Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9191B71/B849BA12C60411ECB906915CC4F9AE02/5734DF38D56811EF89A7D332C4F9AE02.roa
File: 5734DF38D56811EF89A7D332C4F9AE02.roa (raw, json)
Hash identifier: hQOYHlCjx2ScuN+oMwFJ/ejTbPq4orU4F7qi3kUTHdM=
Subject key identifier: DF:D0:C7:4A:63:4F:13:85:29:2E:0B:AB:5F:E9:56:9E:9A:73:4D:DA
Certificate issuer: /CN=A9191B71/serialNumber=4BF3E87CA2B9AB59597620D04FC054118D7ED3D9
Certificate serial: 02F1
Authority key identifier: 4B:F3:E8:7C:A2:B9:AB:59:59:76:20:D0:4F:C0:54:11:8D:7E:D3:D9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S_PofKK5q1lZdiDQT8BUEY1-09k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9191B71/B849BA12C60411ECB906915CC4F9AE02/5734DF38D56811EF89A7D332C4F9AE02.roa
Signing time: Sat 18 Jan 2025 06:49:19 +0000
ROA not before: Sat 18 Jan 2025 06:49:19 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 153494
IP address blocks: 43.250.188.0/22 maxlen: 24
103.42.36.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 753 (0x2f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9191B71
Validity
Not Before: Jan 18 06:49:19 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=678b4eef-401e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:97:84:8d:27:4e:ad:78:4b:f6:29:6d:a6:58:
0b:d5:66:89:fe:21:41:3a:e3:9e:01:15:18:4d:92:
16:26:d8:1f:e3:1b:cd:06:87:36:4a:4b:43:0e:0f:
3e:cc:2b:49:83:1e:8b:32:b9:42:79:dd:a6:c8:11:
45:ad:79:d7:74:c8:32:32:af:90:49:ab:01:ee:bb:
fc:db:a6:c7:7d:33:20:fc:f4:c4:be:e0:56:bf:df:
20:31:60:e2:5b:77:08:e2:95:9c:92:6c:5c:69:47:
b1:b1:2c:96:c0:4c:8d:e9:1f:05:05:25:b8:1f:d6:
14:e7:b3:d4:36:66:7b:11:24:03:67:f8:4f:1c:87:
c2:90:d3:2e:fc:db:f4:e1:6c:3c:40:ee:a4:e1:0a:
85:58:3c:ae:02:b3:76:2b:ba:47:ed:2a:38:24:b2:
9a:e5:44:4b:0a:c5:23:4a:7c:db:f2:4a:52:c0:ce:
d1:b8:e0:81:bf:80:fb:76:a1:d4:c5:63:51:1b:42:
fc:80:ec:8a:6f:fe:8d:f1:74:d0:89:34:50:19:ea:
99:fa:8c:3e:40:d5:3d:ed:4e:70:33:18:a8:97:ad:
b3:e7:cf:47:d5:37:8b:fe:e8:a7:3f:13:ad:60:d6:
da:e9:6a:92:93:42:df:ec:67:b0:46:b0:5a:e2:bd:
ad:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:D0:C7:4A:63:4F:13:85:29:2E:0B:AB:5F:E9:56:9E:9A:73:4D:DA
X509v3 Authority Key Identifier:
keyid:4B:F3:E8:7C:A2:B9:AB:59:59:76:20:D0:4F:C0:54:11:8D:7E:D3:D9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9191B71/B849BA12C60411ECB906915CC4F9AE02/S_PofKK5q1lZdiDQT8BUEY1-09k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S_PofKK5q1lZdiDQT8BUEY1-09k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191B71/B849BA12C60411ECB906915CC4F9AE02/5734DF38D56811EF89A7D332C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.188.0/22
103.42.36.0/22
Signature Algorithm: sha256WithRSAEncryption
65:c7:d7:8c:b1:a2:15:58:7c:49:4d:7a:5e:2b:a7:08:b8:80:
21:c8:b4:b7:cb:31:32:64:bc:39:26:6f:ed:ce:b9:21:a5:9e:
d3:b7:0a:bd:57:a3:21:0e:c0:89:2f:8d:26:15:40:70:9b:a8:
df:53:34:5d:25:c9:d2:e6:38:89:b6:5c:ff:70:83:0e:c4:35:
34:b0:aa:6b:d0:8e:c4:d3:bb:6d:25:da:28:50:f3:70:1f:c0:
b5:8a:83:08:04:3a:e6:73:e1:98:5b:55:8a:9f:a4:ba:d4:ec:
f4:f4:41:19:97:3a:ba:53:8b:b1:c2:5e:da:9b:7a:56:66:4a:
dc:31:64:aa:35:e5:ed:ef:73:92:d1:cd:8a:57:1f:f4:91:d9:
b7:c5:75:58:22:07:b4:c4:fc:fe:16:a9:c8:4e:45:cf:1d:70:
5a:da:ae:45:07:a2:29:02:b7:fb:11:9f:7b:41:2d:20:4a:19:
c3:98:99:74:85:55:8d:59:c4:7b:47:86:f3:eb:5b:a3:2c:ca:
a0:d4:3e:f9:e0:d3:84:ec:7f:c4:7f:2e:c7:5f:ed:49:79:03:
28:89:9d:3f:6e:d5:de:d0:4f:d9:67:12:92:13:36:4d:b0:90:
fe:eb:33:76:62:36:ee:3e:72:a1:da:40:1d:47:7e:50:34:41:
d0:32:52:ad
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAvEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTFCNzExMTAvBgNVBAUTKDRCRjNFODdDQTJCOUFCNTk1OTc2MjBEMDRGQzA1NDEx
OEQ3RUQzRDkwHhcNMjUwMTE4MDY0OTE5WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhiNGVlZi00MDFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5ZeEjSdOrXhL9iltplgL1WaJ/iFBOuOeARUYTZIWJtgf4xvNBoc2SktDDg8+
zCtJgx6LMrlCed2myBFFrXnXdMgyMq+QSasB7rv826bHfTMg/PTEvuBWv98gMWDi
W3cI4pWckmxcaUexsSyWwEyN6R8FBSW4H9YU57PUNmZ7ESQDZ/hPHIfCkNMu/Nv0
4Ww8QO6k4QqFWDyuArN2K7pH7So4JLKa5URLCsUjSnzb8kpSwM7RuOCBv4D7dqHU
xWNRG0L8gOyKb/6N8XTQiTRQGeqZ+ow+QNU97U5wMxiol62z589H1TeL/uinPxOt
YNba6WqSk0Lf7GewRrBa4r2tbQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFN/Qx0pj
TxOFKS4Lq1/pVp6ac03aMB8GA1UdIwQYMBaAFEvz6HyiuatZWXYg0E/AVBGNftPZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MUI3MS9CODQ5QkExMkM2
MDQxMUVDQjkwNjkxNUNDNEY5QUUwMi9TX1BvZktLNXExbFpkaURRVDhCVUVZMS0w
OWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NfUG9mS0s1cTFsWmRpRFFUOEJVRVkxLTA5ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTFCNzEvQjg0OUJBMTJDNjA0MTFFQ0I5MDY5MTVDQzRGOUFFMDIvNTczNERGMzhE
NTY4MTFFRjg5QTdEMzMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr+rwDBAJnKiQwDQYJKoZIhvcNAQELBQADggEBAGXH14yx
ohVYfElNel4rpwi4gCHItLfLMTJkvDkmb+3OuSGlntO3Cr1XoyEOwIkvjSYVQHCb
qN9TNF0lydLmOIm2XP9wgw7ENTSwqmvQjsTTu20l2ihQ83AfwLWKgwgEOuZz4Zhb
VYqfpLrU7PT0QRmXOrpTi7HCXtqbelZmStwxZKo15e3vc5LRzYpXH/SR2bfFdVgi
B7TE/P4WqchORc8dcFrarkUHoikCt/sRn3tBLSBKGcOYmXSFVY1ZxHtHhvPrW6Ms
yqDUPvng04Tsf8R/Lsdf7Ul5AyiJnT9u1d7QT9lnEpITNk2wkP7rM3ZiNu4+cqHa
QB1HflA0QdAyUq0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:19:36 2025 by rpki-client