Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916988B/F36B79B0807711EBB925F154C4F9AE02/D1B6FD008D6D11EB9DB49A32C4F9AE02.roa
File: D1B6FD008D6D11EB9DB49A32C4F9AE02.roa (raw, json)
Hash identifier: vO8BJ986/mLBngVCPGye7C9+jhQy/7A58iRckkgaf5o=
Subject key identifier: A7:95:3E:61:2B:F2:D6:67:9A:7C:BE:83:E3:11:B1:3F:A2:B2:7D:96
Certificate issuer: /CN=A916988B/serialNumber=BA49F2E02A635DD075F564166F111F5FADE5A7CB
Certificate serial: 05D0
Authority key identifier: BA:49:F2:E0:2A:63:5D:D0:75:F5:64:16:6F:11:1F:5F:AD:E5:A7:CB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukny4CpjXdB19WQWbxEfX63lp8s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916988B/F36B79B0807711EBB925F154C4F9AE02/D1B6FD008D6D11EB9DB49A32C4F9AE02.roa
Signing time: Sat 13 Jul 2024 00:13:59 +0000
ROA not before: Sat 13 Jul 2024 00:13:59 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 1221
IP address blocks: 203.5.32.0/24 maxlen: 24
203.5.33.0/24 maxlen: 24
203.5.37.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1488 (0x5d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916988B
Validity
Not Before: Jul 13 00:13:59 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6691c6c7-2a5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:87:8a:37:52:9c:33:0a:c0:2f:82:f2:9c:50:
70:2f:71:ea:0e:35:42:f8:41:fb:b6:2b:ac:74:cb:
61:b5:13:8e:06:7b:df:95:ce:4a:0f:6e:69:12:01:
c4:d8:a1:75:9e:cd:71:26:1b:b0:9f:63:c4:95:d6:
40:db:6a:ec:7e:05:bd:8a:85:9b:27:ae:84:01:39:
11:be:72:32:e3:29:a5:c2:86:59:50:d3:2c:36:d2:
12:33:1d:e8:43:2c:74:50:7b:5c:50:71:aa:33:82:
35:21:ac:80:36:e5:a2:96:f2:1b:49:3d:c2:b8:27:
f1:45:52:7f:f5:0e:15:a9:59:f5:bb:63:07:b2:b6:
99:cc:de:75:8f:32:25:97:3f:9f:68:72:19:3b:83:
3f:d7:15:3b:af:83:dc:c1:2f:f4:12:ff:4d:fc:99:
37:2e:c6:3f:d8:30:cb:ac:5c:2e:52:6c:41:fa:43:
f1:eb:04:3f:a8:e7:ef:b8:53:5b:5f:a0:e6:0b:39:
9c:40:89:32:c4:81:7c:eb:b7:90:18:a4:fc:30:7c:
0d:71:b9:a1:aa:e8:4f:68:0c:f7:00:f6:78:45:f7:
f0:b6:32:28:2c:01:f3:56:bf:0d:9b:91:0b:d5:ae:
19:2c:29:72:f9:c0:5b:24:bb:98:c1:c2:9e:33:1b:
0a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:95:3E:61:2B:F2:D6:67:9A:7C:BE:83:E3:11:B1:3F:A2:B2:7D:96
X509v3 Authority Key Identifier:
keyid:BA:49:F2:E0:2A:63:5D:D0:75:F5:64:16:6F:11:1F:5F:AD:E5:A7:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916988B/F36B79B0807711EBB925F154C4F9AE02/ukny4CpjXdB19WQWbxEfX63lp8s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukny4CpjXdB19WQWbxEfX63lp8s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916988B/F36B79B0807711EBB925F154C4F9AE02/D1B6FD008D6D11EB9DB49A32C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.5.32.0/23
203.5.37.0/24
Signature Algorithm: sha256WithRSAEncryption
00:c2:48:5c:e0:41:c1:9e:19:9f:4d:3a:39:a7:26:20:d7:55:
a0:16:03:ab:98:0e:e4:7a:a9:08:62:c9:df:f9:b4:f0:61:1b:
03:13:e5:89:85:84:e6:bd:55:bd:a5:2a:81:c8:b5:8d:f4:0a:
4d:4a:67:e2:d4:42:ce:3f:65:e0:64:4b:f0:f7:e7:47:71:51:
ab:c2:1f:a0:fe:83:7b:96:89:8f:6c:15:77:56:79:18:8a:d0:
13:8a:e2:7a:b9:98:c9:9b:22:ef:2b:41:06:2c:4a:56:86:56:
0e:65:f0:60:4a:74:ab:32:9c:39:ac:d4:5d:f4:e2:b0:bd:82:
c6:ed:ae:61:2b:79:2f:89:16:e6:0a:ae:7d:06:fa:f0:1f:61:
74:5f:4e:0a:db:2d:d7:0a:15:5e:df:ae:42:08:a5:f4:6d:0e:
80:74:b1:d6:6c:cd:b1:3d:1d:61:b5:f5:05:33:5d:3d:a5:6d:
ea:37:88:4e:c6:59:78:85:4e:8a:a7:c9:d4:35:63:ee:31:c4:
a3:28:89:43:83:06:ba:22:82:08:14:df:72:41:18:58:a2:26:
4b:5c:04:05:72:fc:c7:30:eb:b0:03:7e:cb:38:c7:eb:af:48:
0f:49:6b:41:67:e7:9c:4e:24:51:08:95:65:00:78:86:5b:ab:
ad:7a:19:e7
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBdAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njk4OEIxMTAvBgNVBAUTKEJBNDlGMkUwMkE2MzVERDA3NUY1NjQxNjZGMTExRjVG
QURFNUE3Q0IwHhcNMjQwNzEzMDAxMzU5WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjkxYzZjNy0yYTVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyYeKN1KcMwrAL4LynFBwL3HqDjVC+EH7tiusdMthtROOBnvflc5KD25pEgHE
2KF1ns1xJhuwn2PEldZA22rsfgW9ioWbJ66EATkRvnIy4ymlwoZZUNMsNtISMx3o
Qyx0UHtcUHGqM4I1IayANuWilvIbST3CuCfxRVJ/9Q4VqVn1u2MHsraZzN51jzIl
lz+faHIZO4M/1xU7r4PcwS/0Ev9N/Jk3LsY/2DDLrFwuUmxB+kPx6wQ/qOfvuFNb
X6DmCzmcQIkyxIF867eQGKT8MHwNcbmhquhPaAz3APZ4RffwtjIoLAHzVr8Nm5EL
1a4ZLCly+cBbJLuYwcKeMxsKywIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKeVPmEr
8tZnmny+g+MRsT+isn2WMB8GA1UdIwQYMBaAFLpJ8uAqY13QdfVkFm8RH1+t5afL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OTg4Qi9GMzZCNzlCMDgw
NzcxMUVCQjkyNUYxNTRDNEY5QUUwMi91a255NENwalhkQjE5V1FXYnhFZlg2M2xw
OHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Vrbnk0Q3BqWGRCMTlXUVdieEVmWDYzbHA4cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njk4OEIvRjM2Qjc5QjA4MDc3MTFFQkI5MjVGMTU0QzRGOUFFMDIvRDFCNkZEMDA4
RDZEMTFFQjlEQjQ5QTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAHLBSADBADLBSUwDQYJKoZIhvcNAQELBQADggEBAADCSFzg
QcGeGZ9NOjmnJiDXVaAWA6uYDuR6qQhiyd/5tPBhGwMT5YmFhOa9Vb2lKoHItY30
Ck1KZ+LUQs4/ZeBkS/D350dxUavCH6D+g3uWiY9sFXdWeRiK0BOK4nq5mMmbIu8r
QQYsSlaGVg5l8GBKdKsynDms1F304rC9gsbtrmEreS+JFuYKrn0G+vAfYXRfTgrb
LdcKFV7frkIIpfRtDoB0sdZszbE9HWG19QUzXT2lbeo3iE7GWXiFToqnydQ1Y+4x
xKMoiUODBroigggU33JBGFiiJktcBAVy/Mcw67ADfss4x+uvSA9Ja0Fn55xOJFEI
lWUAeIZbq616Gec=
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:53:56 2025 by rpki-client