Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7363/FF8B4B6C1D8411E28CD33DDB08B02CD2/0D0AE5040AE711E89D0C5071C4F9AE02.roa
File: 0D0AE5040AE711E89D0C5071C4F9AE02.roa (raw, json)
Hash identifier: 1QH0WR9EAexZONoxgrkCIP2BPHtzOEA7LLO//ildFDE=
Subject key identifier: D5:5F:F2:35:C2:FF:5B:54:9E:74:7A:0D:E8:09:01:1F:C9:EF:7D:FA
Certificate issuer: /CN=A91E7363/serialNumber=A897C04DE12F0A6F59C1AD1509F0B209FA5438B3
Certificate serial: 34B3
Authority key identifier: A8:97:C0:4D:E1:2F:0A:6F:59:C1:AD:15:09:F0:B2:09:FA:54:38:B3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qJfATeEvCm9Zwa0VCfCyCfpUOLM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E7363/FF8B4B6C1D8411E28CD33DDB08B02CD2/0D0AE5040AE711E89D0C5071C4F9AE02.roa
Signing time: Fri 31 Jan 2025 14:50:27 +0000
ROA not before: Fri 31 Jan 2025 14:50:27 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 131173
IP address blocks: 218.100.61.0/24 maxlen: 24
2001:de9::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13491 (0x34b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E7363
Validity
Not Before: Jan 31 14:50:27 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679ce333-b8c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:be:17:27:d3:91:78:1e:63:65:04:9a:12:39:
bb:89:f7:4a:ec:3f:a2:58:36:e5:91:98:48:30:06:
a3:dc:b5:d0:c7:10:31:23:84:c1:52:bc:e0:6b:87:
0a:07:3f:bc:40:b5:1d:cb:eb:d4:11:0f:46:24:1e:
d1:75:32:e2:00:df:e2:aa:23:a3:d1:f4:ef:de:c1:
dd:04:a8:af:24:92:d7:41:53:c5:0e:bc:f5:1a:47:
2a:63:e6:61:40:93:ea:c7:14:48:e3:62:ad:c4:44:
71:4b:d7:4c:2b:cc:b1:3b:e9:95:b1:37:f1:f7:5f:
1f:8d:d2:96:63:20:74:88:7c:f4:46:31:fe:73:3a:
aa:ac:c7:c9:52:f6:97:7d:77:47:d5:27:8c:86:a1:
f9:56:8a:84:29:44:22:6a:c0:a9:76:db:b4:de:f0:
55:0b:e4:16:5c:50:d8:4f:94:3c:63:be:f1:d9:32:
52:78:14:6b:3d:51:cc:76:a6:34:36:9c:ef:52:39:
50:30:88:23:35:54:76:3a:d5:69:48:88:3c:eb:e9:
32:93:d7:41:13:53:5c:ad:c7:ca:7b:9b:bf:78:fb:
3f:77:ad:64:f9:28:ae:2b:46:ec:be:2f:df:35:94:
c5:af:fc:03:66:bd:d5:8e:72:4b:8d:ac:eb:d1:a9:
cc:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:5F:F2:35:C2:FF:5B:54:9E:74:7A:0D:E8:09:01:1F:C9:EF:7D:FA
X509v3 Authority Key Identifier:
keyid:A8:97:C0:4D:E1:2F:0A:6F:59:C1:AD:15:09:F0:B2:09:FA:54:38:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E7363/FF8B4B6C1D8411E28CD33DDB08B02CD2/qJfATeEvCm9Zwa0VCfCyCfpUOLM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qJfATeEvCm9Zwa0VCfCyCfpUOLM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7363/FF8B4B6C1D8411E28CD33DDB08B02CD2/0D0AE5040AE711E89D0C5071C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
218.100.61.0/24
IPv6:
2001:de9::/48
Signature Algorithm: sha256WithRSAEncryption
b2:7b:59:4c:46:c4:c3:72:05:0b:4b:e6:c9:b3:74:91:ed:be:
44:34:94:fd:80:be:42:e5:e4:c1:6d:83:2f:fc:77:34:02:fd:
33:19:11:0a:34:c0:d6:1f:f0:78:ae:b2:0c:f9:86:a9:e2:0e:
f4:b2:ef:87:eb:a4:ea:76:58:bd:a5:8b:6f:c3:59:43:bb:5a:
45:ae:90:6a:f2:68:c9:23:c1:95:69:fd:c6:c6:76:ff:30:24:
f4:62:19:1c:dc:55:85:6b:d6:e0:66:71:5d:7c:2d:28:aa:96:
eb:19:08:ba:7d:4c:0d:da:6a:f9:52:cf:ba:8c:04:04:a7:fb:
15:23:72:ca:e8:f8:e8:80:10:9d:aa:8d:22:1e:25:14:9d:59:
f9:ce:f3:7a:a6:49:0a:82:60:ad:da:5a:02:78:64:37:b9:ed:
a0:a6:ad:f4:f2:ee:99:9a:4f:e0:a8:86:7b:9e:1a:a4:85:25:
57:37:f2:6e:5e:78:20:83:49:75:13:d0:5c:4e:18:b9:02:78:
80:15:5f:66:04:f2:97:95:e3:8e:4e:96:01:83:8d:86:6c:53:
61:88:67:85:eb:0c:6c:c2:29:5f:54:e0:fa:c8:51:b4:31:56:
35:45:80:ac:e1:89:3e:dd:eb:23:84:66:7f:6d:d4:48:d6:5c:
89:c9:07:9d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICNLMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTczNjMxMTAvBgNVBAUTKEE4OTdDMDRERTEyRjBBNkY1OUMxQUQxNTA5RjBCMjA5
RkE1NDM4QjMwHhcNMjUwMTMxMTQ1MDI3WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzljZTMzMy1iOGMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAub4XJ9OReB5jZQSaEjm7ifdK7D+iWDblkZhIMAaj3LXQxxAxI4TBUrzga4cK
Bz+8QLUdy+vUEQ9GJB7RdTLiAN/iqiOj0fTv3sHdBKivJJLXQVPFDrz1GkcqY+Zh
QJPqxxRI42KtxERxS9dMK8yxO+mVsTfx918fjdKWYyB0iHz0RjH+czqqrMfJUvaX
fXdH1SeMhqH5VoqEKUQiasCpdtu03vBVC+QWXFDYT5Q8Y77x2TJSeBRrPVHMdqY0
NpzvUjlQMIgjNVR2OtVpSIg86+kyk9dBE1NcrcfKe5u/ePs/d61k+SiuK0bsvi/f
NZTFr/wDZr3VjnJLjazr0anMWwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFNVf8jXC
/1tUnnR6DegJAR/J7336MB8GA1UdIwQYMBaAFKiXwE3hLwpvWcGtFQnwsgn6VDiz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzM2My9GRjhCNEI2QzFE
ODQxMUUyOENEMzNEREIwOEIwMkNEMi9xSmZBVGVFdkNtOVp3YTBWQ2ZDeUNmcFVP
TE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FKZkFUZUV2Q205WndhMFZDZkN5Q2ZwVU9MTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTczNjMvRkY4QjRCNkMxRDg0MTFFMjhDRDMzRERCMDhCMDJDRDIvMEQwQUU1MDQw
QUU3MTFFODlEMEM1MDcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBADaZD0wDwQCAAIwCQMHACABDekAADANBgkqhkiG9w0BAQsF
AAOCAQEAsntZTEbEw3IFC0vmybN0ke2+RDSU/YC+QuXkwW2DL/x3NAL9MxkRCjTA
1h/weK6yDPmGqeIO9LLvh+uk6nZYvaWLb8NZQ7taRa6QavJoySPBlWn9xsZ2/zAk
9GIZHNxVhWvW4GZxXXwtKKqW6xkIun1MDdpq+VLPuowEBKf7FSNyyuj46IAQnaqN
Ih4lFJ1Z+c7zeqZJCoJgrdpaAnhkN7ntoKat9PLumZpP4KiGe54apIUlVzfybl54
IINJdRPQXE4YuQJ4gBVfZgTyl5Xjjk6WAYONhmxTYYhnhesMbMIpX1Tg+shRtDFW
NUWArOGJPt3rI4Rmf23USNZcickHnQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:55:24 2025 by rpki-client