Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9174685/2D159182A97311EA9AABE923C4F9AE02/8BBD25F4EAE311EF95C23D4DC4F9AE02.roa
File: 8BBD25F4EAE311EF95C23D4DC4F9AE02.roa (raw, json)
Hash identifier: g6ZF73udqOvaMk79CC0xL6laKl1ilnMa4mhmtzges9Y=
Subject key identifier: 22:ED:76:02:37:C4:B7:0D:F2:A4:29:97:B3:6A:33:42:49:1D:29:B0
Certificate issuer: /CN=A9174685/serialNumber=A5F065FCC9EDA11DCA4D0DFC6D7C99075298D7FF
Certificate serial: 08E3
Authority key identifier: A5:F0:65:FC:C9:ED:A1:1D:CA:4D:0D:FC:6D:7C:99:07:52:98:D7:FF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pfBl_MntoR3KTQ38bXyZB1KY1_8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9174685/2D159182A97311EA9AABE923C4F9AE02/8BBD25F4EAE311EF95C23D4DC4F9AE02.roa
Signing time: Fri 14 Feb 2025 14:54:10 +0000
ROA not before: Fri 14 Feb 2025 14:54:09 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 9441
IP address blocks: 202.58.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2275 (0x8e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9174685
Validity
Not Before: Feb 14 14:54:09 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67af5911-1964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:bc:ba:16:e6:7e:00:1d:81:e3:9b:a7:21:e9:
c1:a5:fc:13:6f:db:6d:7e:b0:08:3a:e9:f1:e7:c2:
53:ce:bc:23:75:2c:3c:12:3b:0a:04:b7:09:0f:85:
9a:40:9a:fc:e1:bd:bb:0d:db:44:93:8a:e1:4f:3e:
a9:cc:c8:7b:de:1a:73:38:d3:cf:3a:bb:5c:57:f8:
ec:31:c7:31:51:82:3a:a3:d8:52:1c:2d:27:cf:f2:
c2:6e:06:d7:db:bd:a7:06:91:d3:b0:1f:b6:b2:1e:
a9:c6:7a:a8:40:89:f7:be:f4:2b:a6:6c:7b:7c:b3:
89:0f:74:c9:84:e0:09:a1:74:e7:d9:55:ae:17:c6:
74:33:2d:c9:86:8c:db:5e:bf:81:93:58:a0:8c:17:
b2:0a:b1:21:7d:12:f1:30:6c:47:c8:dc:2f:24:20:
57:87:6b:3c:22:1e:85:b9:49:86:21:6a:ac:31:1d:
11:5a:b6:2d:29:7a:28:a9:f3:58:56:cf:31:7b:7c:
e3:4b:6d:d7:a7:3f:b9:8c:24:b2:ed:fd:a2:a3:6c:
fc:7e:c7:75:95:1c:8f:db:89:bf:32:8f:18:82:77:
58:8a:87:f3:e9:4c:5e:8e:20:4a:70:03:83:09:b0:
20:55:3b:cc:40:bc:ce:3f:69:9e:46:1e:15:77:eb:
ca:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:ED:76:02:37:C4:B7:0D:F2:A4:29:97:B3:6A:33:42:49:1D:29:B0
X509v3 Authority Key Identifier:
keyid:A5:F0:65:FC:C9:ED:A1:1D:CA:4D:0D:FC:6D:7C:99:07:52:98:D7:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9174685/2D159182A97311EA9AABE923C4F9AE02/pfBl_MntoR3KTQ38bXyZB1KY1_8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pfBl_MntoR3KTQ38bXyZB1KY1_8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9174685/2D159182A97311EA9AABE923C4F9AE02/8BBD25F4EAE311EF95C23D4DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.58.252.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:4a:f0:fc:ed:c7:59:6f:5a:55:6e:5f:48:f2:c7:f0:6e:a7:
89:7e:bd:ac:f4:66:38:8f:44:d3:94:c0:a0:ed:55:a6:ba:fe:
3f:a7:9d:7a:5f:1e:9e:94:a7:5c:d5:f9:ce:b9:60:4c:83:51:
7c:13:d6:3d:de:45:a0:a2:79:f2:57:b1:23:ce:fd:97:bf:10:
29:4b:a8:86:d5:8b:f5:2e:92:45:7d:30:b2:65:6a:3f:6f:d7:
83:4f:55:18:42:a0:3d:f8:b7:03:32:56:da:df:d0:d6:a0:6b:
bb:17:63:06:95:94:bc:c3:6a:74:b9:46:4d:9e:61:de:2d:bf:
f6:c6:e7:2a:32:28:5e:4d:ff:36:92:0f:22:53:e6:77:e0:48:
a1:84:d3:7c:10:c5:f0:63:1b:43:d3:2c:83:a2:70:2f:4d:a7:
ad:6d:c1:9c:8b:1c:aa:34:7c:55:fc:71:a4:8a:12:b8:8a:40:
89:8a:1e:57:1c:40:cb:6b:86:40:c6:7d:28:c9:41:22:6e:d9:
7f:3c:3f:6e:d2:8c:e3:db:02:f7:7b:d0:6f:3a:7e:22:91:3e:
fb:7f:18:2e:f5:86:be:af:1a:f5:c4:82:a3:af:0f:c4:63:ad:
2d:93:78:2a:49:55:b7:d0:70:ea:bb:dc:27:28:44:43:33:71:
77:d6:82:4d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCOMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzQ2ODUxMTAvBgNVBAUTKEE1RjA2NUZDQzlFREExMURDQTREMERGQzZEN0M5OTA3
NTI5OEQ3RkYwHhcNMjUwMjE0MTQ1NDA5WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FmNTkxMS0xOTY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5by6FuZ+AB2B45unIenBpfwTb9ttfrAIOunx58JTzrwjdSw8EjsKBLcJD4Wa
QJr84b27DdtEk4rhTz6pzMh73hpzONPPOrtcV/jsMccxUYI6o9hSHC0nz/LCbgbX
272nBpHTsB+2sh6pxnqoQIn3vvQrpmx7fLOJD3TJhOAJoXTn2VWuF8Z0My3Jhozb
Xr+Bk1igjBeyCrEhfRLxMGxHyNwvJCBXh2s8Ih6FuUmGIWqsMR0RWrYtKXooqfNY
Vs8xe3zjS23Xpz+5jCSy7f2io2z8fsd1lRyP24m/Mo8YgndYiofz6UxejiBKcAOD
CbAgVTvMQLzOP2meRh4Vd+vKiwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCLtdgI3
xLcN8qQpl7NqM0JJHSmwMB8GA1UdIwQYMBaAFKXwZfzJ7aEdyk0N/G18mQdSmNf/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NDY4NS8yRDE1OTE4MkE5
NzMxMUVBOUFBQkU5MjNDNEY5QUUwMi9wZkJsX01udG9SM0tUUTM4Ylh5WkIxS1kx
XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BmQmxfTW50b1IzS1RRMzhiWHlaQjFLWTFfOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzQ2ODUvMkQxNTkxODJBOTczMTFFQTlBQUJFOTIzQzRGOUFFMDIvOEJCRDI1RjRF
QUUzMTFFRjk1QzIzRDREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKOvwwDQYJKoZIhvcNAQELBQADggEBAKNK8Pztx1lvWlVu
X0jyx/Bup4l+vaz0ZjiPRNOUwKDtVaa6/j+nnXpfHp6Up1zV+c65YEyDUXwT1j3e
RaCiefJXsSPO/Ze/EClLqIbVi/UukkV9MLJlaj9v14NPVRhCoD34twMyVtrf0Nag
a7sXYwaVlLzDanS5Rk2eYd4tv/bG5yoyKF5N/zaSDyJT5nfgSKGE03wQxfBjG0PT
LIOicC9Np61twZyLHKo0fFX8caSKEriKQImKHlccQMtrhkDGfSjJQSJu2X88P27S
jOPbAvd70G86fiKRPvt/GC71hr6vGvXEgqOvD8RjrS2TeCpJVbfQcOq73CcoREMz
cXfWgk0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:07:48 2025 by rpki-client