Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/FC852C3E239011EFB136C710C4F9AE02.roa
File: FC852C3E239011EFB136C710C4F9AE02.roa (raw, json)
Hash identifier: rfdSLa0My4R23E7UhQOzv75R7oc+8cQio+I5/2T2ScI=
Subject key identifier: E8:83:4A:EA:E6:EA:88:B9:5C:72:55:31:E3:6E:78:89:36:0F:51:71
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 0388
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/FC852C3E239011EFB136C710C4F9AE02.roa
Signing time: Sat 15 Jun 2024 05:11:13 +0000
ROA not before: Sat 15 Jun 2024 05:11:13 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 4826
IP address blocks: 203.32.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 904 (0x388)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75
Validity
Not Before: Jun 15 05:11:13 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=666d2271-f20a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3a:b2:4e:48:ff:e2:84:03:e3:ed:71:ba:fe:
28:21:f1:ad:5d:b3:eb:a0:48:1e:98:d4:22:78:6d:
14:1c:f0:23:0f:21:6a:79:74:4b:a8:b6:5b:5b:0a:
98:84:ed:e1:18:e9:d9:e2:79:9e:93:dc:88:1d:1b:
69:2d:c9:5a:1c:79:4b:9b:a8:d5:22:8b:55:c9:a3:
77:28:d5:54:f3:b0:5d:55:fb:ef:ef:65:17:20:de:
04:02:8c:e1:4d:3b:2b:91:74:f5:5e:27:98:e8:9d:
74:2f:41:03:60:9b:f9:b0:6c:4c:e3:55:96:35:b1:
a7:8a:9f:58:1a:d0:29:98:dc:fb:6d:6a:01:b0:26:
e3:52:92:0b:39:d9:a8:90:b5:75:5a:15:2d:73:ec:
9c:fb:52:57:9c:9e:78:4e:16:84:b7:e8:1c:f5:e1:
4e:cc:ec:0c:e8:89:c6:39:21:b3:b7:a6:e2:ac:ac:
6c:0e:92:5e:0e:54:ac:af:85:59:b3:43:1d:3a:fc:
cc:44:3c:af:a7:b4:e7:a1:1b:c0:d9:05:d2:53:5c:
34:eb:82:40:e9:cd:bc:e0:fc:b2:b5:f9:ce:5a:ba:
a3:01:b7:56:c1:67:35:30:b9:00:2e:fd:52:48:ed:
83:dd:66:f5:80:57:a7:91:f5:48:98:0f:75:6d:58:
2e:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:83:4A:EA:E6:EA:88:B9:5C:72:55:31:E3:6E:78:89:36:0F:51:71
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/FC852C3E239011EFB136C710C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.32.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:dd:9b:e3:d7:18:ef:d1:98:a1:eb:7d:a4:ae:a8:df:79:d2:
73:50:70:8c:ff:9f:9a:7e:cd:74:d8:40:24:be:11:59:a6:3b:
32:32:05:07:f6:0d:ca:fd:e6:19:fc:22:3d:60:65:97:86:4f:
47:d1:6f:fb:c5:41:a4:57:33:8e:4d:7d:84:cd:35:67:05:ed:
4c:a2:07:30:f3:c4:a0:0f:59:69:c5:2c:3a:c7:69:f9:be:21:
4f:bd:f1:61:f5:e9:c4:4c:cd:c6:0d:00:49:96:92:b0:2d:60:
5c:3a:23:14:c1:5d:36:14:ce:48:ee:a6:74:54:2c:be:91:88:
3c:93:e6:33:11:39:d3:06:bb:2f:59:19:99:e1:bc:78:29:53:
6b:77:59:de:d1:8b:5a:3c:3c:1c:9a:5a:df:9e:f3:b4:dc:96:
a7:bd:ea:ce:c4:56:f2:fb:cd:e4:c4:42:83:0d:4a:51:d7:b7:
1b:6d:28:9c:05:a9:dd:2f:52:9e:0f:c9:28:13:e6:42:3c:27:
84:be:04:c0:9a:cc:bb:5e:f3:66:0f:3d:a1:12:42:ad:ee:c8:
76:6e:a6:d4:ef:f3:82:20:20:f1:3e:a3:0b:c5:56:40:1f:d5:
f8:ff:83:71:e8:d0:0b:d9:d1:5c:8b:28:bf:1b:17:e9:cf:cc:
86:bd:70:1d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA4gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjQwNjE1MDUxMTEzWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjZkMjI3MS1mMjBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxDqyTkj/4oQD4+1xuv4oIfGtXbProEgemNQieG0UHPAjDyFqeXRLqLZbWwqY
hO3hGOnZ4nmek9yIHRtpLclaHHlLm6jVIotVyaN3KNVU87BdVfvv72UXIN4EAozh
TTsrkXT1XieY6J10L0EDYJv5sGxM41WWNbGnip9YGtApmNz7bWoBsCbjUpILOdmo
kLV1WhUtc+yc+1JXnJ54ThaEt+gc9eFOzOwM6InGOSGzt6birKxsDpJeDlSsr4VZ
s0MdOvzMRDyvp7TnoRvA2QXSU1w064JA6c284PyytfnOWrqjAbdWwWc1MLkALv1S
SO2D3Wb1gFenkfVImA91bVgu7QIDAQABo4IClTCCApEwHQYDVR0OBBYEFOiDSurm
6oi5XHJVMeNueIk2D1FxMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvRkM4NTJDM0Uy
MzkwMTFFRkIxMzZDNzEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLICAwDQYJKoZIhvcNAQELBQADggEBAI7dm+PXGO/RmKHr
faSuqN950nNQcIz/n5p+zXTYQCS+EVmmOzIyBQf2Dcr95hn8Ij1gZZeGT0fRb/vF
QaRXM45NfYTNNWcF7UyiBzDzxKAPWWnFLDrHafm+IU+98WH16cRMzcYNAEmWkrAt
YFw6IxTBXTYUzkjupnRULL6RiDyT5jMROdMGuy9ZGZnhvHgpU2t3Wd7Ri1o8PBya
Wt+e87Tclqe96s7EVvL7zeTEQoMNSlHXtxttKJwFqd0vUp4PySgT5kI8J4S+BMCa
zLte82YPPaESQq3uyHZuptTv84IgIPE+owvFVkAf1fj/g3Ho0AvZ0VyLKL8bF+nP
zIa9cB0=
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:05:29 2025 by rpki-client