Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916988B/F36B79B0807711EBB925F154C4F9AE02/D24316B48D6D11EB9DB49A32C4F9AE02.roa
File: D24316B48D6D11EB9DB49A32C4F9AE02.roa (raw, json)
Hash identifier: ydw76epyjXbZhwBlfsXtLnXh1HYx108LFVcke+cDAAQ=
Subject key identifier: 12:C9:CC:53:EB:01:47:B7:49:B0:A7:FE:D1:C8:7F:15:F1:78:31:FE
Certificate issuer: /CN=A916988B/serialNumber=BA49F2E02A635DD075F564166F111F5FADE5A7CB
Certificate serial: 05F4
Authority key identifier: BA:49:F2:E0:2A:63:5D:D0:75:F5:64:16:6F:11:1F:5F:AD:E5:A7:CB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukny4CpjXdB19WQWbxEfX63lp8s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916988B/F36B79B0807711EBB925F154C4F9AE02/D24316B48D6D11EB9DB49A32C4F9AE02.roa
Signing time: Thu 05 Sep 2024 03:54:10 +0000
ROA not before: Thu 05 Sep 2024 03:54:10 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 139862
IP address blocks: 203.5.33.0/24 maxlen: 24
203.5.34.0/24 maxlen: 24
203.5.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1524 (0x5f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916988B
Validity
Not Before: Sep 5 03:54:10 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66d92b61-c46f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:cf:17:b7:51:00:f0:c1:49:70:e5:8c:4b:4e:
39:df:d4:7d:ca:eb:65:b0:57:3c:d4:48:ac:5b:a1:
c0:a0:ce:51:13:69:ba:59:e6:e8:b4:43:49:99:11:
e4:05:1e:c2:b0:ce:9c:14:fb:3f:02:07:79:28:3d:
fa:a9:bc:fa:a7:60:30:25:b2:01:ca:14:6c:9e:fe:
91:78:66:54:31:09:d8:42:b0:e4:7a:79:28:eb:c7:
b1:50:8b:88:6c:7c:67:47:bf:ee:66:f4:53:e2:5a:
2e:c8:14:48:0e:56:6c:f2:1f:6a:01:56:89:bf:14:
bf:3c:4c:1d:96:ae:08:bc:f4:7d:a3:88:f1:ff:7a:
ed:dd:4e:2c:a4:09:37:d4:a2:ed:20:9c:01:a5:68:
33:53:07:18:aa:e9:5c:c0:3f:50:87:1b:d9:ae:e5:
e7:a5:91:2f:cf:a7:20:65:eb:c3:4b:3d:76:ea:18:
80:a1:81:aa:2d:3f:2a:7a:e8:dc:65:fd:b8:e6:90:
ce:e8:a3:56:8e:93:fe:3a:88:97:39:1f:1e:cc:4f:
e0:04:86:e4:08:8a:c5:7e:e0:f9:8a:f3:53:34:2c:
8e:15:ab:fb:e9:c4:ed:a7:a8:33:ef:d1:cf:03:d8:
fe:32:c2:0e:67:65:51:33:67:e7:d5:cb:87:de:0e:
af:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:C9:CC:53:EB:01:47:B7:49:B0:A7:FE:D1:C8:7F:15:F1:78:31:FE
X509v3 Authority Key Identifier:
keyid:BA:49:F2:E0:2A:63:5D:D0:75:F5:64:16:6F:11:1F:5F:AD:E5:A7:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916988B/F36B79B0807711EBB925F154C4F9AE02/ukny4CpjXdB19WQWbxEfX63lp8s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukny4CpjXdB19WQWbxEfX63lp8s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916988B/F36B79B0807711EBB925F154C4F9AE02/D24316B48D6D11EB9DB49A32C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.5.33.0-203.5.35.255
Signature Algorithm: sha256WithRSAEncryption
5b:51:0d:08:f9:f9:37:80:61:53:25:97:a2:82:f8:8e:47:61:
fe:c5:b9:34:e6:58:3e:8d:e8:8e:c3:c4:00:f5:01:bb:cd:92:
44:cf:d9:2a:51:24:49:f6:57:3d:5e:2e:48:22:72:de:f5:80:
ff:f8:5b:df:57:e4:85:43:87:65:bd:00:9b:ea:ba:82:e4:96:
98:dc:46:d0:1d:58:77:3d:92:27:8e:89:96:44:f8:fb:57:d2:
57:13:6d:1c:cd:f4:e4:62:58:32:aa:af:fe:0e:59:47:80:98:
af:14:7c:5b:63:ac:ab:65:52:ba:93:0b:ef:13:30:77:a1:fb:
ce:35:21:50:21:a6:54:28:fd:23:4d:b1:c1:5f:6c:5f:8e:97:
4b:78:ad:6b:82:1f:5c:89:6b:89:a7:85:e4:a3:7a:ea:1f:ca:
17:21:7f:52:5b:b0:86:55:e4:94:58:41:fe:59:2c:fa:06:c1:
b2:02:8d:97:df:7f:5c:95:b7:2f:bf:14:be:1b:c2:64:0d:14:
7a:fe:34:de:0a:f4:58:65:f6:88:82:6c:34:76:6f:0f:4c:ae:
75:67:f5:3b:6e:d4:2d:08:34:42:2a:cb:fc:78:44:e4:bd:10:
48:e2:20:f5:d6:f7:5f:66:9f:60:73:5d:ca:e8:d6:c9:aa:62:
76:d6:35:e2
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICBfQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njk4OEIxMTAvBgNVBAUTKEJBNDlGMkUwMkE2MzVERDA3NUY1NjQxNjZGMTExRjVG
QURFNUE3Q0IwHhcNMjQwOTA1MDM1NDEwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5MmI2MS1jNDZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAws8Xt1EA8MFJcOWMS04539R9yutlsFc81EisW6HAoM5RE2m6WebotENJmRHk
BR7CsM6cFPs/Agd5KD36qbz6p2AwJbIByhRsnv6ReGZUMQnYQrDkenko68exUIuI
bHxnR7/uZvRT4louyBRIDlZs8h9qAVaJvxS/PEwdlq4IvPR9o4jx/3rt3U4spAk3
1KLtIJwBpWgzUwcYqulcwD9QhxvZruXnpZEvz6cgZevDSz126hiAoYGqLT8qeujc
Zf245pDO6KNWjpP+OoiXOR8ezE/gBIbkCIrFfuD5ivNTNCyOFav76cTtp6gz79HP
A9j+MsIOZ2VRM2fn1cuH3g6v2wIDAQABo4ICnTCCApkwHQYDVR0OBBYEFBLJzFPr
AUe3SbCn/tHIfxXxeDH+MB8GA1UdIwQYMBaAFLpJ8uAqY13QdfVkFm8RH1+t5afL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OTg4Qi9GMzZCNzlCMDgw
NzcxMUVCQjkyNUYxNTRDNEY5QUUwMi91a255NENwalhkQjE5V1FXYnhFZlg2M2xw
OHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Vrbnk0Q3BqWGRCMTlXUVdieEVmWDYzbHA4cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njk4OEIvRjM2Qjc5QjA4MDc3MTFFQkI5MjVGMTU0QzRGOUFFMDIvRDI0MzE2QjQ4
RDZEMTFFQjlEQjQ5QTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAMsFIQMEAssFIDANBgkqhkiG9w0BAQsFAAOCAQEAW1EN
CPn5N4BhUyWXooL4jkdh/sW5NOZYPo3ojsPEAPUBu82SRM/ZKlEkSfZXPV4uSCJy
3vWA//hb31fkhUOHZb0Am+q6guSWmNxG0B1Ydz2SJ46JlkT4+1fSVxNtHM305GJY
Mqqv/g5ZR4CYrxR8W2Osq2VSupML7xMwd6H7zjUhUCGmVCj9I02xwV9sX46XS3it
a4IfXIlriaeF5KN66h/KFyF/UluwhlXklFhB/lks+gbBsgKNl99/XJW3L78UvhvC
ZA0Uev403gr0WGX2iIJsNHZvD0yudWf1O27ULQg0QirL/HhE5L0QSOIg9db3X2af
YHNdyujWyapidtY14g==
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:03:25 2025 by rpki-client