Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/D6672BEE0BD111ECB2E9C868C4F9AE02.roa
File: D6672BEE0BD111ECB2E9C868C4F9AE02.roa (raw, json)
Hash identifier: jlbUlIXnT9veJGusBLS+x09R8IWreW5sDY2cRLkBosA=
Subject key identifier: B6:AD:99:8F:68:32:E5:E2:FC:AC:26:E2:2A:37:BF:DE:0C:07:D9:C4
Certificate issuer: /CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Certificate serial: 36BB
Authority key identifier: 9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/D6672BEE0BD111ECB2E9C868C4F9AE02.roa
Signing time: Sat 22 Mar 2025 15:01:01 +0000
ROA not before: Sat 22 Mar 2025 15:01:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 140499
IP address blocks: 119.152.126.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14011 (0x36bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A0832
Validity
Not Before: Mar 22 15:01:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67ded0ad-816e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:46:63:96:46:bf:a3:4f:30:e0:c4:0a:21:ba:
2a:d4:7b:b2:1f:1e:2d:8a:0b:95:cb:60:7f:16:6b:
80:6c:89:b1:70:f5:f9:e1:33:9b:f0:d4:2b:e1:7b:
de:3a:97:71:ca:78:74:6b:7e:ad:a9:62:d5:c1:74:
fb:fd:6c:70:39:f6:19:ac:7f:f5:10:9c:61:51:5a:
31:f0:e7:9f:4c:0c:d5:46:47:92:f2:4f:e9:e0:a6:
8b:5f:e9:f6:72:49:cc:fd:af:4c:66:09:9f:b1:ce:
da:32:4e:1b:7f:52:c9:9c:ff:d5:4f:77:eb:fd:cd:
23:83:52:d6:12:02:17:aa:59:1a:93:38:15:6f:09:
b6:8a:5c:36:52:9b:90:7b:1a:48:95:d4:4b:7f:05:
ac:ad:46:3a:fb:65:c1:5b:16:54:a0:9c:b1:17:f7:
92:aa:59:5d:fb:83:91:c5:81:a9:59:b6:71:aa:b0:
b8:71:a2:a8:a0:29:66:57:9d:14:93:5b:48:77:13:
cc:d8:4a:f0:e5:e8:e5:70:f6:0b:d3:54:85:ce:b7:
80:64:58:88:96:01:f2:3a:79:7e:88:6c:4b:bb:66:
59:32:d0:3d:31:04:f5:5e:87:0d:3c:58:5d:c2:65:
51:9e:81:92:90:3d:9f:73:b0:a1:e6:70:54:5a:62:
c8:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:AD:99:8F:68:32:E5:E2:FC:AC:26:E2:2A:37:BF:DE:0C:07:D9:C4
X509v3 Authority Key Identifier:
keyid:9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/D6672BEE0BD111ECB2E9C868C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
119.152.126.0/24
Signature Algorithm: sha256WithRSAEncryption
14:29:68:b7:9c:a0:21:6d:b2:8f:c0:3a:1c:02:3d:77:c9:7a:
df:b4:f0:7b:ac:f6:7e:0a:31:89:d3:2d:ca:52:90:b5:6c:c6:
6b:ed:8e:c0:b2:9b:b8:2f:0b:ff:09:ab:a7:4d:0e:47:ce:e8:
01:5b:f9:9f:f9:ec:3b:a3:4a:5d:22:27:11:33:6e:65:05:9e:
e8:9c:33:55:42:77:da:13:c1:67:5b:65:86:40:f0:5e:a6:e7:
0b:ab:e1:bf:62:1d:3e:72:75:a5:f7:cc:9c:01:72:18:14:9a:
21:75:d1:fb:68:d7:fd:3e:5a:fc:1c:f2:e2:67:1a:fb:8c:17:
05:02:78:fc:c3:0d:08:dd:cd:da:f3:da:2a:de:5d:b8:75:d0:
b5:cd:cf:e3:33:f7:d3:cd:8a:77:f1:1c:1c:4e:a4:1d:35:d9:
54:67:2f:79:a5:23:03:48:01:75:0d:f6:3e:a5:a0:a0:a5:53:
a1:64:52:b3:c3:17:45:78:91:f8:31:0c:a9:4d:98:11:d3:c1:
f4:df:e1:36:64:60:88:8b:5d:6e:ea:04:f4:6b:0c:70:51:0e:
1a:16:ec:ce:2b:c1:f7:45:67:88:60:62:94:98:3c:24:8c:02:
f7:6b:dc:6b:2c:16:9b:f3:56:15:e0:f9:b2:da:29:5e:54:61:
09:2a:ab:c6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNrswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTA4MzIxMTAvBgNVBAUTKDlFRDkwNTUxMDdDNzBGODVCQjkxQThEQTAyNzBCNUNB
NzYwQUVCNTQwHhcNMjUwMzIyMTUwMTAxWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RlZDBhZC04MTZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+0Zjlka/o08w4MQKIboq1HuyHx4tiguVy2B/FmuAbImxcPX54TOb8NQr4Xve
Opdxynh0a36tqWLVwXT7/WxwOfYZrH/1EJxhUVox8OefTAzVRkeS8k/p4KaLX+n2
cknM/a9MZgmfsc7aMk4bf1LJnP/VT3fr/c0jg1LWEgIXqlkakzgVbwm2ilw2UpuQ
expIldRLfwWsrUY6+2XBWxZUoJyxF/eSqlld+4ORxYGpWbZxqrC4caKooClmV50U
k1tIdxPM2Erw5ejlcPYL01SFzreAZFiIlgHyOnl+iGxLu2ZZMtA9MQT1XocNPFhd
wmVRnoGSkD2fc7Ch5nBUWmLISQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLatmY9o
MuXi/Kwm4io3v94MB9nEMB8GA1UdIwQYMBaAFJ7ZBVEHxw+Fu5Go2gJwtcp2CutU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDgzMi85REFGNzgwRTFE
OTQxMUUyOTkwMUYzRjgwOEIwMkNEMi9udGtGVVFmSEQ0VzdrYWphQW5DMXluWUs2
MVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL250a0ZVUWZIRDRXN2thamFBbkMxeW5ZSzYxUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTA4MzIvOURBRjc4MEUxRDk0MTFFMjk5MDFGM0Y4MDhCMDJDRDIvRDY2NzJCRUUw
QkQxMTFFQ0IyRTlDODY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB3mH4wDQYJKoZIhvcNAQELBQADggEBABQpaLecoCFtso/A
OhwCPXfJet+08Hus9n4KMYnTLcpSkLVsxmvtjsCym7gvC/8Jq6dNDkfO6AFb+Z/5
7DujSl0iJxEzbmUFnuicM1VCd9oTwWdbZYZA8F6m5wur4b9iHT5ydaX3zJwBchgU
miF10fto1/0+Wvwc8uJnGvuMFwUCePzDDQjdzdrz2ireXbh10LXNz+Mz99PNinfx
HBxOpB012VRnL3mlIwNIAXUN9j6loKClU6FkUrPDF0V4kfgxDKlNmBHTwfTf4TZk
YIiLXW7qBPRrDHBRDhoW7M4rwfdFZ4hgYpSYPCSMAvdr3GssFpvzVhXg+bLaKV5U
YQkqq8Y=
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:58:02 2025 by rpki-client