Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918742C/F28C89C4019C11E89035F919C4F9AE02/8DFAE1DA019D11E8A7804A1EC4F9AE02.roa
File: 8DFAE1DA019D11E8A7804A1EC4F9AE02.roa (raw, json)
Hash identifier: DwaSXkwadhXmFgNGjila+YsFoYHDPOwpBM4h3mtwuos=
Subject key identifier: 6B:15:F3:85:D5:FE:09:7F:59:25:60:DF:6C:DA:18:7A:8B:AF:45:B0
Certificate issuer: /CN=A918742C/serialNumber=1C3F99A0C182B58CC45B8112F291E12A153331E9
Certificate serial: 15CF
Authority key identifier: 1C:3F:99:A0:C1:82:B5:8C:C4:5B:81:12:F2:91:E1:2A:15:33:31:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HD-ZoMGCtYzEW4ES8pHhKhUzMek.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918742C/F28C89C4019C11E89035F919C4F9AE02/8DFAE1DA019D11E8A7804A1EC4F9AE02.roa
Signing time: Fri 24 May 2024 17:25:48 +0000
ROA not before: Fri 24 May 2024 17:25:48 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 23900
IP address blocks: 202.136.240.0/21 maxlen: 21
202.136.240.0/24 maxlen: 24
202.136.241.0/24 maxlen: 24
202.136.242.0/23 maxlen: 23
202.136.242.0/24 maxlen: 24
202.136.243.0/24 maxlen: 24
202.136.244.0/24 maxlen: 24
202.136.245.0/24 maxlen: 24
202.136.246.0/24 maxlen: 24
202.136.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5583 (0x15cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918742C
Validity
Not Before: May 24 17:25:48 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6650cd9c-ffc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7b:5d:f2:ee:7b:1f:21:87:5c:1d:85:1a:fb:
18:57:94:7e:c0:b9:33:1c:14:24:a6:c7:00:15:bb:
d7:1d:27:b8:c2:ee:11:82:20:09:5b:af:b8:39:30:
bf:18:8e:bd:dd:0c:e0:3f:8d:c0:df:cc:48:d1:b4:
1f:24:b0:6b:31:13:51:57:67:3b:6b:f5:f0:fc:49:
ac:e5:6d:e3:6c:4f:7b:1a:5f:2c:0e:bf:46:06:00:
d0:2e:ef:aa:8b:8f:8f:07:e6:b0:6d:9f:59:71:ba:
b6:5e:94:1f:f5:63:03:e1:f1:bf:46:5d:11:ee:48:
72:05:b3:12:c9:13:a0:8c:66:dc:65:4a:30:6f:f1:
ed:70:8e:36:60:ad:70:1a:96:9b:2c:32:34:0b:65:
33:ff:f1:bc:a4:31:cc:7a:80:1e:e8:8d:54:da:78:
7b:db:ea:97:69:17:ac:79:6e:77:c7:87:05:80:24:
3a:04:bf:8f:08:a9:00:28:9c:6b:eb:35:f2:4a:a1:
b6:8a:1e:fa:c7:e0:74:f5:9b:f0:07:cc:9d:c4:fc:
c8:fd:8c:6d:c3:fc:be:73:d9:79:a7:2c:ca:61:86:
4c:81:12:7e:45:2f:91:4b:00:4d:a6:ec:e0:eb:06:
39:99:26:2a:e9:bb:42:80:20:a0:82:72:7c:77:20:
54:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:15:F3:85:D5:FE:09:7F:59:25:60:DF:6C:DA:18:7A:8B:AF:45:B0
X509v3 Authority Key Identifier:
keyid:1C:3F:99:A0:C1:82:B5:8C:C4:5B:81:12:F2:91:E1:2A:15:33:31:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918742C/F28C89C4019C11E89035F919C4F9AE02/HD-ZoMGCtYzEW4ES8pHhKhUzMek.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HD-ZoMGCtYzEW4ES8pHhKhUzMek.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918742C/F28C89C4019C11E89035F919C4F9AE02/8DFAE1DA019D11E8A7804A1EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.136.240.0/21
Signature Algorithm: sha256WithRSAEncryption
15:cd:67:4c:8a:e6:b2:aa:de:b6:a0:b2:80:28:96:1e:5a:8a:
9b:e1:24:bf:f6:b5:5e:ab:9a:a9:6b:f1:3d:6b:fd:5a:d0:ba:
4c:3a:cb:e3:25:27:3f:03:08:12:66:f0:6e:ee:54:33:82:7f:
72:59:ca:69:a6:5b:00:0c:74:17:56:84:e5:b7:d1:8f:0a:2e:
cd:2e:e6:d6:ed:08:74:d3:e7:4a:73:18:ea:c6:33:ec:f0:79:
08:5e:28:65:e3:d9:97:27:cf:69:bb:54:db:8b:31:17:96:8b:
e6:42:a4:a6:c8:6a:22:f8:e3:02:63:00:39:8c:af:f1:db:a0:
a7:7b:07:9d:94:49:74:bf:9b:3e:6d:47:34:6c:62:08:d7:f0:
eb:f7:93:a3:a9:6a:1e:63:33:80:ec:17:99:86:86:71:e9:f8:
42:6c:82:2d:9f:76:9f:7d:6f:db:4e:8c:cf:a3:81:b9:a8:9b:
87:de:23:00:af:8f:66:33:fb:5d:84:75:4a:66:06:c5:65:6a:
4a:a9:cf:6d:6e:0c:0c:84:55:73:45:78:be:8d:d7:2e:cf:ce:
b0:8b:be:42:41:e7:4d:05:ad:2b:10:ca:29:89:bc:3f:ac:17:
d8:c3:c1:e4:08:64:ba:dc:58:74:25:58:6c:32:af:b8:33:f1:
17:10:16:0f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICFc8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODc0MkMxMTAvBgNVBAUTKDFDM0Y5OUEwQzE4MkI1OENDNDVCODExMkYyOTFFMTJB
MTUzMzMxRTkwHhcNMjQwNTI0MTcyNTQ4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjUwY2Q5Yy1mZmMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvntd8u57HyGHXB2FGvsYV5R+wLkzHBQkpscAFbvXHSe4wu4RgiAJW6+4OTC/
GI693QzgP43A38xI0bQfJLBrMRNRV2c7a/Xw/Ems5W3jbE97Gl8sDr9GBgDQLu+q
i4+PB+awbZ9Zcbq2XpQf9WMD4fG/Rl0R7khyBbMSyROgjGbcZUowb/HtcI42YK1w
GpabLDI0C2Uz//G8pDHMeoAe6I1U2nh72+qXaReseW53x4cFgCQ6BL+PCKkAKJxr
6zXySqG2ih76x+B09ZvwB8ydxPzI/Yxtw/y+c9l5pyzKYYZMgRJ+RS+RSwBNpuzg
6wY5mSYq6btCgCCggnJ8dyBUpwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGsV84XV
/gl/WSVg32zaGHqLr0WwMB8GA1UdIwQYMBaAFBw/maDBgrWMxFuBEvKR4SoVMzHp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NzQyQy9GMjhDODlDNDAx
OUMxMUU4OTAzNUY5MTlDNEY5QUUwMi9IRC1ab01HQ3RZekVXNEVTOHBIaEtoVXpN
ZWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hELVpvTUdDdFl6RVc0RVM4cEhoS2hVek1lay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODc0MkMvRjI4Qzg5QzQwMTlDMTFFODkwMzVGOTE5QzRGOUFFMDIvOERGQUUxREEw
MTlEMTFFOEE3ODA0QTFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAPKiPAwDQYJKoZIhvcNAQELBQADggEBABXNZ0yK5rKq3rag
soAolh5aipvhJL/2tV6rmqlr8T1r/VrQukw6y+MlJz8DCBJm8G7uVDOCf3JZymmm
WwAMdBdWhOW30Y8KLs0u5tbtCHTT50pzGOrGM+zweQheKGXj2Zcnz2m7VNuLMReW
i+ZCpKbIaiL44wJjADmMr/HboKd7B52USXS/mz5tRzRsYgjX8Ov3k6Opah5jM4Ds
F5mGhnHp+EJsgi2fdp99b9tOjM+jgbmom4feIwCvj2Yz+12EdUpmBsVlakqpz21u
DAyEVXNFeL6N1y7PzrCLvkJB500FrSsQyimJvD+sF9jDweQIZLrcWHQlWGwyr7gz
8RcQFg8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:02:40 2025 by rpki-client