Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9191FA5/08056CE41D8711E29DD3C6DE08B02CD2/FDE510BCC2E511EBBDB1B180C4F9AE02.roa
File: FDE510BCC2E511EBBDB1B180C4F9AE02.roa (raw, json)
Hash identifier: 20lxG5YaQGKYCeNDIccsMuS2DiiyPh+IbwNarzaaMG8=
Subject key identifier: DE:C9:69:5D:0C:3C:62:81:60:B3:2D:7B:27:0B:45:A3:52:12:62:85
Certificate issuer: /CN=A9191FA5/serialNumber=AB11E809F2BC66B0D1E60B8A31F86B5B82E00E39
Certificate serial: 35CF
Authority key identifier: AB:11:E8:09:F2:BC:66:B0:D1:E6:0B:8A:31:F8:6B:5B:82:E0:0E:39
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qxHoCfK8ZrDR5guKMfhrW4LgDjk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9191FA5/08056CE41D8711E29DD3C6DE08B02CD2/FDE510BCC2E511EBBDB1B180C4F9AE02.roa
Signing time: Wed 22 Jan 2025 14:50:26 +0000
ROA not before: Wed 22 Jan 2025 14:50:26 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 17495
IP address blocks: 203.124.128.0/20 maxlen: 24
203.124.144.0/20 maxlen: 24
203.124.160.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13775 (0x35cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9191FA5
Validity
Not Before: Jan 22 14:50:26 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=679105b2-e70f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:86:db:9e:85:79:e5:e3:69:7a:7f:98:d3:c7:
b9:29:62:32:11:75:8a:51:b1:6c:ec:03:c9:fc:5d:
27:cb:37:72:f0:cf:de:c3:1a:41:0a:cf:14:c7:cf:
33:35:19:82:64:3a:94:8e:2e:7c:01:ce:31:51:ae:
8a:80:0d:76:87:11:8e:01:be:b2:09:48:8a:ca:08:
c1:ed:09:80:3f:d7:e1:03:3f:7b:1e:b7:78:ec:6b:
cc:75:f8:d4:1a:f8:5e:a5:00:6e:0a:c5:5c:18:ee:
d5:ae:f8:8b:bd:57:37:d0:0c:33:7d:67:66:6b:2f:
4e:69:e3:a3:22:17:6c:fa:f9:77:da:c9:58:a9:f8:
29:df:4e:66:9c:01:9d:b5:1b:73:f7:89:3b:a2:8f:
1c:92:0f:f8:ec:3c:b9:85:e8:37:19:55:b4:c8:3e:
9e:47:d2:51:27:81:2c:8e:63:9b:36:59:f2:9e:fd:
7c:3a:e3:4f:cc:09:cf:01:d0:bb:e0:a1:2e:71:d1:
25:49:60:c4:6f:5e:85:cc:cf:7d:f8:09:8e:7b:80:
1e:4e:e3:21:ad:bf:b9:93:57:3f:33:a8:0e:6e:a0:
4f:4a:2e:47:71:6b:17:e5:3f:29:9e:aa:50:48:ea:
7e:37:20:3c:75:fa:08:ce:b4:7a:2e:60:4b:23:14:
69:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:C9:69:5D:0C:3C:62:81:60:B3:2D:7B:27:0B:45:A3:52:12:62:85
X509v3 Authority Key Identifier:
keyid:AB:11:E8:09:F2:BC:66:B0:D1:E6:0B:8A:31:F8:6B:5B:82:E0:0E:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9191FA5/08056CE41D8711E29DD3C6DE08B02CD2/qxHoCfK8ZrDR5guKMfhrW4LgDjk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qxHoCfK8ZrDR5guKMfhrW4LgDjk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191FA5/08056CE41D8711E29DD3C6DE08B02CD2/FDE510BCC2E511EBBDB1B180C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.124.128.0-203.124.175.255
Signature Algorithm: sha256WithRSAEncryption
19:7e:57:26:54:4f:80:37:ed:ab:a4:24:03:48:d6:37:15:c9:
51:e0:17:78:f8:61:54:3e:a4:79:f1:34:63:3a:9f:35:e4:ab:
1a:45:85:82:be:1e:1d:25:2e:e4:37:b4:74:a7:82:49:9b:3f:
9b:3c:5f:ef:a6:58:56:55:8d:58:d1:ca:24:86:d3:fb:48:6b:
7b:12:f0:35:1f:06:61:38:b0:65:3e:46:3b:4d:28:83:eb:2e:
5b:e6:b0:b1:78:be:8f:6a:3c:b4:2c:72:58:0f:02:78:36:31:
04:5e:a6:84:d0:f8:c1:ad:4e:b8:33:e2:8a:07:6e:b4:7e:43:
f2:b9:4f:0a:42:65:53:38:6d:98:1b:b8:cc:36:69:63:d0:f0:
a9:56:b3:bc:a9:ea:90:71:d2:b1:1f:3d:e8:44:ef:ca:cd:f0:
74:05:d6:ea:11:b6:ca:76:07:b5:c7:4f:d1:28:26:ba:ff:4c:
a8:38:99:83:6e:e1:cc:e2:6c:58:b1:9b:a0:45:b2:12:92:db:
ce:e8:c8:2b:26:18:b7:be:36:25:4d:f8:18:1e:66:14:f8:a0:
db:6f:b8:9b:1f:da:ae:05:77:7a:68:29:77:e2:94:60:43:d8:
0b:c4:55:7a:2c:47:ce:5b:2f:53:59:1f:ee:b9:24:08:bd:2a:
9f:ee:df:89
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICNc8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTFGQTUxMTAvBgNVBAUTKEFCMTFFODA5RjJCQzY2QjBEMUU2MEI4QTMxRjg2QjVC
ODJFMDBFMzkwHhcNMjUwMTIyMTQ1MDI2WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkxMDViMi1lNzBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy4bbnoV55eNpen+Y08e5KWIyEXWKUbFs7APJ/F0nyzdy8M/ewxpBCs8Ux88z
NRmCZDqUji58Ac4xUa6KgA12hxGOAb6yCUiKygjB7QmAP9fhAz97Hrd47GvMdfjU
GvhepQBuCsVcGO7VrviLvVc30AwzfWdmay9OaeOjIhds+vl32slYqfgp305mnAGd
tRtz94k7oo8ckg/47Dy5heg3GVW0yD6eR9JRJ4EsjmObNlnynv18OuNPzAnPAdC7
4KEucdElSWDEb16FzM99+AmOe4AeTuMhrb+5k1c/M6gObqBPSi5HcWsX5T8pnqpQ
SOp+NyA8dfoIzrR6LmBLIxRptwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFN7JaV0M
PGKBYLMteycLRaNSEmKFMB8GA1UdIwQYMBaAFKsR6AnyvGaw0eYLijH4a1uC4A45
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MUZBNS8wODA1NkNFNDFE
ODcxMUUyOUREM0M2REUwOEIwMkNEMi9xeEhvQ2ZLOFpyRFI1Z3VLTWZoclc0TGdE
amsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3F4SG9DZks4WnJEUjVndUtNZmhyVzRMZ0Rqay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTFGQTUvMDgwNTZDRTQxRDg3MTFFMjlERDNDNkRFMDhCMDJDRDIvRkRFNTEwQkND
MkU1MTFFQkJEQjFCMTgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEB8t8gAMEBMt8oDANBgkqhkiG9w0BAQsFAAOCAQEAGX5X
JlRPgDftq6QkA0jWNxXJUeAXePhhVD6kefE0YzqfNeSrGkWFgr4eHSUu5De0dKeC
SZs/mzxf76ZYVlWNWNHKJIbT+0hrexLwNR8GYTiwZT5GO00og+suW+awsXi+j2o8
tCxyWA8CeDYxBF6mhND4wa1OuDPiigdutH5D8rlPCkJlUzhtmBu4zDZpY9DwqVaz
vKnqkHHSsR896ETvys3wdAXW6hG2ynYHtcdP0Sgmuv9MqDiZg27hzOJsWLGboEWy
EpLbzujIKyYYt742JU34GB5mFPig22+4mx/argV3emgpd+KUYEPYC8RVeixHzlsv
U1kf7rkkCL0qn+7fiQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:46:01 2025 by rpki-client