Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/F8C77948721511EFA7D82D3EC4F9AE02.roa
File: F8C77948721511EFA7D82D3EC4F9AE02.roa (raw, json)
Hash identifier: fFH9BqhD4ADi0TbnQ45AGXI4NOKXJhKmoJ4fnXZa3TM=
Subject key identifier: D9:BA:DA:21:66:B5:32:BA:46:1E:4E:87:50:11:0A:60:C5:F8:34:3E
Certificate issuer: /CN=A91AAEB2/serialNumber=9B98FB7D468983A2C14772733248EFFA3462E126
Certificate serial: D2
Authority key identifier: 9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/F8C77948721511EFA7D82D3EC4F9AE02.roa
Signing time: Sat 21 Dec 2024 05:50:27 +0000
ROA not before: Sat 21 Dec 2024 05:50:27 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 9551
IP address blocks: 202.28.4.0/24 maxlen: 24
202.28.5.0/24 maxlen: 24
202.28.6.0/24 maxlen: 24
202.28.7.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 210 (0xd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AAEB2
Validity
Not Before: Dec 21 05:50:27 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67665722-c85c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:25:c9:5c:8e:5b:89:df:dc:6b:f6:f1:e1:b5:
4e:f0:82:dc:77:a9:a1:3b:00:0a:80:a9:6d:01:f1:
7c:49:8a:4e:11:b5:20:39:66:3e:db:7e:43:0a:b6:
da:c6:81:09:46:03:34:d4:b4:ae:85:d7:74:91:31:
56:89:4c:44:a3:8f:6a:24:92:01:2b:72:20:df:a6:
50:3e:90:d7:77:1a:4e:ad:73:fe:f7:e7:c9:b4:4c:
2a:83:72:08:74:b5:a7:05:8e:ee:c7:44:52:06:df:
72:c3:c3:07:61:f4:c0:96:8c:45:6d:8f:73:98:28:
ee:6f:57:4d:77:08:4e:99:5c:4b:c1:e9:99:25:0e:
e4:8e:7a:11:cc:3b:f9:52:e7:05:4e:d6:d9:c8:eb:
b3:8c:4d:1c:f5:e3:47:54:7f:83:01:60:0c:b7:ea:
34:99:e9:04:5b:dc:8d:59:64:57:11:48:e3:d1:b1:
a5:d3:4d:d2:77:75:70:4a:c0:fa:c7:de:01:e0:0e:
b7:9e:c4:d9:80:14:f1:8b:cc:9c:c3:a6:97:a8:0b:
f6:fc:01:1f:74:65:a7:3b:4d:c7:b0:fa:ac:4e:fd:
08:30:fd:25:ee:06:8a:ca:0a:2c:31:40:1e:d2:7d:
7b:f7:06:34:89:c8:c7:08:af:5d:1b:d1:e9:7a:9d:
55:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:BA:DA:21:66:B5:32:BA:46:1E:4E:87:50:11:0A:60:C5:F8:34:3E
X509v3 Authority Key Identifier:
keyid:9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/F8C77948721511EFA7D82D3EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.28.4.0/22
Signature Algorithm: sha256WithRSAEncryption
11:51:bf:bb:ea:e2:d3:3a:7d:0b:3c:22:26:2e:12:54:16:35:
ed:e5:e6:f1:95:6a:62:b2:98:b7:08:0a:9c:fa:10:aa:10:06:
1b:f3:07:02:f2:b5:9b:6e:3c:cd:ce:db:4d:0c:43:cd:63:c1:
d4:e0:e6:a2:72:b4:16:22:20:d0:20:07:90:33:07:2f:28:23:
91:5b:7a:06:ef:7a:5f:5f:f7:0d:81:80:f1:a7:79:d0:1f:65:
20:50:30:55:51:b9:a2:bb:58:9e:cf:f6:6c:40:49:4e:be:34:
3f:3d:9a:23:43:ee:50:a6:8b:a1:9d:97:08:f3:bc:0f:45:b2:
0a:59:4b:1e:f1:6b:a2:f6:7d:a2:88:a9:17:55:f8:59:33:28:
3a:1c:96:30:62:b0:4d:f8:db:9e:63:7c:ed:f5:f4:ca:4d:cc:
42:2b:f2:b0:82:fc:04:e6:3c:6f:58:67:a6:5b:86:4d:31:68:
db:35:93:c8:97:1a:2c:2a:ed:16:66:e5:99:d0:43:26:21:b1:
c3:d2:a9:c0:39:83:f2:9a:9b:af:0a:3c:bd:80:ef:c2:03:16:
b6:73:13:b6:68:a4:44:a7:4c:82:c3:5a:f3:7d:e2:8f:3c:f7:
85:8e:81:a7:73:cd:c2:9d:66:61:07:4e:6c:dc:be:04:13:e3:
aa:9e:d0:6e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICANIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUFFQjIxMTAvBgNVBAUTKDlCOThGQjdENDY4OTgzQTJDMTQ3NzI3MzMyNDhFRkZB
MzQ2MkUxMjYwHhcNMjQxMjIxMDU1MDI3WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY2NTcyMi1jODVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAviXJXI5bid/ca/bx4bVO8ILcd6mhOwAKgKltAfF8SYpOEbUgOWY+235DCrba
xoEJRgM01LSuhdd0kTFWiUxEo49qJJIBK3Ig36ZQPpDXdxpOrXP+9+fJtEwqg3II
dLWnBY7ux0RSBt9yw8MHYfTAloxFbY9zmCjub1dNdwhOmVxLwemZJQ7kjnoRzDv5
UucFTtbZyOuzjE0c9eNHVH+DAWAMt+o0mekEW9yNWWRXEUjj0bGl003Sd3VwSsD6
x94B4A63nsTZgBTxi8ycw6aXqAv2/AEfdGWnO03HsPqsTv0IMP0l7gaKygosMUAe
0n179wY0icjHCK9dG9Hpep1VPwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNm62iFm
tTK6Rh5Oh1ARCmDF+DQ+MB8GA1UdIwQYMBaAFJuY+31GiYOiwUdyczJI7/o0YuEm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUVCMi8zOTUyMTAwRTZF
ODMxMUVGQUI3MjYxODBDNEY5QUUwMi9tNWo3ZlVhSmc2TEJSM0p6TWtqdi1qUmk0
U1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL201ajdmVWFKZzZMQlIzSnpNa2p2LWpSaTRTWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUFFQjIvMzk1MjEwMEU2RTgzMTFFRkFCNzI2MTgwQzRGOUFFMDIvRjhDNzc5NDg3
MjE1MTFFRkE3RDgyRDNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALKHAQwDQYJKoZIhvcNAQELBQADggEBABFRv7vq4tM6fQs8
IiYuElQWNe3l5vGVamKymLcICpz6EKoQBhvzBwLytZtuPM3O200MQ81jwdTg5qJy
tBYiINAgB5AzBy8oI5Fbegbvel9f9w2BgPGnedAfZSBQMFVRuaK7WJ7P9mxASU6+
ND89miND7lCmi6GdlwjzvA9FsgpZSx7xa6L2faKIqRdV+FkzKDocljBisE34255j
fO319MpNzEIr8rCC/ATmPG9YZ6Zbhk0xaNs1k8iXGiwq7RZm5ZnQQyYhscPSqcA5
g/Kam68KPL2A78IDFrZzE7ZopESnTILDWvN94o8894WOgadzzcKdZmEHTmzcvgQT
46qe0G4=
-----END CERTIFICATE-----
Generated at Fri Apr 11 01:51:13 2025 by rpki-client