Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/2EEE5866DAAE11E9A0D2D77BC4F9AE02.roa
File: 2EEE5866DAAE11E9A0D2D77BC4F9AE02.roa (raw, json)
Hash identifier: zDepp9eY/uesLKDU+qiv1MyGjozHNbjBC+4+m/koJf8=
Subject key identifier: B5:13:7B:11:34:0F:F0:8A:2C:3A:8F:60:CB:A5:41:90:08:90:30:1E
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 1892
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/2EEE5866DAAE11E9A0D2D77BC4F9AE02.roa
Signing time: Tue 18 Feb 2025 17:35:26 +0000
ROA not before: Tue 18 Feb 2025 17:35:26 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 24346
IP address blocks: 203.12.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6290 (0x1892)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D
Validity
Not Before: Feb 18 17:35:26 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67b4c4dd-034d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9d:fc:e9:cd:11:5f:44:b7:72:c4:56:ac:aa:
80:49:ca:3c:86:46:fb:0e:35:21:7e:a8:03:0f:87:
0e:3b:8e:bd:a4:99:90:af:ae:8f:96:a7:5a:e0:d7:
9f:98:8d:1c:67:34:34:62:49:46:5a:8f:e6:b0:b8:
9c:70:5c:04:f7:8f:f0:d8:3a:36:1e:3b:ee:a6:f9:
80:de:1f:27:9e:21:20:3c:a0:a4:53:59:51:b8:c4:
95:97:ea:57:be:2b:1b:f7:24:03:92:c8:cc:fb:c9:
21:c4:cd:a5:1c:fc:3e:58:5e:4c:c2:97:f8:46:ae:
78:d5:40:e9:39:27:2b:57:76:8c:21:20:56:0b:3a:
a1:4a:0a:31:20:74:70:9d:21:79:46:59:7c:de:f0:
ee:88:d3:51:b1:04:6a:f8:f1:74:d9:de:dd:a9:67:
61:88:8b:0d:df:07:fd:c3:bc:8c:97:cb:00:2a:e0:
fb:91:7a:f0:48:57:1d:8f:1a:fa:46:7f:aa:62:b4:
24:e6:a3:05:7a:fa:3f:68:ca:b0:e2:7c:7d:60:54:
fe:dc:64:99:72:f7:94:a3:22:67:39:48:3f:ac:96:
ae:bb:d8:94:21:ab:23:04:a3:c1:47:e1:3d:d2:4a:
57:47:f2:8d:4e:15:5d:3c:90:13:60:cd:e3:52:71:
d3:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:13:7B:11:34:0F:F0:8A:2C:3A:8F:60:CB:A5:41:90:08:90:30:1E
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/2EEE5866DAAE11E9A0D2D77BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.12.119.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:b6:90:dd:93:8e:4b:11:7e:11:e7:5a:9a:ec:f0:a7:e4:72:
c4:6a:15:b1:c5:75:45:e2:24:ff:84:cd:7e:a2:85:6f:52:11:
93:8f:45:df:48:bd:14:38:55:cf:11:61:fa:03:4f:84:e9:f1:
82:94:2b:55:06:a9:c2:f8:05:63:62:9f:07:48:f8:74:23:5b:
b1:2b:a2:83:89:1c:a5:87:53:aa:8b:e4:53:5c:2e:c5:69:f8:
de:63:03:c6:53:9e:3c:00:87:ba:03:7d:03:e7:5e:c5:9e:d9:
5c:89:3d:58:b2:5b:3a:8b:d8:af:70:57:bd:3b:9e:47:bf:31:
10:06:74:47:c6:67:a3:04:0c:28:9c:f0:5c:4e:8d:21:88:c1:
86:9e:6b:dd:d3:c4:63:09:b3:4b:4e:a6:aa:62:14:04:68:89:
43:29:cd:3e:c0:ce:e9:9c:8f:23:b3:df:79:4d:65:72:6a:57:
63:cb:04:19:62:c8:b4:47:b8:57:ff:10:17:7d:dc:d5:99:23:
91:1c:7c:ef:12:29:f4:02:77:38:bd:cd:07:46:ed:81:d5:82:
27:d4:db:75:a5:3e:3c:ff:82:fc:22:94:21:d5:44:12:ae:5d:
fa:66:61:c6:c7:e5:9c:a0:68:ca:2e:49:d4:df:0b:f7:cd:28:
c2:94:b0:bd
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGJIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjUwMjE4MTczNTI2WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I0YzRkZC0wMzRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs5386c0RX0S3csRWrKqASco8hkb7DjUhfqgDD4cOO469pJmQr66Plqda4Nef
mI0cZzQ0YklGWo/msLiccFwE94/w2Do2HjvupvmA3h8nniEgPKCkU1lRuMSVl+pX
visb9yQDksjM+8khxM2lHPw+WF5Mwpf4Rq541UDpOScrV3aMISBWCzqhSgoxIHRw
nSF5Rll83vDuiNNRsQRq+PF02d7dqWdhiIsN3wf9w7yMl8sAKuD7kXrwSFcdjxr6
Rn+qYrQk5qMFevo/aMqw4nx9YFT+3GSZcveUoyJnOUg/rJauu9iUIasjBKPBR+E9
0kpXR/KNThVdPJATYM3jUnHT0wIDAQABo4IClTCCApEwHQYDVR0OBBYEFLUTexE0
D/CKLDqPYMulQZAIkDAeMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvMkVFRTU4NjZE
QUFFMTFFOUEwRDJENzdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLDHcwDQYJKoZIhvcNAQELBQADggEBADu2kN2TjksRfhHn
Wprs8KfkcsRqFbHFdUXiJP+EzX6ihW9SEZOPRd9IvRQ4Vc8RYfoDT4Tp8YKUK1UG
qcL4BWNinwdI+HQjW7ErooOJHKWHU6qL5FNcLsVp+N5jA8ZTnjwAh7oDfQPnXsWe
2VyJPViyWzqL2K9wV707nke/MRAGdEfGZ6MEDCic8FxOjSGIwYaea93TxGMJs0tO
pqpiFARoiUMpzT7AzumcjyOz33lNZXJqV2PLBBliyLRHuFf/EBd93NWZI5EcfO8S
KfQCdzi9zQdG7YHVgifU23WlPjz/gvwilCHVRBKuXfpmYcbH5ZygaMouSdTfC/fN
KMKUsL0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:16:29 2025 by rpki-client