Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916DDB4/A6008316B93211EBB95D063CC4F9AE02/B951F87ABE6D11EF933FE870C4F9AE02.roa
File: B951F87ABE6D11EF933FE870C4F9AE02.roa (raw, json)
Hash identifier: z/OvD5EQcBmWZhdA8ip/E6h0FRzhkXq6osJ4yXLXzHc=
Subject key identifier: F6:16:39:8C:C6:33:CD:F0:8C:27:0C:C4:52:1B:D3:C1:07:75:2D:43
Certificate issuer: /CN=A916DDB4/serialNumber=2A477537F323EFB59DBD8DBEB3AFAB1F1582F546
Certificate serial: 058A
Authority key identifier: 2A:47:75:37:F3:23:EF:B5:9D:BD:8D:BE:B3:AF:AB:1F:15:82:F5:46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Kkd1N_Mj77WdvY2-s6-rHxWC9UY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916DDB4/A6008316B93211EBB95D063CC4F9AE02/B951F87ABE6D11EF933FE870C4F9AE02.roa
Signing time: Fri 20 Dec 2024 00:59:54 +0000
ROA not before: Fri 20 Dec 2024 00:59:54 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 7545
IP address blocks: 203.28.167.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1418 (0x58a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916DDB4
Validity
Not Before: Dec 20 00:59:54 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6764c18a-ab9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ac:dd:d9:35:9c:93:55:b2:22:11:dc:a2:c2:
8f:32:7b:e7:7e:0c:39:5e:d9:95:d6:2d:fb:44:0a:
40:fd:89:42:9d:48:a6:55:52:fc:ab:4c:60:c3:50:
02:61:f2:c8:30:44:95:4e:e9:13:f7:5f:75:04:37:
e2:90:ca:b8:bd:2c:26:5a:b7:50:81:99:cc:23:d7:
05:77:ee:24:fe:60:7e:21:16:b4:c0:d3:71:d8:4a:
1b:6d:d1:cf:5d:39:20:2c:e6:15:d8:d6:7d:dc:1a:
70:2e:2f:d2:68:b2:4c:09:5a:6d:5d:c3:63:bf:30:
f4:9f:71:f3:2e:af:d4:68:a5:06:47:11:7b:5d:3f:
a1:c4:39:ad:0f:c6:24:2e:81:7a:05:54:a8:1c:f5:
1a:aa:57:1a:f2:c0:b0:e2:af:51:e3:99:03:5a:50:
36:65:a9:10:af:f1:80:67:05:ee:57:be:28:9c:aa:
9e:2f:ca:da:88:bd:95:5e:10:f2:19:36:65:12:b0:
c2:ad:ec:05:04:6e:5e:07:aa:f1:26:c5:88:ca:a3:
08:09:ed:77:3a:5e:73:c1:07:b8:16:2d:48:95:34:
55:07:40:7f:c1:45:b0:d3:e8:85:24:36:c7:17:fd:
a5:fc:a1:8c:5e:ad:93:fe:c5:d9:4e:b6:80:81:6a:
d8:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:16:39:8C:C6:33:CD:F0:8C:27:0C:C4:52:1B:D3:C1:07:75:2D:43
X509v3 Authority Key Identifier:
keyid:2A:47:75:37:F3:23:EF:B5:9D:BD:8D:BE:B3:AF:AB:1F:15:82:F5:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916DDB4/A6008316B93211EBB95D063CC4F9AE02/Kkd1N_Mj77WdvY2-s6-rHxWC9UY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Kkd1N_Mj77WdvY2-s6-rHxWC9UY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916DDB4/A6008316B93211EBB95D063CC4F9AE02/B951F87ABE6D11EF933FE870C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.28.167.0/24
Signature Algorithm: sha256WithRSAEncryption
af:76:e3:68:37:a3:35:2d:7b:c3:16:b1:c7:47:cd:2c:5e:50:
70:d6:10:13:81:dd:85:89:da:b3:f1:36:d2:d8:d8:7c:5a:f8:
ce:b5:5f:03:ab:5d:66:c3:ea:6d:61:61:49:d0:b7:b9:9d:3f:
f6:77:c5:8d:c9:2c:8a:74:73:b8:f0:fc:90:30:8f:9e:76:bf:
0a:fa:46:87:bc:8d:b0:72:be:49:55:fe:d0:82:f1:f6:bd:c5:
eb:2f:9f:a0:2f:3e:5b:eb:ec:c2:c0:0c:4c:fd:63:18:65:2d:
96:49:4b:68:26:e7:fd:6a:9f:d8:5f:af:01:e1:9e:fa:a8:21:
67:99:df:d7:50:0e:e2:89:73:0b:90:21:c9:2c:92:5e:82:04:
17:d1:fa:61:da:34:a9:2d:66:11:da:7f:26:86:84:8e:d3:3f:
a2:02:98:65:9d:96:89:fd:f8:f2:f8:aa:e6:77:03:a4:90:d8:
81:f2:58:be:8d:5c:cc:34:e0:48:71:aa:32:68:e4:47:27:9e:
77:3e:c7:f0:89:37:89:32:99:17:47:85:96:ec:bb:ab:6d:93:
fb:c7:33:8a:30:5b:66:a1:d4:9b:18:3d:b3:ec:cb:a7:96:60:
bc:3f:90:a0:3e:14:a1:c5:ec:e4:d7:f2:e2:f2:9e:fa:b7:46:
43:28:af:32
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBYowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkREQjQxMTAvBgNVBAUTKDJBNDc3NTM3RjMyM0VGQjU5REJEOERCRUIzQUZBQjFG
MTU4MkY1NDYwHhcNMjQxMjIwMDA1OTU0WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY0YzE4YS1hYjlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuazd2TWck1WyIhHcosKPMnvnfgw5XtmV1i37RApA/YlCnUimVVL8q0xgw1AC
YfLIMESVTukT9191BDfikMq4vSwmWrdQgZnMI9cFd+4k/mB+IRa0wNNx2EobbdHP
XTkgLOYV2NZ93BpwLi/SaLJMCVptXcNjvzD0n3HzLq/UaKUGRxF7XT+hxDmtD8Yk
LoF6BVSoHPUaqlca8sCw4q9R45kDWlA2ZakQr/GAZwXuV74onKqeL8raiL2VXhDy
GTZlErDCrewFBG5eB6rxJsWIyqMICe13Ol5zwQe4Fi1IlTRVB0B/wUWw0+iFJDbH
F/2l/KGMXq2T/sXZTraAgWrYcQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPYWOYzG
M83wjCcMxFIb08EHdS1DMB8GA1UdIwQYMBaAFCpHdTfzI++1nb2NvrOvqx8VgvVG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RERCNC9BNjAwODMxNkI5
MzIxMUVCQjk1RDA2M0NDNEY5QUUwMi9La2QxTl9Najc3V2R2WTItczYtckh4V0M5
VVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0trZDFOX01qNzdXZHZZMi1zNi1ySHhXQzlVWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkREQjQvQTYwMDgzMTZCOTMyMTFFQkI5NUQwNjNDQzRGOUFFMDIvQjk1MUY4N0FC
RTZEMTFFRjkzM0ZFODcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLHKcwDQYJKoZIhvcNAQELBQADggEBAK9242g3ozUte8MW
scdHzSxeUHDWEBOB3YWJ2rPxNtLY2Hxa+M61XwOrXWbD6m1hYUnQt7mdP/Z3xY3J
LIp0c7jw/JAwj552vwr6Roe8jbByvklV/tCC8fa9xesvn6AvPlvr7MLADEz9Yxhl
LZZJS2gm5/1qn9hfrwHhnvqoIWeZ39dQDuKJcwuQIckskl6CBBfR+mHaNKktZhHa
fyaGhI7TP6ICmGWdlon9+PL4quZ3A6SQ2IHyWL6NXMw04EhxqjJo5Ecnnnc+x/CJ
N4kymRdHhZbsu6ttk/vHM4owW2ah1JsYPbPsy6eWYLw/kKA+FKHF7OTX8uLynvq3
RkMorzI=
-----END CERTIFICATE-----
Generated at Fri Apr 11 18:18:10 2025 by rpki-client