Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9195DE5/E3ED65D8F4BE11EA9C35FE6AC4F9AE02/709F917AF74111EF98C99938C4F9AE02.roa
File: 709F917AF74111EF98C99938C4F9AE02.roa (raw, json)
Hash identifier: n1O/ErynoDEvzXeHZxU+blq0LXlIGr/lkVvjjbul7fU=
Subject key identifier: 24:BA:E3:E9:06:02:1F:64:F6:31:6E:97:4C:41:34:A4:52:FB:CE:20
Certificate issuer: /CN=A9195DE5/serialNumber=B85BED99BF740ABAD5A399C9DF5FE9962A6DE8F1
Certificate serial: 07B3
Authority key identifier: B8:5B:ED:99:BF:74:0A:BA:D5:A3:99:C9:DF:5F:E9:96:2A:6D:E8:F1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uFvtmb90CrrVo5nJ31_plipt6PE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9195DE5/E3ED65D8F4BE11EA9C35FE6AC4F9AE02/709F917AF74111EF98C99938C4F9AE02.roa
Signing time: Sun 02 Mar 2025 08:36:31 +0000
ROA not before: Sun 02 Mar 2025 08:36:31 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 25743
IP address blocks: 116.204.208.0/24 maxlen: 24
116.204.209.0/24 maxlen: 24
116.204.210.0/24 maxlen: 24
116.204.211.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1971 (0x7b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9195DE5
Validity
Not Before: Mar 2 08:36:31 2025 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=67c4188e-0f94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:54:79:c1:d1:58:5e:7e:29:e3:af:11:e2:cc:
40:a6:dd:7c:f3:a2:2a:06:cf:23:c5:98:9a:0e:94:
7a:3a:10:e8:7d:77:c4:02:4a:07:24:d2:73:f3:c0:
8b:77:27:b7:fb:c4:f8:67:7c:70:ab:ad:21:05:1d:
5e:43:28:1d:5a:ae:f8:22:37:83:79:51:56:0d:d9:
de:cb:52:09:bc:66:5e:79:7e:fb:6a:3d:ab:be:34:
5b:30:93:07:10:04:51:3c:6d:11:ae:d0:65:14:28:
63:f1:6b:c1:58:90:01:f3:b2:51:57:60:2b:fe:17:
cc:31:d9:65:66:b2:10:99:89:66:7c:22:99:78:76:
02:80:16:10:bf:fc:a1:05:62:e1:1a:b3:8d:3a:03:
8e:43:85:ea:d0:1e:1d:6d:c0:00:37:b4:d8:8e:16:
2b:44:41:c3:45:d9:58:2e:c1:49:6c:2d:d1:44:28:
3a:4e:88:30:1f:8f:76:82:26:16:14:21:21:8e:fa:
63:59:a8:03:b8:0e:a5:9f:e7:89:c0:1e:e6:f9:bf:
84:f7:61:4b:92:95:fc:e5:43:f5:e4:93:33:d2:61:
58:d9:8e:bd:48:ed:7d:d8:bd:35:48:fe:b2:0f:0b:
3d:ac:2d:e9:65:9a:b0:33:3f:95:0f:02:d2:f8:1c:
1e:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:BA:E3:E9:06:02:1F:64:F6:31:6E:97:4C:41:34:A4:52:FB:CE:20
X509v3 Authority Key Identifier:
keyid:B8:5B:ED:99:BF:74:0A:BA:D5:A3:99:C9:DF:5F:E9:96:2A:6D:E8:F1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9195DE5/E3ED65D8F4BE11EA9C35FE6AC4F9AE02/uFvtmb90CrrVo5nJ31_plipt6PE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uFvtmb90CrrVo5nJ31_plipt6PE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9195DE5/E3ED65D8F4BE11EA9C35FE6AC4F9AE02/709F917AF74111EF98C99938C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.204.208.0/22
Signature Algorithm: sha256WithRSAEncryption
c9:8f:23:a2:60:84:51:ab:f4:c8:c6:0e:8b:12:a6:c2:d3:c4:
02:1b:76:80:68:9f:5b:ad:12:63:30:aa:c1:59:3e:88:ef:ee:
96:33:72:b1:24:c3:67:b3:62:ba:6e:ad:ca:46:e2:21:d6:11:
8f:a3:34:55:3b:cf:77:03:e7:67:c3:f3:f2:cb:3f:34:8e:70:
07:44:9c:f9:6e:9e:25:21:4b:c3:89:58:bd:60:88:51:aa:c5:
14:7e:ba:80:f8:88:f8:c2:90:36:ce:c6:db:81:31:4e:ee:ac:
54:f5:dd:81:c6:f2:0c:fd:d7:16:73:d2:17:dd:ef:68:88:21:
d6:21:5c:85:b1:4b:26:58:4e:29:d9:c5:07:d5:71:d5:6d:d4:
7a:d9:e2:ea:80:7f:9e:d3:98:8a:8d:15:4c:0b:7c:e0:50:88:
0a:32:01:86:27:9d:b6:6c:fe:d0:58:44:41:38:76:9a:89:2b:
7e:06:79:0c:14:4b:a5:61:aa:f7:71:7c:1b:e5:a6:d0:49:f5:
f8:a4:6f:d3:bc:ea:23:50:cf:b6:e0:7e:ed:c9:db:16:22:1f:
bc:38:ea:f5:7d:5c:59:0b:34:45:68:a6:f9:27:ac:fd:96:b0:
24:40:6e:73:d3:ac:06:f2:42:b8:e6:72:88:53:5c:bd:58:69:
6e:ea:e4:2f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB7MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTVERTUxMTAvBgNVBAUTKEI4NUJFRDk5QkY3NDBBQkFENUEzOTlDOURGNUZFOTk2
MkE2REU4RjEwHhcNMjUwMzAyMDgzNjMxWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M0MTg4ZS0wZjk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu1R5wdFYXn4p468R4sxApt1886IqBs8jxZiaDpR6OhDofXfEAkoHJNJz88CL
dye3+8T4Z3xwq60hBR1eQygdWq74IjeDeVFWDdney1IJvGZeeX77aj2rvjRbMJMH
EARRPG0RrtBlFChj8WvBWJAB87JRV2Ar/hfMMdllZrIQmYlmfCKZeHYCgBYQv/yh
BWLhGrONOgOOQ4Xq0B4dbcAAN7TYjhYrREHDRdlYLsFJbC3RRCg6TogwH492giYW
FCEhjvpjWagDuA6ln+eJwB7m+b+E92FLkpX85UP15JMz0mFY2Y69SO192L01SP6y
Dws9rC3pZZqwMz+VDwLS+BwerQIDAQABo4IClTCCApEwHQYDVR0OBBYEFCS64+kG
Ah9k9jFul0xBNKRS+84gMB8GA1UdIwQYMBaAFLhb7Zm/dAq61aOZyd9f6ZYqbejx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NURFNS9FM0VENjVEOEY0
QkUxMUVBOUMzNUZFNkFDNEY5QUUwMi91RnZ0bWI5MENyclZvNW5KMzFfcGxpcHQ2
UEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3VGdnRtYjkwQ3JyVm81bkozMV9wbGlwdDZQRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTVERTUvRTNFRDY1RDhGNEJFMTFFQTlDMzVGRTZBQzRGOUFFMDIvNzA5RjkxN0FG
NzQxMTFFRjk4Qzk5OTM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJ0zNAwDQYJKoZIhvcNAQELBQADggEBAMmPI6JghFGr9MjG
DosSpsLTxAIbdoBon1utEmMwqsFZPojv7pYzcrEkw2ezYrpurcpG4iHWEY+jNFU7
z3cD52fD8/LLPzSOcAdEnPluniUhS8OJWL1giFGqxRR+uoD4iPjCkDbOxtuBMU7u
rFT13YHG8gz91xZz0hfd72iIIdYhXIWxSyZYTinZxQfVcdVt1HrZ4uqAf57TmIqN
FUwLfOBQiAoyAYYnnbZs/tBYREE4dpqJK34GeQwUS6VhqvdxfBvlptBJ9fikb9O8
6iNQz7bgfu3J2xYiH7w46vV9XFkLNEVopvknrP2WsCRAbnPTrAbyQrjmcohTXL1Y
aW7q5C8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:09:55 2025 by rpki-client