Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/011CBE6CDF8911ED942E2A67C4F9AE02.roa
File: 011CBE6CDF8911ED942E2A67C4F9AE02.roa (raw, json)
Hash identifier: SFbvxZ2XG8g69o3YZw4mocDKsXgtaeblyR+TN86Ur60=
Subject key identifier: 96:58:50:7F:FD:FA:12:92:BD:4E:1D:DB:CD:DD:CB:9C:CA:BA:58:0E
Certificate issuer: /CN=A91BB493/serialNumber=9A3FE54122A5096D3EDD88060ED4D9183CBE1867
Certificate serial: 0A69
Authority key identifier: 9A:3F:E5:41:22:A5:09:6D:3E:DD:88:06:0E:D4:D9:18:3C:BE:18:67
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mj_lQSKlCW0-3YgGDtTZGDy-GGc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/011CBE6CDF8911ED942E2A67C4F9AE02.roa
Signing time: Wed 26 Mar 2025 19:59:59 +0000
ROA not before: Wed 26 Mar 2025 19:59:59 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 395266
IP address blocks: 203.78.194.160/28 maxlen: 28
203.78.195.0/28 maxlen: 28
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2665 (0xa69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BB493
Validity
Not Before: Mar 26 19:59:59 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e45cbe-3e4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9c:1d:89:91:42:c5:54:12:c2:ed:92:39:e9:
2d:ad:f5:ed:0c:82:03:5b:1e:ad:b5:15:30:4f:b6:
bd:a9:61:33:d4:c7:f7:4d:13:10:8e:96:0e:61:5f:
0f:72:54:ea:45:90:75:4a:17:2f:48:40:0d:cc:73:
c2:a9:37:c0:5c:99:6d:da:11:04:83:90:d6:99:18:
05:b2:cd:50:a8:52:9f:1a:e9:5a:f1:cf:ee:2a:af:
c1:9c:1b:fd:36:d6:13:9e:e4:56:5a:cb:81:eb:97:
c3:37:a1:4b:bd:c7:07:3d:25:13:e2:d1:96:de:32:
28:64:e1:30:62:93:a2:1a:ab:7f:16:3c:ee:f7:79:
44:29:8b:ae:e5:83:de:93:49:8b:2f:c8:1c:09:2a:
34:a3:34:ac:8c:34:85:80:3a:14:f3:eb:09:89:a6:
45:b4:9e:65:7c:30:49:00:e0:36:16:cd:bd:0d:bb:
1c:c0:bc:ec:98:39:d5:7e:7a:ae:7e:e8:db:a3:e4:
1c:1a:2a:1a:a4:53:97:c8:27:4e:cd:fb:0e:fc:45:
b7:ba:0d:75:e9:13:f1:ce:10:e2:63:06:96:33:36:
43:d6:6c:6b:25:7e:7f:c3:ad:d1:c8:ce:1e:44:96:
09:65:38:bb:4b:bf:1d:82:62:97:be:77:ff:61:df:
d7:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:58:50:7F:FD:FA:12:92:BD:4E:1D:DB:CD:DD:CB:9C:CA:BA:58:0E
X509v3 Authority Key Identifier:
keyid:9A:3F:E5:41:22:A5:09:6D:3E:DD:88:06:0E:D4:D9:18:3C:BE:18:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/mj_lQSKlCW0-3YgGDtTZGDy-GGc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mj_lQSKlCW0-3YgGDtTZGDy-GGc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/011CBE6CDF8911ED942E2A67C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.78.194.160/28
203.78.195.0/28
Signature Algorithm: sha256WithRSAEncryption
4b:aa:a6:f9:f1:64:ce:a1:66:08:77:2e:62:20:a9:78:83:27:
c6:91:01:eb:ed:8c:bd:17:65:da:f2:ad:32:48:fa:d4:23:4e:
75:8d:f1:3a:05:90:61:0e:8d:dc:be:de:4c:34:04:60:ba:84:
ad:e5:1a:ab:0d:34:66:33:48:65:76:88:2d:7c:3f:58:f8:a5:
88:df:af:a6:be:20:64:15:39:96:00:c5:91:54:2a:1f:22:42:
4b:38:2d:55:f3:4f:ca:20:2d:50:b6:f8:98:4c:45:d2:5b:b8:
42:75:f2:dd:26:35:ee:97:e3:98:e9:f2:dd:01:b3:ed:ae:f1:
07:aa:9a:0d:b3:97:39:6a:76:e8:11:18:e4:60:64:99:fb:5a:
5d:ec:35:fd:7f:e9:08:79:7f:bc:65:ee:77:f6:ef:68:f4:45:
1d:5b:f8:28:31:50:70:d9:65:9b:9f:0b:24:4b:ba:00:35:b5:
35:71:33:6c:60:80:6e:10:2e:40:5b:cc:95:aa:d5:12:b9:27:
84:c5:24:d9:91:76:22:b0:f3:e7:d8:e5:c0:ae:72:77:f3:7f:
07:47:73:43:d5:4a:ae:61:c9:0e:0a:09:53:8e:da:08:53:a3:
6a:7c:ab:ea:f2:c7:fb:5f:2b:31:25:00:af:f3:5d:65:54:a7:
4c:51:d5:82
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICCmkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkI0OTMxMTAvBgNVBAUTKDlBM0ZFNTQxMjJBNTA5NkQzRUREODgwNjBFRDREOTE4
M0NCRTE4NjcwHhcNMjUwMzI2MTk1OTU5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U0NWNiZS0zZTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAspwdiZFCxVQSwu2SOektrfXtDIIDWx6ttRUwT7a9qWEz1Mf3TRMQjpYOYV8P
clTqRZB1ShcvSEANzHPCqTfAXJlt2hEEg5DWmRgFss1QqFKfGula8c/uKq/BnBv9
NtYTnuRWWsuB65fDN6FLvccHPSUT4tGW3jIoZOEwYpOiGqt/Fjzu93lEKYuu5YPe
k0mLL8gcCSo0ozSsjDSFgDoU8+sJiaZFtJ5lfDBJAOA2Fs29DbscwLzsmDnVfnqu
fujbo+QcGioapFOXyCdOzfsO/EW3ug116RPxzhDiYwaWMzZD1mxrJX5/w63RyM4e
RJYJZTi7S78dgmKXvnf/Yd/XpwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFJZYUH/9
+hKSvU4d283dy5zKulgOMB8GA1UdIwQYMBaAFJo/5UEipQltPt2IBg7U2Rg8vhhn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjQ5My81RkNBQjY3MjY4
RjMxMUVBODMyRERCMzdDNEY5QUUwMi9tal9sUVNLbENXMC0zWWdHRHRUWkdEeS1H
R2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21qX2xRU0tsQ1cwLTNZZ0dEdFRaR0R5LUdHYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkI0OTMvNUZDQUI2NzI2OEYzMTFFQTgzMkREQjM3QzRGOUFFMDIvMDExQ0JFNkNE
Rjg5MTFFRDk0MkUyQTY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4DBQTLTsKgAwUEy07DADANBgkqhkiG9w0BAQsFAAOCAQEAS6qm
+fFkzqFmCHcuYiCpeIMnxpEB6+2MvRdl2vKtMkj61CNOdY3xOgWQYQ6N3L7eTDQE
YLqEreUaqw00ZjNIZXaILXw/WPiliN+vpr4gZBU5lgDFkVQqHyJCSzgtVfNPyiAt
ULb4mExF0lu4QnXy3SY17pfjmOny3QGz7a7xB6qaDbOXOWp26BEY5GBkmftaXew1
/X/pCHl/vGXud/bvaPRFHVv4KDFQcNllm58LJEu6ADW1NXEzbGCAbhAuQFvMlarV
ErknhMUk2ZF2IrDz59jlwK5yd/N/B0dzQ9VKrmHJDgoJU47aCFOjanyr6vLH+18r
MSUAr/NdZVSnTFHVgg==
-----END CERTIFICATE-----
Generated at Fri Apr 11 22:20:01 2025 by rpki-client