Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BD3E1/7CF07BC6EF4711EFAF4C4968C4F9AE02/459FAF10EF4811EF8F4B9284C4F9AE02.roa
File: 459FAF10EF4811EF8F4B9284C4F9AE02.roa (raw, json)
Hash identifier: t4VsjBzDPnCNqQJ4/+l/e7o+o8AvICh72VVWJ8BMmY0=
Subject key identifier: 8A:19:81:A9:92:BA:46:1F:93:B3:A4:15:57:AB:B6:DF:0D:FA:08:D9
Certificate issuer: /CN=A91BD3E1/serialNumber=8993938C857500280E8F5E53DC0B3E9307AED4A7
Certificate serial: 0F
Authority key identifier: 89:93:93:8C:85:75:00:28:0E:8F:5E:53:DC:0B:3E:93:07:AE:D4:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iZOTjIV1ACgOj15T3As-kweu1Kc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BD3E1/7CF07BC6EF4711EFAF4C4968C4F9AE02/459FAF10EF4811EF8F4B9284C4F9AE02.roa
Signing time: Tue 11 Mar 2025 07:25:09 +0000
ROA not before: Tue 11 Mar 2025 07:25:09 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 140211
IP address blocks: 203.28.46.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15 (0xf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BD3E1
Validity
Not Before: Mar 11 07:25:09 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67cfe554-c7f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3e:23:e0:02:36:9c:3a:bf:7a:c7:cf:a3:b1:
30:ea:49:df:8e:d3:ed:b7:32:b6:83:1e:2b:55:43:
4e:d0:49:74:52:6f:a8:1c:23:24:0d:1b:8d:67:fa:
65:04:5c:79:6d:05:38:ab:61:4e:d7:57:d6:9b:da:
8a:5d:0f:6d:6f:2b:f7:01:22:55:f2:d2:9e:39:5c:
2a:8f:70:92:f2:01:a3:03:f1:ea:cb:e9:2b:58:70:
57:25:d0:7c:a7:2c:54:9f:d0:1e:7d:d5:ed:56:f5:
97:c1:f1:c4:39:6c:d0:d5:34:be:fb:79:d9:00:bc:
81:bb:bd:17:4d:cc:c5:d4:21:89:46:5f:de:a3:75:
c0:91:93:80:15:0d:03:43:04:9a:5e:8f:5c:9f:33:
43:20:49:27:1c:29:c7:19:87:53:32:b1:e2:a4:2e:
eb:b2:e5:2c:ee:e7:46:f8:04:f9:af:9f:ff:b9:ba:
45:76:36:a7:93:f5:bb:35:cb:ec:dd:bd:4b:a1:12:
ec:42:84:a4:3a:6f:ce:a9:c9:09:a8:64:89:b3:10:
8a:fe:a7:12:53:2c:e7:5c:aa:08:08:7d:b1:6f:d2:
02:03:1c:ee:ab:b1:ea:7f:ba:e2:5c:f1:ec:9b:5f:
da:9e:68:8f:87:16:25:3b:ae:4e:4d:e7:73:e9:67:
8c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:19:81:A9:92:BA:46:1F:93:B3:A4:15:57:AB:B6:DF:0D:FA:08:D9
X509v3 Authority Key Identifier:
keyid:89:93:93:8C:85:75:00:28:0E:8F:5E:53:DC:0B:3E:93:07:AE:D4:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BD3E1/7CF07BC6EF4711EFAF4C4968C4F9AE02/iZOTjIV1ACgOj15T3As-kweu1Kc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iZOTjIV1ACgOj15T3As-kweu1Kc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BD3E1/7CF07BC6EF4711EFAF4C4968C4F9AE02/459FAF10EF4811EF8F4B9284C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.28.46.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:2b:3b:52:5e:28:ce:c3:27:52:b5:f9:8f:34:7b:c9:c5:94:
89:ef:b5:52:13:f8:0f:10:3c:d6:a7:1f:f6:30:19:78:cc:ab:
34:0f:a8:3e:be:b0:a9:4b:8a:3a:57:e0:82:25:bd:ea:92:3d:
f3:bd:a4:fa:ad:aa:e1:44:49:0a:3b:ec:f1:40:3a:d0:71:4e:
44:19:89:f0:b5:ef:65:dd:13:dd:62:14:fa:86:c1:d1:7c:c6:
8e:33:cd:89:60:62:33:58:a4:72:c2:82:e4:80:23:9c:9b:5a:
09:c3:7b:28:be:21:26:74:9b:4b:34:f2:57:ac:75:4d:f3:34:
42:29:fb:6c:6e:da:58:f5:5c:42:80:c2:27:b8:80:0f:42:a6:
d6:73:b8:58:af:a8:cf:10:f6:78:81:80:94:7b:cc:c4:82:ed:
74:c9:a1:4e:68:ad:bd:a2:33:9b:79:4a:f0:cd:ba:61:bd:c7:
58:d2:cd:b6:c0:21:c3:42:58:c0:31:35:12:dd:02:45:f5:5c:
1f:00:c3:a9:b7:9c:08:82:b9:71:1b:b6:1b:2c:3f:78:41:15:
05:74:2e:38:e0:a5:70:40:7e:41:d0:fb:0a:78:30:c4:84:3b:
a6:f9:ee:66:c2:1d:06:de:0f:d0:05:3c:63:29:3b:9f:ac:43:
a9:e4:ee:ef
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBDzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
RDNFMTExMC8GA1UEBRMoODk5MzkzOEM4NTc1MDAyODBFOEY1RTUzREMwQjNFOTMw
N0FFRDRBNzAeFw0yNTAzMTEwNzI1MDlaFw0yNjA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3Y2ZlNTU0LWM3ZjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBPiPgAjacOr96x8+jsTDqSd+O0+23MraDHitVQ07QSXRSb6gcIyQNG41n+mUE
XHltBTirYU7XV9ab2opdD21vK/cBIlXy0p45XCqPcJLyAaMD8erL6StYcFcl0Hyn
LFSf0B591e1W9ZfB8cQ5bNDVNL77edkAvIG7vRdNzMXUIYlGX96jdcCRk4AVDQND
BJpej1yfM0MgSSccKccZh1MyseKkLuuy5Szu50b4BPmvn/+5ukV2NqeT9bs1y+zd
vUuhEuxChKQ6b86pyQmoZImzEIr+pxJTLOdcqggIfbFv0gIDHO6rsep/uuJc8eyb
X9qeaI+HFiU7rk5N53PpZ4yLAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUihmBqZK6
Rh+Ts6QVV6u23w36CNkwHwYDVR0jBBgwFoAUiZOTjIV1ACgOj15T3As+kweu1Kcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJEM0UxLzdDRjA3QkM2RUY0
NzExRUZBRjRDNDk2OEM0RjlBRTAyL2laT1RqSVYxQUNnT2oxNVQzQXMta3dldTFL
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaVpPVGpJVjFBQ2dPajE1VDNBcy1rd2V1MUtjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
RDNFMS83Q0YwN0JDNkVGNDcxMUVGQUY0QzQ5NjhDNEY5QUUwMi80NTlGQUYxMEVG
NDgxMUVGOEY0QjkyODRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAcscLjANBgkqhkiG9w0BAQsFAAOCAQEATCs7Ul4ozsMnUrX5
jzR7ycWUie+1UhP4DxA81qcf9jAZeMyrNA+oPr6wqUuKOlfggiW96pI9872k+q2q
4URJCjvs8UA60HFORBmJ8LXvZd0T3WIU+obB0XzGjjPNiWBiM1ikcsKC5IAjnJta
CcN7KL4hJnSbSzTyV6x1TfM0Qin7bG7aWPVcQoDCJ7iAD0Km1nO4WK+ozxD2eIGA
lHvMxILtdMmhTmitvaIzm3lK8M26Yb3HWNLNtsAhw0JYwDE1Et0CRfVcHwDDqbec
CIK5cRu2Gyw/eEEVBXQuOOClcEB+QdD7CngwxIQ7pvnuZsIdBt4P0AU8Yyk7n6xD
qeTu7w==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:10:27 2025 by rpki-client