Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B929F/3BE549CED64E11EB94D4F27DC4F9AE02/2EA68D96D65211EB8DAD1886C4F9AE02.roa
File: 2EA68D96D65211EB8DAD1886C4F9AE02.roa (raw, json)
Hash identifier: QfVYtd7FvBpsR5Tca8bnLg+O7UqwB1xI72oRETrqTpE=
Subject key identifier: 4E:61:FC:70:0C:9B:E3:7D:04:D0:D6:0C:86:EE:87:6D:12:9F:1A:99
Certificate issuer: /CN=A91B929F/serialNumber=8B57DD16BD97FB5BFC21D9CCA9E2B86D5502E288
Certificate serial: 04EA
Authority key identifier: 8B:57:DD:16:BD:97:FB:5B:FC:21:D9:CC:A9:E2:B8:6D:55:02:E2:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i1fdFr2X-1v8IdnMqeK4bVUC4og.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B929F/3BE549CED64E11EB94D4F27DC4F9AE02/2EA68D96D65211EB8DAD1886C4F9AE02.roa
Signing time: Sat 13 Jul 2024 01:15:20 +0000
ROA not before: Sat 13 Jul 2024 01:15:20 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 4764
IP address blocks: 203.3.122.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1258 (0x4ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B929F
Validity
Not Before: Jul 13 01:15:20 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6691d528-4093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:1c:67:a0:6c:f6:46:38:b3:be:9a:dd:4d:c7:
37:35:e5:b6:01:6e:b2:55:9e:38:eb:d1:3e:46:8f:
c3:c5:4d:10:f4:bc:6c:cb:73:f8:ae:7f:90:39:4f:
72:38:70:7a:c4:fb:30:8e:fb:0c:5a:2e:0d:20:7e:
c7:d2:25:19:4a:1c:6d:2a:cb:80:c0:8e:d1:55:5f:
57:3e:7a:06:5c:d2:5c:6c:30:f8:0e:7a:a0:98:0f:
6b:6d:09:f7:3c:61:5b:ff:e8:09:ab:f8:fc:d6:ad:
0e:c7:94:04:93:cf:22:28:d8:e7:08:98:49:46:ad:
5d:92:b0:ca:81:d6:f3:ea:40:78:d1:cb:b5:40:1e:
89:de:ec:15:5e:e4:c7:54:ba:be:a6:56:48:e5:53:
ed:7c:56:ab:96:d5:2a:3a:40:a8:e6:d8:c6:b9:0b:
10:bf:a3:05:1c:12:a7:ec:19:17:e1:f6:69:f0:04:
ee:f7:c6:61:22:50:6e:59:e6:0e:65:56:39:c7:5b:
93:09:85:b1:df:4c:e4:eb:02:45:ae:f5:43:21:45:
9f:0e:e2:95:4f:84:38:7b:45:5f:c6:2f:da:52:70:
47:2e:ca:9b:9f:da:2d:09:e4:80:13:17:1b:42:88:
7f:c4:5a:5d:ba:62:78:7e:fa:67:f4:8e:0e:44:24:
bb:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:61:FC:70:0C:9B:E3:7D:04:D0:D6:0C:86:EE:87:6D:12:9F:1A:99
X509v3 Authority Key Identifier:
keyid:8B:57:DD:16:BD:97:FB:5B:FC:21:D9:CC:A9:E2:B8:6D:55:02:E2:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B929F/3BE549CED64E11EB94D4F27DC4F9AE02/i1fdFr2X-1v8IdnMqeK4bVUC4og.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i1fdFr2X-1v8IdnMqeK4bVUC4og.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B929F/3BE549CED64E11EB94D4F27DC4F9AE02/2EA68D96D65211EB8DAD1886C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.3.122.0/24
Signature Algorithm: sha256WithRSAEncryption
94:ae:29:a9:19:a5:21:89:4c:a1:2c:2d:6c:14:82:7d:83:3d:
dc:f7:75:78:84:0c:f2:7e:87:72:01:b6:dd:b3:e1:00:fa:b2:
d2:24:f8:70:ce:23:aa:9d:dc:49:0d:c5:07:dd:5d:63:21:c7:
93:ef:c6:c7:45:e9:50:9f:44:6f:8b:3b:a4:89:e8:94:9b:d6:
12:f7:c0:02:32:74:e9:d1:3e:df:82:46:2d:b0:1e:e3:a6:f2:
28:9b:f1:31:20:bc:0b:53:49:f9:0f:82:2d:04:63:75:f1:44:
75:2f:95:95:1f:31:d8:7d:a1:a3:f8:42:17:cd:f3:cb:a4:9b:
39:59:bb:36:8d:36:88:fa:87:91:5f:75:d0:a5:0b:c2:be:13:
15:eb:b6:af:e2:51:47:ff:28:7a:c0:86:93:15:38:00:fe:df:
51:77:8d:08:c8:2b:0d:fb:af:d2:0b:11:35:4e:9a:25:87:1e:
b0:b7:91:41:6e:59:bf:d0:d5:68:4c:72:0d:54:d2:f0:b6:4e:
0d:8c:01:92:76:bc:82:1e:2f:c7:1e:a1:b9:2d:32:7a:5e:c1:
bc:80:a1:33:af:20:71:a5:bd:15:11:8c:d0:24:51:7b:dd:71:
43:cc:4d:1f:ef:cf:2d:02:14:f2:23:ef:5a:6d:57:80:45:93:
37:7d:08:a9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBOowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjkyOUYxMTAvBgNVBAUTKDhCNTdERDE2QkQ5N0ZCNUJGQzIxRDlDQ0E5RTJCODZE
NTUwMkUyODgwHhcNMjQwNzEzMDExNTIwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjkxZDUyOC00MDkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7BxnoGz2RjizvprdTcc3NeW2AW6yVZ4469E+Ro/DxU0Q9Lxsy3P4rn+QOU9y
OHB6xPswjvsMWi4NIH7H0iUZShxtKsuAwI7RVV9XPnoGXNJcbDD4DnqgmA9rbQn3
PGFb/+gJq/j81q0Ox5QEk88iKNjnCJhJRq1dkrDKgdbz6kB40cu1QB6J3uwVXuTH
VLq+plZI5VPtfFarltUqOkCo5tjGuQsQv6MFHBKn7BkX4fZp8ATu98ZhIlBuWeYO
ZVY5x1uTCYWx30zk6wJFrvVDIUWfDuKVT4Q4e0Vfxi/aUnBHLsqbn9otCeSAExcb
Qoh/xFpdumJ4fvpn9I4ORCS7AQIDAQABo4IClTCCApEwHQYDVR0OBBYEFE5h/HAM
m+N9BNDWDIbuh20SnxqZMB8GA1UdIwQYMBaAFItX3Ra9l/tb/CHZzKniuG1VAuKI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOTI5Ri8zQkU1NDlDRUQ2
NEUxMUVCOTRENEYyN0RDNEY5QUUwMi9pMWZkRnIyWC0xdjhJZG5NcWVLNGJWVUM0
b2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2kxZmRGcjJYLTF2OElkbk1xZUs0YlZVQzRvZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjkyOUYvM0JFNTQ5Q0VENjRFMTFFQjk0RDRGMjdEQzRGOUFFMDIvMkVBNjhEOTZE
NjUyMTFFQjhEQUQxODg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLA3owDQYJKoZIhvcNAQELBQADggEBAJSuKakZpSGJTKEs
LWwUgn2DPdz3dXiEDPJ+h3IBtt2z4QD6stIk+HDOI6qd3EkNxQfdXWMhx5PvxsdF
6VCfRG+LO6SJ6JSb1hL3wAIydOnRPt+CRi2wHuOm8iib8TEgvAtTSfkPgi0EY3Xx
RHUvlZUfMdh9oaP4QhfN88ukmzlZuzaNNoj6h5FfddClC8K+ExXrtq/iUUf/KHrA
hpMVOAD+31F3jQjIKw37r9ILETVOmiWHHrC3kUFuWb/Q1WhMcg1U0vC2Tg2MAZJ2
vIIeL8ceobktMnpewbyAoTOvIHGlvRURjNAkUXvdcUPMTR/vzy0CFPIj71ptV4BF
kzd9CKk=
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:30:27 2025 by rpki-client