Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CA815/8DCD1EA81D9B11E291D2848908B02CD2/E9E555FA506211EAA2BC3E2EC4F9AE02.roa
File: E9E555FA506211EAA2BC3E2EC4F9AE02.roa (raw, json)
Hash identifier: 8wn1BShCqNm3QYIhzMCvnBkRSH1pV/AljqzDWjCUBxQ=
Subject key identifier: 76:B0:D9:6A:4B:63:77:E3:5F:62:73:0A:D0:03:A0:DF:38:3A:52:3C
Certificate issuer: /CN=A91CA815/serialNumber=2BDD3151116DE9DBC55CFC3D2CDACA58E74B19E6
Certificate serial: 3450
Authority key identifier: 2B:DD:31:51:11:6D:E9:DB:C5:5C:FC:3D:2C:DA:CA:58:E7:4B:19:E6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K90xURFt6dvFXPw9LNrKWOdLGeY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CA815/8DCD1EA81D9B11E291D2848908B02CD2/E9E555FA506211EAA2BC3E2EC4F9AE02.roa
Signing time: Sat 28 Dec 2024 15:10:49 +0000
ROA not before: Sat 28 Dec 2024 15:10:49 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 23883
IP address blocks: 203.170.50.0/23 maxlen: 23
2001:df0:248::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13392 (0x3450)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CA815
Validity
Not Before: Dec 28 15:10:49 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=677014f9-17ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:9b:50:c7:cf:18:08:b6:e9:66:25:2d:b5:8f:
5e:64:1a:41:dd:7f:67:7f:34:00:7d:5c:dc:d6:c0:
1c:53:d0:8b:2c:8f:b7:74:6f:51:f7:22:7f:9a:1b:
c1:6f:60:b6:88:34:50:75:3a:8a:3d:98:04:16:f8:
5c:33:05:ab:44:a5:14:63:ec:65:91:7d:d7:6d:b1:
62:c3:25:d3:92:5a:22:f8:3a:f9:15:3d:24:04:a4:
fc:44:7d:4d:98:c1:8b:65:16:9c:25:5f:93:db:af:
c7:94:c8:03:ee:04:09:80:cf:43:13:fd:23:49:71:
92:b6:a4:be:7f:5b:b0:36:08:ef:76:8d:26:0c:58:
91:c2:5a:62:49:28:cf:8e:ea:1a:a1:0e:f3:59:45:
f7:24:74:a6:0b:21:d2:40:3b:b7:6d:92:6f:7d:ff:
e3:52:67:d1:d7:aa:0c:f9:3b:78:52:4e:95:78:8c:
a1:cf:a0:ab:c2:ee:a0:42:dc:a1:72:1b:3d:47:83:
5c:db:bc:b1:d7:44:d2:97:17:1b:7e:9c:c7:e4:02:
e9:20:a7:35:a8:0b:23:9c:37:3d:85:62:36:02:12:
92:9b:7d:4f:c5:20:fd:cb:42:26:6b:ec:76:be:59:
e4:0e:1e:90:56:88:04:96:9e:15:4a:6c:c5:3e:14:
76:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B0:D9:6A:4B:63:77:E3:5F:62:73:0A:D0:03:A0:DF:38:3A:52:3C
X509v3 Authority Key Identifier:
keyid:2B:DD:31:51:11:6D:E9:DB:C5:5C:FC:3D:2C:DA:CA:58:E7:4B:19:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CA815/8DCD1EA81D9B11E291D2848908B02CD2/K90xURFt6dvFXPw9LNrKWOdLGeY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K90xURFt6dvFXPw9LNrKWOdLGeY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CA815/8DCD1EA81D9B11E291D2848908B02CD2/E9E555FA506211EAA2BC3E2EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.170.50.0/23
IPv6:
2001:df0:248::/48
Signature Algorithm: sha256WithRSAEncryption
6f:72:81:48:73:9f:90:70:17:8b:bf:09:21:2b:16:11:fb:b6:
68:03:8a:e6:21:aa:76:98:77:00:e6:65:86:ad:19:de:7c:12:
13:0a:cd:a3:2a:75:b5:7e:4c:53:7d:89:19:7f:8c:ce:3c:00:
3d:43:4a:6c:a6:4e:c1:99:ee:57:d4:20:ef:5b:f8:f8:15:9f:
b7:16:2f:d7:6c:42:61:a7:2d:43:d3:66:1f:ef:4d:e1:6f:26:
12:4e:6c:64:e7:1d:66:12:aa:80:41:69:3a:87:e4:3a:b0:50:
1b:ed:03:da:ed:51:34:ce:df:f4:58:0f:36:34:2a:67:08:18:
4c:9a:f9:37:78:b1:e0:72:27:11:65:81:a0:c1:90:c1:fc:38:
db:39:aa:3b:60:4e:d7:da:1e:2c:ac:0b:40:5d:83:c3:9e:f5:
d2:a2:4a:8f:a3:70:cc:cd:c1:b5:b4:7f:c8:25:8e:58:5e:3a:
e3:a1:c1:72:21:05:76:ef:49:e8:83:9e:fb:21:ec:35:4c:e3:
61:ee:68:54:f9:61:e3:09:43:d6:84:5a:e1:bd:d7:e9:0a:bf:
2a:79:ef:08:57:cb:61:b1:6c:ad:ed:8b:6b:1a:ef:cf:46:f2:
47:3e:ee:9f:67:d3:84:46:05:3f:75:1e:fd:03:bd:73:79:51:
bb:51:fb:41
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICNFAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0E4MTUxMTAvBgNVBAUTKDJCREQzMTUxMTE2REU5REJDNTVDRkMzRDJDREFDQTU4
RTc0QjE5RTYwHhcNMjQxMjI4MTUxMDQ5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzcwMTRmOS0xN2VlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2ptQx88YCLbpZiUttY9eZBpB3X9nfzQAfVzc1sAcU9CLLI+3dG9R9yJ/mhvB
b2C2iDRQdTqKPZgEFvhcMwWrRKUUY+xlkX3XbbFiwyXTkloi+Dr5FT0kBKT8RH1N
mMGLZRacJV+T26/HlMgD7gQJgM9DE/0jSXGStqS+f1uwNgjvdo0mDFiRwlpiSSjP
juoaoQ7zWUX3JHSmCyHSQDu3bZJvff/jUmfR16oM+Tt4Uk6VeIyhz6Crwu6gQtyh
chs9R4Nc27yx10TSlxcbfpzH5ALpIKc1qAsjnDc9hWI2AhKSm31PxSD9y0Ima+x2
vlnkDh6QVogElp4VSmzFPhR2PQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFHaw2WpL
Y3fjX2JzCtADoN84OlI8MB8GA1UdIwQYMBaAFCvdMVERbenbxVz8PSzayljnSxnm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQTgxNS84RENEMUVBODFE
OUIxMUUyOTFEMjg0ODkwOEIwMkNEMi9LOTB4VVJGdDZkdkZYUHc5TE5yS1dPZExH
ZVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0s5MHhVUkZ0NmR2RlhQdzlMTnJLV09kTEdlWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0E4MTUvOERDRDFFQTgxRDlCMTFFMjkxRDI4NDg5MDhCMDJDRDIvRTlFNTU1RkE1
MDYyMTFFQUEyQkMzRTJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAHLqjIwDwQCAAIwCQMHACABDfACSDANBgkqhkiG9w0BAQsF
AAOCAQEAb3KBSHOfkHAXi78JISsWEfu2aAOK5iGqdph3AOZlhq0Z3nwSEwrNoyp1
tX5MU32JGX+MzjwAPUNKbKZOwZnuV9Qg71v4+BWftxYv12xCYactQ9NmH+9N4W8m
Ek5sZOcdZhKqgEFpOofkOrBQG+0D2u1RNM7f9FgPNjQqZwgYTJr5N3ix4HInEWWB
oMGQwfw42zmqO2BO19oeLKwLQF2Dw5710qJKj6NwzM3BtbR/yCWOWF4646HBciEF
du9J6IOe+yHsNUzjYe5oVPlh4wlD1oRa4b3X6Qq/KnnvCFfLYbFsre2Laxrvz0by
Rz7un2fThEYFP3Ue/QO9c3lRu1H7QQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:08:24 2025 by rpki-client