Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BD4DF/310D3542399311EFA08D2E1BC4F9AE02/4136642C39AA11EF933F9583C4F9AE02.roa
File: 4136642C39AA11EF933F9583C4F9AE02.roa (raw, json)
Hash identifier: +fFDWaDnFu7mpfAvBElCeG8uNXNIs5iwZjBDkX/SJz0=
Subject key identifier: 29:F1:BC:C7:E6:FB:B4:90:2B:6F:DA:7E:95:ED:5F:4A:B0:14:75:98
Certificate issuer: /CN=A91BD4DF/serialNumber=A36DB6B5F97123755E5441FAC56AA6BBA05B080A
Certificate serial: 7B
Authority key identifier: A3:6D:B6:B5:F9:71:23:75:5E:54:41:FA:C5:6A:A6:BB:A0:5B:08:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o222tflxI3VeVEH6xWqmu6BbCAo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BD4DF/310D3542399311EFA08D2E1BC4F9AE02/4136642C39AA11EF933F9583C4F9AE02.roa
Signing time: Thu 13 Feb 2025 07:58:31 +0000
ROA not before: Thu 13 Feb 2025 07:58:31 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 10143
IP address blocks: 203.18.155.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123 (0x7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BD4DF
Validity
Not Before: Feb 13 07:58:31 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67ada627-05b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:e5:a4:d6:3c:3a:64:a0:6b:6c:20:e1:1f:45:
06:8d:ae:35:a7:fa:d5:ba:57:b5:7c:46:4c:e8:94:
37:67:e0:29:97:c7:4a:ed:13:ae:86:8e:ce:1e:78:
be:5a:5b:c5:b7:f7:c1:ed:0a:28:a9:4d:57:73:64:
b4:03:0d:3b:68:13:96:29:cd:01:27:a5:58:08:fd:
75:83:ca:57:14:a6:8f:9d:c2:6b:8f:6d:62:f4:3a:
aa:04:0c:00:6a:29:e3:5c:47:85:db:ed:14:af:bd:
6c:63:24:ff:f1:ad:0e:24:af:ed:6b:de:6d:8f:08:
28:2e:e4:c9:2b:20:84:61:e5:85:54:76:6b:a2:e7:
5d:99:33:5b:d8:ba:15:75:63:64:62:01:9b:98:74:
28:34:76:2c:a7:57:40:a1:e4:bc:52:48:63:23:16:
46:f3:1e:c4:73:ac:5f:ee:52:e8:50:e8:99:94:b9:
6e:a7:9a:4e:f9:13:e7:9f:76:e5:5d:27:8c:24:3a:
82:1a:dc:4e:d1:24:cd:c5:41:0f:9b:98:d1:20:6f:
40:5e:44:79:41:6b:57:f5:f3:eb:53:72:8b:62:a5:
86:74:e0:74:45:5b:8b:60:fb:1e:ae:c3:38:c0:bc:
38:b3:5d:d2:a0:1f:d4:18:da:54:31:42:75:af:57:
85:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F1:BC:C7:E6:FB:B4:90:2B:6F:DA:7E:95:ED:5F:4A:B0:14:75:98
X509v3 Authority Key Identifier:
keyid:A3:6D:B6:B5:F9:71:23:75:5E:54:41:FA:C5:6A:A6:BB:A0:5B:08:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BD4DF/310D3542399311EFA08D2E1BC4F9AE02/o222tflxI3VeVEH6xWqmu6BbCAo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o222tflxI3VeVEH6xWqmu6BbCAo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BD4DF/310D3542399311EFA08D2E1BC4F9AE02/4136642C39AA11EF933F9583C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.18.155.0/24
Signature Algorithm: sha256WithRSAEncryption
04:0b:71:c6:f0:58:c7:73:ca:fc:1f:c4:c7:bc:ec:41:b2:ec:
4e:c3:a0:5a:7f:ed:13:42:80:b6:4d:7d:fb:31:52:7d:1d:fc:
34:36:56:53:67:f3:20:eb:68:2e:03:ff:d9:47:8d:21:cd:77:
ce:86:72:e7:07:7f:e8:df:98:0c:e5:25:95:63:24:74:08:61:
e7:3a:6f:a1:b9:fa:a1:50:1c:54:30:0c:0b:78:c4:39:87:40:
b6:16:1b:fc:6d:6e:00:00:f4:b9:15:47:10:0a:9d:8c:01:0b:
6b:7b:e3:06:59:78:da:56:dc:69:8b:bf:b9:71:4d:f9:84:46:
06:ad:61:a9:63:e2:af:0b:9e:0c:9d:d8:90:6a:62:d4:40:a8:
3d:21:73:d9:df:7e:a3:c9:dc:87:be:f6:1c:ca:46:87:f1:0b:
e0:ea:ef:0c:27:09:39:67:82:ee:5f:ea:b3:84:12:82:cf:47:
a6:6c:5e:76:8b:32:2e:ef:3a:58:95:78:6c:97:6d:d3:f8:7b:
c3:28:eb:ec:cd:f0:bc:ea:28:57:75:8b:4a:de:3e:fb:4b:d1:
dc:bc:72:49:50:8f:a3:b4:8f:c8:b8:e3:0e:b7:e6:e1:3e:8a:
eb:70:4a:ad:0f:50:3d:46:40:f6:02:5c:0c:f4:a2:cd:d7:b3:
2b:44:47:8c
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBezANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
RDRERjExMC8GA1UEBRMoQTM2REI2QjVGOTcxMjM3NTVFNTQ0MUZBQzU2QUE2QkJB
MDVCMDgwQTAeFw0yNTAyMTMwNzU4MzFaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YWRhNjI3LTA1YjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDl5aTWPDpkoGtsIOEfRQaNrjWn+tW6V7V8RkzolDdn4CmXx0rtE66Gjs4eeL5a
W8W398HtCiipTVdzZLQDDTtoE5YpzQEnpVgI/XWDylcUpo+dwmuPbWL0OqoEDABq
KeNcR4Xb7RSvvWxjJP/xrQ4kr+1r3m2PCCgu5MkrIIRh5YVUdmui512ZM1vYuhV1
Y2RiAZuYdCg0diynV0Ch5LxSSGMjFkbzHsRzrF/uUuhQ6JmUuW6nmk75E+efduVd
J4wkOoIa3E7RJM3FQQ+bmNEgb0BeRHlBa1f18+tTcotipYZ04HRFW4tg+x6uwzjA
vDizXdKgH9QY2lQxQnWvV4URAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUKfG8x+b7
tJArb9p+le1fSrAUdZgwHwYDVR0jBBgwFoAUo222tflxI3VeVEH6xWqmu6BbCAow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJENERGLzMxMEQzNTQyMzk5
MzExRUZBMDhEMkUxQkM0RjlBRTAyL28yMjJ0Zmx4STNWZVZFSDZ4V3FtdTZCYkNB
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbzIyMnRmbHhJM1ZlVkVINnhXcW11NkJiQ0FvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
RDRERi8zMTBEMzU0MjM5OTMxMUVGQTA4RDJFMUJDNEY5QUUwMi80MTM2NjQyQzM5
QUExMUVGOTMzRjk1ODNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMsSmzANBgkqhkiG9w0BAQsFAAOCAQEABAtxxvBYx3PK/B/E
x7zsQbLsTsOgWn/tE0KAtk19+zFSfR38NDZWU2fzIOtoLgP/2UeNIc13zoZy5wd/
6N+YDOUllWMkdAhh5zpvobn6oVAcVDAMC3jEOYdAthYb/G1uAAD0uRVHEAqdjAEL
a3vjBll42lbcaYu/uXFN+YRGBq1hqWPirwueDJ3YkGpi1ECoPSFz2d9+o8nch772
HMpGh/EL4OrvDCcJOWeC7l/qs4QSgs9HpmxedosyLu86WJV4bJdt0/h7wyjr7M3w
vOooV3WLSt4++0vR3LxySVCPo7SPyLjjDrfm4T6K63BKrQ9QPUZA9gJcDPSizdez
K0RHjA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:09:29 2025 by rpki-client