Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/B9FF8C12120A11EEBF7A0D72C4F9AE02.roa
File: B9FF8C12120A11EEBF7A0D72C4F9AE02.roa (raw, json)
Hash identifier: BS5loHb1CLlIkVBJWnAWF3jPxnpA/ZuyFhucMr/QfG8=
Subject key identifier: 0A:A9:28:85:CB:04:6A:4B:81:90:35:2D:40:35:0D:89:4B:22:03:67
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 1887
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/B9FF8C12120A11EEBF7A0D72C4F9AE02.roa
Signing time: Tue 18 Feb 2025 17:35:14 +0000
ROA not before: Tue 18 Feb 2025 17:35:14 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 10113
IP address blocks: 27.0.64.0/19 maxlen: 19
202.62.144.0/24 maxlen: 24
202.68.96.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6279 (0x1887)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D
Validity
Not Before: Feb 18 17:35:14 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67b4c4d1-38b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:25:a4:d8:9f:39:da:ee:fe:b1:39:b3:e1:33:
6d:1e:6f:5d:55:d1:81:2b:25:4f:8c:0c:cf:3f:7c:
25:d0:d4:5e:07:ae:a0:ad:d8:05:87:77:a2:1e:b4:
3d:6a:2d:40:51:48:03:a4:4f:d7:e7:c9:72:73:30:
8c:42:54:4e:d6:91:71:ab:37:ef:39:b2:08:28:62:
cc:03:89:67:6a:5e:0b:32:4b:1b:9b:26:8d:65:5d:
32:8a:45:66:23:a9:aa:8a:0c:12:0c:dd:fd:f6:c7:
d2:fc:14:a4:5b:48:85:58:1a:bc:d3:01:74:7f:1e:
26:e1:c1:02:63:17:2b:95:b6:74:b4:31:81:5a:f4:
f5:02:ba:14:d5:a6:bd:7e:a1:77:5c:3a:c1:6a:6c:
53:0a:9a:ab:4d:40:85:9e:4b:c4:23:fb:34:12:f0:
dc:13:5b:01:57:05:11:72:a8:de:ef:15:98:88:de:
bd:05:55:c4:5c:18:bb:75:fe:26:4e:66:4c:be:11:
6b:6d:aa:85:5e:38:49:43:ae:ea:8b:73:f0:72:3d:
40:d7:1e:84:56:b9:83:5a:b8:f2:69:ae:38:b3:fc:
10:a4:d4:f8:a6:2d:b0:8c:d6:06:f5:4e:12:85:74:
cc:0e:24:17:95:d9:d9:74:07:79:a7:e9:06:c9:7e:
9e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:A9:28:85:CB:04:6A:4B:81:90:35:2D:40:35:0D:89:4B:22:03:67
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/B9FF8C12120A11EEBF7A0D72C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.0.64.0/19
202.62.144.0/24
202.68.96.0/19
Signature Algorithm: sha256WithRSAEncryption
56:b1:c7:fa:76:96:8b:7d:f4:d6:71:bb:c0:c4:c7:08:46:8e:
91:50:01:7c:c8:50:e9:6e:71:8f:a7:3b:d7:64:cb:f1:86:7d:
d4:dc:21:7f:8c:0a:26:e6:51:92:cb:3a:26:69:d6:9f:9a:f0:
3f:db:21:66:94:11:2c:87:4b:0a:90:26:06:b9:55:a3:4d:f2:
70:da:73:4e:4e:58:8b:02:3a:78:52:ad:07:9b:63:e5:de:be:
2d:4b:ec:99:74:e7:41:86:9b:85:7b:1f:f5:6a:28:6b:bc:b1:
86:33:8b:28:dc:a4:ac:80:15:76:98:ed:14:9a:70:f5:3b:28:
fc:8f:fa:09:98:9f:04:2a:2d:03:6f:62:81:a6:c7:67:97:9e:
b2:25:b4:f1:70:71:61:81:90:9e:3e:0f:6e:20:a8:9a:f6:66:
5d:40:3b:14:78:7f:e6:a3:8d:c3:93:4d:9e:dd:9e:74:bb:01:
d4:c8:90:4e:7c:9b:75:06:5e:94:6a:f4:b3:46:ff:53:4a:e2:
6c:fe:62:01:f5:8f:30:7f:26:dc:2a:91:2f:cb:1d:77:96:01:
45:a5:3c:73:5e:c7:9e:a2:10:a5:06:95:29:fd:b4:2a:72:28:
36:92:b2:e5:2b:df:5d:94:b1:34:20:ee:b5:a9:0b:f0:cf:df:
c2:57:c1:d1
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICGIcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjUwMjE4MTczNTE0WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I0YzRkMS0zOGIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArCWk2J852u7+sTmz4TNtHm9dVdGBKyVPjAzPP3wl0NReB66grdgFh3eiHrQ9
ai1AUUgDpE/X58lyczCMQlRO1pFxqzfvObIIKGLMA4lnal4LMksbmyaNZV0yikVm
I6mqigwSDN399sfS/BSkW0iFWBq80wF0fx4m4cECYxcrlbZ0tDGBWvT1AroU1aa9
fqF3XDrBamxTCpqrTUCFnkvEI/s0EvDcE1sBVwURcqje7xWYiN69BVXEXBi7df4m
TmZMvhFrbaqFXjhJQ67qi3Pwcj1A1x6EVrmDWrjyaa44s/wQpNT4pi2wjNYG9U4S
hXTMDiQXldnZdAd5p+kGyX6eQQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFAqpKIXL
BGpLgZA1LUA1DYlLIgNnMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvQjlGRjhDMTIx
MjBBMTFFRUJGN0EwRDcyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAUbAEADBADKPpADBAXKRGAwDQYJKoZIhvcNAQELBQADggEB
AFaxx/p2lot99NZxu8DExwhGjpFQAXzIUOlucY+nO9dky/GGfdTcIX+MCibmUZLL
OiZp1p+a8D/bIWaUESyHSwqQJga5VaNN8nDac05OWIsCOnhSrQebY+Xevi1L7Jl0
50GGm4V7H/VqKGu8sYYziyjcpKyAFXaY7RSacPU7KPyP+gmYnwQqLQNvYoGmx2eX
nrIltPFwcWGBkJ4+D24gqJr2Zl1AOxR4f+ajjcOTTZ7dnnS7AdTIkE58m3UGXpRq
9LNG/1NK4mz+YgH1jzB/JtwqkS/LHXeWAUWlPHNex56iEKUGlSn9tCpyKDaSsuUr
312UsTQg7rWpC/DP38JXwdE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:16:01 2025 by rpki-client