Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/3F32B394825511EF9EAD7768C4F9AE02.roa
File: 3F32B394825511EF9EAD7768C4F9AE02.roa (raw, json)
Hash identifier: nVb0yRvBxB5aeAkXLhFjjdqB640NTeP85hc3PGH+Bog=
Subject key identifier: A5:AA:A2:EC:BD:BD:6D:3A:34:87:C3:25:B8:CB:A1:8D:62:52:D7:54
Certificate issuer: /CN=A91EE09C/serialNumber=3C69B9B601D2C9F2A3915A6FFBCA3DAD62E99245
Certificate serial: 010E
Authority key identifier: 3C:69:B9:B6:01:D2:C9:F2:A3:91:5A:6F:FB:CA:3D:AD:62:E9:92:45
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PGm5tgHSyfKjkVpv-8o9rWLpkkU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/3F32B394825511EF9EAD7768C4F9AE02.roa
Signing time: Thu 19 Dec 2024 04:18:47 +0000
ROA not before: Thu 19 Dec 2024 04:18:47 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 138212
IP address blocks: 203.99.144.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 270 (0x10e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EE09C
Validity
Not Before: Dec 19 04:18:47 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67639ea7-be6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:97:c9:29:a5:2e:23:ec:18:e1:24:65:c5:a7:
a4:f5:88:99:16:fc:8c:b2:d5:e3:45:4f:06:08:f6:
c1:5f:d4:01:96:6c:64:d6:f0:85:0a:84:9e:a8:31:
02:3b:6b:d5:c7:99:5a:a5:b8:08:c9:ef:9f:f9:16:
a8:cc:8f:9c:87:81:54:bc:fc:88:38:4b:d5:6a:49:
d0:a7:83:8b:b0:03:01:50:34:3f:e0:2f:08:53:29:
fd:1b:eb:57:a8:fb:b7:0d:94:43:ee:be:2e:9f:cf:
70:c0:03:bd:a0:0f:88:9d:e4:5f:c7:31:8c:9e:c1:
d7:c6:26:dc:42:ce:e8:33:10:76:31:27:a7:25:e1:
d5:87:76:b9:c6:fe:d7:9f:82:21:d0:19:fc:da:33:
d9:84:c7:c3:26:46:86:54:ee:b9:0d:3c:aa:b6:43:
ea:26:32:da:aa:58:51:1d:72:db:28:8d:d8:99:3b:
b1:01:77:4e:5c:53:61:29:8e:75:9b:6e:d7:d5:e8:
41:74:c3:de:49:93:cf:2b:f2:28:b2:f1:64:b9:dd:
52:9d:06:5c:ab:48:84:31:16:5a:2c:53:70:89:63:
f0:a5:bb:2d:62:39:80:f4:19:16:ff:a0:9d:66:9f:
6b:bf:17:29:05:e5:76:03:cb:a0:b7:f1:01:c5:e3:
59:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:AA:A2:EC:BD:BD:6D:3A:34:87:C3:25:B8:CB:A1:8D:62:52:D7:54
X509v3 Authority Key Identifier:
keyid:3C:69:B9:B6:01:D2:C9:F2:A3:91:5A:6F:FB:CA:3D:AD:62:E9:92:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/PGm5tgHSyfKjkVpv-8o9rWLpkkU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PGm5tgHSyfKjkVpv-8o9rWLpkkU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/3F32B394825511EF9EAD7768C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.99.144.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:69:68:82:31:bf:73:a6:04:14:0a:19:bf:8c:c4:0a:5c:54:
cf:20:58:8a:12:ea:2e:10:8f:80:e6:b0:e0:92:ce:61:ba:68:
70:fd:b7:87:48:f0:bf:cd:ee:82:3a:bd:f0:05:d5:7f:94:ab:
48:9b:35:ff:42:2a:58:99:ef:b7:7c:6f:2d:26:58:8f:51:e5:
2f:a1:0d:95:ed:2b:b7:39:b7:ab:8b:de:02:70:f8:e0:34:6f:
63:7d:0d:e6:b8:d5:a0:29:a0:0f:ee:8a:53:8a:54:be:4f:b5:
0a:70:fc:59:2d:67:31:7a:9f:cc:64:ac:ac:05:51:91:d9:0a:
71:f2:28:76:ea:72:cc:21:e4:0a:18:d7:de:d2:49:82:6d:f2:
be:32:bd:03:99:70:4a:fc:1a:e1:90:83:ce:d2:07:a7:9b:e9:
a8:06:83:a7:44:f5:25:36:a1:ae:1d:00:ca:4f:58:b7:e0:27:
19:ef:6e:3a:82:34:f8:4a:06:9a:74:99:98:ac:c3:b7:f7:a3:
47:12:7d:95:d6:f1:7b:0a:7c:4d:0a:98:6c:d0:c3:a4:6c:29:
f6:7f:2b:b4:39:dc:c6:80:62:2f:83:c3:b5:dd:97:f1:ca:57:
ea:6d:e3:f1:79:26:1e:58:7a:51:6e:e1:7f:91:d9:c7:9e:22:
60:44:8d:06
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAQ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUUwOUMxMTAvBgNVBAUTKDNDNjlCOUI2MDFEMkM5RjJBMzkxNUE2RkZCQ0EzREFE
NjJFOTkyNDUwHhcNMjQxMjE5MDQxODQ3WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYzOWVhNy1iZTZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxZfJKaUuI+wY4SRlxaek9YiZFvyMstXjRU8GCPbBX9QBlmxk1vCFCoSeqDEC
O2vVx5lapbgIye+f+RaozI+ch4FUvPyIOEvVaknQp4OLsAMBUDQ/4C8IUyn9G+tX
qPu3DZRD7r4un89wwAO9oA+IneRfxzGMnsHXxibcQs7oMxB2MSenJeHVh3a5xv7X
n4Ih0Bn82jPZhMfDJkaGVO65DTyqtkPqJjLaqlhRHXLbKI3YmTuxAXdOXFNhKY51
m27X1ehBdMPeSZPPK/IosvFkud1SnQZcq0iEMRZaLFNwiWPwpbstYjmA9BkW/6Cd
Zp9rvxcpBeV2A8ugt/EBxeNZKwIDAQABo4IClTCCApEwHQYDVR0OBBYEFKWqouy9
vW06NIfDJbjLoY1iUtdUMB8GA1UdIwQYMBaAFDxpubYB0snyo5Fab/vKPa1i6ZJF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRTA5Qy9FRUY3NjJDMDkw
NzUxMUVFODdEMjY2ODBDNEY5QUUwMi9QR201dGdIU3lmS2prVnB2LThvOXJXTHBr
a1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BHbTV0Z0hTeWZLamtWcHYtOG85cldMcGtrVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUUwOUMvRUVGNzYyQzA5MDc1MTFFRTg3RDI2NjgwQzRGOUFFMDIvM0YzMkIzOTQ4
MjU1MTFFRjlFQUQ3NzY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLY5AwDQYJKoZIhvcNAQELBQADggEBALVpaIIxv3OmBBQK
Gb+MxApcVM8gWIoS6i4Qj4DmsOCSzmG6aHD9t4dI8L/N7oI6vfAF1X+Uq0ibNf9C
KliZ77d8by0mWI9R5S+hDZXtK7c5t6uL3gJw+OA0b2N9Dea41aApoA/uilOKVL5P
tQpw/FktZzF6n8xkrKwFUZHZCnHyKHbqcswh5AoY197SSYJt8r4yvQOZcEr8GuGQ
g87SB6eb6agGg6dE9SU2oa4dAMpPWLfgJxnvbjqCNPhKBpp0mZisw7f3o0cSfZXW
8XsKfE0KmGzQw6RsKfZ/K7Q53MaAYi+Dw7Xdl/HKV+pt4/F5Jh5YelFu4X+R2cee
ImBEjQY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:14:21 2025 by rpki-client