Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9179672/E5F45AD05F5411EF8D18BE23C4F9AE02/7C9E813A5F5611EFA2EEFA2AC4F9AE02.roa
File: 7C9E813A5F5611EFA2EEFA2AC4F9AE02.roa (raw, json)
Hash identifier: PMAdPL/n1UfgwZmLBr5ASQ3nbAlWwc3f1iUmScgD7K4=
Subject key identifier: 73:C7:67:95:36:EE:28:7E:63:BE:F3:BA:BB:9A:46:6A:7F:DA:EC:B7
Certificate issuer: /CN=A9179672/serialNumber=91AA7783FB027819838C4A91C91C60D41FB3EEAB
Certificate serial: 03
Authority key identifier: 91:AA:77:83:FB:02:78:19:83:8C:4A:91:C9:1C:60:D4:1F:B3:EE:AB
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kap3g_sCeBmDjEqRyRxg1B-z7qs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9179672/E5F45AD05F5411EF8D18BE23C4F9AE02/7C9E813A5F5611EFA2EEFA2AC4F9AE02.roa
Signing time: Wed 21 Aug 2024 00:44:14 +0000
ROA not before: Wed 21 Aug 2024 00:44:14 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 16509
IP address blocks: 192.206.156.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9179672
Validity
Not Before: Aug 21 00:44:14 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=66c5385d-4ebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9e:ce:29:b5:6c:95:66:2c:0e:36:81:e9:44:
f7:64:3e:8b:3d:8d:d1:7d:ec:a4:36:97:41:f0:32:
c2:2a:4f:d9:27:b6:60:60:6e:1f:67:8d:a6:41:71:
d3:e0:97:43:da:f5:95:d3:27:5b:9e:09:40:b7:1d:
89:37:ca:b9:33:e4:a6:e4:9d:94:be:74:62:4d:42:
b3:de:67:a9:55:ac:db:7a:a4:96:a8:b3:8c:ae:bd:
dc:7e:4d:65:1b:f2:7b:6d:1f:00:eb:d6:27:01:1c:
e9:40:db:0a:60:d8:75:e3:eb:80:da:00:eb:db:74:
34:05:9d:5a:d6:a6:bb:c2:0b:a0:6f:77:d4:56:d3:
58:fc:0e:eb:12:1b:d5:50:38:37:2d:3b:a5:e6:b6:
f5:81:4a:b6:6b:df:3f:5d:53:4a:1e:86:f2:5a:72:
c5:6a:e6:d7:e8:b6:35:2b:9f:a2:2e:10:5a:53:d1:
3c:aa:ce:53:e0:d7:bb:d5:9d:4a:c4:7f:bf:5b:0d:
bc:93:ed:61:ac:36:e5:58:53:85:a4:3c:e2:63:59:
94:93:26:56:4d:dc:52:91:4f:48:f9:63:a3:f2:22:
c7:08:19:5d:e1:59:c9:f6:df:54:0f:5f:29:1f:a7:
2d:fb:8a:75:32:95:de:25:93:d9:78:d9:bb:27:76:
f0:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:C7:67:95:36:EE:28:7E:63:BE:F3:BA:BB:9A:46:6A:7F:DA:EC:B7
X509v3 Authority Key Identifier:
keyid:91:AA:77:83:FB:02:78:19:83:8C:4A:91:C9:1C:60:D4:1F:B3:EE:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9179672/E5F45AD05F5411EF8D18BE23C4F9AE02/kap3g_sCeBmDjEqRyRxg1B-z7qs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kap3g_sCeBmDjEqRyRxg1B-z7qs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9179672/E5F45AD05F5411EF8D18BE23C4F9AE02/7C9E813A5F5611EFA2EEFA2AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.206.156.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:2a:87:60:2d:ee:b4:8c:c2:87:b4:05:8c:12:6c:6f:15:26:
4e:a7:9a:0b:1b:a3:6a:ff:3d:65:2b:0f:e2:3d:22:21:89:2e:
28:85:38:3e:cd:57:0b:7d:24:07:c9:48:9f:0c:9a:4c:f7:cb:
27:bc:dc:93:3b:47:53:4c:1d:67:fc:d3:16:c3:b2:73:af:18:
17:d8:66:d2:9f:19:63:ef:ef:7c:92:99:e0:f5:84:e6:f3:16:
0b:2b:b7:74:2a:6c:3c:3a:80:ff:bb:8a:84:fc:17:de:bf:4e:
1b:b7:ad:5a:09:88:cd:80:e0:c8:8c:56:20:b9:08:cd:b3:f8:
36:8e:71:2d:f4:9b:c8:7e:90:d4:0f:6c:6a:c5:bb:b2:ca:5a:
0c:6a:14:21:99:20:2f:4f:38:6f:8e:7b:9e:ad:23:90:70:a6:
81:cf:e0:9c:17:01:f2:c7:8f:e2:e0:3e:27:a9:f6:71:62:7f:
6e:51:09:f1:cd:b9:c1:a5:d2:b5:45:d5:99:21:43:f8:4d:12:
cb:fd:a3:14:38:a6:1a:26:9e:04:52:f8:05:a0:ea:55:42:d9:
c8:5d:f5:21:f9:78:ce:f5:30:35:26:08:1d:89:f8:11:e6:dd:
cd:dd:24:70:9b:3e:cb:89:1f:5e:3e:e2:08:43:f8:00:85:b1:
74:0f:80:e1
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
OTY3MjExMC8GA1UEBRMoOTFBQTc3ODNGQjAyNzgxOTgzOEM0QTkxQzkxQzYwRDQx
RkIzRUVBQjAeFw0yNDA4MjEwMDQ0MTRaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YzUzODVkLTRlYmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC4ns4ptWyVZiwONoHpRPdkPos9jdF97KQ2l0HwMsIqT9kntmBgbh9njaZBcdPg
l0Pa9ZXTJ1ueCUC3HYk3yrkz5KbknZS+dGJNQrPeZ6lVrNt6pJaos4yuvdx+TWUb
8nttHwDr1icBHOlA2wpg2HXj64DaAOvbdDQFnVrWprvCC6Bvd9RW01j8DusSG9VQ
ODctO6XmtvWBSrZr3z9dU0oehvJacsVq5tfotjUrn6IuEFpT0TyqzlPg17vVnUrE
f79bDbyT7WGsNuVYU4WkPOJjWZSTJlZN3FKRT0j5Y6PyIscIGV3hWcn231QPXykf
py37inUyld4lk9l42bsndvAJAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUc8dnlTbu
KH5jvvO6u5pGan/a7LcwHwYDVR0jBBgwFoAUkap3g/sCeBmDjEqRyRxg1B+z7qsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc5NjcyL0U1RjQ1QUQwNUY1
NDExRUY4RDE4QkUyM0M0RjlBRTAyL2thcDNnX3NDZUJtRGpFcVJ5UnhnMUItejdx
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIva2FwM2dfc0NlQm1EakVxUnlSeGcxQi16N3FzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
OTY3Mi9FNUY0NUFEMDVGNTQxMUVGOEQxOEJFMjNDNEY5QUUwMi83QzlFODEzQTVG
NTYxMUVGQTJFRUZBMkFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAcDOnDANBgkqhkiG9w0BAQsFAAOCAQEAqSqHYC3utIzCh7QF
jBJsbxUmTqeaCxujav89ZSsP4j0iIYkuKIU4Ps1XC30kB8lInwyaTPfLJ7zckztH
U0wdZ/zTFsOyc68YF9hm0p8ZY+/vfJKZ4PWE5vMWCyu3dCpsPDqA/7uKhPwX3r9O
G7etWgmIzYDgyIxWILkIzbP4No5xLfSbyH6Q1A9sasW7sspaDGoUIZkgL084b457
nq0jkHCmgc/gnBcB8seP4uA+J6n2cWJ/blEJ8c25waXStUXVmSFD+E0Sy/2jFDim
GiaeBFL4BaDqVULZyF31Ifl4zvUwNSYIHYn4Eebdzd0kcJs+y4kfXj7iCEP4AIWx
dA+A4Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:09:37 2025 by rpki-client