Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/56C7B9C492E311EBA46CAC1AC4F9AE02.roa
File: 56C7B9C492E311EBA46CAC1AC4F9AE02.roa (raw, json)
Hash identifier: lfG+EbCTqY77XsU67vpcRY7OXDm7gLQaohguDl5bsMo=
Subject key identifier: F9:99:F3:62:55:71:35:93:12:44:8E:35:8F:E3:02:4C:89:33:ED:56
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 90C2
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/56C7B9C492E311EBA46CAC1AC4F9AE02.roa
Signing time: Thu 30 May 2024 16:29:19 +0000
ROA not before: Thu 30 May 2024 16:29:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24485
IP address blocks: 203.111.248.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37058 (0x90c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:29:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a95e-8da9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:81:24:3c:90:70:05:16:74:8d:de:f2:e0:98:
95:1d:12:ee:f1:f0:32:d0:39:a8:ef:83:21:d5:d1:
d2:c8:44:16:c5:02:c1:7f:2d:96:be:ff:b5:c3:3f:
29:18:56:31:fe:31:34:ae:82:1a:83:f9:97:9f:82:
14:01:20:25:72:00:0d:18:d7:b2:20:77:04:56:9f:
99:f8:7e:a4:fe:71:0c:45:94:e7:55:67:bc:6a:44:
34:f3:9c:aa:38:79:fc:25:96:ea:ef:27:5b:8c:ce:
c8:24:b2:01:04:30:6b:d7:ed:44:01:1e:ee:7f:4f:
02:10:9d:07:d9:d6:c9:12:5d:e9:d9:d4:eb:ec:d2:
99:a1:c9:5d:b4:37:bf:f0:e8:9c:b1:1d:0f:7f:41:
7c:28:55:bb:59:ab:09:e4:1a:03:86:bd:6c:ea:7b:
81:4c:5b:8d:c2:4d:67:c5:8c:c9:3d:41:3a:ac:24:
bf:66:94:7b:3d:2d:8d:85:e5:12:b3:a6:87:7a:32:
f4:af:40:db:92:dc:de:1c:f0:d9:db:66:c1:ac:a7:
20:56:45:5a:5a:03:0a:79:58:d9:00:3c:31:2d:43:
28:a8:6a:31:17:e0:67:5b:3c:5b:2a:23:e0:fe:40:
e1:41:c8:c4:12:34:94:31:fd:a4:32:52:45:13:fb:
73:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:99:F3:62:55:71:35:93:12:44:8E:35:8F:E3:02:4C:89:33:ED:56
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/56C7B9C492E311EBA46CAC1AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.111.248.0/23
Signature Algorithm: sha256WithRSAEncryption
40:a4:02:7e:2c:ad:ef:ad:56:a0:db:aa:be:24:ca:fb:0e:d2:
62:25:0f:21:c5:e1:17:38:9e:8a:58:e9:3c:3d:bc:7e:6a:cc:
1e:55:7c:e3:55:5a:1b:0f:d5:3c:c5:b8:c2:67:40:04:91:bb:
f2:b1:6f:70:c7:6a:a2:f7:e7:24:70:3a:f9:bc:1b:f2:cc:55:
96:5d:bc:5f:01:09:59:48:e0:d6:dd:0e:d6:18:fd:94:f1:e4:
20:a4:79:38:5a:fe:d2:da:2c:3e:66:61:dc:6f:53:87:88:d7:
95:ea:5f:c5:c8:1b:20:47:66:b1:d9:80:58:5b:81:2f:12:a4:
b1:18:74:6e:09:15:a9:bf:7d:a0:7a:2a:5a:e8:a3:fa:21:25:
46:b3:25:13:82:d7:22:e4:8f:09:42:47:bf:38:f9:66:21:36:
8b:af:40:d6:c0:ef:f0:e6:8b:5d:c5:f0:c3:df:d9:a6:29:f2:
76:e2:6e:05:82:06:db:1a:92:0f:59:f2:5a:ff:23:9f:e0:76:
eb:f4:5f:08:c8:5d:e0:c4:32:d9:13:3d:99:50:f6:0b:c1:12:
81:44:fd:90:59:cd:17:8f:47:54:29:a5:73:27:de:f4:37:d9:
c9:b4:06:ae:b6:bd:af:6a:23:1a:18:1f:17:a1:49:7f:f2:ae:
da:8d:39:d4
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIDAJDCMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MjkxOVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGE5NWUtOGRhOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCBJDyQcAUWdI3e8uCYlR0S7vHwMtA5qO+DIdXR0shEFsUCwX8tlr7/tcM/
KRhWMf4xNK6CGoP5l5+CFAEgJXIADRjXsiB3BFafmfh+pP5xDEWU51VnvGpENPOc
qjh5/CWW6u8nW4zOyCSyAQQwa9ftRAEe7n9PAhCdB9nWyRJd6dnU6+zSmaHJXbQ3
v/DonLEdD39BfChVu1mrCeQaA4a9bOp7gUxbjcJNZ8WMyT1BOqwkv2aUez0tjYXl
ErOmh3oy9K9A25Lc3hzw2dtmwaynIFZFWloDCnlY2QA8MS1DKKhqMRfgZ1s8Wyoj
4P5A4UHIxBI0lDH9pDJSRRP7c4cCAwEAAaOCApUwggKRMB0GA1UdDgQWBBT5mfNi
VXE1kxJEjjWP4wJMiTPtVjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzU2QzdCOUM0
OTJFMzExRUJBNDZDQUMxQUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQBy2/4MA0GCSqGSIb3DQEBCwUAA4IBAQBApAJ+LK3vrVag
26q+JMr7DtJiJQ8hxeEXOJ6KWOk8Pbx+asweVXzjVVobD9U8xbjCZ0AEkbvysW9w
x2qi9+ckcDr5vBvyzFWWXbxfAQlZSODW3Q7WGP2U8eQgpHk4Wv7S2iw+ZmHcb1OH
iNeV6l/FyBsgR2ax2YBYW4EvEqSxGHRuCRWpv32geipa6KP6ISVGsyUTgtci5I8J
Qke/OPlmITaLr0DWwO/w5otdxfDD39mmKfJ24m4FggbbGpIPWfJa/yOf4Hbr9F8I
yF3gxDLZEz2ZUPYLwRKBRP2QWc0Xj0dUKaVzJ970N9nJtAautr2vaiMaGB8XoUl/
8q7ajTnU
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:02:52 2025 by rpki-client