Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/9C9389D4970311E9B7D3DE5AC4F9AE02.roa
File: 9C9389D4970311E9B7D3DE5AC4F9AE02.roa (raw, json)
Hash identifier: 0msFIFHq8Bi6Dy0orrBJDRYbRJioucs5FAZf2jEryJs=
Subject key identifier: 34:DF:BE:F9:8E:7F:E0:A1:3D:9D:A3:C2:57:1B:0F:DE:28:F2:F4:42
Certificate issuer: /CN=A917E04F/serialNumber=75DDCD0CD46258AC191AC390A2C925D8C035A857
Certificate serial: 0E3B
Authority key identifier: 75:DD:CD:0C:D4:62:58:AC:19:1A:C3:90:A2:C9:25:D8:C0:35:A8:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dd3NDNRiWKwZGsOQoskl2MA1qFc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/9C9389D4970311E9B7D3DE5AC4F9AE02.roa
Signing time: Wed 22 Jan 2025 17:55:56 +0000
ROA not before: Wed 22 Jan 2025 17:55:56 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 139050
IP address blocks: 203.14.165.0/24 maxlen: 24
203.14.165.0/25 maxlen: 25
203.14.165.128/25 maxlen: 25
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3643 (0xe3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E04F
Validity
Not Before: Jan 22 17:55:56 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6791312b-d126
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d5:f2:e6:4f:b3:81:00:0e:57:d6:22:2b:6f:
cc:11:54:01:c5:a8:a0:6d:c4:9e:97:4d:59:07:28:
8e:e3:93:3c:52:90:56:16:40:19:bb:af:ff:bc:e9:
1a:b8:d5:70:98:05:f1:75:a5:1c:94:67:ff:fb:94:
a8:a4:7c:82:3a:d5:7e:49:a1:f7:7b:c5:5e:8e:67:
bd:7f:83:98:0d:8f:0e:25:b4:d8:f9:c0:be:92:89:
86:a3:96:66:2e:65:eb:15:46:ab:0d:1e:9f:97:f0:
95:da:c9:d9:b5:54:73:73:3c:6c:78:ae:5c:fd:9c:
8d:31:30:76:e1:09:97:38:4f:77:dd:b0:c4:1f:87:
6f:5f:1e:af:f1:0a:d0:7d:aa:53:47:73:7b:07:98:
56:f7:43:c0:b2:3d:51:dd:88:2b:f3:af:17:c1:e9:
7b:29:e5:e0:66:d2:89:da:ce:6b:10:65:70:8a:88:
3a:a0:e5:9a:f0:1c:26:ab:31:30:35:df:52:b7:76:
33:79:42:1a:0e:37:eb:19:1a:36:48:ee:d8:27:a3:
ed:e4:a4:d2:95:29:8d:41:21:8b:44:07:e4:52:69:
7c:6e:ad:fb:01:98:44:8f:b2:37:16:08:32:dc:ed:
c2:c9:1e:53:8f:6e:81:a4:bf:c2:25:67:14:fa:bc:
a9:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:DF:BE:F9:8E:7F:E0:A1:3D:9D:A3:C2:57:1B:0F:DE:28:F2:F4:42
X509v3 Authority Key Identifier:
keyid:75:DD:CD:0C:D4:62:58:AC:19:1A:C3:90:A2:C9:25:D8:C0:35:A8:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dd3NDNRiWKwZGsOQoskl2MA1qFc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/9C9389D4970311E9B7D3DE5AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.14.165.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:e3:b2:3f:4c:fc:df:e4:c2:78:7b:15:85:fe:22:e2:ec:b3:
5d:d7:52:53:ad:e9:23:07:4e:a8:a4:c2:63:27:ab:8f:d3:1f:
76:7e:9e:79:2b:8b:02:cc:4f:96:b1:d6:e4:e3:ec:bf:3a:ce:
2e:b3:c0:50:08:4c:0f:c0:5d:f7:58:6b:7d:0d:de:df:15:0d:
8b:f4:dd:24:2a:63:5d:7f:af:fd:08:02:fb:07:80:a7:3a:28:
1c:e1:2b:67:d7:7f:07:e7:1b:be:39:ca:28:38:97:58:40:97:
0f:66:55:2e:6b:27:03:c1:95:a9:60:59:73:52:94:f5:f2:51:
a6:7e:7c:90:6c:51:4e:34:6e:c2:c4:3d:28:83:18:4c:c9:d9:
49:27:97:99:3d:f3:43:d4:ce:e2:a8:42:51:d2:29:2b:f3:93:
72:c9:c2:75:76:ca:81:a5:87:89:e5:94:7c:3c:75:5f:00:54:
ff:9d:bf:6a:0a:b3:de:18:35:5b:e3:33:d4:bb:1e:7c:63:d3:
16:0f:1a:bf:db:14:66:ee:de:bf:2d:de:68:c6:14:e7:10:ec:
b5:1a:54:e7:20:c9:22:18:a8:39:87:16:72:44:72:26:a4:c0:
e1:f0:e8:a0:0a:78:0d:58:c6:94:0a:63:40:a9:3a:57:48:d1:
2a:32:d9:83
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDjswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0UwNEYxMTAvBgNVBAUTKDc1RERDRDBDRDQ2MjU4QUMxOTFBQzM5MEEyQzkyNUQ4
QzAzNUE4NTcwHhcNMjUwMTIyMTc1NTU2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkxMzEyYi1kMTI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmtXy5k+zgQAOV9YiK2/MEVQBxaigbcSel01ZByiO45M8UpBWFkAZu6//vOka
uNVwmAXxdaUclGf/+5SopHyCOtV+SaH3e8Vejme9f4OYDY8OJbTY+cC+komGo5Zm
LmXrFUarDR6fl/CV2snZtVRzczxseK5c/ZyNMTB24QmXOE933bDEH4dvXx6v8QrQ
fapTR3N7B5hW90PAsj1R3Ygr868Xwel7KeXgZtKJ2s5rEGVwiog6oOWa8BwmqzEw
Nd9St3YzeUIaDjfrGRo2SO7YJ6Pt5KTSlSmNQSGLRAfkUml8bq37AZhEj7I3Fggy
3O3CyR5Tj26BpL/CJWcU+rypVwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDTfvvmO
f+ChPZ2jwlcbD94o8vRCMB8GA1UdIwQYMBaAFHXdzQzUYlisGRrDkKLJJdjANahX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTA0Ri80MTg1MzdGNDk3
MDMxMUU5QjRCN0IyNUFDNEY5QUUwMi9kZDNORE5SaVdLd1pHc09Rb3NrbDJNQTFx
RmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RkM05ETlJpV0t3WkdzT1Fvc2tsMk1BMXFGYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0UwNEYvNDE4NTM3RjQ5NzAzMTFFOUI0QjdCMjVBQzRGOUFFMDIvOUM5Mzg5RDQ5
NzAzMTFFOUI3RDNERTVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLDqUwDQYJKoZIhvcNAQELBQADggEBALXjsj9M/N/kwnh7
FYX+IuLss13XUlOt6SMHTqikwmMnq4/TH3Z+nnkriwLMT5ax1uTj7L86zi6zwFAI
TA/AXfdYa30N3t8VDYv03SQqY11/r/0IAvsHgKc6KBzhK2fXfwfnG745yig4l1hA
lw9mVS5rJwPBlalgWXNSlPXyUaZ+fJBsUU40bsLEPSiDGEzJ2Uknl5k980PUzuKo
QlHSKSvzk3LJwnV2yoGlh4nllHw8dV8AVP+dv2oKs94YNVvjM9S7Hnxj0xYPGr/b
FGbu3r8t3mjGFOcQ7LUaVOcgySIYqDmHFnJEciakwOHw6KAKeA1YxpQKY0CpOldI
0Soy2YM=
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:15:52 2025 by rpki-client