Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A29A1/F8F0EC961E5011EB82078626C4F9AE02/FD33BACA1E5211EBA055EE2BC4F9AE02.roa
File: FD33BACA1E5211EBA055EE2BC4F9AE02.roa (raw, json)
Hash identifier: rp0zrUH9UGHjL2DLYngSyvnoyMj95GbsV1MCoTzBwJ8=
Subject key identifier: 39:D3:31:10:C1:BF:73:06:C1:EB:14:E1:B8:4B:A3:1D:79:48:08:AC
Certificate issuer: /CN=A91A29A1/serialNumber=F1BB79E56D2B098692CC7D1F226F756C7961E19B
Certificate serial: 06CC
Authority key identifier: F1:BB:79:E5:6D:2B:09:86:92:CC:7D:1F:22:6F:75:6C:79:61:E1:9B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8bt55W0rCYaSzH0fIm91bHlh4Zs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A29A1/F8F0EC961E5011EB82078626C4F9AE02/FD33BACA1E5211EBA055EE2BC4F9AE02.roa
Signing time: Tue 30 Jul 2024 22:40:47 +0000
ROA not before: Tue 30 Jul 2024 22:40:47 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 9268
IP address blocks: 119.18.40.0/21 maxlen: 21
2407:600::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1740 (0x6cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A29A1
Validity
Not Before: Jul 30 22:40:47 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66a96bef-843b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:ad:d3:95:37:80:94:cf:6f:21:df:98:a1:cc:
3f:9b:ed:d3:58:30:ff:a8:60:01:9a:a4:29:65:a4:
49:94:5b:14:41:89:ae:86:8c:c8:f6:b9:28:3d:a0:
c1:1d:f7:f9:5c:92:d9:1f:c9:ff:f5:38:60:63:9b:
04:e2:f4:73:ca:79:b7:8e:e1:0b:cf:58:66:98:9d:
ae:e6:72:d0:b5:51:af:41:b3:5d:e5:51:eb:3b:11:
67:55:c3:95:34:14:01:ca:13:8e:ed:5f:8d:cd:de:
9a:ee:68:e3:f9:b1:70:3f:87:d4:75:cb:f6:e2:f0:
0c:63:58:6b:84:02:90:02:48:74:10:83:31:1d:60:
fb:8f:93:c9:06:e8:eb:1a:19:18:86:2f:75:8d:d0:
3c:35:bd:61:33:13:b5:5c:9e:e9:55:a4:6c:36:69:
73:67:fb:5b:6c:44:48:af:3d:b4:3f:8b:07:8b:f6:
22:bd:09:cb:d3:03:11:67:50:ca:2f:31:72:ea:1e:
4f:b7:f7:b7:da:6e:ca:ad:df:bd:04:e6:8d:08:47:
12:63:9a:53:a3:d0:ff:ad:89:b8:bd:d2:5f:83:a9:
03:04:a8:20:a3:64:a5:6f:8b:be:7c:bd:27:c9:48:
f4:f6:b1:69:2b:a6:5d:6b:fd:b9:09:10:96:7a:e6:
37:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:D3:31:10:C1:BF:73:06:C1:EB:14:E1:B8:4B:A3:1D:79:48:08:AC
X509v3 Authority Key Identifier:
keyid:F1:BB:79:E5:6D:2B:09:86:92:CC:7D:1F:22:6F:75:6C:79:61:E1:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A29A1/F8F0EC961E5011EB82078626C4F9AE02/8bt55W0rCYaSzH0fIm91bHlh4Zs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8bt55W0rCYaSzH0fIm91bHlh4Zs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A29A1/F8F0EC961E5011EB82078626C4F9AE02/FD33BACA1E5211EBA055EE2BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
119.18.40.0/21
IPv6:
2407:600::/32
Signature Algorithm: sha256WithRSAEncryption
9a:00:60:d1:be:65:db:fb:82:db:0c:fa:3e:df:cc:0a:40:23:
72:11:1a:90:d3:c9:a6:9e:12:14:e6:aa:5e:76:ec:09:dd:33:
33:5c:1c:25:6b:5a:02:b9:a9:f8:69:c3:f5:31:00:36:31:a2:
a0:62:70:fb:b8:cf:5c:54:cc:1a:b3:7c:5b:ea:d9:45:00:a2:
49:4e:1d:09:7f:80:85:81:84:d1:f6:9d:6f:b1:04:da:88:39:
d1:69:36:b7:05:ac:3b:ff:77:25:de:26:f9:36:ce:69:a1:78:
56:3e:eb:4b:08:72:d6:c3:b6:fe:da:06:a6:44:1b:0b:46:d8:
8f:5b:d7:a1:6b:98:87:3e:b3:22:57:eb:30:15:46:bd:30:cd:
de:52:5b:5e:b4:98:20:25:f5:33:f3:2c:31:97:32:c5:04:f1:
9e:41:69:91:13:50:3f:32:fa:5b:4b:a6:d5:8d:3f:90:bf:f1:
6d:9c:b3:98:12:dd:ae:ee:de:47:93:c1:e9:b8:2e:b7:3e:72:
9e:55:5b:e3:e1:ec:41:ca:84:3f:3a:eb:4a:e2:7e:05:9a:f9:
8b:37:37:e9:a1:93:38:6f:ef:c7:a4:7b:1a:7d:62:48:5b:36:
ba:e1:bb:90:c3:96:fc:c3:60:40:46:d0:10:07:88:da:ed:a0:
67:18:5a:53
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBswwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTI5QTExMTAvBgNVBAUTKEYxQkI3OUU1NkQyQjA5ODY5MkNDN0QxRjIyNkY3NTZD
Nzk2MUUxOUIwHhcNMjQwNzMwMjI0MDQ3WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmE5NmJlZi04NDNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7a3TlTeAlM9vId+Yocw/m+3TWDD/qGABmqQpZaRJlFsUQYmuhozI9rkoPaDB
Hff5XJLZH8n/9ThgY5sE4vRzynm3juELz1hmmJ2u5nLQtVGvQbNd5VHrOxFnVcOV
NBQByhOO7V+Nzd6a7mjj+bFwP4fUdcv24vAMY1hrhAKQAkh0EIMxHWD7j5PJBujr
GhkYhi91jdA8Nb1hMxO1XJ7pVaRsNmlzZ/tbbERIrz20P4sHi/YivQnL0wMRZ1DK
LzFy6h5Pt/e32m7Krd+9BOaNCEcSY5pTo9D/rYm4vdJfg6kDBKggo2Slb4u+fL0n
yUj09rFpK6Zda/25CRCWeuY3rwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFDnTMRDB
v3MGwesU4bhLox15SAisMB8GA1UdIwQYMBaAFPG7eeVtKwmGksx9HyJvdWx5YeGb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMjlBMS9GOEYwRUM5NjFF
NTAxMUVCODIwNzg2MjZDNEY5QUUwMi84YnQ1NVcwckNZYVN6SDBmSW05MWJIbGg0
WnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhidDU1VzByQ1lhU3pIMGZJbTkxYkhsaDRacy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTI5QTEvRjhGMEVDOTYxRTUwMTFFQjgyMDc4NjI2QzRGOUFFMDIvRkQzM0JBQ0Ex
RTUyMTFFQkEwNTVFRTJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAN3EigwDQQCAAIwBwMFACQHBgAwDQYJKoZIhvcNAQELBQAD
ggEBAJoAYNG+Zdv7gtsM+j7fzApAI3IRGpDTyaaeEhTmql527AndMzNcHCVrWgK5
qfhpw/UxADYxoqBicPu4z1xUzBqzfFvq2UUAoklOHQl/gIWBhNH2nW+xBNqIOdFp
NrcFrDv/dyXeJvk2zmmheFY+60sIctbDtv7aBqZEGwtG2I9b16FrmIc+syJX6zAV
Rr0wzd5SW160mCAl9TPzLDGXMsUE8Z5BaZETUD8y+ltLptWNP5C/8W2cs5gS3a7u
3keTwem4Lrc+cp5VW+Ph7EHKhD8660rifgWa+Ys3N+mhkzhv78ekexp9YkhbNrrh
u5DDlvzDYEBG0BAHiNrtoGcYWlM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:26:24 2025 by rpki-client