Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/98BE8828663D11EE8CBBAE7CC4F9AE02.roa
File: 98BE8828663D11EE8CBBAE7CC4F9AE02.roa (raw, json)
Hash identifier: qOQvPOfqQOexW3Sxvhsqmm5W1KEN72YTFSt5Z0QktXg=
Subject key identifier: 54:7D:BC:41:A9:1B:DE:19:5A:77:44:A0:BC:37:C1:FD:2C:60:28:C7
Certificate issuer: /CN=A91C9E82/serialNumber=5E72AA7D5B1D5632E5D33FEC72FA7433F49CE29A
Certificate serial: C7
Authority key identifier: 5E:72:AA:7D:5B:1D:56:32:E5:D3:3F:EC:72:FA:74:33:F4:9C:E2:9A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnKqfVsdVjLl0z_scvp0M_Sc4po.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/98BE8828663D11EE8CBBAE7CC4F9AE02.roa
Signing time: Wed 07 Aug 2024 06:07:27 +0000
ROA not before: Wed 07 Aug 2024 06:07:27 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 7474
IP address blocks: 203.6.0.0/18 maxlen: 18
203.10.243.0/24 maxlen: 24
203.11.1.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 199 (0xc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C9E82
Validity
Not Before: Aug 7 06:07:27 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66b30f1f-f1b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ae:43:cd:0f:ab:b2:0b:68:83:ff:34:f9:50:
3e:03:20:ce:55:d6:3b:cb:3c:d0:30:b1:b2:78:2b:
75:a6:19:98:45:b6:c6:63:ec:87:66:40:58:24:44:
76:e0:97:ec:23:7e:62:72:eb:27:9f:92:f5:e2:7b:
f9:41:cf:ed:cf:2d:e6:84:28:11:ef:a1:9a:b8:52:
2e:00:9c:28:41:e6:34:a6:6a:0c:b1:21:59:53:79:
5f:ac:de:bb:7f:01:af:bb:dc:f8:41:06:f9:42:e4:
7d:7b:0b:1e:90:a7:c5:7f:6f:6c:28:a5:cc:1e:60:
0f:2f:ec:0e:c5:a0:89:68:75:77:5d:04:c4:fe:43:
ca:07:98:5e:ce:ff:e8:d6:3e:0f:2a:1f:f6:c4:42:
26:12:a2:40:cb:67:45:96:ed:58:2c:fb:78:b6:01:
55:17:5d:40:e5:c6:52:14:c0:6a:06:fe:c9:24:0f:
ac:80:46:95:68:dc:7e:35:18:59:d5:0a:b6:4c:8a:
64:0d:5b:23:d5:40:45:08:f2:72:3c:a3:61:ef:54:
5e:a9:61:2c:eb:b9:3f:58:01:e8:b7:93:e4:75:42:
43:e9:27:a7:ab:4b:33:56:30:dd:e0:6b:36:8f:60:
6c:5d:f9:29:a3:61:87:7d:6e:62:69:82:52:ed:e5:
11:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:7D:BC:41:A9:1B:DE:19:5A:77:44:A0:BC:37:C1:FD:2C:60:28:C7
X509v3 Authority Key Identifier:
keyid:5E:72:AA:7D:5B:1D:56:32:E5:D3:3F:EC:72:FA:74:33:F4:9C:E2:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/XnKqfVsdVjLl0z_scvp0M_Sc4po.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnKqfVsdVjLl0z_scvp0M_Sc4po.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/98BE8828663D11EE8CBBAE7CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.6.0.0/18
203.10.243.0/24
203.11.1.0/24
Signature Algorithm: sha256WithRSAEncryption
98:1e:c2:f5:c3:50:c4:f2:9d:a7:07:8b:42:7b:46:66:52:94:
67:11:4b:fa:2e:11:b5:d6:df:90:d7:08:c7:6b:16:e0:44:ba:
99:c0:a0:6b:04:30:0e:da:c1:24:9d:dc:65:73:05:54:bc:f3:
0a:da:c1:9e:1c:98:46:5d:2d:50:70:ad:89:2f:d7:5b:1b:c4:
da:5e:96:68:42:05:4d:d9:13:26:9a:b8:79:3d:57:12:01:02:
1e:5b:6b:ad:61:ce:20:15:64:72:09:6f:f0:b9:01:23:a1:ae:
00:a3:c0:87:9f:70:ae:05:e7:5b:19:0a:7e:34:9b:58:7f:8d:
cf:bb:5a:8b:49:ef:69:b6:91:a3:8f:a5:65:f1:64:fb:8d:fa:
9e:87:db:42:ad:fa:b1:ba:fa:16:73:51:5c:1d:3f:10:fc:1a:
8d:f5:03:4b:ba:32:af:5a:03:94:7a:49:13:71:ff:46:c6:2b:
ca:3f:4e:86:3c:83:a0:9e:01:97:94:86:cb:fd:6d:36:68:c6:
5c:56:ff:80:8e:0f:48:d9:cd:96:ee:81:f9:2c:e0:5e:54:e7:
bb:05:74:4e:db:c0:c1:5c:7a:ba:fe:18:56:d9:fa:04:7f:a9:
56:1c:96:f3:a3:a0:10:0c:30:bd:a7:a6:a3:9f:44:55:fc:d5:
1a:8a:69:31
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAMcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzlFODIxMTAvBgNVBAUTKDVFNzJBQTdENUIxRDU2MzJFNUQzM0ZFQzcyRkE3NDMz
RjQ5Q0UyOUEwHhcNMjQwODA3MDYwNzI3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmIzMGYxZi1mMWI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnK5DzQ+rsgtog/80+VA+AyDOVdY7yzzQMLGyeCt1phmYRbbGY+yHZkBYJER2
4JfsI35icusnn5L14nv5Qc/tzy3mhCgR76GauFIuAJwoQeY0pmoMsSFZU3lfrN67
fwGvu9z4QQb5QuR9ewsekKfFf29sKKXMHmAPL+wOxaCJaHV3XQTE/kPKB5hezv/o
1j4PKh/2xEImEqJAy2dFlu1YLPt4tgFVF11A5cZSFMBqBv7JJA+sgEaVaNx+NRhZ
1Qq2TIpkDVsj1UBFCPJyPKNh71ReqWEs67k/WAHot5PkdUJD6Senq0szVjDd4Gs2
j2BsXfkpo2GHfW5iaYJS7eURswIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFFR9vEGp
G94ZWndEoLw3wf0sYCjHMB8GA1UdIwQYMBaAFF5yqn1bHVYy5dM/7HL6dDP0nOKa
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUU4Mi9FQTdFNUZBNjYz
NkYxMUVFOTdDNzRCNUNDNEY5QUUwMi9YbktxZlZzZFZqTGwwel9zY3ZwME1fU2M0
cG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1huS3FmVnNkVmpMbDB6X3NjdnAwTV9TYzRwby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzlFODIvRUE3RTVGQTY2MzZGMTFFRTk3Qzc0QjVDQzRGOUFFMDIvOThCRTg4Mjg2
NjNEMTFFRThDQkJBRTdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAbLBgADBADLCvMDBADLCwEwDQYJKoZIhvcNAQELBQADggEB
AJgewvXDUMTynacHi0J7RmZSlGcRS/ouEbXW35DXCMdrFuBEupnAoGsEMA7awSSd
3GVzBVS88wrawZ4cmEZdLVBwrYkv11sbxNpelmhCBU3ZEyaauHk9VxIBAh5ba61h
ziAVZHIJb/C5ASOhrgCjwIefcK4F51sZCn40m1h/jc+7WotJ72m2kaOPpWXxZPuN
+p6H20Kt+rG6+hZzUVwdPxD8Go31A0u6Mq9aA5R6SRNx/0bGK8o/ToY8g6CeAZeU
hsv9bTZoxlxW/4COD0jZzZbugfks4F5U57sFdE7bwMFcerr+GFbZ+gR/qVYclvOj
oBAMML2npqOfRFX81RqKaTE=
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:33:34 2025 by rpki-client