Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/69448F24901811EFAD307C71C4F9AE02.roa
File: 69448F24901811EFAD307C71C4F9AE02.roa (raw, json)
Hash identifier: Hzh3xVvRRKPzv+kWPsFSNzqLMIeNZk0IRUe+axzlVNw=
Subject key identifier: 95:A3:71:23:7A:B6:69:27:6F:FB:33:EF:9A:DA:28:EB:FE:CE:A8:BE
Certificate issuer: /CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Certificate serial: 2854
Authority key identifier: 7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/69448F24901811EFAD307C71C4F9AE02.roa
Signing time: Mon 06 Jan 2025 15:42:19 +0000
ROA not before: Mon 06 Jan 2025 15:42:19 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 38051
IP address blocks: 43.250.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10324 (0x2854)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F13B9
Validity
Not Before: Jan 6 15:42:19 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=677bf9db-baf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:41:e9:cd:8c:ad:7b:6b:2d:3a:2b:3f:5e:9b:
1a:2e:54:b1:14:15:c1:2a:21:83:6c:19:4d:5b:de:
ca:8a:24:e9:d6:0e:af:68:71:92:c5:0c:a9:9d:20:
1f:57:40:a1:b4:f8:db:22:4c:42:64:04:e2:72:ef:
3b:86:6c:3d:e0:c1:e0:5c:55:47:c3:c7:50:4c:2c:
b8:c0:2c:2d:24:83:91:e6:6a:c8:55:8c:11:ec:35:
43:88:34:06:80:85:a6:e1:f7:2d:e4:31:9f:a4:b1:
f6:35:cd:a1:dd:8b:c6:a7:38:88:97:3f:5f:17:1e:
da:49:c1:40:31:44:78:e7:9e:04:55:07:98:92:79:
85:a4:09:e5:11:85:a9:36:06:8f:0a:49:e1:49:b2:
4c:66:55:3a:02:d3:14:b4:7d:63:7a:35:39:31:47:
7e:af:6f:b5:de:93:ef:73:b3:5d:ed:03:5b:09:45:
eb:e2:0d:bf:ca:73:d2:d4:de:ca:23:35:58:df:94:
77:67:35:a6:af:da:a7:b0:f8:2f:0c:ea:a1:86:1a:
11:2f:cd:4a:a4:13:f6:6b:ba:f4:7c:34:08:dc:1e:
4e:e6:8c:c6:13:04:2a:90:6b:8b:15:24:3b:5c:99:
53:60:98:47:4a:57:5b:e9:92:b2:14:45:2e:86:dc:
97:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:A3:71:23:7A:B6:69:27:6F:FB:33:EF:9A:DA:28:EB:FE:CE:A8:BE
X509v3 Authority Key Identifier:
keyid:7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/fqwMLLJ6MKE47kdbB_6X6Okz_co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/69448F24901811EFAD307C71C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.127.0/24
Signature Algorithm: sha256WithRSAEncryption
53:fa:ce:92:66:c3:1a:4c:8d:d9:dd:68:a9:0a:c6:ec:4d:86:
af:1e:0f:c2:44:89:15:26:b2:dc:31:77:95:e0:e0:05:f2:16:
ea:88:a3:b2:ce:27:3b:9a:4a:c6:00:f6:a5:0d:81:e1:3a:55:
a1:97:00:6e:84:b3:15:f6:f9:7e:60:9f:32:68:05:5b:2a:2a:
07:a3:d5:9d:4d:c3:2d:28:49:bd:41:1d:38:c6:d4:ec:f0:ef:
f5:f1:f2:c0:13:f4:88:f8:4d:b2:5f:88:dd:bb:74:0c:58:ab:
cf:ac:1a:dd:48:94:81:29:f5:e0:12:15:0c:12:50:91:27:c0:
a4:57:0e:f4:e2:a2:7e:cd:f0:63:69:6d:8a:06:19:8a:3b:70:
72:0e:07:79:80:b9:5e:0b:e9:96:a6:18:bc:06:5e:87:e5:15:
76:af:4f:db:23:a3:c5:11:aa:ba:21:31:6e:1e:53:27:ba:82:
e8:af:a1:5b:54:ca:ad:2d:3e:d1:98:59:f6:fc:bb:37:26:5a:
d7:99:14:20:84:43:36:ed:0a:16:db:d1:b4:74:82:60:68:de:
99:f5:ab:ce:ff:e1:21:81:c1:31:73:5d:f4:d6:85:c7:b5:6c:
24:75:73:f7:93:31:f8:d6:e0:35:1e:ba:07:56:81:89:e2:2b:
93:e7:f3:b3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICKFQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjEzQjkxMTAvBgNVBAUTKDdFQUMwQzJDQjI3QTMwQTEzOEVFNDc1QjA3RkU5N0U4
RTkzM0ZEQ0EwHhcNMjUwMTA2MTU0MjE5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdiZjlkYi1iYWY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsUHpzYyte2stOis/XpsaLlSxFBXBKiGDbBlNW97KiiTp1g6vaHGSxQypnSAf
V0ChtPjbIkxCZATicu87hmw94MHgXFVHw8dQTCy4wCwtJIOR5mrIVYwR7DVDiDQG
gIWm4fct5DGfpLH2Nc2h3YvGpziIlz9fFx7aScFAMUR4554EVQeYknmFpAnlEYWp
NgaPCknhSbJMZlU6AtMUtH1jejU5MUd+r2+13pPvc7Nd7QNbCUXr4g2/ynPS1N7K
IzVY35R3ZzWmr9qnsPgvDOqhhhoRL81KpBP2a7r0fDQI3B5O5ozGEwQqkGuLFSQ7
XJlTYJhHSldb6ZKyFEUuhtyXKwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJWjcSN6
tmknb/sz75raKOv+zqi+MB8GA1UdIwQYMBaAFH6sDCyyejChOO5HWwf+l+jpM/3K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTNCOS8xODk3QjI1MjlG
OUQxMUU0OTYxOTUzMkRDNEY5QUUwMi9mcXdNTExKNk1LRTQ3a2RiQl82WDZPa3pf
Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Zxd01MTEo2TUtFNDdrZGJCXzZYNk9rel9jby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjEzQjkvMTg5N0IyNTI5RjlEMTFFNDk2MTk1MzJEQzRGOUFFMDIvNjk0NDhGMjQ5
MDE4MTFFRkFEMzA3QzcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr+n8wDQYJKoZIhvcNAQELBQADggEBAFP6zpJmwxpMjdnd
aKkKxuxNhq8eD8JEiRUmstwxd5Xg4AXyFuqIo7LOJzuaSsYA9qUNgeE6VaGXAG6E
sxX2+X5gnzJoBVsqKgej1Z1Nwy0oSb1BHTjG1Ozw7/Xx8sAT9Ij4TbJfiN27dAxY
q8+sGt1IlIEp9eASFQwSUJEnwKRXDvTion7N8GNpbYoGGYo7cHIOB3mAuV4L6Zam
GLwGXoflFXavT9sjo8URqrohMW4eUye6guivoVtUyq0tPtGYWfb8uzcmWteZFCCE
QzbtChbb0bR0gmBo3pn1q87/4SGBwTFzXfTWhce1bCR1c/eTMfjW4DUeugdWgYni
K5Pn87M=
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:03:31 2025 by rpki-client