Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91592B3/8917FB2A5D0E11E5B3BEAD57C4F9AE02/9876A6C025B211ECB5356475C4F9AE02.roa
File: 9876A6C025B211ECB5356475C4F9AE02.roa (raw, json)
Hash identifier: DNBT8zhDN25f9UDGQ5nfWBA6s2lB80HUpbXVqjHmAQM=
Subject key identifier: 70:26:07:71:B8:3F:11:95:16:44:D9:D2:85:C2:1F:66:AD:39:9A:08
Certificate issuer: /CN=A91592B3/serialNumber=3A5C0813C0FED0A83B3DD01B7A5AE1A130827028
Certificate serial: 23F8
Authority key identifier: 3A:5C:08:13:C0:FE:D0:A8:3B:3D:D0:1B:7A:5A:E1:A1:30:82:70:28
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OlwIE8D-0Kg7PdAbelrhoTCCcCg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91592B3/8917FB2A5D0E11E5B3BEAD57C4F9AE02/9876A6C025B211ECB5356475C4F9AE02.roa
Signing time: Tue 18 Mar 2025 16:03:21 +0000
ROA not before: Tue 18 Mar 2025 16:03:21 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 3758
IP address blocks: 202.40.224.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9208 (0x23f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91592B3
Validity
Not Before: Mar 18 16:03:21 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67d99948-0ccb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0a:41:e5:2c:a6:a1:13:f0:6a:c3:b6:b0:16:
10:47:e6:96:13:45:90:53:6e:3b:3c:8a:ae:5f:cf:
a7:75:a7:ae:9b:3d:f0:0b:fc:6d:c3:23:17:1e:4b:
f6:c2:37:31:74:ec:f7:fd:4c:b3:ee:50:f8:66:85:
54:75:21:1f:e9:c5:8a:90:2b:a6:63:59:9c:7b:b1:
a5:42:b3:1f:f9:da:a3:01:ae:01:df:22:61:7e:3e:
74:1c:a3:9f:8c:f1:58:ae:2c:c5:30:a2:d6:dc:1c:
9d:57:42:86:57:4a:af:19:2f:43:2b:5f:47:62:ba:
f8:42:2b:65:e0:d0:98:c7:7a:fc:e7:c7:18:c2:c0:
4f:93:1a:68:f2:7a:a2:2f:74:a4:4a:00:00:fe:6e:
58:b2:ef:18:b4:08:ae:c3:35:d9:b2:45:7e:9c:c1:
c6:e4:6e:a6:7a:60:7c:41:d2:ce:d2:a5:69:61:24:
7c:8a:b7:1d:78:22:3d:9d:94:0e:f9:5f:08:6c:51:
30:04:fd:4f:f6:d9:76:27:14:67:a9:a7:68:eb:04:
e9:f9:50:a7:06:77:73:58:22:65:fb:48:25:00:b5:
00:c4:b8:d9:a3:b7:af:34:f9:54:71:67:65:a0:ef:
09:94:49:0b:f4:e4:68:23:45:ad:ef:ae:9a:ee:78:
f3:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:26:07:71:B8:3F:11:95:16:44:D9:D2:85:C2:1F:66:AD:39:9A:08
X509v3 Authority Key Identifier:
keyid:3A:5C:08:13:C0:FE:D0:A8:3B:3D:D0:1B:7A:5A:E1:A1:30:82:70:28
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91592B3/8917FB2A5D0E11E5B3BEAD57C4F9AE02/OlwIE8D-0Kg7PdAbelrhoTCCcCg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OlwIE8D-0Kg7PdAbelrhoTCCcCg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91592B3/8917FB2A5D0E11E5B3BEAD57C4F9AE02/9876A6C025B211ECB5356475C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.40.224.0/19
Signature Algorithm: sha256WithRSAEncryption
22:31:88:c7:e3:57:f9:80:cf:de:ac:b7:67:ac:3e:91:3a:ee:
fc:15:4f:d1:eb:70:91:a6:bd:d1:b0:60:d9:2f:ff:05:b2:ec:
1c:a8:8a:02:4e:6d:8c:9a:bd:fe:63:ab:0a:74:1b:63:dd:37:
bc:a8:76:5f:d6:6f:97:26:52:ba:10:65:23:40:51:b8:2e:7b:
84:89:7b:d0:74:71:8d:41:20:a0:b9:55:99:89:c9:64:17:19:
2c:be:a7:58:9c:a7:45:2b:3c:5a:d5:a2:b3:b7:a6:45:b6:b2:
1b:65:f4:80:79:2d:c0:e4:59:ec:e3:ee:26:c1:86:55:3d:a7:
d4:b8:85:1d:09:d3:b0:43:2e:3d:86:a6:0a:81:87:2b:a1:af:
3b:7f:88:13:50:f8:86:e0:66:f8:4a:58:c2:d0:e2:f7:d1:01:
24:6b:24:38:1d:8f:18:5b:fe:bf:2d:a2:3c:b6:09:0e:a2:23:
a9:1e:9f:43:c4:c2:cb:35:82:44:14:39:b6:c2:13:0a:df:19:
c1:6d:f4:23:47:2c:fa:2a:05:b2:e6:a5:e8:9a:d0:af:db:63:
1a:4d:ba:21:f6:30:34:18:48:1a:28:ed:0b:2a:b6:bc:ae:e7:
f6:2d:7a:0e:81:0f:fe:eb:18:c6:de:bb:fc:38:7f:f2:b6:61:
7a:9a:f6:4a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICI/gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTkyQjMxMTAvBgNVBAUTKDNBNUMwODEzQzBGRUQwQTgzQjNERDAxQjdBNUFFMUEx
MzA4MjcwMjgwHhcNMjUwMzE4MTYwMzIxWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q5OTk0OC0wY2NiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvwpB5SymoRPwasO2sBYQR+aWE0WQU247PIquX8+ndaeumz3wC/xtwyMXHkv2
wjcxdOz3/Uyz7lD4ZoVUdSEf6cWKkCumY1mce7GlQrMf+dqjAa4B3yJhfj50HKOf
jPFYrizFMKLW3BydV0KGV0qvGS9DK19HYrr4Qitl4NCYx3r858cYwsBPkxpo8nqi
L3SkSgAA/m5Ysu8YtAiuwzXZskV+nMHG5G6memB8QdLO0qVpYSR8ircdeCI9nZQO
+V8IbFEwBP1P9tl2JxRnqado6wTp+VCnBndzWCJl+0glALUAxLjZo7evNPlUcWdl
oO8JlEkL9ORoI0Wt766a7njzJQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHAmB3G4
PxGVFkTZ0oXCH2atOZoIMB8GA1UdIwQYMBaAFDpcCBPA/tCoOz3QG3pa4aEwgnAo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTJCMy84OTE3RkIyQTVE
MEUxMUU1QjNCRUFENTdDNEY5QUUwMi9PbHdJRThELTBLZzdQZEFiZWxyaG9UQ0Nj
Q2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09sd0lFOEQtMEtnN1BkQWJlbHJob1RDQ2NDZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTkyQjMvODkxN0ZCMkE1RDBFMTFFNUIzQkVBRDU3QzRGOUFFMDIvOTg3NkE2QzAy
NUIyMTFFQ0I1MzU2NDc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAXKKOAwDQYJKoZIhvcNAQELBQADggEBACIxiMfjV/mAz96s
t2esPpE67vwVT9HrcJGmvdGwYNkv/wWy7ByoigJObYyavf5jqwp0G2PdN7yodl/W
b5cmUroQZSNAUbgue4SJe9B0cY1BIKC5VZmJyWQXGSy+p1icp0UrPFrVorO3pkW2
shtl9IB5LcDkWezj7ibBhlU9p9S4hR0J07BDLj2GpgqBhyuhrzt/iBNQ+IbgZvhK
WMLQ4vfRASRrJDgdjxhb/r8tojy2CQ6iI6ken0PEwss1gkQUObbCEwrfGcFt9CNH
LPoqBbLmpeia0K/bYxpNuiH2MDQYSBoo7Qsqtryu5/Yteg6BD/7rGMbeu/w4f/K2
YXqa9ko=
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:19:44 2025 by rpki-client