Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F59A6/E4EDAC18CB1A11EA87CD5544C4F9AE02/19B0BAAE1CE611EBB543881CC4F9AE02.roa
File: 19B0BAAE1CE611EBB543881CC4F9AE02.roa (raw, json)
Hash identifier: /kIJQGWq5uSGzv2Hlgx55daJuqaTWlcXb9ZHCo//sns=
Subject key identifier: 59:E7:37:41:73:86:A4:2A:1C:B1:20:86:DD:3F:8B:3F:13:9F:47:EF
Certificate issuer: /CN=A91F59A6/serialNumber=E25FCD9B7725853942791A62D475ECFED7C03F64
Certificate serial: 081E
Authority key identifier: E2:5F:CD:9B:77:25:85:39:42:79:1A:62:D4:75:EC:FE:D7:C0:3F:64
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4l_Nm3clhTlCeRpi1HXs_tfAP2Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F59A6/E4EDAC18CB1A11EA87CD5544C4F9AE02/19B0BAAE1CE611EBB543881CC4F9AE02.roa
Signing time: Sat 14 Dec 2024 18:07:13 +0000
ROA not before: Sat 14 Dec 2024 18:07:13 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 14630
IP address blocks: 206.209.76.0/24 maxlen: 24
206.209.77.0/24 maxlen: 24
206.209.78.0/24 maxlen: 24
206.209.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2078 (0x81e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F59A6
Validity
Not Before: Dec 14 18:07:13 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=675dc950-bef8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:26:3d:4a:66:17:70:0b:cd:f3:ac:1e:c9:70:
1b:71:e9:78:d6:49:45:70:98:e2:96:23:6a:6e:99:
ac:f4:15:b4:98:f3:5f:25:d0:69:58:d1:e4:6a:07:
15:a2:09:a6:8f:08:11:53:8a:2e:db:b7:8e:05:56:
50:93:1a:b5:12:d5:70:f4:95:27:8f:84:cc:de:27:
ef:1b:c7:22:e3:e1:7c:6b:04:37:85:90:ba:3e:13:
5f:6a:52:47:fc:38:98:4d:13:2c:b4:77:f6:ba:9e:
66:1c:e3:75:18:bc:c1:08:b3:04:86:87:40:f9:37:
28:26:15:fa:ae:ca:68:81:f2:1c:21:e1:47:cc:84:
0e:9c:22:97:1e:e6:41:4f:ae:37:e3:23:c9:1e:63:
43:f6:fc:dd:78:39:e3:2a:41:c5:48:04:e4:3d:b2:
83:b7:73:22:51:20:0c:93:43:5d:34:d3:b4:5d:58:
10:15:49:e0:04:d6:1f:bd:4d:52:36:00:4d:ee:ca:
36:3a:90:31:d8:56:42:c2:ff:b3:77:ea:f2:1f:ed:
4a:1b:51:98:2d:f9:56:22:73:71:11:6d:f6:1e:f9:
f4:88:da:1f:6e:1c:14:27:99:b7:ac:16:f2:f8:38:
62:42:5b:46:1a:15:6c:62:f9:ae:c7:5c:a5:64:e4:
65:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:E7:37:41:73:86:A4:2A:1C:B1:20:86:DD:3F:8B:3F:13:9F:47:EF
X509v3 Authority Key Identifier:
keyid:E2:5F:CD:9B:77:25:85:39:42:79:1A:62:D4:75:EC:FE:D7:C0:3F:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F59A6/E4EDAC18CB1A11EA87CD5544C4F9AE02/4l_Nm3clhTlCeRpi1HXs_tfAP2Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4l_Nm3clhTlCeRpi1HXs_tfAP2Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F59A6/E4EDAC18CB1A11EA87CD5544C4F9AE02/19B0BAAE1CE611EBB543881CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
206.209.76.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:a2:fb:77:d0:78:05:d0:ce:cb:29:4b:98:93:c5:c8:67:4c:
3c:a5:c7:2f:6a:a3:65:4a:9d:0b:9a:ac:be:c6:22:3c:fd:0e:
79:f4:b0:11:3e:e8:dc:91:77:e2:15:db:ba:51:43:89:45:6b:
8f:2b:2f:5a:17:5f:06:b9:b4:b4:0c:c9:44:f0:36:2a:e2:f4:
a7:b8:fe:d4:fc:59:a2:01:c1:91:bc:ff:2d:d6:7c:76:28:2c:
ff:11:63:c8:e0:81:3c:b7:66:6c:a1:95:38:62:00:ce:c4:e3:
cf:be:ce:d5:38:4d:ad:c9:90:cf:f1:8a:91:45:4d:6b:98:f6:
97:fb:51:13:6b:3c:8e:aa:dd:d1:6f:96:64:cb:1a:9a:36:3c:
8b:f1:93:83:8d:32:3f:86:60:04:26:64:10:68:0b:ee:bf:cc:
a1:1c:7b:e2:8a:9c:fe:d7:cf:4d:03:80:a4:fd:fe:b3:f9:db:
7f:1e:96:d6:4c:56:b7:fe:df:da:0c:01:27:79:0e:96:95:a6:
6f:c4:e0:ec:3d:29:7e:2c:4a:76:d4:79:42:64:d2:9f:3b:2c:
5a:c7:f5:10:3c:8c:d9:e3:d7:88:bc:81:d9:0e:9c:d7:27:cc:
0e:49:34:c9:13:ac:e3:94:22:f1:02:88:50:cd:88:3c:5e:8a:
ca:1d:61:59
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCB4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjU5QTYxMTAvBgNVBAUTKEUyNUZDRDlCNzcyNTg1Mzk0Mjc5MUE2MkQ0NzVFQ0ZF
RDdDMDNGNjQwHhcNMjQxMjE0MTgwNzEzWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzVkYzk1MC1iZWY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArSY9SmYXcAvN86weyXAbcel41klFcJjiliNqbpms9BW0mPNfJdBpWNHkagcV
ogmmjwgRU4ou27eOBVZQkxq1EtVw9JUnj4TM3ifvG8ci4+F8awQ3hZC6PhNfalJH
/DiYTRMstHf2up5mHON1GLzBCLMEhodA+TcoJhX6rspogfIcIeFHzIQOnCKXHuZB
T6434yPJHmND9vzdeDnjKkHFSATkPbKDt3MiUSAMk0NdNNO0XVgQFUngBNYfvU1S
NgBN7so2OpAx2FZCwv+zd+ryH+1KG1GYLflWInNxEW32Hvn0iNofbhwUJ5m3rBby
+DhiQltGGhVsYvmux1ylZORl2wIDAQABo4IClTCCApEwHQYDVR0OBBYEFFnnN0Fz
hqQqHLEght0/iz8Tn0fvMB8GA1UdIwQYMBaAFOJfzZt3JYU5QnkaYtR17P7XwD9k
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNTlBNi9FNEVEQUMxOENC
MUExMUVBODdDRDU1NDRDNEY5QUUwMi80bF9ObTNjbGhUbENlUnBpMUhYc190ZkFQ
MlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzRsX05tM2NsaFRsQ2VScGkxSFhzX3RmQVAyUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjU5QTYvRTRFREFDMThDQjFBMTFFQTg3Q0Q1NTQ0QzRGOUFFMDIvMTlCMEJBQUUx
Q0U2MTFFQkI1NDM4ODFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALO0UwwDQYJKoZIhvcNAQELBQADggEBAKmi+3fQeAXQzssp
S5iTxchnTDylxy9qo2VKnQuarL7GIjz9Dnn0sBE+6NyRd+IV27pRQ4lFa48rL1oX
Xwa5tLQMyUTwNiri9Ke4/tT8WaIBwZG8/y3WfHYoLP8RY8jggTy3ZmyhlThiAM7E
48++ztU4Ta3JkM/xipFFTWuY9pf7URNrPI6q3dFvlmTLGpo2PIvxk4ONMj+GYAQm
ZBBoC+6/zKEce+KKnP7Xz00DgKT9/rP5238eltZMVrf+39oMASd5DpaVpm/E4Ow9
KX4sSnbUeUJk0p87LFrH9RA8jNnj14i8gdkOnNcnzA5JNMkTrOOUIvECiFDNiDxe
isodYVk=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:02:42 2025 by rpki-client