Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/CF4957B2CE4A11EFB024055CC4F9AE02.roa
File: CF4957B2CE4A11EFB024055CC4F9AE02.roa (raw, json)
Hash identifier: S6sIq0FSnLSIEBwO79edDLWChtaFt19AJxVsIuTCm9s=
Subject key identifier: 0C:C5:3F:7B:94:8D:9B:90:5E:91:05:AA:31:40:EB:DB:4C:32:60:02
Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B
Certificate serial: 0A61
Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/CF4957B2CE4A11EFB024055CC4F9AE02.roa
Signing time: Thu 09 Jan 2025 05:30:17 +0000
ROA not before: Thu 09 Jan 2025 05:30:17 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 203.88.80.0/23 maxlen: 23
203.88.82.0/24 maxlen: 24
203.88.86.0/23 maxlen: 23
203.88.88.0/23 maxlen: 23
203.88.90.0/24 maxlen: 24
203.88.95.0/24 maxlen: 24
210.89.64.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2657 (0xa61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E3E27
Validity
Not Before: Jan 9 05:30:17 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=677f5ee9-ce68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a0:99:4a:c8:c2:9a:00:ba:9d:76:87:47:16:
e7:d2:13:40:a7:e7:e2:67:ba:5c:57:58:f1:21:39:
86:c2:f4:49:ee:74:bb:41:41:d9:aa:21:37:e2:67:
36:7b:80:fd:df:7f:c2:54:ae:fc:0c:76:29:60:1f:
f0:63:fa:98:55:49:4b:3d:14:29:6c:a5:7b:94:e5:
3f:cd:9f:e4:40:22:0c:f1:6b:db:cc:7e:26:2c:1a:
7b:45:93:8d:25:fd:77:d4:d4:cf:10:ed:fe:15:a5:
91:c2:a1:b3:6a:86:e7:ce:88:29:51:c3:2a:2e:d8:
68:83:9c:3a:dd:cd:cd:cd:94:71:52:24:af:1c:d4:
ad:7b:cd:bd:a5:8d:0e:e1:33:62:e4:ff:15:05:80:
95:2d:d3:d2:0d:f5:b4:14:be:fa:20:2a:c8:64:7f:
bf:ca:36:b9:8f:b8:59:41:bf:f1:f5:f7:a6:9a:95:
f5:e6:33:56:5a:9d:2d:30:fd:e5:f3:a3:67:11:e9:
7e:3d:b2:ff:cf:bf:98:6d:68:b3:26:e3:18:07:8d:
28:00:59:0d:b7:eb:95:f1:a6:be:49:59:14:4f:dc:
9e:82:70:b4:07:7b:48:5d:89:fc:8f:fe:9d:2c:70:
92:2e:0e:fe:21:4a:08:7a:64:31:0f:54:b7:08:71:
c0:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:C5:3F:7B:94:8D:9B:90:5E:91:05:AA:31:40:EB:DB:4C:32:60:02
X509v3 Authority Key Identifier:
keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/CF4957B2CE4A11EFB024055CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.88.80.0-203.88.82.255
203.88.86.0-203.88.90.255
203.88.95.0/24
210.89.64.0/19
Signature Algorithm: sha256WithRSAEncryption
31:5d:3c:12:41:f0:f4:da:48:8d:79:40:30:74:11:79:7f:27:
39:f8:84:0d:f6:d0:ab:16:2c:27:d4:55:4a:81:72:6a:c9:90:
0d:13:b9:56:66:79:c5:24:76:bc:97:18:e8:95:e9:84:b6:0b:
25:2e:8e:78:b0:fc:13:90:0b:89:64:5c:60:bc:29:96:fd:4c:
43:6f:1c:95:df:b1:56:a4:db:05:b1:e6:79:31:2f:cd:bf:9a:
97:14:87:78:da:72:03:d6:8b:84:e8:39:43:a2:8a:df:1a:3c:
44:b7:8b:ae:87:88:1b:4d:ee:88:a7:3b:8b:d4:76:1e:3f:40:
85:ba:84:16:2d:1a:ad:da:d9:1b:46:c0:3f:e2:b8:a8:e9:ce:
68:e1:26:1a:56:e7:3c:fa:7a:e3:fa:bb:bf:46:c2:e0:dd:f2:
16:8f:60:0c:05:12:d3:d1:22:53:80:ca:20:b3:32:ed:12:af:
4d:5e:69:d1:28:31:fd:25:b4:2e:7c:9a:17:e0:bc:fd:fd:78:
fb:fc:60:c7:8e:4e:89:3f:68:f9:e1:ae:85:c9:e3:24:7a:e5:
4a:ca:b3:70:70:a4:1b:f8:59:c5:1f:8e:85:2d:5c:e1:9d:7c:
c0:2c:1b:99:9d:4a:d4:34:cb:30:59:da:08:51:39:23:f0:2f:
42:d3:d2:dd
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICCmEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw
OEM3NDNENEIwHhcNMjUwMTA5MDUzMDE3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdmNWVlOS1jZTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyKCZSsjCmgC6nXaHRxbn0hNAp+fiZ7pcV1jxITmGwvRJ7nS7QUHZqiE34mc2
e4D933/CVK78DHYpYB/wY/qYVUlLPRQpbKV7lOU/zZ/kQCIM8WvbzH4mLBp7RZON
Jf131NTPEO3+FaWRwqGzaobnzogpUcMqLthog5w63c3NzZRxUiSvHNSte829pY0O
4TNi5P8VBYCVLdPSDfW0FL76ICrIZH+/yja5j7hZQb/x9femmpX15jNWWp0tMP3l
86NnEel+PbL/z7+YbWizJuMYB40oAFkNt+uV8aa+SVkUT9yegnC0B3tIXYn8j/6d
LHCSLg7+IUoIemQxD1S3CHHA1QIDAQABo4ICtzCCArMwHQYDVR0OBBYEFAzFP3uU
jZuQXpEFqjFA69tMMmACMB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG
M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTNFMjcvRjM4ODg3NjY2RjNBMTFFQTk4NDAxMzNEQzRGOUFFMDIvQ0Y0OTU3QjJD
RTRBMTFFRkIwMjQwNTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMC4EAgABMCgwDAMEBMtYUAMEAMtYUjAMAwQBy1hWAwQAy1haAwQAy1hfAwQF
0llAMA0GCSqGSIb3DQEBCwUAA4IBAQAxXTwSQfD02kiNeUAwdBF5fyc5+IQN9tCr
Fiwn1FVKgXJqyZANE7lWZnnFJHa8lxjolemEtgslLo54sPwTkAuJZFxgvCmW/UxD
bxyV37FWpNsFseZ5MS/Nv5qXFId42nID1ouE6DlDoorfGjxEt4uuh4gbTe6IpzuL
1HYeP0CFuoQWLRqt2tkbRsA/4rio6c5o4SYaVuc8+nrj+ru/RsLg3fIWj2AMBRLT
0SJTgMogszLtEq9NXmnRKDH9JbQufJoX4Lz9/Xj7/GDHjk6JP2j54a6FyeMkeuVK
yrNwcKQb+FnFH46FLVzhnXzALBuZnUrUNMswWdoIUTkj8C9C09Ld
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:35:09 2025 by rpki-client