Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/D3A8EA649F0911EE98065E23C4F9AE02.roa
File: D3A8EA649F0911EE98065E23C4F9AE02.roa (raw, json)
Hash identifier: jy6vuCkSSKn5jRqSlZSZkzcBPcsjCkh7JsvXNhpfjoE=
Subject key identifier: 11:E4:14:1D:BB:53:DD:B1:6D:64:08:DD:2B:36:95:78:27:97:21:48
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 038A
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/D3A8EA649F0911EE98065E23C4F9AE02.roa
Signing time: Sat 15 Jun 2024 05:11:15 +0000
ROA not before: Sat 15 Jun 2024 05:11:15 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 9443
IP address blocks: 203.32.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 906 (0x38a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75
Validity
Not Before: Jun 15 05:11:15 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=666d2273-a727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:50:27:ac:b2:65:b9:de:97:6c:00:8b:26:b2:
d6:de:c2:64:73:af:f0:74:e1:ee:95:d8:6e:a6:e3:
d4:3e:4a:16:af:86:4c:77:72:c1:7a:d0:47:e6:dc:
82:1b:84:8c:5d:92:3d:ed:99:a6:2f:5c:fd:a1:61:
20:8e:3a:30:55:07:61:5b:ba:04:10:39:a7:dc:77:
86:b6:93:0a:e1:89:c7:da:76:6a:a7:30:f1:2b:3a:
e8:2f:bd:d6:24:40:8f:a6:a5:00:af:75:1d:cd:12:
91:82:34:89:18:d4:1c:97:1b:34:8b:a4:7b:b2:2f:
5f:3f:49:bd:1e:d1:32:4d:8c:fd:cb:cc:8a:3b:62:
72:35:41:ba:c5:0d:ca:30:f0:3d:b7:d4:be:16:13:
5b:c6:b1:37:01:b0:7b:3c:3c:3d:40:58:84:70:75:
cf:45:35:5d:7d:90:b3:c2:8f:a4:54:db:5c:24:a8:
f8:12:8c:98:16:64:89:30:2a:24:34:e8:2d:15:d3:
7b:1d:96:69:c5:ea:4a:29:ed:38:4c:83:2b:eb:45:
7e:5b:85:21:7d:4e:6c:f2:d9:d6:f2:0a:99:87:06:
86:9c:76:14:d6:d9:3b:d4:9a:59:fb:d7:c7:04:bf:
17:0c:d7:14:93:64:85:ec:6f:e4:89:12:01:8d:88:
a6:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:E4:14:1D:BB:53:DD:B1:6D:64:08:DD:2B:36:95:78:27:97:21:48
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/D3A8EA649F0911EE98065E23C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.32.0/24
Signature Algorithm: sha256WithRSAEncryption
83:a1:45:ad:d7:3f:3a:96:55:db:13:2c:6c:f1:ff:6c:a5:50:
f4:21:9e:d5:bc:73:5d:0a:82:d2:de:87:9f:c3:48:9a:1d:4e:
c8:41:6a:c0:57:6f:4b:fe:1c:61:57:10:10:d3:a9:28:71:9e:
9f:f9:a9:5e:7f:31:ba:b3:a0:71:64:65:74:69:4f:21:ee:35:
8b:e3:a5:e8:7e:24:a7:29:0f:f9:21:1d:b2:a8:5c:d1:14:94:
3d:97:2d:68:e6:1d:3a:e9:71:3d:f8:73:fe:56:2a:d1:b3:3d:
95:5e:1c:df:b5:79:ea:c4:f8:14:b2:70:9c:37:fc:d5:ee:3e:
76:ac:42:dc:b9:13:8c:2f:78:7b:f8:c8:b7:3e:72:61:91:83:
e0:d2:59:14:33:17:33:d9:94:43:36:74:dd:1a:37:c6:f1:81:
fe:33:0d:4c:fc:62:6b:95:1a:89:48:74:be:1a:54:f5:ca:26:
2d:7a:c9:cc:ea:d1:5a:3a:f0:11:95:43:76:86:52:35:ab:52:
ce:3a:ca:23:55:f2:5b:0f:e1:50:b7:19:f5:11:a5:16:08:54:
19:31:a7:a4:cb:68:4c:98:e5:9d:92:50:8a:9c:b3:24:0c:12:
51:8c:a6:8f:1f:bf:28:e9:b4:9d:78:28:c8:6a:3e:ab:56:3d:
71:0d:af:0b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA4owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjQwNjE1MDUxMTE1WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjZkMjI3My1hNzI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxlAnrLJlud6XbACLJrLW3sJkc6/wdOHuldhupuPUPkoWr4ZMd3LBetBH5tyC
G4SMXZI97ZmmL1z9oWEgjjowVQdhW7oEEDmn3HeGtpMK4YnH2nZqpzDxKzroL73W
JECPpqUAr3UdzRKRgjSJGNQclxs0i6R7si9fP0m9HtEyTYz9y8yKO2JyNUG6xQ3K
MPA9t9S+FhNbxrE3AbB7PDw9QFiEcHXPRTVdfZCzwo+kVNtcJKj4EoyYFmSJMCok
NOgtFdN7HZZpxepKKe04TIMr60V+W4UhfU5s8tnW8gqZhwaGnHYU1tk71JpZ+9fH
BL8XDNcUk2SF7G/kiRIBjYimQQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBHkFB27
U92xbWQI3Ss2lXgnlyFIMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvRDNBOEVBNjQ5
RjA5MTFFRTk4MDY1RTIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLICAwDQYJKoZIhvcNAQELBQADggEBAIOhRa3XPzqWVdsT
LGzx/2ylUPQhntW8c10KgtLeh5/DSJodTshBasBXb0v+HGFXEBDTqShxnp/5qV5/
MbqzoHFkZXRpTyHuNYvjpeh+JKcpD/khHbKoXNEUlD2XLWjmHTrpcT34c/5WKtGz
PZVeHN+1eerE+BSycJw3/NXuPnasQty5E4wveHv4yLc+cmGRg+DSWRQzFzPZlEM2
dN0aN8bxgf4zDUz8YmuVGolIdL4aVPXKJi16yczq0Vo68BGVQ3aGUjWrUs46yiNV
8lsP4VC3GfURpRYIVBkxp6TLaEyY5Z2SUIqcsyQMElGMpo8fvyjptJ14KMhqPqtW
PXENrws=
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:44:42 2025 by rpki-client