac:
f0:75:32:4d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAK8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEM5MEIxMTAvBgNVBAUTKDA3RUVDQzQ0MjZBOEMzM0Q0NTkwQkNEQTEyRDk3NTBD
NDkwNDg1N0QwHhcNMjUwMjIxMDczODM3WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I4MmQ3ZC03ODYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnf6n6acZlx+bh149XLmGrLF9thS4vOYfi3nYy6Dr3QVtWyyxf+4S4v4rUkb3
1Ju+mKIJDBtGmfNforkfBXq350JY/XFXHD4BnIs5OQOnBfY0YKgWXAY//CwN4PS2
RaBEjRnJb4OmgnlBOl4LVIQ0paRN4no52fYBjl0lyOJy1WtKa/B45cBPEgfuvUfe
F5p6KqOsqSO9Ro/Zvxnm+m7iZxQ//fSZ3HxQv5f9tLV7NKcVfbJib9xYcdN/vH63
NOtMK/6KIr1Dgc2VRwNLrfikmXAknGd+BDE8HSNZB2sfPeFz4PAJbrJv5qxEWj/2
DPgz0mBT22NjL5rYDLMEklmNCwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMKHqVtN
HWW6tUWi5CWnDod2ofWBMB8GA1UdIwQYMBaAFAfuzEQmqMM9RZC82hLZdQxJBIV9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QzkwQi85Mjg0MjcwMkU3
MTAxMUVFQTlEQkMyNTJDNEY5QUUwMi9CLTdNUkNhb3d6MUZrTHphRXRsMURFa0Vo
WDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ItN01SQ2Fvd3oxRmtMemFFdGwxREVrRWhYMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEM5MEIvOTI4NDI3MDJFNzEwMTFFRUE5REJDMjUyQzRGOUFFMDIvNTJCRDY1QjRF
N0Q1MTFFRThDMzUzRDJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAHLsHowDQYJKoZIhvcNAQELBQADggEBABGSbyJAS8sHu+gi
2DXjwe2/ROE/MqO9RmEPN4uK1azGu3zRb0mHxh2VzDBA5qgp7Cmb38obcqrFor3I
og402ck9hf2q/YKT/ADH2BEdZ6qnlj9ebGffV0hciOCnw4HxJqUrcO0o8zoFVy0H
dHkYz8u+hgDoDp7O1bnq4fmpNpwxJ5JG2FioC78t46CP0p8kQQsUqedvHsBTNm9U
s5+eVs4bRAjPh+b8ixJce+4ch8WcnJSGieRHL80Sl0PY/wujzQL0kx6BWdpt7DWd
BL7bIhiU/J4TnoS4U4fUsO4txcfnTjN1S8eevwiK+6KaxYDfOvU6GV2zoMupc8Ms
rPB1Mk0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:28:59 2025 by rpki-client