Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEF04/991EB75A7AB011EBA027BB7FC4F9AE02/204B342ECEF111ED9D71580AC4F9AE02.roa
File: 204B342ECEF111ED9D71580AC4F9AE02.roa (raw, json)
Hash identifier: V/douCj4U7M/9Bt5a7qzsCzrgcxHQH1b+ixRaTUpN4M=
Subject key identifier: CE:4E:BA:BB:9B:67:E3:9E:08:29:A9:1F:2F:5B:97:F9:89:15:BA:68
Certificate issuer: /CN=A91DEF04/serialNumber=3116E07584056C16F568F0EC6098E7DC4F504A38
Certificate serial: 062D
Authority key identifier: 31:16:E0:75:84:05:6C:16:F5:68:F0:EC:60:98:E7:DC:4F:50:4A:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MRbgdYQFbBb1aPDsYJjn3E9QSjg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DEF04/991EB75A7AB011EBA027BB7FC4F9AE02/204B342ECEF111ED9D71580AC4F9AE02.roa
Signing time: Mon 02 Dec 2024 22:32:19 +0000
ROA not before: Mon 02 Dec 2024 22:32:19 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 201942
IP address blocks: 115.124.36.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1581 (0x62d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DEF04
Validity
Not Before: Dec 2 22:32:19 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=674e3573-3565
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d2:8c:b2:67:c1:9a:30:44:90:85:2c:50:83:
b3:f7:a3:f9:fd:70:2e:89:7c:07:f3:f8:03:e1:dd:
d5:3f:fa:a8:74:30:99:ad:87:d8:da:0c:9b:98:24:
82:50:cf:8e:32:8d:7d:c2:e3:5d:cc:53:fd:74:6a:
45:71:dd:2c:a1:7d:27:5d:b7:52:d2:e0:81:3d:4e:
f0:6f:25:94:9e:19:5d:24:8c:0a:51:69:a9:95:d9:
42:ab:4a:a8:89:c7:f8:dd:bf:a5:fa:2f:f0:b9:ac:
f0:63:ff:c4:db:df:0e:25:18:c5:fa:e4:36:3b:86:
5e:8f:d9:9f:b6:10:6d:0e:46:8c:ec:5d:c8:fb:17:
ca:94:56:c4:c1:7b:6a:eb:9e:ed:78:ff:e6:03:2e:
08:20:6b:4b:60:cd:72:1c:e1:e1:67:cb:07:bc:78:
af:ac:09:44:a4:72:1e:bf:6d:a8:26:4e:fb:b1:c3:
da:1a:42:08:c2:07:a4:31:9c:2d:05:aa:21:7c:bc:
98:7d:8a:e5:52:76:6f:25:0a:e9:4f:f6:0d:a7:db:
46:d3:cf:62:c5:f3:c9:b8:78:25:13:f8:1d:5f:fa:
31:63:59:f9:cd:16:63:ec:35:e6:95:75:f4:ff:7a:
68:0d:3c:a2:8b:fd:af:af:6c:0b:cf:08:4e:d5:32:
a9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:4E:BA:BB:9B:67:E3:9E:08:29:A9:1F:2F:5B:97:F9:89:15:BA:68
X509v3 Authority Key Identifier:
keyid:31:16:E0:75:84:05:6C:16:F5:68:F0:EC:60:98:E7:DC:4F:50:4A:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DEF04/991EB75A7AB011EBA027BB7FC4F9AE02/MRbgdYQFbBb1aPDsYJjn3E9QSjg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MRbgdYQFbBb1aPDsYJjn3E9QSjg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEF04/991EB75A7AB011EBA027BB7FC4F9AE02/204B342ECEF111ED9D71580AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
115.124.36.0/22
Signature Algorithm: sha256WithRSAEncryption
51:d3:29:47:ad:0a:f3:09:f5:a9:94:80:c7:62:3a:dd:18:33:
2c:dd:30:60:d6:05:7e:d8:ae:48:02:cd:5e:24:ee:9a:1e:f0:
6b:fa:41:00:bb:9b:ea:9b:b5:e2:48:24:78:ea:17:3a:9e:bb:
b5:7b:59:ea:7c:93:29:63:57:9d:83:4a:09:c0:9e:18:df:14:
48:f6:3b:2e:a2:1f:c3:68:12:cd:35:8b:40:41:d4:40:c9:89:
d4:2a:29:79:ab:65:c8:3d:80:2c:bc:22:ce:8c:2e:21:9e:21:
c8:50:f3:0a:4e:45:86:2b:c5:73:ca:43:8a:54:12:ee:53:75:
13:40:14:af:8f:b4:b2:3d:f4:b5:a2:7a:43:0b:dc:16:5b:e8:
9b:6c:5d:c7:fc:19:d6:81:e3:ed:5d:ae:f7:12:fd:00:58:26:
3a:e5:33:b7:d4:45:e7:9a:48:36:01:f7:b3:a9:ff:d8:60:44:
43:86:7e:85:09:c7:56:fd:2d:ac:55:1d:70:8d:06:3c:39:70:
c4:d2:28:5f:77:d4:a2:85:b1:a5:4e:e4:14:12:e4:5f:69:ce:
fb:91:74:3e:c1:a2:23:94:fd:30:c2:cd:b5:22:67:7a:3c:0d:
bb:8b:62:c1:76:89:8a:21:be:81:e0:0e:4d:22:73:eb:ba:26:
2c:cd:6b:c6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBi0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REVGMDQxMTAvBgNVBAUTKDMxMTZFMDc1ODQwNTZDMTZGNTY4RjBFQzYwOThFN0RD
NEY1MDRBMzgwHhcNMjQxMjAyMjIzMjE5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRlMzU3My0zNTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApdKMsmfBmjBEkIUsUIOz96P5/XAuiXwH8/gD4d3VP/qodDCZrYfY2gybmCSC
UM+OMo19wuNdzFP9dGpFcd0soX0nXbdS0uCBPU7wbyWUnhldJIwKUWmpldlCq0qo
icf43b+l+i/wuazwY//E298OJRjF+uQ2O4Zej9mfthBtDkaM7F3I+xfKlFbEwXtq
657teP/mAy4IIGtLYM1yHOHhZ8sHvHivrAlEpHIev22oJk77scPaGkIIwgekMZwt
BaohfLyYfYrlUnZvJQrpT/YNp9tG089ixfPJuHglE/gdX/oxY1n5zRZj7DXmlXX0
/3poDTyii/2vr2wLzwhO1TKpbQIDAQABo4IClTCCApEwHQYDVR0OBBYEFM5Ourub
Z+OeCCmpHy9bl/mJFbpoMB8GA1UdIwQYMBaAFDEW4HWEBWwW9Wjw7GCY59xPUEo4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUYwNC85OTFFQjc1QTdB
QjAxMUVCQTAyN0JCN0ZDNEY5QUUwMi9NUmJnZFlRRmJCYjFhUERzWUpqbjNFOVFT
amcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01SYmdkWVFGYkJiMWFQRHNZSmpuM0U5UVNqZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REVGMDQvOTkxRUI3NUE3QUIwMTFFQkEwMjdCQjdGQzRGOUFFMDIvMjA0QjM0MkVD
RUYxMTFFRDlENzE1ODBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJzfCQwDQYJKoZIhvcNAQELBQADggEBAFHTKUetCvMJ9amU
gMdiOt0YMyzdMGDWBX7YrkgCzV4k7poe8Gv6QQC7m+qbteJIJHjqFzqeu7V7Wep8
kyljV52DSgnAnhjfFEj2Oy6iH8NoEs01i0BB1EDJidQqKXmrZcg9gCy8Is6MLiGe
IchQ8wpORYYrxXPKQ4pUEu5TdRNAFK+PtLI99LWiekML3BZb6JtsXcf8GdaB4+1d
rvcS/QBYJjrlM7fUReeaSDYB97Op/9hgREOGfoUJx1b9LaxVHXCNBjw5cMTSKF93
1KKFsaVO5BQS5F9pzvuRdD7BoiOU/TDCzbUiZ3o8DbuLYsF2iYohvoHgDk0ic+u6
JizNa8Y=
-----END CERTIFICATE-----
Generated at Fri Apr 11 19:52:21 2025 by rpki-client