Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/39A335D6CB3F11ECBEBC9A1DC4F9AE02.roa
File: 39A335D6CB3F11ECBEBC9A1DC4F9AE02.roa (raw, json)
Hash identifier: NmvW/sg0pEXjTHBegEg6TihBwGGc4JodMMQnzVosHvc=
Subject key identifier: 4A:AF:9F:CE:E7:E2:89:FA:32:08:4D:C2:6F:63:2C:DE:50:E8:AF:F4
Certificate issuer: /CN=A91CFAB9/serialNumber=901528C9217917D956721D1C685665345BEB56FD
Certificate serial: 0303
Authority key identifier: 90:15:28:C9:21:79:17:D9:56:72:1D:1C:68:56:65:34:5B:EB:56:FD
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kBUoySF5F9lWch0caFZlNFvrVv0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/39A335D6CB3F11ECBEBC9A1DC4F9AE02.roa
Signing time: Wed 05 Mar 2025 02:17:35 +0000
ROA not before: Wed 05 Mar 2025 02:17:35 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 135069
IP address blocks: 192.94.236.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 771 (0x303)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CFAB9
Validity
Not Before: Mar 5 02:17:35 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67c7b43e-301b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:35:3e:32:41:8b:36:28:04:be:3f:b8:86:4f:
bf:fe:87:cd:b0:14:d5:7f:0e:45:33:ef:60:08:fb:
6b:cc:99:ea:b2:ae:19:2d:bf:27:42:38:86:2e:37:
7c:0c:7d:c7:d3:0d:ad:04:4e:43:75:f1:87:bc:b7:
8d:5a:c9:9a:2c:73:88:05:09:7b:73:2d:79:6e:b5:
2b:0e:58:c0:42:0e:75:a7:05:6f:35:8d:47:fa:73:
de:c4:d0:de:2f:82:58:d8:aa:4d:e4:16:16:ba:0a:
52:09:67:d6:bc:d0:ba:bf:85:7f:0e:b5:e2:8f:3c:
a0:4d:9b:04:0d:2b:a8:71:62:ba:ff:65:c5:fa:a4:
b1:48:1b:3f:d6:8b:d4:99:05:cd:47:46:be:92:63:
91:6f:d1:fa:39:c9:a9:c5:01:96:a2:56:0b:a2:79:
a3:f7:9f:50:f9:96:c1:27:86:c7:f9:da:0a:86:02:
bf:10:80:64:97:3e:8f:b1:94:54:21:f2:47:d4:05:
77:9f:f8:21:25:a9:36:a3:96:57:70:45:a8:f2:dc:
53:a3:57:ae:1e:55:11:3e:6e:b4:78:8b:ae:ae:f1:
d3:52:a2:86:b1:ba:a7:e5:8a:47:b8:32:fb:4d:93:
09:e0:31:74:db:32:09:f4:61:f0:68:d2:8d:98:96:
83:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:AF:9F:CE:E7:E2:89:FA:32:08:4D:C2:6F:63:2C:DE:50:E8:AF:F4
X509v3 Authority Key Identifier:
keyid:90:15:28:C9:21:79:17:D9:56:72:1D:1C:68:56:65:34:5B:EB:56:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kBUoySF5F9lWch0caFZlNFvrVv0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/39A335D6CB3F11ECBEBC9A1DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.94.236.0/24
Signature Algorithm: sha256WithRSAEncryption
94:0a:64:bb:7a:af:e2:eb:36:37:91:32:d6:3a:fc:28:69:2d:
6b:8f:1d:04:39:c7:e1:d2:97:a8:68:66:9a:03:17:40:a8:14:
b7:22:1b:6b:a6:dd:e2:0e:8f:15:e4:8d:ec:c9:e5:e1:38:2f:
93:17:b6:0e:2c:92:59:ed:0b:ac:20:2d:b3:f5:3d:14:aa:dd:
61:bc:6a:84:ca:b9:06:01:c3:57:52:95:3c:9f:47:b2:11:98:
77:dd:83:d6:b0:25:46:90:d0:f9:10:9c:78:aa:fb:9e:82:b1:
2e:1e:76:8e:25:07:f9:6d:46:0b:1a:d6:91:c9:e8:8b:08:69:
9e:2e:2d:8f:11:ed:3c:f0:cc:43:d8:de:41:03:eb:ef:1a:57:
ac:4d:d1:1b:a0:71:89:ca:5a:a6:96:c1:ec:8f:cf:91:85:bf:
1f:3a:3c:76:ba:d2:11:77:39:38:da:d7:5d:16:50:87:1b:6e:
6b:c2:aa:16:ec:d1:7e:10:5a:bc:a5:0d:00:ea:f6:d5:57:11:
83:60:03:36:88:82:33:29:55:c5:b9:04:c8:c2:f6:25:3d:57:
ab:f4:58:3c:da:73:50:eb:11:7f:9f:ca:54:90:79:6e:fc:60:
a1:13:ea:d9:b7:ad:20:8c:98:6e:45:92:e4:1f:e4:d8:31:55:
a6:83:6b:19
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAwMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0ZBQjkxMTAvBgNVBAUTKDkwMTUyOEM5MjE3OTE3RDk1NjcyMUQxQzY4NTY2NTM0
NUJFQjU2RkQwHhcNMjUwMzA1MDIxNzM1WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M3YjQzZS0zMDFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzzU+MkGLNigEvj+4hk+//ofNsBTVfw5FM+9gCPtrzJnqsq4ZLb8nQjiGLjd8
DH3H0w2tBE5DdfGHvLeNWsmaLHOIBQl7cy15brUrDljAQg51pwVvNY1H+nPexNDe
L4JY2KpN5BYWugpSCWfWvNC6v4V/DrXijzygTZsEDSuocWK6/2XF+qSxSBs/1ovU
mQXNR0a+kmORb9H6OcmpxQGWolYLonmj959Q+ZbBJ4bH+doKhgK/EIBklz6PsZRU
IfJH1AV3n/ghJak2o5ZXcEWo8txTo1euHlURPm60eIuurvHTUqKGsbqn5YpHuDL7
TZMJ4DF02zIJ9GHwaNKNmJaDVwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEqvn87n
4on6MghNwm9jLN5Q6K/0MB8GA1UdIwQYMBaAFJAVKMkheRfZVnIdHGhWZTRb61b9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkFCOS8xQ0Q0NEY5RUM3
N0ExMUVDQjk0MzRDMkNDNEY5QUUwMi9rQlVveVNGNUY5bFdjaDBjYUZabE5GdnJW
djAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2tCVW95U0Y1RjlsV2NoMGNhRlpsTkZ2clZ2MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0ZBQjkvMUNENDRGOUVDNzdBMTFFQ0I5NDM0QzJDQzRGOUFFMDIvMzlBMzM1RDZD
QjNGMTFFQ0JFQkM5QTFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADAXuwwDQYJKoZIhvcNAQELBQADggEBAJQKZLt6r+LrNjeR
MtY6/ChpLWuPHQQ5x+HSl6hoZpoDF0CoFLciG2um3eIOjxXkjezJ5eE4L5MXtg4s
klntC6wgLbP1PRSq3WG8aoTKuQYBw1dSlTyfR7IRmHfdg9awJUaQ0PkQnHiq+56C
sS4edo4lB/ltRgsa1pHJ6IsIaZ4uLY8R7TzwzEPY3kED6+8aV6xN0RugcYnKWqaW
weyPz5GFvx86PHa60hF3OTja110WUIcbbmvCqhbs0X4QWrylDQDq9tVXEYNgAzaI
gjMpVcW5BMjC9iU9V6v0WDzac1DrEX+fylSQeW78YKET6tm3rSCMmG5FkuQf5Ngx
VaaDaxk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:12:55 2025 by rpki-client