Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91625DB/11939D10906911EEB23D7425C4F9AE02/9D3EBEF4921111EE9AD1150CC4F9AE02.roa
File: 9D3EBEF4921111EE9AD1150CC4F9AE02.roa (raw, json)
Hash identifier: H7JonSUtz6tgIVuXpEGUpFZ7fUQBIkEHbO/Cd9DHtNo=
Subject key identifier: 29:49:69:91:C3:64:57:FA:7F:5B:75:7E:42:B4:95:09:8E:38:2F:06
Certificate issuer: /CN=A91625DB/serialNumber=7BE230153CFF9001642DBC9B24F85D0CC282364E
Certificate serial: E1
Authority key identifier: 7B:E2:30:15:3C:FF:90:01:64:2D:BC:9B:24:F8:5D:0C:C2:82:36:4E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/e-IwFTz_kAFkLbybJPhdDMKCNk4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91625DB/11939D10906911EEB23D7425C4F9AE02/9D3EBEF4921111EE9AD1150CC4F9AE02.roa
Signing time: Wed 25 Dec 2024 04:17:43 +0000
ROA not before: Wed 25 Dec 2024 04:17:43 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 135407
IP address blocks: 210.87.64.0/24 maxlen: 24
210.87.65.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 225 (0xe1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91625DB
Validity
Not Before: Dec 25 04:17:43 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=676b8767-22b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b1:55:8e:f2:8a:78:00:77:2d:49:d6:0b:16:
ff:d8:48:e3:a6:e2:dd:36:d3:dc:cf:9b:69:31:a5:
7d:9f:db:85:79:d3:52:27:e6:e5:ee:02:32:e7:ae:
25:ca:3d:32:2f:97:09:c9:bc:6e:34:42:31:f6:fe:
80:13:c1:fc:b8:4c:db:a7:9a:44:cf:e2:a7:e9:21:
b0:b9:b1:eb:9a:93:54:42:fb:50:8a:f3:b8:59:8e:
55:62:42:06:44:d0:04:09:b5:40:34:15:99:33:4f:
f4:6d:68:c8:b2:3a:99:9e:bf:31:17:b8:bb:03:ad:
e4:a5:0d:0a:25:e9:29:47:b4:99:ee:b5:e5:7c:68:
b9:62:65:80:ed:ec:44:4b:c6:87:0a:22:b1:2f:3c:
97:70:09:a0:74:ca:8b:7c:b4:0e:2d:d4:3d:de:b6:
ca:7c:2e:89:ae:c3:38:ee:33:ab:fa:6e:d2:3a:ef:
9a:f3:5d:8a:6d:ab:d4:ea:18:84:2f:6a:26:1e:a9:
60:2f:81:e1:7a:82:b6:f8:e6:aa:d9:64:71:39:d9:
cc:a9:c8:66:28:e2:28:97:47:bd:40:05:a2:5a:81:
95:9a:a9:38:b3:13:64:1e:40:a5:fd:60:5e:91:77:
6b:f4:1f:74:e7:02:d4:f8:44:77:c8:a8:0c:59:81:
51:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:49:69:91:C3:64:57:FA:7F:5B:75:7E:42:B4:95:09:8E:38:2F:06
X509v3 Authority Key Identifier:
keyid:7B:E2:30:15:3C:FF:90:01:64:2D:BC:9B:24:F8:5D:0C:C2:82:36:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91625DB/11939D10906911EEB23D7425C4F9AE02/e-IwFTz_kAFkLbybJPhdDMKCNk4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/e-IwFTz_kAFkLbybJPhdDMKCNk4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91625DB/11939D10906911EEB23D7425C4F9AE02/9D3EBEF4921111EE9AD1150CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
210.87.64.0/23
Signature Algorithm: sha256WithRSAEncryption
53:d8:cf:84:da:b0:8d:3e:0e:9a:d8:0e:b3:d6:74:45:c5:07:
1d:14:7a:e2:be:a5:bc:19:e3:2b:bb:4a:9e:6d:8e:1c:f0:bc:
7d:09:ce:a9:60:23:f3:c6:7d:11:cd:db:f7:76:b5:c7:a8:0b:
1b:a4:25:3d:89:6d:8b:ad:b6:09:ed:57:d6:d0:24:a5:9d:8e:
8d:3e:b0:15:05:a2:78:bf:62:e8:10:2f:63:9a:20:90:14:90:
1b:36:27:7b:de:27:ac:6a:a1:ad:66:e7:09:67:29:3f:e1:8c:
c4:89:ef:28:4c:0d:41:68:94:47:92:44:50:f5:2a:07:4e:d4:
f6:62:93:a2:c2:44:ef:8e:27:19:14:61:ab:3d:db:47:f9:7f:
4b:b2:19:bd:e2:06:4a:4b:0e:de:d3:5b:03:5c:6a:e2:85:40:
89:7a:0d:25:71:fa:d7:e8:71:f5:a4:f8:42:21:4f:cb:7a:30:
d5:2e:33:4e:f2:52:ab:db:2d:7b:66:86:cc:43:fc:b5:bf:aa:
0f:22:4e:9e:04:58:a4:ac:1b:53:75:8e:47:97:52:ea:94:90:
9a:06:18:a2:78:01:f7:86:88:6e:7e:0f:1a:24:ec:9f:19:61:
d7:ec:a5:56:a7:24:1e:87:9f:5f:c1:34:c0:5b:bc:9f:a3:ce:
b4:ed:2b:0a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAOEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjI1REIxMTAvBgNVBAUTKDdCRTIzMDE1M0NGRjkwMDE2NDJEQkM5QjI0Rjg1RDBD
QzI4MjM2NEUwHhcNMjQxMjI1MDQxNzQzWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZiODc2Ny0yMmI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtbFVjvKKeAB3LUnWCxb/2EjjpuLdNtPcz5tpMaV9n9uFedNSJ+bl7gIy564l
yj0yL5cJybxuNEIx9v6AE8H8uEzbp5pEz+Kn6SGwubHrmpNUQvtQivO4WY5VYkIG
RNAECbVANBWZM0/0bWjIsjqZnr8xF7i7A63kpQ0KJekpR7SZ7rXlfGi5YmWA7exE
S8aHCiKxLzyXcAmgdMqLfLQOLdQ93rbKfC6JrsM47jOr+m7SOu+a812KbavU6hiE
L2omHqlgL4HheoK2+Oaq2WRxOdnMqchmKOIol0e9QAWiWoGVmqk4sxNkHkCl/WBe
kXdr9B905wLU+ER3yKgMWYFRlwIDAQABo4IClTCCApEwHQYDVR0OBBYEFClJaZHD
ZFf6f1t1fkK0lQmOOC8GMB8GA1UdIwQYMBaAFHviMBU8/5ABZC28myT4XQzCgjZO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MjVEQi8xMTkzOUQxMDkw
NjkxMUVFQjIzRDc0MjVDNEY5QUUwMi9lLUl3RlR6X2tBRmtMYnliSlBoZERNS0NO
azQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2UtSXdGVHpfa0FGa0xieWJKUGhkRE1LQ05rNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjI1REIvMTE5MzlEMTA5MDY5MTFFRUIyM0Q3NDI1QzRGOUFFMDIvOUQzRUJFRjQ5
MjExMTFFRTlBRDExNTBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAHSV0AwDQYJKoZIhvcNAQELBQADggEBAFPYz4TasI0+DprY
DrPWdEXFBx0UeuK+pbwZ4yu7Sp5tjhzwvH0JzqlgI/PGfRHN2/d2tceoCxukJT2J
bYuttgntV9bQJKWdjo0+sBUFoni/YugQL2OaIJAUkBs2J3veJ6xqoa1m5wlnKT/h
jMSJ7yhMDUFolEeSRFD1KgdO1PZik6LCRO+OJxkUYas920f5f0uyGb3iBkpLDt7T
WwNcauKFQIl6DSVx+tfocfWk+EIhT8t6MNUuM07yUqvbLXtmhsxD/LW/qg8iTp4E
WKSsG1N1jkeXUuqUkJoGGKJ4AfeGiG5+Dxok7J8ZYdfspVanJB6Hn1/BNMBbvJ+j
zrTtKwo=
-----END CERTIFICATE-----
Generated at Fri Apr 11 19:52:25 2025 by rpki-client