Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9197FDB/657E4074DA3611EB84E6A349C4F9AE02/0A1FAC405BB211EEAD06B243C4F9AE02.roa
File: 0A1FAC405BB211EEAD06B243C4F9AE02.roa (raw, json)
Hash identifier: +Nf3CbeJiQCKoMqVOr8fCtBhRD9vFNzRUGK/YqqHHSM=
Subject key identifier: D5:E8:25:8A:12:5C:46:DD:D9:64:9D:FE:0F:77:7E:5C:70:04:1D:07
Certificate issuer: /CN=A9197FDB/serialNumber=E0025BF932E716E1A1F8AF9010211C411084FC9D
Certificate serial: 0542
Authority key identifier: E0:02:5B:F9:32:E7:16:E1:A1:F8:AF:90:10:21:1C:41:10:84:FC:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4AJb-TLnFuGh-K-QECEcQRCE_J0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9197FDB/657E4074DA3611EB84E6A349C4F9AE02/0A1FAC405BB211EEAD06B243C4F9AE02.roa
Signing time: Tue 31 Dec 2024 23:12:40 +0000
ROA not before: Tue 31 Dec 2024 23:12:40 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 4787
IP address blocks: 202.179.136.0/24 maxlen: 24
202.179.137.0/24 maxlen: 24
202.179.138.0/24 maxlen: 24
202.179.139.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1346 (0x542)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9197FDB
Validity
Not Before: Dec 31 23:12:40 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67747a68-ce8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:25:1e:59:0a:ea:c2:d9:d7:13:57:d1:de:41:
06:3d:a1:de:2f:6f:24:58:d2:80:65:d4:69:fe:01:
2b:c3:fa:49:1a:fd:8f:83:fe:a9:3b:2b:fe:e6:0e:
01:ac:57:be:b4:7f:34:28:c6:8f:35:63:01:4f:11:
07:3b:25:55:ac:9f:78:f6:bf:ae:b9:35:a8:f0:0f:
83:6e:de:5b:88:9a:7e:1b:15:b0:6d:c0:47:77:70:
3d:f5:29:51:a0:0e:9d:63:a4:25:4e:e3:15:bd:59:
79:54:f2:85:b8:c0:50:02:66:d3:27:5c:2c:2e:70:
9f:f3:96:b8:bc:c1:95:0e:34:5d:56:2e:21:50:66:
33:65:59:f3:c6:0b:ba:2e:be:0c:15:a7:33:78:ac:
65:59:97:fe:e4:9b:2c:fa:ab:2c:6a:d0:ec:36:04:
90:42:07:ed:30:a8:40:e0:ba:49:bb:bb:ec:47:62:
77:7e:b8:42:27:c3:b9:1e:bd:d0:f8:1a:02:eb:e2:
95:92:c2:7b:e4:e4:90:75:16:3f:bc:93:12:05:43:
6d:35:d3:b8:99:b5:8d:2c:50:ef:38:a9:d6:19:f1:
d3:8d:10:7c:90:45:a5:c5:4e:62:18:7c:4a:e4:23:
10:98:8e:ba:fd:fb:3f:ff:9d:2e:93:c4:6d:eb:08:
c1:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E8:25:8A:12:5C:46:DD:D9:64:9D:FE:0F:77:7E:5C:70:04:1D:07
X509v3 Authority Key Identifier:
keyid:E0:02:5B:F9:32:E7:16:E1:A1:F8:AF:90:10:21:1C:41:10:84:FC:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9197FDB/657E4074DA3611EB84E6A349C4F9AE02/4AJb-TLnFuGh-K-QECEcQRCE_J0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4AJb-TLnFuGh-K-QECEcQRCE_J0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197FDB/657E4074DA3611EB84E6A349C4F9AE02/0A1FAC405BB211EEAD06B243C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.179.136.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:e2:b7:f9:9b:75:9c:41:7b:39:c6:e1:fc:ad:e9:cd:66:c0:
50:39:9f:cb:09:d7:da:e9:ad:67:01:ac:4a:08:65:a4:fa:3b:
44:10:95:a9:bb:8b:52:4b:69:67:57:fc:2a:ec:4c:0c:5c:d7:
e3:91:c0:51:7f:b2:5b:98:b2:d1:08:ac:cb:79:f4:1d:a5:97:
c6:7b:37:64:7f:88:ca:ad:8c:9a:b8:5b:5c:ce:14:dc:f9:88:
49:7f:4a:2d:c0:0e:ba:26:2c:8a:75:1f:57:d9:0f:e2:8b:92:
51:f1:0b:c5:63:c8:08:6f:a5:d9:ac:3b:f0:99:1a:52:f8:22:
48:47:d7:16:05:0c:cb:85:f3:1e:b3:98:6d:e6:be:a4:a7:7d:
06:de:69:f8:8e:82:21:04:a5:d9:ac:e0:14:3c:ae:bf:b2:c5:
60:c3:2f:2b:2c:34:60:6f:f1:e4:d2:8e:3a:38:ce:73:c1:72:
78:6b:19:b5:0e:7c:cd:81:4a:3e:2a:e0:d9:9b:a4:9d:22:44:
a9:c5:09:76:a3:e2:d7:ce:5e:1c:d3:29:ef:37:f8:cf:10:0c:
27:f9:9d:5e:7a:7b:11:b0:04:a7:3f:7d:96:62:4a:73:7d:d8:
a7:ee:18:67:4c:12:cf:21:31:df:d7:a7:a4:3d:d3:f0:3c:f3:
e7:ae:de:09
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBUIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTdGREIxMTAvBgNVBAUTKEUwMDI1QkY5MzJFNzE2RTFBMUY4QUY5MDEwMjExQzQx
MTA4NEZDOUQwHhcNMjQxMjMxMjMxMjQwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc0N2E2OC1jZThkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8yUeWQrqwtnXE1fR3kEGPaHeL28kWNKAZdRp/gErw/pJGv2Pg/6pOyv+5g4B
rFe+tH80KMaPNWMBTxEHOyVVrJ949r+uuTWo8A+Dbt5biJp+GxWwbcBHd3A99SlR
oA6dY6QlTuMVvVl5VPKFuMBQAmbTJ1wsLnCf85a4vMGVDjRdVi4hUGYzZVnzxgu6
Lr4MFaczeKxlWZf+5Jss+qssatDsNgSQQgftMKhA4LpJu7vsR2J3frhCJ8O5Hr3Q
+BoC6+KVksJ75OSQdRY/vJMSBUNtNdO4mbWNLFDvOKnWGfHTjRB8kEWlxU5iGHxK
5CMQmI66/fs//50uk8Rt6wjBxwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNXoJYoS
XEbd2WSd/g93flxwBB0HMB8GA1UdIwQYMBaAFOACW/ky5xbhofivkBAhHEEQhPyd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5N0ZEQi82NTdFNDA3NERB
MzYxMUVCODRFNkEzNDlDNEY5QUUwMi80QUpiLVRMbkZ1R2gtSy1RRUNFY1FSQ0Vf
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRBSmItVExuRnVHaC1LLVFFQ0VjUVJDRV9KMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTdGREIvNjU3RTQwNzREQTM2MTFFQjg0RTZBMzQ5QzRGOUFFMDIvMEExRkFDNDA1
QkIyMTFFRUFEMDZCMjQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALKs4gwDQYJKoZIhvcNAQELBQADggEBAE7it/mbdZxBeznG
4fyt6c1mwFA5n8sJ19rprWcBrEoIZaT6O0QQlam7i1JLaWdX/CrsTAxc1+ORwFF/
sluYstEIrMt59B2ll8Z7N2R/iMqtjJq4W1zOFNz5iEl/Si3ADromLIp1H1fZD+KL
klHxC8VjyAhvpdmsO/CZGlL4IkhH1xYFDMuF8x6zmG3mvqSnfQbeafiOgiEEpdms
4BQ8rr+yxWDDLyssNGBv8eTSjjo4znPBcnhrGbUOfM2BSj4q4NmbpJ0iRKnFCXaj
4tfOXhzTKe83+M8QDCf5nV56exGwBKc/fZZiSnN92KfuGGdMEs8hMd/Xp6Q90/A8
8+eu3gk=
-----END CERTIFICATE-----
Generated at Fri Apr 11 16:39:06 2025 by rpki-client