Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9183798/9017B50A4A2711E9ACF17C26C4F9AE02/3BD3D78AD17B11EF8626DB84C4F9AE02.roa
File: 3BD3D78AD17B11EF8626DB84C4F9AE02.roa (raw, json)
Hash identifier: ne4MIrP0LW4fBn3V850OcJJvHAxIdERvgyhfUkcH7D8=
Subject key identifier: B5:E6:85:A5:14:BF:DA:3F:1F:5C:50:5F:30:56:8F:4A:23:9F:E5:F9
Certificate issuer: /CN=A9183798/serialNumber=3A02EFF7CC9C8BAA12D7C852B6FFC69FB060989B
Certificate serial: 0FE0
Authority key identifier: 3A:02:EF:F7:CC:9C:8B:AA:12:D7:C8:52:B6:FF:C6:9F:B0:60:98:9B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OgLv98yci6oS18hStv_Gn7BgmJs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9183798/9017B50A4A2711E9ACF17C26C4F9AE02/3BD3D78AD17B11EF8626DB84C4F9AE02.roa
Signing time: Mon 13 Jan 2025 07:10:40 +0000
ROA not before: Mon 13 Jan 2025 07:10:39 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 137875
IP address blocks: 203.159.78.0/24 maxlen: 24
2405:3340:e128::/48 maxlen: 48
2405:3340:e129::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4064 (0xfe0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9183798
Validity
Not Before: Jan 13 07:10:39 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6784bc6f-d196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1f:ff:98:35:94:51:78:3e:91:57:97:a4:e9:
bb:51:e6:9c:fc:5c:e5:ee:20:aa:f4:70:da:8c:df:
b6:4a:d4:bf:ff:20:b0:29:0d:e0:65:27:dd:93:97:
25:cf:06:ef:57:b3:54:4f:33:c8:9a:ad:81:81:64:
f8:8a:d9:2c:d9:af:84:ea:36:1f:87:31:d1:71:9b:
eb:b0:a8:60:07:2e:5d:7d:e2:35:55:fd:78:61:32:
27:2d:a5:07:0a:93:dd:1e:24:ee:cb:22:e4:30:ed:
3e:05:aa:25:c8:10:f2:bf:18:2c:fb:f7:df:e1:5d:
46:d4:56:30:94:6b:2b:8c:56:81:43:b2:f6:8f:4f:
27:0a:4a:8c:bd:21:81:03:1f:73:de:47:ce:38:ab:
d2:e3:ea:ea:65:08:af:c3:27:7f:a9:1b:41:75:c5:
1d:48:5f:98:48:18:a5:07:f1:62:82:e1:1a:b6:6f:
22:64:a9:d8:0c:01:91:35:fb:e9:51:d2:6c:f1:a9:
20:92:29:7e:6f:ac:78:81:67:c1:41:88:64:47:22:
3b:a6:89:35:eb:d5:cd:5f:b2:ff:37:9a:cf:9e:53:
a3:f9:51:67:0b:84:5a:40:46:28:63:78:4c:f0:9d:
cd:a4:ba:f2:29:3d:a7:8d:04:3e:b1:f6:26:1d:f6:
be:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:E6:85:A5:14:BF:DA:3F:1F:5C:50:5F:30:56:8F:4A:23:9F:E5:F9
X509v3 Authority Key Identifier:
keyid:3A:02:EF:F7:CC:9C:8B:AA:12:D7:C8:52:B6:FF:C6:9F:B0:60:98:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9183798/9017B50A4A2711E9ACF17C26C4F9AE02/OgLv98yci6oS18hStv_Gn7BgmJs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OgLv98yci6oS18hStv_Gn7BgmJs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9183798/9017B50A4A2711E9ACF17C26C4F9AE02/3BD3D78AD17B11EF8626DB84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.159.78.0/24
IPv6:
2405:3340:e128::/47
Signature Algorithm: sha256WithRSAEncryption
4a:b0:93:c0:91:f1:a2:1d:da:41:a2:1b:8a:71:c7:e2:c4:6a:
d5:19:da:be:01:e2:6f:04:70:44:42:43:87:5e:8e:0c:12:fb:
cd:e1:c9:32:bc:16:22:3c:68:6c:7f:d5:9a:00:dd:99:53:ad:
ac:d4:0b:0a:da:ba:75:18:80:99:b3:51:f9:d8:df:49:3f:d6:
bc:22:38:d2:11:6f:05:3b:38:b1:42:d8:ad:c0:67:21:89:b1:
af:68:bf:04:ea:0f:ba:5f:30:00:3c:31:05:dc:20:f6:83:53:
3a:a5:65:3b:5b:c0:e8:87:97:fb:23:d3:34:95:a4:48:55:6a:
41:99:8f:84:63:bc:7d:fd:af:87:f5:8e:3c:b1:f8:f7:bb:f9:
ed:1c:99:63:43:3b:00:ac:15:c5:e6:af:8f:cc:1e:cc:f7:8e:
05:b2:f3:2d:92:df:f9:69:89:9d:26:8b:71:9b:cf:15:7e:80:
9b:70:d9:f3:69:f0:c5:d0:15:eb:29:08:fb:2a:2c:4d:d1:49:
02:1e:07:d5:f4:b1:59:56:37:c9:96:99:8c:e1:fb:1f:de:d7:
c9:c6:62:27:2a:a8:a9:73:d4:6d:ea:e8:21:f0:59:fe:36:97:
cd:75:e7:cd:8f:f6:1d:12:85:dc:89:cf:bd:01:8e:87:92:e3:
a6:38:6d:58
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICD+AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODM3OTgxMTAvBgNVBAUTKDNBMDJFRkY3Q0M5QzhCQUExMkQ3Qzg1MkI2RkZDNjlG
QjA2MDk4OUIwHhcNMjUwMTEzMDcxMDM5WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg0YmM2Zi1kMTk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtx//mDWUUXg+kVeXpOm7Ueac/Fzl7iCq9HDajN+2StS//yCwKQ3gZSfdk5cl
zwbvV7NUTzPImq2BgWT4itks2a+E6jYfhzHRcZvrsKhgBy5dfeI1Vf14YTInLaUH
CpPdHiTuyyLkMO0+BaolyBDyvxgs+/ff4V1G1FYwlGsrjFaBQ7L2j08nCkqMvSGB
Ax9z3kfOOKvS4+rqZQivwyd/qRtBdcUdSF+YSBilB/FiguEatm8iZKnYDAGRNfvp
UdJs8akgkil+b6x4gWfBQYhkRyI7pok169XNX7L/N5rPnlOj+VFnC4RaQEYoY3hM
8J3NpLryKT2njQQ+sfYmHfa+OwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFLXmhaUU
v9o/H1xQXzBWj0ojn+X5MB8GA1UdIwQYMBaAFDoC7/fMnIuqEtfIUrb/xp+wYJib
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4Mzc5OC85MDE3QjUwQTRB
MjcxMUU5QUNGMTdDMjZDNEY5QUUwMi9PZ0x2OTh5Y2k2b1MxOGhTdHZfR243Qmdt
SnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09nTHY5OHljaTZvUzE4aFN0dl9HbjdCZ21Kcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODM3OTgvOTAxN0I1MEE0QTI3MTFFOUFDRjE3QzI2QzRGOUFFMDIvM0JEM0Q3OEFE
MTdCMTFFRjg2MjZEQjg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBADLn04wDwQCAAIwCQMHASQFM0DhKDANBgkqhkiG9w0BAQsF
AAOCAQEASrCTwJHxoh3aQaIbinHH4sRq1RnavgHibwRwREJDh16ODBL7zeHJMrwW
IjxobH/VmgDdmVOtrNQLCtq6dRiAmbNR+djfST/WvCI40hFvBTs4sULYrcBnIYmx
r2i/BOoPul8wADwxBdwg9oNTOqVlO1vA6IeX+yPTNJWkSFVqQZmPhGO8ff2vh/WO
PLH497v57RyZY0M7AKwVxeavj8wezPeOBbLzLZLf+WmJnSaLcZvPFX6Am3DZ82nw
xdAV6ykI+yosTdFJAh4H1fSxWVY3yZaZjOH7H97XycZiJyqoqXPUberoIfBZ/jaX
zXXnzY/2HRKF3InPvQGOh5LjpjhtWA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:17:07 2025 by rpki-client