Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91627F9/288DF14AE9C411EF9920930AC4F9AE02/BA8DB662085911F082EDFD31C4F9AE02.roa
File: BA8DB662085911F082EDFD31C4F9AE02.roa (raw, json)
Hash identifier: rPwsbk1iK8m/wIOTQ5ToBttJBfvQLb/F94KXTbHXYq0=
Subject key identifier: F0:B9:FC:6B:AA:BE:A1:56:A8:34:03:08:AE:D3:25:E3:DC:AD:26:18
Certificate issuer: /CN=A91627F9/serialNumber=F375476F3235DC3D525171E2BE9211638E490847
Certificate serial: 1E
Authority key identifier: F3:75:47:6F:32:35:DC:3D:52:51:71:E2:BE:92:11:63:8E:49:08:47
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/83VHbzI13D1SUXHivpIRY45JCEc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91627F9/288DF14AE9C411EF9920930AC4F9AE02/BA8DB662085911F082EDFD31C4F9AE02.roa
Signing time: Mon 24 Mar 2025 02:43:12 +0000
ROA not before: Mon 24 Mar 2025 02:43:12 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 153720
IP address blocks: 203.0.120.0/24 maxlen: 24
2001:df5:1bc0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30 (0x1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91627F9
Validity
Not Before: Mar 24 02:43:12 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67e0c6c0-249d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:42:f1:88:be:b4:25:bf:df:b3:03:4a:4a:9c:
26:45:65:0b:ff:a7:fb:9f:2a:c9:bb:d2:c5:05:dd:
2e:9c:b9:4f:ea:1b:53:a7:dd:6f:cd:29:d7:fd:67:
5e:cd:53:d1:24:40:fa:64:06:60:81:1c:c5:da:a0:
7c:dd:3b:0e:93:5f:7f:2f:ba:30:1d:55:cd:ef:f7:
71:99:7a:71:6f:ae:09:21:f6:b9:a4:95:f9:40:a6:
c2:27:75:c7:81:3c:5c:6f:cf:94:22:e6:7d:bb:11:
75:fe:2b:fb:f4:a2:bb:fc:02:dc:c7:2f:e8:2c:2c:
05:1f:51:b1:37:5f:74:94:03:dc:49:32:8b:34:2a:
75:d5:07:52:94:e5:6a:aa:0f:09:8d:94:b4:77:04:
21:e4:4b:8c:65:20:55:b8:d2:b4:9d:a4:5c:9f:e9:
eb:60:8f:28:c0:c9:62:0b:bf:aa:40:a8:67:1f:ce:
c0:cf:9d:5a:b6:c3:23:fd:0b:22:e9:db:81:8c:19:
2a:d9:b7:7c:bb:25:8d:fc:8f:67:f9:a1:3b:eb:f0:
1c:95:07:e7:95:b4:7c:83:3a:8d:75:4f:90:13:37:
c4:93:16:72:43:e2:2e:f4:e9:1f:3d:7a:80:ae:4e:
15:25:79:b7:d4:49:f9:cc:6c:c5:ad:d1:58:3d:5f:
61:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:B9:FC:6B:AA:BE:A1:56:A8:34:03:08:AE:D3:25:E3:DC:AD:26:18
X509v3 Authority Key Identifier:
keyid:F3:75:47:6F:32:35:DC:3D:52:51:71:E2:BE:92:11:63:8E:49:08:47
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91627F9/288DF14AE9C411EF9920930AC4F9AE02/83VHbzI13D1SUXHivpIRY45JCEc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/83VHbzI13D1SUXHivpIRY45JCEc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91627F9/288DF14AE9C411EF9920930AC4F9AE02/BA8DB662085911F082EDFD31C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.0.120.0/24
IPv6:
2001:df5:1bc0::/48
Signature Algorithm: sha256WithRSAEncryption
93:66:11:c2:db:9b:e7:06:a8:05:d6:18:2c:83:66:48:94:4c:
04:ba:a8:32:dc:76:be:86:d8:0b:95:3e:43:8a:fa:6d:24:77:
7f:3b:de:29:85:76:08:5d:da:04:ab:e7:7a:3e:f1:19:fd:3c:
bb:81:ea:2a:f0:59:44:4a:13:48:07:ac:84:d8:15:e2:29:c1:
65:cb:d2:95:3f:77:20:0b:6d:5e:dd:83:14:e1:86:81:d8:02:
56:93:f1:92:12:17:ff:2e:b7:c0:3f:d3:65:b4:cb:39:97:cf:
da:d1:b5:50:83:ea:3b:0b:cf:d8:bc:87:d8:7d:6c:a8:19:ce:
cb:00:19:ce:37:19:b6:6e:e4:51:2e:48:0b:67:39:47:db:1f:
fe:8b:4e:09:ba:39:fb:25:fd:96:0a:db:dc:c1:17:08:4a:cc:
f7:ed:90:7a:b4:24:06:95:3c:be:3f:f7:3a:d6:3e:23:99:03:
1b:22:38:31:a4:b7:af:1e:67:ee:ca:93:ee:2d:7c:d1:35:7c:
5d:de:ce:49:99:6a:71:20:f1:90:53:da:15:a7:b0:c9:e9:cd:
c5:5b:d3:91:1e:1a:84:58:7e:ee:d0:60:07:f2:ec:df:17:6d:
4c:ab:e2:09:1f:7e:35:6f:90:e3:e6:26:db:de:fd:f3:17:b5:
c7:f7:dd:1e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBHjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
MjdGOTExMC8GA1UEBRMoRjM3NTQ3NkYzMjM1REMzRDUyNTE3MUUyQkU5MjExNjM4
RTQ5MDg0NzAeFw0yNTAzMjQwMjQzMTJaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ZTBjNmMwLTI0OWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDDQvGIvrQlv9+zA0pKnCZFZQv/p/ufKsm70sUF3S6cuU/qG1On3W/NKdf9Z17N
U9EkQPpkBmCBHMXaoHzdOw6TX38vujAdVc3v93GZenFvrgkh9rmklflApsIndceB
PFxvz5Qi5n27EXX+K/v0orv8AtzHL+gsLAUfUbE3X3SUA9xJMos0KnXVB1KU5Wqq
DwmNlLR3BCHkS4xlIFW40rSdpFyf6etgjyjAyWILv6pAqGcfzsDPnVq2wyP9CyLp
24GMGSrZt3y7JY38j2f5oTvr8ByVB+eVtHyDOo11T5ATN8STFnJD4i706R89eoCu
ThUlebfUSfnMbMWt0Vg9X2EdAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU8Ln8a6q+
oVaoNAMIrtMl49ytJhgwHwYDVR0jBBgwFoAU83VHbzI13D1SUXHivpIRY45JCEcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYyN0Y5LzI4OERGMTRBRTlD
NDExRUY5OTIwOTMwQUM0RjlBRTAyLzgzVkhiekkxM0QxU1VYSGl2cElSWTQ1SkNF
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvODNWSGJ6STEzRDFTVVhIaXZwSVJZNDVKQ0VjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
MjdGOS8yODhERjE0QUU5QzQxMUVGOTkyMDkzMEFDNEY5QUUwMi9CQThEQjY2MjA4
NTkxMUYwODJFREZEMzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAMsAeDAPBAIAAjAJAwcAIAEN9RvAMA0GCSqGSIb3DQEBCwUA
A4IBAQCTZhHC25vnBqgF1hgsg2ZIlEwEuqgy3Ha+htgLlT5DivptJHd/O94phXYI
XdoEq+d6PvEZ/Ty7geoq8FlEShNIB6yE2BXiKcFly9KVP3cgC21e3YMU4YaB2AJW
k/GSEhf/LrfAP9NltMs5l8/a0bVQg+o7C8/YvIfYfWyoGc7LABnONxm2buRRLkgL
ZzlH2x/+i04Jujn7Jf2WCtvcwRcISsz37ZB6tCQGlTy+P/c61j4jmQMbIjgxpLev
HmfuypPuLXzRNXxd3s5JmWpxIPGQU9oVp7DJ6c3FW9ORHhqEWH7u0GAH8uzfF21M
q+IJH341b5Dj5ibb3v3zF7XH990e
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:23:47 2025 by rpki-client