Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBC50/E4858AC40CD411EBBCD79C69C4F9AE02/638149B88C2C11EBBB3B260BC4F9AE02.roa
File: 638149B88C2C11EBBB3B260BC4F9AE02.roa (raw, json)
Hash identifier: B/FCYm7yp7p+ieEmvmImAhcl/oemA2ZNjMcDSU18oaU=
Subject key identifier: 7B:EA:99:99:55:73:DB:59:74:A6:D0:52:E7:44:4E:A7:D7:2B:52:F6
Certificate issuer: /CN=A91EBC50/serialNumber=4354D5CFA564EE71B34E8874EEB1B9868F8807DD
Certificate serial: 0776
Authority key identifier: 43:54:D5:CF:A5:64:EE:71:B3:4E:88:74:EE:B1:B9:86:8F:88:07:DD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q1TVz6Vk7nGzToh07rG5ho-IB90.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EBC50/E4858AC40CD411EBBCD79C69C4F9AE02/638149B88C2C11EBBB3B260BC4F9AE02.roa
Signing time: Thu 06 Mar 2025 21:41:47 +0000
ROA not before: Thu 06 Mar 2025 21:41:47 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 136557
IP address blocks: 203.28.238.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1910 (0x776)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EBC50
Validity
Not Before: Mar 6 21:41:47 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67ca169b-a87f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:73:b1:be:4f:fa:3a:c7:ff:32:74:70:0b:1f:
b1:30:58:36:10:a9:7b:33:ad:4c:73:b1:5c:04:e0:
b6:4e:8c:53:7a:67:82:c0:d0:b0:d9:48:83:20:5d:
b4:38:e4:23:ac:c3:d4:e2:46:a5:98:45:ea:bc:ca:
03:8b:dc:13:49:90:67:ef:f4:22:e0:6a:58:00:14:
91:22:61:2a:e5:0e:de:25:cf:fa:ad:e9:af:fb:54:
3b:cf:ab:ce:a6:56:74:cf:49:a0:70:fc:a0:d4:5b:
a8:45:c9:32:c6:e3:fd:06:3a:a0:7c:9b:51:6f:0f:
84:74:c4:af:43:d0:2d:54:20:6e:87:c4:72:1f:f5:
87:3f:fa:dd:1e:79:78:bd:dd:0d:d7:2d:a5:2a:99:
1d:0b:54:3e:a6:9f:8c:70:c0:45:89:94:b8:2e:48:
fd:be:8c:4e:30:50:89:fc:c3:14:1d:c8:ca:30:7d:
6c:f5:55:dd:79:06:7f:d0:fb:e0:d9:db:ff:b1:aa:
5d:25:dd:86:bd:dc:84:cc:21:d4:fb:64:65:44:60:
cb:ef:96:3f:86:65:c5:35:6d:1b:e8:9b:44:a9:40:
61:15:de:d8:fa:51:06:82:e1:8f:28:23:3e:69:3a:
c6:18:bf:3c:cd:c3:7b:01:34:3c:b1:a4:94:0c:f1:
97:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:EA:99:99:55:73:DB:59:74:A6:D0:52:E7:44:4E:A7:D7:2B:52:F6
X509v3 Authority Key Identifier:
keyid:43:54:D5:CF:A5:64:EE:71:B3:4E:88:74:EE:B1:B9:86:8F:88:07:DD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EBC50/E4858AC40CD411EBBCD79C69C4F9AE02/Q1TVz6Vk7nGzToh07rG5ho-IB90.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q1TVz6Vk7nGzToh07rG5ho-IB90.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBC50/E4858AC40CD411EBBCD79C69C4F9AE02/638149B88C2C11EBBB3B260BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.28.238.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:c3:64:64:71:be:1b:0e:59:54:85:db:f2:8d:18:37:18:b1:
0d:9e:d3:28:d1:8f:ca:e1:6c:e1:e0:51:0a:86:5c:0b:19:48:
10:13:0f:0e:9c:e7:93:f1:6f:a1:5f:d3:0f:48:ef:15:6c:6a:
be:c4:c9:81:9d:59:51:32:15:06:a0:e8:fa:ca:3a:03:dc:f4:
cc:ce:5f:34:fc:0f:36:26:bb:60:ed:12:3e:08:b0:47:ee:95:
08:da:82:3a:0d:8d:f5:47:02:f6:2d:a4:80:ed:87:a5:35:9d:
ed:b2:b2:e4:68:6e:58:26:c5:43:83:fb:5f:07:65:6f:48:ec:
02:f0:81:f0:60:5b:49:34:b4:22:9f:bd:b2:a9:3f:fd:8c:32:
60:13:1d:c8:4f:c7:e9:b0:b8:54:22:7e:52:57:5b:53:42:e3:
a5:78:ce:a1:ad:17:da:83:a3:d6:af:12:49:34:43:0b:f9:df:
2d:cd:d4:aa:17:27:85:86:c0:4a:5a:3f:8f:e2:e1:30:30:41:
fc:bc:ed:0a:38:1d:6a:40:b9:b6:56:7d:75:7a:26:82:7f:00:
11:16:c2:06:30:a8:7d:e3:d6:c4:ff:2b:3c:9f:c4:74:01:67:
5e:cb:e5:45:3f:75:54:a8:39:d6:2b:61:d1:7e:a2:81:06:9f:
cb:e7:43:20
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB3YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUJDNTAxMTAvBgNVBAUTKDQzNTRENUNGQTU2NEVFNzFCMzRFODg3NEVFQjFCOTg2
OEY4ODA3REQwHhcNMjUwMzA2MjE0MTQ3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NhMTY5Yi1hODdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0XOxvk/6Osf/MnRwCx+xMFg2EKl7M61Mc7FcBOC2ToxTemeCwNCw2UiDIF20
OOQjrMPU4kalmEXqvMoDi9wTSZBn7/Qi4GpYABSRImEq5Q7eJc/6remv+1Q7z6vO
plZ0z0mgcPyg1FuoRckyxuP9BjqgfJtRbw+EdMSvQ9AtVCBuh8RyH/WHP/rdHnl4
vd0N1y2lKpkdC1Q+pp+McMBFiZS4Lkj9voxOMFCJ/MMUHcjKMH1s9VXdeQZ/0Pvg
2dv/sapdJd2GvdyEzCHU+2RlRGDL75Y/hmXFNW0b6JtEqUBhFd7Y+lEGguGPKCM+
aTrGGL88zcN7ATQ8saSUDPGXuQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHvqmZlV
c9tZdKbQUudETqfXK1L2MB8GA1UdIwQYMBaAFENU1c+lZO5xs06IdO6xuYaPiAfd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkM1MC9FNDg1OEFDNDBD
RDQxMUVCQkNENzlDNjlDNEY5QUUwMi9RMVRWejZWazduR3pUb2gwN3JHNWhvLUlC
OTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ExVFZ6NlZrN25HelRvaDA3ckc1aG8tSUI5MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUJDNTAvRTQ4NThBQzQwQ0Q0MTFFQkJDRDc5QzY5QzRGOUFFMDIvNjM4MTQ5Qjg4
QzJDMTFFQkJCM0IyNjBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLHO4wDQYJKoZIhvcNAQELBQADggEBAKrDZGRxvhsOWVSF
2/KNGDcYsQ2e0yjRj8rhbOHgUQqGXAsZSBATDw6c55Pxb6Ff0w9I7xVsar7EyYGd
WVEyFQag6PrKOgPc9MzOXzT8DzYmu2DtEj4IsEfulQjagjoNjfVHAvYtpIDth6U1
ne2ysuRoblgmxUOD+18HZW9I7ALwgfBgW0k0tCKfvbKpP/2MMmATHchPx+mwuFQi
flJXW1NC46V4zqGtF9qDo9avEkk0Qwv53y3N1KoXJ4WGwEpaP4/i4TAwQfy87Qo4
HWpAubZWfXV6JoJ/ABEWwgYwqH3j1sT/KzyfxHQBZ17L5UU/dVSoOdYrYdF+ooEG
n8vnQyA=
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:11:37 2025 by rpki-client