Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF645/AB16E55201F611E9ABB8870DC4F9AE02/C5EA2D4801F711E9B44DC70EC4F9AE02.roa
File: C5EA2D4801F711E9B44DC70EC4F9AE02.roa (raw, json)
Hash identifier: 7GMPsmEhJjvHx88LOtk6/iPjMX5SfWv/q3XixmtcSeU=
Subject key identifier: A5:CD:D8:1C:14:51:9E:52:95:19:E3:13:BA:E2:A5:27:7D:EB:6E:C4
Certificate issuer: /CN=A91DF645/serialNumber=E23E56883A6E37ADE5223C413B3B3B0F781BC929
Certificate serial: 10C8
Authority key identifier: E2:3E:56:88:3A:6E:37:AD:E5:22:3C:41:3B:3B:3B:0F:78:1B:C9:29
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4j5WiDpuN63lIjxBOzs7D3gbySk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DF645/AB16E55201F611E9ABB8870DC4F9AE02/C5EA2D4801F711E9B44DC70EC4F9AE02.roa
Signing time: Tue 02 Jul 2024 18:05:17 +0000
ROA not before: Tue 02 Jul 2024 18:05:17 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 56204
IP address blocks: 202.50.52.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4296 (0x10c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DF645
Validity
Not Before: Jul 2 18:05:17 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6684415c-ace5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:24:9e:02:37:71:2a:01:45:7e:65:b8:a7:b7:
10:cd:8e:1b:0a:bc:12:44:30:a2:00:aa:a5:f7:4e:
6e:7b:9f:84:fc:a4:f4:6c:0e:04:ad:81:21:d6:e3:
4b:a2:fd:3d:05:06:c9:80:18:39:29:4b:df:1c:9a:
1c:d6:6d:2b:61:b0:06:e8:da:69:bf:aa:6d:66:43:
41:b7:cc:99:80:c2:6a:a6:84:e4:3c:e6:ba:cd:65:
ac:f8:2b:bc:e0:0b:ea:a6:8c:f5:38:0d:32:bb:dc:
50:97:5d:d1:c5:83:2e:53:a1:0d:cc:eb:f0:f2:ac:
18:5b:db:bd:33:be:80:a7:ca:a5:ee:06:dd:49:92:
fb:96:e0:a9:62:1c:7b:3b:13:d2:c2:d4:b4:ae:16:
cc:50:15:00:82:f8:e0:f0:ad:37:f5:5b:3f:67:52:
c8:2c:54:fd:18:c0:b2:02:0f:ca:fc:7e:cf:9b:ae:
3e:95:84:38:81:59:d5:26:2e:45:4d:60:8a:95:e9:
49:fa:7a:6b:65:09:8d:db:76:22:e9:7d:ae:3d:98:
1f:d2:9f:3a:d1:25:ff:d6:72:d9:a9:71:f1:ed:b9:
87:d1:9f:54:ea:87:51:ba:f6:90:9f:b6:f2:cd:4a:
6d:b8:a6:6e:69:6c:a3:83:55:50:aa:c8:b2:72:2a:
36:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:CD:D8:1C:14:51:9E:52:95:19:E3:13:BA:E2:A5:27:7D:EB:6E:C4
X509v3 Authority Key Identifier:
keyid:E2:3E:56:88:3A:6E:37:AD:E5:22:3C:41:3B:3B:3B:0F:78:1B:C9:29
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DF645/AB16E55201F611E9ABB8870DC4F9AE02/4j5WiDpuN63lIjxBOzs7D3gbySk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4j5WiDpuN63lIjxBOzs7D3gbySk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF645/AB16E55201F611E9ABB8870DC4F9AE02/C5EA2D4801F711E9B44DC70EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.50.52.0/22
Signature Algorithm: sha256WithRSAEncryption
94:32:90:72:35:e4:f3:3a:62:36:8b:76:cd:99:b7:8c:c6:94:
6b:03:eb:0c:d6:de:d0:62:9e:a2:6d:28:e4:a4:61:b1:f5:ee:
8c:0d:b7:39:4f:c7:f7:9b:42:56:fe:88:bc:8e:d3:e2:13:14:
df:f9:60:a6:27:1f:e5:9f:8a:9e:3b:fd:b1:12:1e:08:b5:52:
29:13:26:ef:26:24:53:2a:ea:8c:f0:d9:81:28:66:6f:b5:99:
9c:48:63:6c:ed:e3:00:4f:d2:46:18:89:9a:b2:bb:b3:a3:9f:
9f:60:ab:59:c2:72:41:95:5d:bf:7c:5d:22:93:db:03:11:e6:
4d:94:3e:cb:ce:d2:20:ed:65:b0:65:59:9a:b1:63:8c:e1:21:
1e:e1:21:b9:9d:53:57:80:ed:74:40:c8:c8:15:a2:08:3f:1f:
02:31:f0:4d:b9:10:41:e4:18:47:8e:88:7f:71:7b:bf:b8:a5:
b3:5b:bc:69:23:84:c2:a5:96:83:14:83:bc:59:15:a7:e6:ed:
1e:78:a0:b7:0e:be:d3:7c:45:8a:cd:e5:14:de:c2:2b:7a:2d:
24:f8:ae:c2:06:c9:f1:42:d1:33:15:81:54:02:aa:20:f4:31:
b1:2e:c5:42:81:2f:b1:a5:eb:57:a6:f3:2b:20:9f:1e:01:ef:
1f:94:0d:75
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICEMgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REY2NDUxMTAvBgNVBAUTKEUyM0U1Njg4M0E2RTM3QURFNTIyM0M0MTNCM0IzQjBG
NzgxQkM5MjkwHhcNMjQwNzAyMTgwNTE3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg0NDE1Yy1hY2U1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvySeAjdxKgFFfmW4p7cQzY4bCrwSRDCiAKql905ue5+E/KT0bA4ErYEh1uNL
ov09BQbJgBg5KUvfHJoc1m0rYbAG6Nppv6ptZkNBt8yZgMJqpoTkPOa6zWWs+Cu8
4Avqpoz1OA0yu9xQl13RxYMuU6ENzOvw8qwYW9u9M76Ap8ql7gbdSZL7luCpYhx7
OxPSwtS0rhbMUBUAgvjg8K039Vs/Z1LILFT9GMCyAg/K/H7Pm64+lYQ4gVnVJi5F
TWCKlelJ+nprZQmN23Yi6X2uPZgf0p860SX/1nLZqXHx7bmH0Z9U6odRuvaQn7by
zUptuKZuaWyjg1VQqsiycio2yQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKXN2BwU
UZ5SlRnjE7ripSd9627EMB8GA1UdIwQYMBaAFOI+Vog6bjet5SI8QTs7Ow94G8kp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjY0NS9BQjE2RTU1MjAx
RjYxMUU5QUJCODg3MERDNEY5QUUwMi80ajVXaURwdU42M2xJanhCT3pzN0QzZ2J5
U2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRqNVdpRHB1TjYzbElqeEJPenM3RDNnYnlTay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REY2NDUvQUIxNkU1NTIwMUY2MTFFOUFCQjg4NzBEQzRGOUFFMDIvQzVFQTJENDgw
MUY3MTFFOUI0NERDNzBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALKMjQwDQYJKoZIhvcNAQELBQADggEBAJQykHI15PM6YjaL
ds2Zt4zGlGsD6wzW3tBinqJtKOSkYbH17owNtzlPx/ebQlb+iLyO0+ITFN/5YKYn
H+Wfip47/bESHgi1UikTJu8mJFMq6ozw2YEoZm+1mZxIY2zt4wBP0kYYiZqyu7Oj
n59gq1nCckGVXb98XSKT2wMR5k2UPsvO0iDtZbBlWZqxY4zhIR7hIbmdU1eA7XRA
yMgVogg/HwIx8E25EEHkGEeOiH9xe7+4pbNbvGkjhMKlloMUg7xZFafm7R54oLcO
vtN8RYrN5RTewit6LST4rsIGyfFC0TMVgVQCqiD0MbEuxUKBL7Gl61em8ysgnx4B
7x+UDXU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:12:08 2025 by rpki-client