Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9155647/905C1046F36F11EE9972EB79C4F9AE02/4EC984E8E2E211EFACBED476C4F9AE02.roa
File: 4EC984E8E2E211EFACBED476C4F9AE02.roa (raw, json)
Hash identifier: /oYrrweeP+4/mS+196CUEbEN5QbyYIWhZW0thERoqx0=
Subject key identifier: 3F:77:BA:C4:2D:13:BA:A3:31:D4:9E:5F:7F:7D:2E:C5:97:1F:3B:9B
Certificate issuer: /CN=A9155647/serialNumber=AD3445DB42010B1215A49E427F1AE7400D788BFB
Certificate serial: E8
Authority key identifier: AD:34:45:DB:42:01:0B:12:15:A4:9E:42:7F:1A:E7:40:0D:78:8B:FB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rTRF20IBCxIVpJ5CfxrnQA14i_s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9155647/905C1046F36F11EE9972EB79C4F9AE02/4EC984E8E2E211EFACBED476C4F9AE02.roa
Signing time: Tue 04 Feb 2025 10:25:09 +0000
ROA not before: Tue 04 Feb 2025 10:25:09 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 836
IP address blocks: 43.231.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 232 (0xe8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9155647
Validity
Not Before: Feb 4 10:25:09 2025 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=67a1eb04-fc86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e6:61:c0:27:20:95:88:d1:12:95:fe:29:ec:
4a:55:61:1b:a9:6e:c3:c2:e2:2e:ac:be:0f:96:96:
2e:35:3f:19:90:16:34:55:ab:ea:a4:cb:07:f0:1d:
f7:45:84:fd:39:06:79:e9:53:43:f4:fc:f8:1c:d8:
b6:aa:5a:ff:0e:95:fb:04:5d:46:41:02:b4:d6:c7:
8d:9b:2d:e8:61:de:3f:10:bc:61:aa:b1:b5:15:e0:
a4:16:a4:6b:20:ff:26:b8:dd:3e:01:2b:61:84:3e:
02:8e:76:b2:97:1c:1e:ab:0d:41:d3:b4:f2:c4:a0:
cf:22:c9:5d:32:f7:6c:98:bb:a5:18:46:e0:2f:ad:
c1:85:3c:f3:65:61:f7:40:d8:1f:7b:78:a3:18:cf:
19:b5:df:74:25:f2:79:f0:c5:1f:fe:65:a9:3a:c7:
04:db:ba:17:4e:b7:de:20:ec:b9:82:d5:8f:19:e5:
2b:6a:c1:bf:f7:4a:aa:7b:e7:48:93:9f:79:64:bf:
3c:35:99:02:2d:ac:a6:44:ff:d2:78:db:cc:c1:e5:
3d:a5:4a:4c:a4:02:59:e5:c8:0d:c4:2c:cc:23:d8:
c3:34:e4:58:0b:e3:f0:dd:1c:5d:09:82:e6:05:3d:
2e:8d:d1:c0:8c:cc:0e:2e:34:7b:d3:cb:51:9c:0e:
61:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:77:BA:C4:2D:13:BA:A3:31:D4:9E:5F:7F:7D:2E:C5:97:1F:3B:9B
X509v3 Authority Key Identifier:
keyid:AD:34:45:DB:42:01:0B:12:15:A4:9E:42:7F:1A:E7:40:0D:78:8B:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9155647/905C1046F36F11EE9972EB79C4F9AE02/rTRF20IBCxIVpJ5CfxrnQA14i_s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rTRF20IBCxIVpJ5CfxrnQA14i_s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155647/905C1046F36F11EE9972EB79C4F9AE02/4EC984E8E2E211EFACBED476C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.231.207.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:b2:cb:16:27:94:94:46:fb:b1:21:99:9f:86:87:3e:ac:1a:
15:99:70:12:69:fe:cb:27:39:9a:f7:f2:43:c4:55:67:c2:64:
cd:b7:9b:f1:38:d3:36:1c:7b:e1:10:0e:36:88:9b:1f:ed:0e:
f7:4c:ac:7a:fe:00:5a:14:71:58:be:43:a8:98:ac:27:78:6d:
fa:ef:15:cf:16:8a:f5:52:7b:3b:4a:21:d8:2b:a0:7a:0f:33:
cd:09:04:f7:94:f1:b5:c0:2c:d0:f2:56:dc:68:78:47:b4:d1:
93:ca:5f:27:34:b1:02:73:4c:cf:36:12:aa:6f:c7:37:de:2a:
70:de:5a:a6:6d:1b:25:47:8c:a7:db:3d:7d:36:bd:d7:1d:92:
6c:6d:c9:82:5e:3e:3a:1b:48:f8:17:87:8f:06:4a:bb:f4:bd:
21:56:ec:4f:f2:a9:fd:33:a6:10:1c:d1:43:e0:87:12:54:ec:
bb:86:65:ef:23:05:4c:81:15:23:c0:d8:e9:c0:47:2e:bc:fc:
2a:54:ba:91:ee:d4:55:cc:a3:f0:9e:e6:61:0a:0a:6a:8e:ef:
aa:c5:c7:fa:48:d6:9e:c3:7f:cb:b6:ec:36:40:89:75:2b:44:
2d:87:88:1d:38:d7:74:2f:96:4e:54:6d:50:e7:54:e1:37:04:
1f:40:3d:b4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAOgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTU2NDcxMTAvBgNVBAUTKEFEMzQ0NURCNDIwMTBCMTIxNUE0OUU0MjdGMUFFNzQw
MEQ3ODhCRkIwHhcNMjUwMjA0MTAyNTA5WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2ExZWIwNC1mYzg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqOZhwCcglYjREpX+KexKVWEbqW7DwuIurL4PlpYuNT8ZkBY0VavqpMsH8B33
RYT9OQZ56VND9Pz4HNi2qlr/DpX7BF1GQQK01seNmy3oYd4/ELxhqrG1FeCkFqRr
IP8muN0+ASthhD4Cjnaylxweqw1B07TyxKDPIsldMvdsmLulGEbgL63BhTzzZWH3
QNgfe3ijGM8Ztd90JfJ58MUf/mWpOscE27oXTrfeIOy5gtWPGeUrasG/90qqe+dI
k595ZL88NZkCLaymRP/SeNvMweU9pUpMpAJZ5cgNxCzMI9jDNORYC+Pw3RxdCYLm
BT0ujdHAjMwOLjR708tRnA5hFQIDAQABo4IClTCCApEwHQYDVR0OBBYEFD93usQt
E7qjMdSeX399LsWXHzubMB8GA1UdIwQYMBaAFK00RdtCAQsSFaSeQn8a50ANeIv7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NTY0Ny85MDVDMTA0NkYz
NkYxMUVFOTk3MkVCNzlDNEY5QUUwMi9yVFJGMjBJQkN4SVZwSjVDZnhyblFBMTRp
X3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JUUkYyMElCQ3hJVnBKNUNmeHJuUUExNGlfcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTU2NDcvOTA1QzEwNDZGMzZGMTFFRTk5NzJFQjc5QzRGOUFFMDIvNEVDOTg0RThF
MkUyMTFFRkFDQkVENDc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr588wDQYJKoZIhvcNAQELBQADggEBACqyyxYnlJRG+7Eh
mZ+Ghz6sGhWZcBJp/ssnOZr38kPEVWfCZM23m/E40zYce+EQDjaImx/tDvdMrHr+
AFoUcVi+Q6iYrCd4bfrvFc8WivVSeztKIdgroHoPM80JBPeU8bXALNDyVtxoeEe0
0ZPKXyc0sQJzTM82EqpvxzfeKnDeWqZtGyVHjKfbPX02vdcdkmxtyYJePjobSPgX
h48GSrv0vSFW7E/yqf0zphAc0UPghxJU7LuGZe8jBUyBFSPA2OnARy68/CpUupHu
1FXMo/Ce5mEKCmqO76rFx/pI1p7Df8u27DZAiXUrRC2HiB0413Qvlk5UbVDnVOE3
BB9APbQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:12:16 2025 by rpki-client