Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB063/1186B6BC093A11E79540950BC4F9AE02/B6FD84CE54F611E79DF7E643C4F9AE02.roa
File: B6FD84CE54F611E79DF7E643C4F9AE02.roa (raw, json)
Hash identifier: YQFMKBF60xX3PieFKAIG2OCODzb9u3iqyawtkqXWSC0=
Subject key identifier: 6A:D4:CE:8E:76:BC:E3:A0:6C:00:71:B3:0C:9A:8B:B7:90:39:26:39
Certificate issuer: /CN=A91AB063/serialNumber=E7584F959A081A4DD94809353051D235939C391D
Certificate serial: 1B2B
Authority key identifier: E7:58:4F:95:9A:08:1A:4D:D9:48:09:35:30:51:D2:35:93:9C:39:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/51hPlZoIGk3ZSAk1MFHSNZOcOR0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AB063/1186B6BC093A11E79540950BC4F9AE02/B6FD84CE54F611E79DF7E643C4F9AE02.roa
Signing time: Tue 10 Dec 2024 16:23:45 +0000
ROA not before: Tue 10 Dec 2024 16:23:45 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 18021
IP address blocks: 202.12.0.0/24 maxlen: 24
202.86.96.0/20 maxlen: 24
2400:5900::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6955 (0x1b2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AB063
Validity
Not Before: Dec 10 16:23:45 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67586b11-00ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c6:3f:11:46:fe:6c:10:f8:0a:a8:c1:bc:57:
b0:68:2d:32:d7:ca:c9:fc:e3:d1:24:b5:31:25:92:
06:56:a9:4e:b7:55:cd:ab:cc:e2:5b:16:68:81:99:
a3:40:cf:f6:e5:e1:b0:7f:2e:dd:95:2b:83:ff:a0:
c3:77:20:9c:e3:24:0d:eb:24:53:05:48:34:1a:a0:
e6:f8:2b:a8:eb:7a:72:5e:28:2b:a3:7a:f9:a2:5a:
41:37:fc:9e:96:e6:7d:51:0e:27:69:b3:49:53:3b:
1b:f0:01:f5:ec:db:c0:38:a5:b9:45:cd:0e:49:2d:
7c:d4:08:d9:43:d3:2e:ab:13:c5:1d:8d:50:a2:66:
10:aa:4a:5c:2f:fa:2e:d1:18:4a:1d:db:49:b1:09:
86:95:aa:62:34:38:1b:ea:cc:f9:80:0d:d9:cc:1e:
52:19:10:f8:e6:91:65:e1:ba:ca:3c:70:9e:96:15:
ca:82:c3:5d:c5:20:3a:78:86:47:96:e4:bc:dc:09:
58:8d:68:67:2f:b4:b2:c5:0b:1b:ad:99:d2:4d:3e:
3d:77:01:b0:f5:69:59:af:95:28:81:d9:e1:09:86:
32:5e:e9:88:ec:7a:8d:8a:2a:b8:1f:67:a6:0b:d3:
ba:b7:45:57:80:ce:d3:45:a4:97:f6:55:f0:44:79:
0a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:D4:CE:8E:76:BC:E3:A0:6C:00:71:B3:0C:9A:8B:B7:90:39:26:39
X509v3 Authority Key Identifier:
keyid:E7:58:4F:95:9A:08:1A:4D:D9:48:09:35:30:51:D2:35:93:9C:39:1D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AB063/1186B6BC093A11E79540950BC4F9AE02/51hPlZoIGk3ZSAk1MFHSNZOcOR0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/51hPlZoIGk3ZSAk1MFHSNZOcOR0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB063/1186B6BC093A11E79540950BC4F9AE02/B6FD84CE54F611E79DF7E643C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.12.0.0/24
202.86.96.0/20
IPv6:
2400:5900::/32
Signature Algorithm: sha256WithRSAEncryption
1f:62:2b:20:25:b1:b8:94:13:c2:68:f8:e9:08:3e:11:7b:f8:
86:5e:da:17:8b:27:2d:91:19:b2:b0:d6:e5:c7:6a:e5:87:de:
e2:34:90:6a:28:fc:fa:3c:08:bf:72:d5:50:79:4f:c5:99:fb:
6f:53:32:00:38:6e:b7:02:2b:28:ac:1e:b8:83:2c:71:29:10:
3d:ac:f0:d0:18:d6:d7:60:6b:48:4b:19:d9:98:b9:6d:3d:cc:
6f:7c:9f:d6:39:e6:8c:f6:86:e8:b0:b1:80:94:96:d4:ff:a0:
41:25:c1:bf:46:b4:b5:c5:83:bc:90:ef:71:51:dc:79:41:36:
e3:cc:c0:42:83:fe:75:8b:ff:9f:4d:13:29:ba:95:f9:ab:e8:
c9:fe:a7:64:06:de:77:d6:8e:ab:d8:e5:4a:57:66:9f:2e:bd:
c6:47:8c:43:a0:bf:b2:c4:cf:98:16:90:19:9d:a3:8b:c0:d2:
2b:71:7f:00:fc:a8:dd:b0:48:4e:aa:0a:c1:f2:e7:8e:86:04:
32:d7:19:5b:dc:e2:a2:e4:0c:1d:4d:d2:30:59:46:49:11:f7:
bb:8c:6a:e1:c1:4d:1c:98:b1:08:1f:6a:e7:b0:1a:2b:4d:56:
86:2b:63:a3:66:80:1f:ec:82:de:65:3d:42:a2:d0:30:78:93:
0d:3e:ba:5e
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICGyswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUIwNjMxMTAvBgNVBAUTKEU3NTg0Rjk1OUEwODFBNEREOTQ4MDkzNTMwNTFEMjM1
OTM5QzM5MUQwHhcNMjQxMjEwMTYyMzQ1WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU4NmIxMS0wMGVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAysY/EUb+bBD4CqjBvFewaC0y18rJ/OPRJLUxJZIGVqlOt1XNq8ziWxZogZmj
QM/25eGwfy7dlSuD/6DDdyCc4yQN6yRTBUg0GqDm+Cuo63pyXigro3r5olpBN/ye
luZ9UQ4nabNJUzsb8AH17NvAOKW5Rc0OSS181AjZQ9MuqxPFHY1QomYQqkpcL/ou
0RhKHdtJsQmGlapiNDgb6sz5gA3ZzB5SGRD45pFl4brKPHCelhXKgsNdxSA6eIZH
luS83AlYjWhnL7SyxQsbrZnSTT49dwGw9WlZr5UogdnhCYYyXumI7HqNiiq4H2em
C9O6t0VXgM7TRaSX9lXwRHkKDQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGrUzo52
vOOgbABxswyai7eQOSY5MB8GA1UdIwQYMBaAFOdYT5WaCBpN2UgJNTBR0jWTnDkd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjA2My8xMTg2QjZCQzA5
M0ExMUU3OTU0MDk1MEJDNEY5QUUwMi81MWhQbFpvSUdrM1pTQWsxTUZIU05aT2NP
UjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUxaFBsWm9JR2szWlNBazFNRkhTTlpPY09SMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUIwNjMvMTE4NkI2QkMwOTNBMTFFNzk1NDA5NTBCQzRGOUFFMDIvQjZGRDg0Q0U1
NEY2MTFFNzlERjdFNjQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBADKDAADBATKVmAwDQQCAAIwBwMFACQAWQAwDQYJKoZIhvcN
AQELBQADggEBAB9iKyAlsbiUE8Jo+OkIPhF7+IZe2heLJy2RGbKw1uXHauWH3uI0
kGoo/Po8CL9y1VB5T8WZ+29TMgA4brcCKyisHriDLHEpED2s8NAY1tdga0hLGdmY
uW09zG98n9Y55oz2huiwsYCUltT/oEElwb9GtLXFg7yQ73FR3HlBNuPMwEKD/nWL
/59NEym6lfmr6Mn+p2QG3nfWjqvY5UpXZp8uvcZHjEOgv7LEz5gWkBmdo4vA0itx
fwD8qN2wSE6qCsHy546GBDLXGVvc4qLkDB1N0jBZRkkR97uMauHBTRyYsQgfauew
GitNVoYrY6NmgB/sgt5lPUKi0DB4kw0+ul4=
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:57:58 2025 by rpki-client