Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/D4F00AA6E93611EFBAE3D429C4F9AE02.roa
File: D4F00AA6E93611EFBAE3D429C4F9AE02.roa (raw, json)
Hash identifier: xs6HzUV9auGrtAjORHs99oazL9QK3Zu9xjTbyLehRxw=
Subject key identifier: 78:A0:7B:8D:38:F7:75:A5:BE:2E:F8:D7:FF:04:77:9A:AB:CA:82:25
Certificate issuer: /CN=A916D8D9/serialNumber=031C9C26E5BAB1B01AF18A0BB1B970AB5773456B
Certificate serial: 05FD
Authority key identifier: 03:1C:9C:26:E5:BA:B1:B0:1A:F1:8A:0B:B1:B9:70:AB:57:73:45:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AxycJuW6sbAa8YoLsblwq1dzRWs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/D4F00AA6E93611EFBAE3D429C4F9AE02.roa
Signing time: Wed 12 Feb 2025 11:45:18 +0000
ROA not before: Wed 12 Feb 2025 11:45:18 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 9387
IP address blocks: 122.50.0.0/24 maxlen: 24
122.50.2.0/24 maxlen: 24
122.50.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1533 (0x5fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916D8D9
Validity
Not Before: Feb 12 11:45:18 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67ac89ce-2a7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:07:67:51:6a:ef:47:51:dd:3f:d8:bc:43:47:
65:70:4e:56:a7:9e:00:22:d1:18:1b:47:09:be:69:
a7:a1:53:8c:6e:a6:94:d2:80:ba:ba:77:1d:91:9f:
0e:73:2a:4b:26:1f:d2:f8:9e:24:96:0d:33:2d:8b:
26:e8:16:cd:20:40:7a:25:60:17:0c:4b:32:97:b6:
3c:b7:f9:63:8a:40:cc:95:bf:5d:42:11:cb:8b:33:
51:0a:16:91:2b:45:ab:7f:c3:7b:0d:3e:e2:f1:a8:
89:9f:29:f3:dd:9c:97:4e:bd:55:fc:eb:f7:bc:07:
a2:68:9c:a2:f2:b0:54:ff:43:4c:0e:38:48:cb:97:
e1:03:39:e1:d3:7a:24:8e:bb:94:9c:e2:88:94:43:
d1:92:9c:6a:fc:b6:9b:88:c5:d2:10:0b:2d:ed:b1:
4d:7d:0d:bd:bb:56:80:d8:55:4b:14:5c:18:06:fd:
f4:4c:f5:b8:39:de:fc:4b:e1:dc:48:6e:a2:bf:f3:
73:e4:b7:7a:47:ad:c5:39:34:25:e9:8a:7d:90:67:
18:f8:9d:27:2a:d8:27:fa:44:ce:ba:fb:30:bc:1a:
fa:47:32:00:e4:8e:57:bd:4e:fb:6f:c0:58:9c:d5:
8b:97:89:87:be:1f:47:8c:66:de:96:be:8d:a8:39:
2b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:A0:7B:8D:38:F7:75:A5:BE:2E:F8:D7:FF:04:77:9A:AB:CA:82:25
X509v3 Authority Key Identifier:
keyid:03:1C:9C:26:E5:BA:B1:B0:1A:F1:8A:0B:B1:B9:70:AB:57:73:45:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/AxycJuW6sbAa8YoLsblwq1dzRWs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AxycJuW6sbAa8YoLsblwq1dzRWs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/D4F00AA6E93611EFBAE3D429C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.50.0.0/24
122.50.2.0/23
Signature Algorithm: sha256WithRSAEncryption
18:7d:29:a9:39:2a:9e:d2:92:38:c3:af:86:a4:c5:57:2d:5a:
ab:62:c1:71:cc:87:56:f4:64:6f:13:ed:39:f8:a5:56:54:14:
d2:87:75:0c:e2:b7:81:7a:16:d9:c9:df:bd:64:cc:9d:ea:98:
c3:35:14:f3:1e:e4:0f:d0:b9:98:b6:c7:e2:ac:7d:73:71:88:
eb:b6:29:e0:ec:d1:8f:0a:a5:e6:30:7d:e5:47:4b:18:17:4b:
da:78:14:14:9f:df:aa:da:09:47:fa:a2:c0:ef:84:01:63:1c:
d9:5f:e8:6e:88:77:06:0e:ee:b5:9c:45:24:45:bb:da:54:24:
5d:fd:ce:96:23:ac:91:f5:0c:79:26:ce:4f:54:84:9d:ec:da:
a4:ba:bf:18:24:94:38:a1:dd:c7:72:5c:6b:93:b4:c7:54:1f:
cd:c7:19:be:b6:94:45:53:3f:88:eb:89:4c:d8:ce:bd:ca:ec:
35:59:f1:5c:7f:ac:30:80:a0:07:ad:8e:9f:6e:30:be:d4:a1:
bb:3c:6a:f2:2c:e3:22:c6:7e:42:22:7d:f1:76:d9:71:c9:9d:
d2:7c:72:11:47:76:f0:19:3c:d1:9e:a9:d6:dd:a2:c9:54:fa:
5c:fb:61:8e:d6:1e:c3:1a:35:31:5e:94:14:de:3f:30:24:b8:
e5:6e:88:9f
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBf0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQ4RDkxMTAvBgNVBAUTKDAzMUM5QzI2RTVCQUIxQjAxQUYxOEEwQkIxQjk3MEFC
NTc3MzQ1NkIwHhcNMjUwMjEyMTE0NTE4WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FjODljZS0yYTdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzgdnUWrvR1HdP9i8Q0dlcE5Wp54AItEYG0cJvmmnoVOMbqaU0oC6uncdkZ8O
cypLJh/S+J4klg0zLYsm6BbNIEB6JWAXDEsyl7Y8t/ljikDMlb9dQhHLizNRChaR
K0Wrf8N7DT7i8aiJnynz3ZyXTr1V/Ov3vAeiaJyi8rBU/0NMDjhIy5fhAznh03ok
jruUnOKIlEPRkpxq/LabiMXSEAst7bFNfQ29u1aA2FVLFFwYBv30TPW4Od78S+Hc
SG6iv/Nz5Ld6R63FOTQl6Yp9kGcY+J0nKtgn+kTOuvswvBr6RzIA5I5XvU77b8BY
nNWLl4mHvh9HjGbelr6NqDkrfQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHige404
93Wlvi741/8Ed5qryoIlMB8GA1UdIwQYMBaAFAMcnCblurGwGvGKC7G5cKtXc0Vr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDhEOS81NDgzQkZCNkM4
RkIxMUVCQkE1QkFFNTFDNEY5QUUwMi9BeHljSnVXNnNiQWE4WW9Mc2Jsd3ExZHpS
V3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0F4eWNKdVc2c2JBYThZb0xzYmx3cTFkelJXcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQ4RDkvNTQ4M0JGQjZDOEZCMTFFQkJBNUJBRTUxQzRGOUFFMDIvRDRGMDBBQTZF
OTM2MTFFRkJBRTNENDI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAB6MgADBAF6MgIwDQYJKoZIhvcNAQELBQADggEBABh9Kak5
Kp7SkjjDr4akxVctWqtiwXHMh1b0ZG8T7Tn4pVZUFNKHdQzit4F6FtnJ371kzJ3q
mMM1FPMe5A/QuZi2x+KsfXNxiOu2KeDs0Y8KpeYwfeVHSxgXS9p4FBSf36raCUf6
osDvhAFjHNlf6G6IdwYO7rWcRSRFu9pUJF39zpYjrJH1DHkmzk9UhJ3s2qS6vxgk
lDih3cdyXGuTtMdUH83HGb62lEVTP4jriUzYzr3K7DVZ8Vx/rDCAoAetjp9uML7U
obs8avIs4yLGfkIiffF22XHJndJ8chFHdvAZPNGeqdbdoslU+lz7YY7WHsMaNTFe
lBTePzAkuOVuiJ8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:49:05 2025 by rpki-client