Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7292/03B88ADAD14A11EE99DE2B52C4F9AE02/F007DD9AD14B11EEAB2B5281C4F9AE02.roa
File: F007DD9AD14B11EEAB2B5281C4F9AE02.roa (raw, json)
Hash identifier: UNEOMs5fqV8hRkNMf6LQuM3qbd10KwZHOmN1Q6Mt1Y8=
Subject key identifier: 7F:7C:A4:16:82:5D:38:AA:1E:03:C2:E9:96:FB:23:15:B3:F0:28:DA
Certificate issuer: /CN=A91B7292/serialNumber=C2FC6448564EC6526B91B2FE23B4FD58342D20F4
Certificate serial: B4
Authority key identifier: C2:FC:64:48:56:4E:C6:52:6B:91:B2:FE:23:B4:FD:58:34:2D:20:F4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wvxkSFZOxlJrkbL-I7T9WDQtIPQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B7292/03B88ADAD14A11EE99DE2B52C4F9AE02/F007DD9AD14B11EEAB2B5281C4F9AE02.roa
Signing time: Wed 15 Jan 2025 04:47:23 +0000
ROA not before: Wed 15 Jan 2025 04:47:23 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 131164
IP address blocks: 123.108.126.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 180 (0xb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B7292
Validity
Not Before: Jan 15 04:47:23 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67873dda-6b40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:04:ff:9b:00:e8:2a:24:4b:c4:e5:ec:41:0a:
41:66:1e:89:d1:db:ad:20:07:ab:e1:28:6a:e2:d1:
df:f9:27:29:0c:b4:7d:de:a6:75:5d:4c:2b:28:7b:
2a:52:3e:3f:4e:b1:2b:58:74:e2:28:5f:91:1f:ec:
15:15:4b:da:7f:5b:15:cb:71:e0:cf:eb:2a:de:71:
db:6b:1c:9d:c8:d2:33:19:d9:ba:41:b9:51:99:7d:
23:f0:da:89:0e:51:87:95:18:1b:5b:77:64:83:e4:
8b:aa:0d:e6:e9:7b:50:88:0d:a7:8e:5f:61:fe:ee:
e1:e0:5a:f2:ac:1d:f4:f2:29:a3:5b:37:8f:76:09:
4a:9f:a5:4d:95:b3:3a:8b:de:63:19:e7:57:19:11:
d6:7e:f3:28:bb:d1:73:94:d3:e9:92:0f:26:d9:e2:
f3:d9:82:22:4d:36:16:1b:9c:4b:98:2b:b9:1e:f3:
f3:18:01:62:3c:8d:09:59:e3:fc:7e:d0:b9:0b:9e:
0b:dc:08:a3:8d:d1:1e:c4:34:ec:3d:95:88:b6:9a:
fe:66:aa:2f:bb:64:7a:9d:9a:db:6a:ca:c0:99:42:
bc:69:30:5d:3d:03:a8:6b:59:8d:cf:5c:9b:ba:c1:
2f:53:2f:35:a8:c4:ab:c8:c0:1b:05:e2:dc:cd:83:
da:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:7C:A4:16:82:5D:38:AA:1E:03:C2:E9:96:FB:23:15:B3:F0:28:DA
X509v3 Authority Key Identifier:
keyid:C2:FC:64:48:56:4E:C6:52:6B:91:B2:FE:23:B4:FD:58:34:2D:20:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B7292/03B88ADAD14A11EE99DE2B52C4F9AE02/wvxkSFZOxlJrkbL-I7T9WDQtIPQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wvxkSFZOxlJrkbL-I7T9WDQtIPQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7292/03B88ADAD14A11EE99DE2B52C4F9AE02/F007DD9AD14B11EEAB2B5281C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.108.126.0/24
Signature Algorithm: sha256WithRSAEncryption
55:b6:fe:56:7b:90:8b:de:82:06:18:92:9f:bb:13:2b:37:a6:
39:40:f3:ac:e7:95:8e:fe:75:75:e0:6e:aa:4f:dc:84:74:e6:
b7:d5:2a:c6:11:3f:3b:d9:6e:b9:91:f4:2a:60:49:49:69:7d:
7c:50:5c:56:21:d9:2e:0a:b3:13:47:c6:0d:92:e0:1f:61:1d:
37:e4:ed:30:6c:6b:30:02:b2:bb:77:3c:38:36:9d:1d:0d:13:
c3:3c:e6:01:da:6e:42:4c:80:db:f5:c5:70:e6:d6:d2:4a:41:
83:1b:99:e8:39:3b:48:33:e6:5c:0d:1c:5e:dd:7b:12:29:16:
89:21:6c:83:45:6d:a5:a3:9d:a3:80:35:15:56:eb:83:37:7f:
85:10:6f:b0:0a:77:6b:56:a9:4c:4d:ef:93:09:74:98:ea:01:
58:d0:00:bb:57:0e:d6:b9:be:0c:2a:e3:11:3e:f2:41:dc:2e:
33:bf:c9:80:56:3d:99:db:7c:47:ef:7c:53:d4:76:0d:2b:5d:
7f:8b:64:07:15:15:f6:61:b8:ce:1e:16:cd:a0:ff:6e:81:71:
37:50:b3:f4:8e:26:1b:ba:ac:cc:90:c8:b6:ed:f6:1a:a9:3a:
33:1d:fc:5c:41:13:b0:c3:94:da:dc:14:af:13:6d:c0:10:f4:
15:27:dc:87
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICALQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjcyOTIxMTAvBgNVBAUTKEMyRkM2NDQ4NTY0RUM2NTI2QjkxQjJGRTIzQjRGRDU4
MzQyRDIwRjQwHhcNMjUwMTE1MDQ0NzIzWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg3M2RkYS02YjQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2wT/mwDoKiRLxOXsQQpBZh6J0dutIAer4Shq4tHf+ScpDLR93qZ1XUwrKHsq
Uj4/TrErWHTiKF+RH+wVFUvaf1sVy3Hgz+sq3nHbaxydyNIzGdm6QblRmX0j8NqJ
DlGHlRgbW3dkg+SLqg3m6XtQiA2njl9h/u7h4FryrB308imjWzePdglKn6VNlbM6
i95jGedXGRHWfvMou9FzlNPpkg8m2eLz2YIiTTYWG5xLmCu5HvPzGAFiPI0JWeP8
ftC5C54L3AijjdEexDTsPZWItpr+Zqovu2R6nZrbasrAmUK8aTBdPQOoa1mNz1yb
usEvUy81qMSryMAbBeLczYPagQIDAQABo4IClTCCApEwHQYDVR0OBBYEFH98pBaC
XTiqHgPC6Zb7IxWz8CjaMB8GA1UdIwQYMBaAFML8ZEhWTsZSa5Gy/iO0/Vg0LSD0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzI5Mi8wM0I4OEFEQUQx
NEExMUVFOTlERTJCNTJDNEY5QUUwMi93dnhrU0ZaT3hsSnJrYkwtSTdUOVdEUXRJ
UFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3d2eGtTRlpPeGxKcmtiTC1JN1Q5V0RRdElQUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjcyOTIvMDNCODhBREFEMTRBMTFFRTk5REUyQjUyQzRGOUFFMDIvRjAwN0REOUFE
MTRCMTFFRUFCMkI1MjgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB7bH4wDQYJKoZIhvcNAQELBQADggEBAFW2/lZ7kIveggYY
kp+7Eys3pjlA86znlY7+dXXgbqpP3IR05rfVKsYRPzvZbrmR9CpgSUlpfXxQXFYh
2S4KsxNHxg2S4B9hHTfk7TBsazACsrt3PDg2nR0NE8M85gHabkJMgNv1xXDm1tJK
QYMbmeg5O0gz5lwNHF7dexIpFokhbINFbaWjnaOANRVW64M3f4UQb7AKd2tWqUxN
75MJdJjqAVjQALtXDta5vgwq4xE+8kHcLjO/yYBWPZnbfEfvfFPUdg0rXX+LZAcV
FfZhuM4eFs2g/26BcTdQs/SOJhu6rMyQyLbt9hqpOjMd/FxBE7DDlNrcFK8TbcAQ
9BUn3Ic=
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:11:05 2025 by rpki-client