Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B872C/F20E5596DBDC11EA93FF7D44C4F9AE02/7B2649225FE211EB9C1A7864C4F9AE02.roa
File: 7B2649225FE211EB9C1A7864C4F9AE02.roa (raw, json)
Hash identifier: b5aUsASBnsIOTpMPwep8wURlLe5syVCTwDPawKkUzSQ=
Subject key identifier: DA:C2:8E:CF:69:78:28:AE:DB:5C:3E:AC:C6:3F:CB:CB:25:CC:DD:FE
Certificate issuer: /CN=A91B872C/serialNumber=40606A5B5D29BBF42167FA68B326867EF90E826F
Certificate serial: 077C
Authority key identifier: 40:60:6A:5B:5D:29:BB:F4:21:67:FA:68:B3:26:86:7E:F9:0E:82:6F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QGBqW10pu_QhZ_posyaGfvkOgm8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B872C/F20E5596DBDC11EA93FF7D44C4F9AE02/7B2649225FE211EB9C1A7864C4F9AE02.roa
Signing time: Fri 02 Aug 2024 22:20:00 +0000
ROA not before: Fri 02 Aug 2024 22:20:00 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 137445
IP address blocks: 123.253.218.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1916 (0x77c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B872C
Validity
Not Before: Aug 2 22:20:00 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66ad5b8f-d13c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a6:6a:a2:a9:35:61:41:ec:e7:73:c8:92:ed:
4b:a1:93:bb:58:ed:ed:0c:67:01:71:42:5f:97:33:
d7:47:7d:69:47:7b:8a:b6:67:0c:d0:f3:77:4e:18:
2d:e8:14:e7:88:e4:ad:c1:af:46:97:e9:e6:c7:1e:
0f:c8:57:38:5c:05:90:da:58:a1:f9:31:bc:ce:3c:
b3:4e:f4:c0:53:9b:18:3a:3e:10:b6:30:52:37:04:
dd:d4:39:a1:88:18:2f:95:d8:65:4f:72:4c:f1:9a:
3d:2e:a7:c6:79:a2:67:ea:38:df:67:d0:4a:3b:79:
e9:04:fe:59:92:96:e6:f2:f6:c6:3d:50:fd:51:63:
c2:fb:45:28:ec:f9:89:4b:9e:18:fc:80:7c:1a:c3:
f2:d0:d5:48:a1:ff:02:5b:b8:33:39:2a:3d:3a:3a:
52:af:2e:b2:ad:a6:06:27:5f:ea:35:c9:73:61:80:
5e:8b:c0:a6:51:2c:2f:c3:3a:33:73:80:19:3f:6a:
16:92:2e:91:ec:5d:3e:a1:ba:62:a3:e8:01:0c:3c:
cc:c4:fe:7b:5c:b0:5a:c2:93:bf:40:69:cd:4c:be:
b0:b6:1f:ed:71:6f:ee:f0:7e:36:da:9d:a0:24:38:
2a:5b:ab:65:3e:0e:90:f8:9d:6a:40:2a:ff:73:fd:
05:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C2:8E:CF:69:78:28:AE:DB:5C:3E:AC:C6:3F:CB:CB:25:CC:DD:FE
X509v3 Authority Key Identifier:
keyid:40:60:6A:5B:5D:29:BB:F4:21:67:FA:68:B3:26:86:7E:F9:0E:82:6F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B872C/F20E5596DBDC11EA93FF7D44C4F9AE02/QGBqW10pu_QhZ_posyaGfvkOgm8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QGBqW10pu_QhZ_posyaGfvkOgm8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B872C/F20E5596DBDC11EA93FF7D44C4F9AE02/7B2649225FE211EB9C1A7864C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.253.218.0/24
Signature Algorithm: sha256WithRSAEncryption
78:af:ff:a3:05:a9:ac:45:e8:13:cc:e3:9f:7b:87:fc:2f:a6:
31:12:07:38:4f:a8:29:f6:bf:52:ea:07:e6:35:7d:57:94:c1:
05:ef:f9:a6:cf:a2:67:ec:d0:6b:ae:c7:38:d8:23:17:0e:5d:
ad:27:5a:50:67:40:41:b4:2e:e4:de:51:c4:f0:ab:22:7f:a9:
d7:e9:43:60:26:4c:b9:1d:48:15:f0:f8:7a:4e:10:d7:a1:2b:
fa:a6:a4:b0:aa:94:88:e1:83:74:e3:93:b6:d4:8d:55:38:29:
9d:39:43:f5:c9:65:70:4d:4c:a7:96:7f:0b:3a:77:44:b4:91:
e9:4c:f8:7d:3a:91:48:23:b6:fa:ae:13:5f:e4:1a:84:c7:14:
59:90:55:46:47:9b:6b:db:c0:07:50:cc:90:0c:f5:53:eb:ee:
b3:b4:2b:57:f6:20:06:3d:9d:e1:1b:15:b0:0c:ad:47:46:14:
e0:82:ef:2c:d0:ce:e0:df:5a:0d:e2:a7:da:14:78:54:da:f1:
4c:59:00:e5:2f:0a:c1:ce:5d:87:e7:3d:e8:6b:e5:bf:fd:90:
fb:bc:df:64:10:15:e3:35:cd:73:cf:2e:61:6e:9e:fc:11:80:
b5:8e:b9:17:be:3a:b0:8f:cb:34:3a:b2:7f:8b:6c:43:7e:db:
34:aa:ec:f5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB3wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjg3MkMxMTAvBgNVBAUTKDQwNjA2QTVCNUQyOUJCRjQyMTY3RkE2OEIzMjY4NjdF
RjkwRTgyNkYwHhcNMjQwODAyMjIyMDAwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFkNWI4Zi1kMTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq6Zqoqk1YUHs53PIku1LoZO7WO3tDGcBcUJflzPXR31pR3uKtmcM0PN3Thgt
6BTniOStwa9Gl+nmxx4PyFc4XAWQ2lih+TG8zjyzTvTAU5sYOj4QtjBSNwTd1Dmh
iBgvldhlT3JM8Zo9LqfGeaJn6jjfZ9BKO3npBP5Zkpbm8vbGPVD9UWPC+0Uo7PmJ
S54Y/IB8GsPy0NVIof8CW7gzOSo9OjpSry6yraYGJ1/qNclzYYBei8CmUSwvwzoz
c4AZP2oWki6R7F0+obpio+gBDDzMxP57XLBawpO/QGnNTL6wth/tcW/u8H422p2g
JDgqW6tlPg6Q+J1qQCr/c/0FsQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNrCjs9p
eCiu21w+rMY/y8slzN3+MB8GA1UdIwQYMBaAFEBgaltdKbv0IWf6aLMmhn75DoJv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODcyQy9GMjBFNTU5NkRC
REMxMUVBOTNGRjdENDRDNEY5QUUwMi9RR0JxVzEwcHVfUWhaX3Bvc3lhR2Z2a09n
bTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FHQnFXMTBwdV9RaFpfcG9zeWFHZnZrT2dtOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjg3MkMvRjIwRTU1OTZEQkRDMTFFQTkzRkY3RDQ0QzRGOUFFMDIvN0IyNjQ5MjI1
RkUyMTFFQjlDMUE3ODY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB7/dowDQYJKoZIhvcNAQELBQADggEBAHiv/6MFqaxF6BPM
4597h/wvpjESBzhPqCn2v1LqB+Y1fVeUwQXv+abPomfs0GuuxzjYIxcOXa0nWlBn
QEG0LuTeUcTwqyJ/qdfpQ2AmTLkdSBXw+HpOENehK/qmpLCqlIjhg3Tjk7bUjVU4
KZ05Q/XJZXBNTKeWfws6d0S0kelM+H06kUgjtvquE1/kGoTHFFmQVUZHm2vbwAdQ
zJAM9VPr7rO0K1f2IAY9neEbFbAMrUdGFOCC7yzQzuDfWg3ip9oUeFTa8UxZAOUv
CsHOXYfnPehr5b/9kPu832QQFeM1zXPPLmFunvwRgLWOuRe+OrCPyzQ6sn+LbEN+
2zSq7PU=
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:22:15 2025 by rpki-client