Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/087339C6B61911EFB63B4D69C4F9AE02.roa
File: 087339C6B61911EFB63B4D69C4F9AE02.roa (raw, json)
Hash identifier: y/pzoVGcRei608J+YVS/jLd/Pp8KJCwPCvOTQ1Q/auA=
Subject key identifier: 5A:BA:89:B2:18:2C:A7:DB:A5:EB:64:C4:D8:33:13:E7:36:3E:14:3E
Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B
Certificate serial: 0A48
Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/087339C6B61911EFB63B4D69C4F9AE02.roa
Signing time: Mon 09 Dec 2024 11:03:11 +0000
ROA not before: Mon 09 Dec 2024 11:03:11 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 9229
IP address blocks: 202.174.130.0/24 maxlen: 24
202.174.155.0/24 maxlen: 24
202.174.156.0/24 maxlen: 24
202.174.157.0/24 maxlen: 24
202.174.159.0/24 maxlen: 24
203.88.64.0/19 maxlen: 19
203.88.80.0/24 maxlen: 24
203.88.81.0/24 maxlen: 24
203.88.82.0/24 maxlen: 24
203.88.86.0/24 maxlen: 24
203.88.87.0/24 maxlen: 24
203.88.88.0/24 maxlen: 24
203.88.89.0/24 maxlen: 24
203.88.90.0/24 maxlen: 24
203.88.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2632 (0xa48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E3E27
Validity
Not Before: Dec 9 11:03:11 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6756ce6e-4a8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:96:28:3c:01:ce:d1:01:03:1d:1d:7c:fd:d6:
5c:2e:b8:76:4e:19:5b:dd:61:93:33:49:06:37:af:
47:13:99:03:52:2c:67:95:09:4a:65:9a:70:6c:7a:
90:40:08:23:04:d1:46:db:c7:c3:dc:cb:2c:f4:d6:
90:af:cb:4e:9a:b6:95:0b:c1:9b:de:f4:f2:71:2b:
27:dd:d0:47:93:f1:3e:eb:81:70:9d:35:d9:ec:70:
10:0c:57:3c:e0:b0:cc:da:4b:a0:27:ca:10:db:1c:
8d:21:66:49:b1:e5:0d:63:79:de:d7:5f:4f:45:73:
13:94:bb:f0:e4:d7:fc:c4:de:ae:82:3a:56:86:74:
b9:fa:3d:9b:05:75:dd:b4:9d:0e:b8:9d:38:68:3a:
b0:1c:03:99:9c:da:4b:5f:e6:5b:b6:6e:b4:66:df:
59:92:db:a8:1a:99:16:eb:75:a9:ab:48:3d:e5:be:
4e:8a:58:ad:a5:1e:7e:ea:ac:af:e6:6f:a1:2d:72:
2c:c7:c9:96:6c:69:93:a0:9c:bf:3e:b2:81:ca:50:
ca:f3:83:40:03:2e:2c:5c:f8:79:dc:3d:11:4f:98:
6d:98:8b:03:ac:d0:a7:bc:e5:c4:25:00:89:08:ad:
80:76:3e:44:89:94:bf:b7:3d:4c:c0:05:3d:eb:9a:
c5:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:BA:89:B2:18:2C:A7:DB:A5:EB:64:C4:D8:33:13:E7:36:3E:14:3E
X509v3 Authority Key Identifier:
keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/087339C6B61911EFB63B4D69C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.174.130.0/24
202.174.155.0-202.174.157.255
202.174.159.0/24
203.88.64.0/19
Signature Algorithm: sha256WithRSAEncryption
25:9a:60:d7:c1:e5:c8:c2:3e:81:b0:9a:bb:32:db:c2:6d:d1:
bf:31:a2:29:94:b5:55:c6:60:42:d7:dc:84:2e:31:3d:2f:b9:
f9:60:50:2e:4b:e0:69:d5:61:63:90:f4:14:9a:62:90:6d:bc:
1b:80:fa:be:5c:bd:fd:e5:68:fe:f1:66:7e:21:f0:5e:d5:8c:
e5:60:4d:2c:01:32:f5:78:4f:4b:b6:cb:a2:2f:f1:77:64:db:
77:51:90:d5:62:d7:ba:c9:d0:09:99:31:e6:b8:12:14:71:3b:
6f:59:46:ce:77:ba:b9:d6:df:43:c6:09:0d:30:06:1c:f7:73:
3f:95:99:b5:98:22:5b:dc:fa:2f:81:d6:2b:50:0f:94:c5:8f:
bf:30:de:ab:f1:45:c7:37:a0:7a:85:32:bc:8b:57:0d:da:b0:
83:7a:e8:5c:36:92:2b:46:d6:94:7d:6e:4d:a5:bb:42:6f:b7:
65:0a:1a:92:ac:68:cd:8c:11:a0:d2:5d:ef:ef:96:c8:f5:24:
30:fb:bd:fc:7b:84:e3:ac:ba:53:e4:90:de:1d:cc:d6:fc:ac:
a7:1e:81:5c:8a:99:97:54:a1:8f:fa:fe:f0:61:8f:b3:d7:d7:
9e:73:08:e6:e2:d4:e9:80:f8:6c:90:d6:98:66:b1:e7:1e:87:
70:cc:7e:75
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICCkgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw
OEM3NDNENEIwHhcNMjQxMjA5MTEwMzExWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU2Y2U2ZS00YThiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnJYoPAHO0QEDHR18/dZcLrh2Thlb3WGTM0kGN69HE5kDUixnlQlKZZpwbHqQ
QAgjBNFG28fD3Mss9NaQr8tOmraVC8Gb3vTycSsn3dBHk/E+64FwnTXZ7HAQDFc8
4LDM2kugJ8oQ2xyNIWZJseUNY3ne119PRXMTlLvw5Nf8xN6ugjpWhnS5+j2bBXXd
tJ0OuJ04aDqwHAOZnNpLX+Zbtm60Zt9ZktuoGpkW63Wpq0g95b5OilitpR5+6qyv
5m+hLXIsx8mWbGmToJy/PrKBylDK84NAAy4sXPh53D0RT5htmIsDrNCnvOXEJQCJ
CK2Adj5EiZS/tz1MwAU965rFRQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFFq6ibIY
LKfbpetkxNgzE+c2PhQ+MB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG
M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTNFMjcvRjM4ODg3NjY2RjNBMTFFQTk4NDAxMzNEQzRGOUFFMDIvMDg3MzM5QzZC
NjE5MTFFRkI2M0I0RDY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBADKroIwDAMEAMqumwMEAcqunAMEAMqunwMEBctYQDANBgkq
hkiG9w0BAQsFAAOCAQEAJZpg18HlyMI+gbCauzLbwm3RvzGiKZS1VcZgQtfchC4x
PS+5+WBQLkvgadVhY5D0FJpikG28G4D6vly9/eVo/vFmfiHwXtWM5WBNLAEy9XhP
S7bLoi/xd2Tbd1GQ1WLXusnQCZkx5rgSFHE7b1lGzne6udbfQ8YJDTAGHPdzP5WZ
tZgiW9z6L4HWK1APlMWPvzDeq/FFxzegeoUyvItXDdqwg3roXDaSK0bWlH1uTaW7
Qm+3ZQoakqxozYwRoNJd7++WyPUkMPu9/HuE46y6U+SQ3h3M1vyspx6BXIqZl1Sh
j/r+8GGPs9fXnnMI5uLU6YD4bJDWmGax5x6HcMx+dQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:01:13 2025 by rpki-client