Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91778D4/D9D5693A905111ECA3699615C4F9AE02/13F9F650905511EC9A978D19C4F9AE02.roa
File: 13F9F650905511EC9A978D19C4F9AE02.roa (raw, json)
Hash identifier: CfbtaxsbT8QkNpB+dr8l4I71elKTP/TaO4DWd5BrJjY=
Subject key identifier: 3B:72:47:81:3E:14:6A:F9:56:96:7C:0F:81:80:46:AA:8B:B8:31:C7
Certificate issuer: /CN=A91778D4/serialNumber=3887ACDDF71CBEF4A7521D8451EECBAEB2519EFD
Certificate serial: 033E
Authority key identifier: 38:87:AC:DD:F7:1C:BE:F4:A7:52:1D:84:51:EE:CB:AE:B2:51:9E:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OIes3fccvvSnUh2EUe7LrrJRnv0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91778D4/D9D5693A905111ECA3699615C4F9AE02/13F9F650905511EC9A978D19C4F9AE02.roa
Signing time: Sun 29 Sep 2024 01:15:15 +0000
ROA not before: Sun 29 Sep 2024 01:15:15 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 7599
IP address blocks: 202.27.8.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 830 (0x33e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91778D4
Validity
Not Before: Sep 29 01:15:15 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66f8aa23-e66b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:54:8a:68:b8:fd:f2:a5:85:f7:83:43:71:4e:
d5:72:81:0f:5c:0c:f6:29:da:ab:22:32:5c:59:bd:
c8:23:46:22:be:a7:77:7a:f1:5b:2c:f7:97:51:c5:
d0:db:7a:9d:be:3a:32:1c:fa:2f:1b:de:a1:d6:7d:
f6:76:23:58:4b:8e:dd:1e:dd:fe:7d:ec:0d:df:22:
f3:e3:32:ad:43:c2:bc:1c:9b:ca:37:e5:a0:06:cf:
c1:5e:83:f8:b4:14:dd:a5:44:d1:1d:e0:0e:5e:1c:
22:0d:98:f8:86:cf:fb:1c:1f:7b:39:c1:8f:3a:f0:
2a:33:ae:fc:be:c2:f3:20:04:fb:f4:17:7f:75:a1:
e8:bb:3c:c1:ae:19:fb:55:b0:4c:70:f2:6d:3a:63:
db:32:16:6a:d4:69:af:01:77:c1:7e:c3:c8:f4:d2:
f4:60:17:a8:8a:a7:7f:41:3b:44:5b:94:78:8d:ef:
ed:bc:b1:f7:5c:10:b9:ea:af:75:a0:f7:cb:73:22:
a6:2b:e5:e3:2f:34:d2:5d:9d:67:2d:fa:4a:c7:c3:
22:61:77:a6:d2:7a:4e:ae:66:f5:12:5e:b5:e8:f7:
cb:da:a4:dd:cf:a7:b3:d7:88:ee:d9:30:e4:59:93:
93:cb:41:5c:8a:d3:8b:e8:f9:6a:48:48:da:12:ce:
9e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:72:47:81:3E:14:6A:F9:56:96:7C:0F:81:80:46:AA:8B:B8:31:C7
X509v3 Authority Key Identifier:
keyid:38:87:AC:DD:F7:1C:BE:F4:A7:52:1D:84:51:EE:CB:AE:B2:51:9E:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91778D4/D9D5693A905111ECA3699615C4F9AE02/OIes3fccvvSnUh2EUe7LrrJRnv0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OIes3fccvvSnUh2EUe7LrrJRnv0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91778D4/D9D5693A905111ECA3699615C4F9AE02/13F9F650905511EC9A978D19C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.27.8.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:59:c4:7c:cb:53:0f:43:eb:7f:c4:0b:80:8f:d4:94:af:c4:
79:ec:68:01:a3:b9:ed:8d:37:30:d8:8e:a2:9c:14:e4:6b:5d:
0b:b2:53:8a:87:65:42:a0:cb:b5:d0:51:ae:d3:75:bd:de:e7:
7c:92:c7:26:63:00:8c:d4:d3:81:a6:3a:e5:be:a8:1f:99:9d:
c1:4c:87:52:84:56:3f:65:4b:e4:e9:3a:5e:ef:37:ee:17:9b:
9b:2f:0d:3a:00:94:19:c9:dc:07:f8:47:d7:51:24:b4:3c:b3:
71:0d:94:cf:70:ea:a7:4e:d6:25:95:ae:cf:95:ab:aa:5c:59:
13:69:b2:d1:09:c3:be:d5:e7:df:01:98:74:b0:b6:2a:23:1a:
87:b2:bf:17:e1:5d:32:ad:37:d8:b0:5e:95:24:f3:ff:2c:cf:
9a:5e:05:8e:4b:e7:a5:99:76:a3:36:24:6e:be:56:88:72:f0:
14:da:92:f4:ad:a8:87:0a:19:81:f6:e6:89:2d:1b:59:c2:6a:
21:25:7f:34:81:82:a5:3d:aa:26:25:45:86:02:c4:79:da:91:
d5:70:0a:b6:2f:21:0a:37:7e:5e:7a:e8:69:f6:39:62:0a:9e:
d5:e1:28:44:df:28:a7:d5:70:fd:55:47:c9:11:f2:f9:55:b6:
6b:71:34:b2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAz4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Nzc4RDQxMTAvBgNVBAUTKDM4ODdBQ0RERjcxQ0JFRjRBNzUyMUQ4NDUxRUVDQkFF
QjI1MTlFRkQwHhcNMjQwOTI5MDExNTE1WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY4YWEyMy1lNjZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxlSKaLj98qWF94NDcU7VcoEPXAz2KdqrIjJcWb3II0Yivqd3evFbLPeXUcXQ
23qdvjoyHPovG96h1n32diNYS47dHt3+fewN3yLz4zKtQ8K8HJvKN+WgBs/BXoP4
tBTdpUTRHeAOXhwiDZj4hs/7HB97OcGPOvAqM678vsLzIAT79Bd/daHouzzBrhn7
VbBMcPJtOmPbMhZq1GmvAXfBfsPI9NL0YBeoiqd/QTtEW5R4je/tvLH3XBC56q91
oPfLcyKmK+XjLzTSXZ1nLfpKx8MiYXem0npOrmb1El616PfL2qTdz6ez14ju2TDk
WZOTy0FcitOL6PlqSEjaEs6eSwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDtyR4E+
FGr5VpZ8D4GARqqLuDHHMB8GA1UdIwQYMBaAFDiHrN33HL70p1IdhFHuy66yUZ79
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzhENC9EOUQ1NjkzQTkw
NTExMUVDQTM2OTk2MTVDNEY5QUUwMi9PSWVzM2ZjY3Z2U25VaDJFVWU3THJySlJu
djAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09JZXMzZmNjdnZTblVoMkVVZTdMcnJKUm52MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Nzc4RDQvRDlENTY5M0E5MDUxMTFFQ0EzNjk5NjE1QzRGOUFFMDIvMTNGOUY2NTA5
MDU1MTFFQzlBOTc4RDE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKGwgwDQYJKoZIhvcNAQELBQADggEBAH5ZxHzLUw9D63/E
C4CP1JSvxHnsaAGjue2NNzDYjqKcFORrXQuyU4qHZUKgy7XQUa7Tdb3e53ySxyZj
AIzU04GmOuW+qB+ZncFMh1KEVj9lS+TpOl7vN+4Xm5svDToAlBnJ3Af4R9dRJLQ8
s3ENlM9w6qdO1iWVrs+Vq6pcWRNpstEJw77V598BmHSwtiojGoeyvxfhXTKtN9iw
XpUk8/8sz5peBY5L56WZdqM2JG6+Vohy8BTakvStqIcKGYH25oktG1nCaiElfzSB
gqU9qiYlRYYCxHnakdVwCrYvIQo3fl566Gn2OWIKntXhKETfKKfVcP1VR8kR8vlV
tmtxNLI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:32:23 2025 by rpki-client