Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/B3B97C46510311EDA562C34DC4F9AE02.roa
File: B3B97C46510311EDA562C34DC4F9AE02.roa (raw, json)
Hash identifier: jtYt/pU+ooAIkmhjTmjyuCh451/edjbb8L7BPLMNm/A=
Subject key identifier: E1:57:12:0E:90:47:D0:00:85:BD:4F:D5:08:79:80:27:0B:B7:D8:47
Certificate issuer: /CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8
Certificate serial: 0EC1
Authority key identifier: AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/B3B97C46510311EDA562C34DC4F9AE02.roa
Signing time: Tue 14 Jan 2025 18:16:28 +0000
ROA not before: Tue 14 Jan 2025 18:16:28 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 58460
IP address blocks: 202.42.184.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3777 (0xec1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CFFA0
Validity
Not Before: Jan 14 18:16:28 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6786a9fc-3e0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:11:bf:4d:2c:1c:ae:77:cb:36:af:be:83:01:
3e:2d:de:e7:8c:c7:b0:fe:7b:e1:03:fb:d0:36:0a:
97:83:6e:d7:48:35:2f:c1:d6:b7:b2:31:2d:66:3f:
03:82:58:66:61:f6:74:96:d4:21:c8:d2:fe:7a:78:
6f:2b:69:bf:64:aa:e3:57:0c:74:a8:45:e6:16:a0:
e0:5d:73:a7:56:90:71:b4:6d:8c:70:f2:12:61:73:
c6:c9:c3:ab:d1:6e:0c:ce:74:62:a7:be:ad:81:73:
f6:d0:c4:88:37:d2:84:35:a8:62:36:00:28:06:b7:
f5:9b:fb:fa:41:ee:9a:17:90:df:ec:85:95:c0:09:
5b:ce:16:37:d3:c6:37:c3:ed:a2:dc:29:4f:18:e4:
97:03:be:d2:ae:32:a4:29:c8:80:3f:7e:70:d1:c4:
72:df:6a:c0:89:cc:fb:31:86:ff:88:be:17:66:59:
0a:f2:aa:0c:4f:ef:be:b7:69:25:e9:f8:55:16:21:
d2:d5:5e:4e:d8:99:36:8b:90:7d:23:04:2e:c6:56:
34:42:8a:c7:9a:dd:53:e3:0a:c3:0e:7a:24:e5:11:
0a:70:9f:1d:74:80:2a:97:d2:4c:73:49:56:e0:2f:
38:2a:19:af:bc:80:1b:24:fa:fc:15:50:e5:68:5e:
22:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:57:12:0E:90:47:D0:00:85:BD:4F:D5:08:79:80:27:0B:B7:D8:47
X509v3 Authority Key Identifier:
keyid:AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/B3B97C46510311EDA562C34DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.42.184.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:f3:7f:07:3a:ef:f6:d4:03:2e:66:d6:7e:98:e8:ec:13:6e:
4a:35:38:c4:0c:d2:27:61:e4:48:ec:a0:2c:61:bc:b4:da:eb:
b5:58:11:28:a0:c5:27:eb:6d:a2:c0:49:b3:d6:85:36:af:03:
a4:39:80:bc:62:b7:1c:c4:43:8a:b3:78:e5:8d:82:9a:f7:93:
f7:0c:ae:8e:a3:76:22:a7:c5:c8:9d:7e:e9:12:07:b1:0b:e9:
fd:e2:82:c3:da:de:cf:e8:18:a9:68:97:2c:4b:f4:d7:c1:a8:
ce:61:ba:99:04:a2:58:ca:c2:fb:b7:8a:fe:9e:f0:2d:e7:ba:
60:d9:9d:3e:d4:57:b7:ce:98:29:df:d1:09:db:6a:47:72:ad:
99:b3:ef:9d:1c:02:f1:3f:e6:ab:ed:51:03:15:4c:7a:f1:ed:
95:1f:53:2c:ff:2d:a9:11:76:d9:52:c8:ce:7c:18:7d:d3:51:
df:db:57:27:3f:db:b0:36:f7:f6:ff:aa:29:16:7a:39:41:91:
5a:06:f6:52:4b:df:75:9d:a7:d7:3a:a4:49:68:fa:8f:6c:58:
b7:01:61:3a:f6:a3:d6:9c:ee:fc:1f:56:8a:a8:0a:6b:3b:24:
c9:89:1e:b6:0c:4e:1d:26:4f:6e:27:aa:49:a2:4b:dd:d4:bf:
65:02:0e:91
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDsEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0ZGQTAxMTAvBgNVBAUTKEFERDk0MThGMEY5QjU1RjNCNzM3NkEwOTNEQjExREJB
RDNBRUZFQzgwHhcNMjUwMTE0MTgxNjI4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg2YTlmYy0zZTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxhG/TSwcrnfLNq++gwE+Ld7njMew/nvhA/vQNgqXg27XSDUvwda3sjEtZj8D
glhmYfZ0ltQhyNL+enhvK2m/ZKrjVwx0qEXmFqDgXXOnVpBxtG2McPISYXPGycOr
0W4MznRip76tgXP20MSIN9KENahiNgAoBrf1m/v6Qe6aF5Df7IWVwAlbzhY308Y3
w+2i3ClPGOSXA77SrjKkKciAP35w0cRy32rAicz7MYb/iL4XZlkK8qoMT+++t2kl
6fhVFiHS1V5O2Jk2i5B9IwQuxlY0QorHmt1T4wrDDnok5REKcJ8ddIAql9JMc0lW
4C84KhmvvIAbJPr8FVDlaF4itwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOFXEg6Q
R9AAhb1P1Qh5gCcLt9hHMB8GA1UdIwQYMBaAFK3ZQY8Pm1XztzdqCT2xHbrTrv7I
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xRDY2RDQ4NkQ4
Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9yZGxCanctYlZmTzNOMm9KUGJFZHV0T3Vf
c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JkbEJqdy1iVmZPM04yb0pQYkVkdXRPdV9zZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0ZGQTAvMUQ2NkQ0ODZEOENCMTFFOUJBRTI0RDIxQzRGOUFFMDIvQjNCOTdDNDY1
MTAzMTFFREE1NjJDMzREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALKKrgwDQYJKoZIhvcNAQELBQADggEBAFrzfwc67/bUAy5m
1n6Y6OwTbko1OMQM0idh5EjsoCxhvLTa67VYESigxSfrbaLASbPWhTavA6Q5gLxi
txzEQ4qzeOWNgpr3k/cMro6jdiKnxcidfukSB7EL6f3igsPa3s/oGKlolyxL9NfB
qM5hupkEoljKwvu3iv6e8C3numDZnT7UV7fOmCnf0QnbakdyrZmz750cAvE/5qvt
UQMVTHrx7ZUfUyz/LakRdtlSyM58GH3TUd/bVyc/27A29/b/qikWejlBkVoG9lJL
33Wdp9c6pElo+o9sWLcBYTr2o9ac7vwfVoqoCms7JMmJHrYMTh0mT24nqkmiS93U
v2UCDpE=
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:53:16 2025 by rpki-client