Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/8A533506C9DC11EE8B24C55EC4F9AE02.roa
File: 8A533506C9DC11EE8B24C55EC4F9AE02.roa (raw, json)
Hash identifier: L2UnCfNPLgYDfL3nmk5SGHkno1H3kXJJBZN9FhtxlXQ=
Subject key identifier: E9:45:8A:4B:C2:D4:37:8A:B9:D2:46:E3:6F:3F:02:9F:31:C8:95:F7
Certificate issuer: /CN=A91BB493/serialNumber=9A3FE54122A5096D3EDD88060ED4D9183CBE1867
Certificate serial: 0A61
Authority key identifier: 9A:3F:E5:41:22:A5:09:6D:3E:DD:88:06:0E:D4:D9:18:3C:BE:18:67
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mj_lQSKlCW0-3YgGDtTZGDy-GGc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/8A533506C9DC11EE8B24C55EC4F9AE02.roa
Signing time: Wed 26 Mar 2025 19:59:52 +0000
ROA not before: Wed 26 Mar 2025 19:59:52 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 135373
IP address blocks: 203.131.253.0/27 maxlen: 27
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2657 (0xa61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BB493
Validity
Not Before: Mar 26 19:59:52 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e45cb8-0524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:79:dc:d2:d6:8b:7b:08:fe:bf:a6:ba:07:91:
2c:38:be:30:77:13:ec:3b:9d:b4:87:bd:26:39:2f:
c1:c9:0b:70:23:c0:c8:f5:3f:1e:54:35:dd:57:e2:
8d:a1:a0:ea:43:bf:64:b8:10:77:fa:be:ff:0c:7e:
5e:fa:cf:24:85:cc:61:3c:39:3c:36:ad:1d:5a:fd:
fe:f9:0e:d2:4a:5d:c1:18:8f:5a:bd:c0:3f:50:8f:
84:f1:50:4a:6a:e5:47:fc:14:4c:2a:a6:f7:1f:0d:
73:f6:e3:0f:6a:14:05:3f:b3:6d:a0:e0:a4:28:ea:
77:9e:f4:df:ba:de:5d:eb:a7:04:9e:eb:7f:ac:2a:
1b:13:37:28:e6:06:72:dc:23:28:6d:b8:39:1a:48:
49:ef:08:a2:31:c2:af:a2:7d:9c:2d:0a:88:43:22:
86:a2:9d:87:72:c7:16:b9:d7:d6:50:47:32:98:c4:
29:d9:62:22:a6:54:f7:a8:00:d2:16:a9:87:90:67:
61:f3:cf:ad:8b:6e:85:6b:24:e0:25:84:44:73:c6:
80:43:33:97:30:6c:28:f7:0e:e7:a1:03:d7:85:af:
63:15:98:72:ef:f8:13:9d:08:5e:f4:5f:fe:5a:88:
0d:45:b4:55:0d:d2:ee:9f:61:42:40:d8:dc:35:0e:
58:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:45:8A:4B:C2:D4:37:8A:B9:D2:46:E3:6F:3F:02:9F:31:C8:95:F7
X509v3 Authority Key Identifier:
keyid:9A:3F:E5:41:22:A5:09:6D:3E:DD:88:06:0E:D4:D9:18:3C:BE:18:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/mj_lQSKlCW0-3YgGDtTZGDy-GGc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mj_lQSKlCW0-3YgGDtTZGDy-GGc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/8A533506C9DC11EE8B24C55EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.131.253.0/27
Signature Algorithm: sha256WithRSAEncryption
35:9d:65:82:2f:23:33:27:f1:b5:ad:4d:81:22:85:27:00:75:
70:13:5c:ec:0d:ef:86:36:0d:8e:7e:d1:a3:8c:9f:98:b9:0e:
9b:7f:e5:4a:5b:52:69:19:42:92:51:a3:b4:ac:c2:94:d8:ea:
0c:3d:3e:d8:8b:fe:47:23:43:f4:e2:c5:8a:f2:e3:eb:e9:3f:
7d:89:3d:60:3b:12:0b:9c:67:0f:d8:b6:29:68:98:7a:b2:d6:
55:5a:df:f5:58:fc:47:57:0e:20:87:b1:96:3c:a8:02:f2:e9:
f2:06:2e:0f:32:24:a9:ee:b2:85:28:78:de:81:2b:8f:48:84:
a0:ea:23:c0:55:db:62:c5:5f:01:5e:6b:75:3e:fc:ae:bc:cb:
28:a8:4e:bc:28:0e:53:b5:b8:67:7f:45:1f:66:e0:d6:56:b9:
98:dc:97:38:58:0e:06:a7:6f:67:f6:32:3e:ee:3e:1c:2f:a7:
58:fc:cc:73:6d:e8:04:f4:cb:69:4a:2c:bc:2f:de:54:d8:c8:
e6:84:9d:b3:30:b1:84:f5:79:b5:b9:1e:d3:1d:c2:55:c5:a7:
a1:63:69:c2:20:c9:7a:a2:48:e1:6a:21:e0:22:ec:bb:dd:1c:
58:cc:fd:fa:25:75:27:34:69:c7:40:7b:f3:1f:cf:91:2b:2b:
e3:bf:b5:e8
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICCmEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkI0OTMxMTAvBgNVBAUTKDlBM0ZFNTQxMjJBNTA5NkQzRUREODgwNjBFRDREOTE4
M0NCRTE4NjcwHhcNMjUwMzI2MTk1OTUyWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U0NWNiOC0wNTI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6Xnc0taLewj+v6a6B5EsOL4wdxPsO520h70mOS/ByQtwI8DI9T8eVDXdV+KN
oaDqQ79kuBB3+r7/DH5e+s8khcxhPDk8Nq0dWv3++Q7SSl3BGI9avcA/UI+E8VBK
auVH/BRMKqb3Hw1z9uMPahQFP7NtoOCkKOp3nvTfut5d66cEnut/rCobEzco5gZy
3CMobbg5GkhJ7wiiMcKvon2cLQqIQyKGop2HcscWudfWUEcymMQp2WIiplT3qADS
FqmHkGdh88+ti26FayTgJYREc8aAQzOXMGwo9w7noQPXha9jFZhy7/gTnQhe9F/+
WogNRbRVDdLun2FCQNjcNQ5YuwIDAQABo4ICljCCApIwHQYDVR0OBBYEFOlFikvC
1DeKudJG428/Ap8xyJX3MB8GA1UdIwQYMBaAFJo/5UEipQltPt2IBg7U2Rg8vhhn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjQ5My81RkNBQjY3MjY4
RjMxMUVBODMyRERCMzdDNEY5QUUwMi9tal9sUVNLbENXMC0zWWdHRHRUWkdEeS1H
R2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21qX2xRU0tsQ1cwLTNZZ0dEdFRaR0R5LUdHYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkI0OTMvNUZDQUI2NzI2OEYzMTFFQTgzMkREQjM3QzRGOUFFMDIvOEE1MzM1MDZD
OURDMTFFRThCMjRDNTVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgABMAcDBQXLg/0AMA0GCSqGSIb3DQEBCwUAA4IBAQA1nWWCLyMzJ/G1
rU2BIoUnAHVwE1zsDe+GNg2OftGjjJ+YuQ6bf+VKW1JpGUKSUaO0rMKU2OoMPT7Y
i/5HI0P04sWK8uPr6T99iT1gOxILnGcP2LYpaJh6stZVWt/1WPxHVw4gh7GWPKgC
8unyBi4PMiSp7rKFKHjegSuPSISg6iPAVdtixV8BXmt1PvyuvMsoqE68KA5Ttbhn
f0UfZuDWVrmY3Jc4WA4Gp29n9jI+7j4cL6dY/MxzbegE9MtpSiy8L95U2MjmhJ2z
MLGE9Xm1uR7THcJVxaehY2nCIMl6okjhaiHgIuy73RxYzP36JXUnNGnHQHvzH8+R
Kyvjv7Xo
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:12:15 2025 by rpki-client