Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/F5272A68721511EFA7D82D3EC4F9AE02.roa
File: F5272A68721511EFA7D82D3EC4F9AE02.roa (raw, json)
Hash identifier: TohSJItWvWVryRpnGSzsb685RrbzKvC7cU2vZYT2pes=
Subject key identifier: A6:D7:D7:DF:D9:6D:B5:90:07:5C:29:CD:41:42:DD:9D:98:D7:54:7C
Certificate issuer: /CN=A91AAEB2/serialNumber=9B98FB7D468983A2C14772733248EFFA3462E126
Certificate serial: BF
Authority key identifier: 9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/F5272A68721511EFA7D82D3EC4F9AE02.roa
Signing time: Sat 21 Dec 2024 05:50:07 +0000
ROA not before: Sat 21 Dec 2024 05:50:07 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 24328
IP address blocks: 202.29.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 191 (0xbf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AAEB2
Validity
Not Before: Dec 21 05:50:07 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6766570f-e9a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e8:82:0b:ad:e3:41:c9:2e:f8:a2:46:82:4f:
73:82:02:c8:62:8b:eb:91:f8:d6:3e:b8:7d:4a:ae:
f6:00:71:29:9d:9b:fd:10:73:82:f3:d0:97:80:c4:
00:d4:28:7d:58:93:21:e8:3e:91:8d:39:e1:6d:8c:
b8:39:b4:ce:69:c8:dc:81:eb:e5:00:ed:a9:7e:84:
06:89:84:de:2e:40:47:98:48:3a:37:80:46:18:d6:
24:42:e1:2d:63:42:dc:24:6b:f9:9d:4a:d3:65:74:
18:2e:1e:d3:9d:f7:97:2a:da:2d:47:98:a3:b2:78:
06:31:5c:bb:e4:bb:e0:d4:c6:d2:92:aa:37:64:a1:
5c:2e:73:3d:10:c9:1e:92:0d:b3:d4:7b:45:22:ce:
09:73:80:10:48:e8:5e:f7:de:d0:b2:b7:01:af:41:
ba:a2:22:96:3e:e4:0b:12:98:af:17:ed:c5:74:01:
19:d5:57:9d:03:c2:9a:e9:7b:1a:87:e8:14:b8:1e:
9a:0b:0a:1b:34:fb:92:80:e8:91:f7:6d:f2:c3:85:
df:0c:e9:da:49:be:2b:df:60:90:d3:01:4b:38:4a:
62:cd:8f:3e:aa:11:09:b0:d2:83:bc:15:ec:54:7d:
33:46:ae:b9:3f:f9:d1:32:36:89:7f:eb:5e:f6:51:
b2:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:D7:D7:DF:D9:6D:B5:90:07:5C:29:CD:41:42:DD:9D:98:D7:54:7C
X509v3 Authority Key Identifier:
keyid:9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/F5272A68721511EFA7D82D3EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.29.32.0/24
Signature Algorithm: sha256WithRSAEncryption
30:e7:2a:28:12:3e:2c:9a:bf:b9:74:28:da:4d:78:1b:4c:93:
4d:dc:c1:f4:d7:2a:ee:d1:17:82:3a:22:fd:63:6b:ee:ae:bc:
97:fd:74:65:b7:ca:a2:fb:fc:6f:3b:49:78:da:e2:7b:4d:f2:
9f:21:0d:2d:61:21:c9:bf:09:03:60:73:7f:01:fd:df:38:60:
4c:8c:27:d6:80:97:5a:b4:79:4a:02:4e:af:31:3f:a5:a5:34:
76:04:a0:21:84:21:bb:e6:83:9d:45:14:4f:1e:23:03:44:11:
19:54:94:df:b6:b0:d0:a7:db:68:b8:b3:34:ec:2e:2d:c5:37:
a6:97:d5:cf:22:c4:93:7b:7c:52:a3:fe:61:8d:ae:a8:c1:c3:
b3:5d:5e:a8:47:4e:01:7e:dd:dd:27:6e:a2:f2:23:0f:68:d7:
21:c4:c9:50:05:a0:3d:fd:bc:1d:e3:14:a4:55:4e:21:4d:bc:
df:f2:b1:d7:c3:e8:f7:a8:bc:4c:7e:6d:fd:04:c4:d5:90:f3:
29:06:d4:6d:2d:f9:cd:c7:e7:29:ba:f8:ce:d2:48:94:51:e1:
29:f7:f6:7d:0c:96:79:fb:84:35:f5:59:6b:24:e0:79:1f:a2:
77:d2:50:52:cf:d4:b0:c7:c4:57:3e:78:fe:98:a0:97:37:4d:
f5:fa:9a:f7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAL8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUFFQjIxMTAvBgNVBAUTKDlCOThGQjdENDY4OTgzQTJDMTQ3NzI3MzMyNDhFRkZB
MzQ2MkUxMjYwHhcNMjQxMjIxMDU1MDA3WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY2NTcwZi1lOWEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1OiCC63jQcku+KJGgk9zggLIYovrkfjWPrh9Sq72AHEpnZv9EHOC89CXgMQA
1Ch9WJMh6D6RjTnhbYy4ObTOacjcgevlAO2pfoQGiYTeLkBHmEg6N4BGGNYkQuEt
Y0LcJGv5nUrTZXQYLh7TnfeXKtotR5ijsngGMVy75Lvg1MbSkqo3ZKFcLnM9EMke
kg2z1HtFIs4Jc4AQSOhe997QsrcBr0G6oiKWPuQLEpivF+3FdAEZ1VedA8Ka6Xsa
h+gUuB6aCwobNPuSgOiR923yw4XfDOnaSb4r32CQ0wFLOEpizY8+qhEJsNKDvBXs
VH0zRq65P/nRMjaJf+te9lGyqwIDAQABo4IClTCCApEwHQYDVR0OBBYEFKbX19/Z
bbWQB1wpzUFC3Z2Y11R8MB8GA1UdIwQYMBaAFJuY+31GiYOiwUdyczJI7/o0YuEm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUVCMi8zOTUyMTAwRTZF
ODMxMUVGQUI3MjYxODBDNEY5QUUwMi9tNWo3ZlVhSmc2TEJSM0p6TWtqdi1qUmk0
U1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL201ajdmVWFKZzZMQlIzSnpNa2p2LWpSaTRTWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUFFQjIvMzk1MjEwMEU2RTgzMTFFRkFCNzI2MTgwQzRGOUFFMDIvRjUyNzJBNjg3
MjE1MTFFRkE3RDgyRDNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKHSAwDQYJKoZIhvcNAQELBQADggEBADDnKigSPiyav7l0
KNpNeBtMk03cwfTXKu7RF4I6Iv1ja+6uvJf9dGW3yqL7/G87SXja4ntN8p8hDS1h
Icm/CQNgc38B/d84YEyMJ9aAl1q0eUoCTq8xP6WlNHYEoCGEIbvmg51FFE8eIwNE
ERlUlN+2sNCn22i4szTsLi3FN6aX1c8ixJN7fFKj/mGNrqjBw7NdXqhHTgF+3d0n
bqLyIw9o1yHEyVAFoD39vB3jFKRVTiFNvN/ysdfD6PeovEx+bf0ExNWQ8ykG1G0t
+c3H5ym6+M7SSJRR4Sn39n0Mlnn7hDX1WWsk4HkfonfSUFLP1LDHxFc+eP6YoJc3
TfX6mvc=
-----END CERTIFICATE-----
Generated at Fri Apr 11 17:00:20 2025 by rpki-client