Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9179672/E5F45AD05F5411EF8D18BE23C4F9AE02/7D28331C5F5611EFA2EEFA2AC4F9AE02.roa
File: 7D28331C5F5611EFA2EEFA2AC4F9AE02.roa (raw, json)
Hash identifier: sm1bXqNXhtzmhGk6WZHzITEdLMVYd2jurzOdMUvFkeY=
Subject key identifier: 6A:2F:36:53:31:58:B4:06:5F:D1:ED:9F:38:49:E1:EB:16:A1:FB:F2
Certificate issuer: /CN=A9179672/serialNumber=91AA7783FB027819838C4A91C91C60D41FB3EEAB
Certificate serial: 04
Authority key identifier: 91:AA:77:83:FB:02:78:19:83:8C:4A:91:C9:1C:60:D4:1F:B3:EE:AB
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kap3g_sCeBmDjEqRyRxg1B-z7qs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9179672/E5F45AD05F5411EF8D18BE23C4F9AE02/7D28331C5F5611EFA2EEFA2AC4F9AE02.roa
Signing time: Wed 21 Aug 2024 00:44:14 +0000
ROA not before: Wed 21 Aug 2024 00:44:14 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 4771
IP address blocks: 192.206.156.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9179672
Validity
Not Before: Aug 21 00:44:14 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=66c5385e-e041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:b5:c5:c5:fb:d8:72:73:6e:d7:eb:28:6e:8e:
03:e3:22:1e:ee:a4:9d:86:e8:1c:6e:38:a0:16:98:
96:e6:85:9f:aa:3b:bf:43:5d:f1:55:40:6d:d7:9d:
12:b4:6e:1c:08:ff:f0:54:a0:19:6a:23:8c:c1:00:
49:35:e7:73:44:fd:e8:1c:99:bd:e3:03:c2:20:d5:
b5:d6:a4:e3:68:70:3a:7f:b0:99:1f:55:a6:1c:9b:
c3:c1:3e:ec:e1:bd:40:7c:9b:55:b9:76:3d:3c:63:
31:4b:4d:b6:b4:8c:a3:54:d1:74:23:7a:1a:b9:41:
19:f1:e5:cd:b9:39:fd:a8:ca:9e:93:9d:d0:e4:95:
f5:fc:37:f4:2a:03:7b:ee:29:bc:37:86:13:8a:d9:
af:1b:3e:40:8c:fb:ab:6e:09:c6:0f:80:0b:e8:53:
8c:84:fd:98:a5:8c:18:0c:dc:d9:2e:65:3a:76:8e:
24:5f:64:33:fe:28:d4:db:94:b4:14:66:b7:3d:f9:
b7:21:ae:0d:fd:ec:ba:06:8d:96:76:3d:dc:e5:4c:
aa:83:52:7f:99:c7:33:77:8d:00:b7:3d:f0:cc:4d:
07:1a:da:12:47:d6:52:48:aa:c3:b4:9a:c7:3d:92:
14:d2:ab:ab:cf:f0:83:64:dd:df:b5:f1:f3:04:be:
9b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:2F:36:53:31:58:B4:06:5F:D1:ED:9F:38:49:E1:EB:16:A1:FB:F2
X509v3 Authority Key Identifier:
keyid:91:AA:77:83:FB:02:78:19:83:8C:4A:91:C9:1C:60:D4:1F:B3:EE:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9179672/E5F45AD05F5411EF8D18BE23C4F9AE02/kap3g_sCeBmDjEqRyRxg1B-z7qs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kap3g_sCeBmDjEqRyRxg1B-z7qs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9179672/E5F45AD05F5411EF8D18BE23C4F9AE02/7D28331C5F5611EFA2EEFA2AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.206.156.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:a2:42:32:8a:53:ea:c7:60:3f:1e:bd:01:2b:04:75:ff:95:
b1:6b:69:ae:9e:2f:33:57:81:b9:de:a5:cd:07:ce:24:d6:af:
9c:88:3d:de:08:30:81:80:7a:e9:37:63:76:71:33:f8:5c:48:
51:87:8f:fc:07:aa:7e:9a:c4:77:40:86:68:7f:77:db:75:79:
94:2e:1a:7a:c5:ba:21:e2:64:e6:5a:bd:a1:3d:53:8a:86:17:
80:f5:d4:44:87:6d:d3:ea:1c:9f:58:ec:8c:76:95:e7:ad:2a:
e1:92:e0:ca:ea:ee:27:82:5b:59:ae:b6:1a:3b:e8:86:ea:7a:
06:96:17:fb:70:18:53:b1:16:b0:1e:09:2b:f7:c1:bd:1c:32:
7e:9d:23:a3:d3:9e:be:83:c2:f0:0e:c1:9d:18:c1:5d:7e:67:
d1:cf:9b:d7:89:8d:8a:db:d7:8b:ac:bc:52:9e:91:a5:1d:fc:
5e:8a:e0:4c:03:83:ca:2c:b8:ce:6e:22:6c:36:92:77:50:62:
0c:49:25:2c:a4:4e:ef:52:b0:ee:7c:11:69:37:2f:a6:eb:0e:
1d:54:3c:c5:ac:3c:67:5c:37:77:96:a5:51:49:a7:a3:ef:08:
e8:99:2a:71:1c:d0:50:f3:e0:d5:2f:06:5c:7c:05:ef:82:a5:
9c:83:91:51
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
OTY3MjExMC8GA1UEBRMoOTFBQTc3ODNGQjAyNzgxOTgzOEM0QTkxQzkxQzYwRDQx
RkIzRUVBQjAeFw0yNDA4MjEwMDQ0MTRaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YzUzODVlLWUwNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD2tcXF+9hyc27X6yhujgPjIh7upJ2G6BxuOKAWmJbmhZ+qO79DXfFVQG3XnRK0
bhwI//BUoBlqI4zBAEk153NE/egcmb3jA8Ig1bXWpONocDp/sJkfVaYcm8PBPuzh
vUB8m1W5dj08YzFLTba0jKNU0XQjehq5QRnx5c25Of2oyp6TndDklfX8N/QqA3vu
Kbw3hhOK2a8bPkCM+6tuCcYPgAvoU4yE/ZiljBgM3NkuZTp2jiRfZDP+KNTblLQU
Zrc9+bchrg397LoGjZZ2PdzlTKqDUn+ZxzN3jQC3PfDMTQca2hJH1lJIqsO0msc9
khTSq6vP8INk3d+18fMEvpvVAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUai82UzFY
tAZf0e2fOEnh6xah+/IwHwYDVR0jBBgwFoAUkap3g/sCeBmDjEqRyRxg1B+z7qsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc5NjcyL0U1RjQ1QUQwNUY1
NDExRUY4RDE4QkUyM0M0RjlBRTAyL2thcDNnX3NDZUJtRGpFcVJ5UnhnMUItejdx
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIva2FwM2dfc0NlQm1EakVxUnlSeGcxQi16N3FzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
OTY3Mi9FNUY0NUFEMDVGNTQxMUVGOEQxOEJFMjNDNEY5QUUwMi83RDI4MzMxQzVG
NTYxMUVGQTJFRUZBMkFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAcDOnDANBgkqhkiG9w0BAQsFAAOCAQEAC6JCMopT6sdgPx69
ASsEdf+VsWtprp4vM1eBud6lzQfOJNavnIg93ggwgYB66TdjdnEz+FxIUYeP/Aeq
fprEd0CGaH9323V5lC4aesW6IeJk5lq9oT1TioYXgPXURIdt0+ocn1jsjHaV560q
4ZLgyuruJ4JbWa62Gjvohup6BpYX+3AYU7EWsB4JK/fBvRwyfp0jo9OevoPC8A7B
nRjBXX5n0c+b14mNitvXi6y8Up6RpR38XorgTAODyiy4zm4ibDaSd1BiDEklLKRO
71Kw7nwRaTcvpusOHVQ8xaw8Z1w3d5alUUmno+8I6JkqcRzQUPPg1S8GXHwF74Kl
nIORUQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:41:59 2025 by rpki-client