Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8A49/47D0446447B711EE8A0A9C43C4F9AE02/B78CCA4E4C5711EE9FE2EA35C4F9AE02.roa
File: B78CCA4E4C5711EE9FE2EA35C4F9AE02.roa (raw, json)
Hash identifier: yOezlN4+53IwwnSsCKNCBTmWXo8aQEvNaQEYhS9yato=
Subject key identifier: F9:F2:81:8C:4C:59:EB:07:EA:42:2C:E5:26:94:ED:79:76:ED:1D:61
Certificate issuer: /CN=A91F8A49/serialNumber=D5871E9FC6FBDE7DC71B7E895C8A04C3D0021D85
Certificate serial: 0118
Authority key identifier: D5:87:1E:9F:C6:FB:DE:7D:C7:1B:7E:89:5C:8A:04:C3:D0:02:1D:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1Ycen8b73n3HG36JXIoEw9ACHYU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F8A49/47D0446447B711EE8A0A9C43C4F9AE02/B78CCA4E4C5711EE9FE2EA35C4F9AE02.roa
Signing time: Tue 11 Feb 2025 03:57:32 +0000
ROA not before: Tue 11 Feb 2025 03:57:32 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 134783
IP address blocks: 202.6.120.0/22 maxlen: 24
202.58.248.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 280 (0x118)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F8A49
Validity
Not Before: Feb 11 03:57:32 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67aacaac-5073
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f1:67:0a:66:76:d2:39:b9:33:31:fd:1a:3d:
e2:a3:b7:45:75:77:10:3d:a2:61:4a:ad:7c:e6:b8:
31:a0:2f:65:77:21:27:7b:80:13:95:f0:73:b9:36:
68:1b:38:de:26:53:b8:cd:53:a0:7b:a2:ee:07:ac:
45:c0:0d:ff:93:63:ad:4a:1e:03:5f:5f:7b:7e:71:
81:14:71:15:21:88:29:af:7f:b8:69:88:e0:f1:4e:
ce:4b:6d:ba:18:9d:db:d2:46:c2:84:4d:4e:19:4e:
4c:75:57:bf:a0:de:b7:0d:14:1f:ab:a2:bd:33:5f:
4d:fa:c3:bd:71:5e:45:c9:ef:80:a4:2c:37:67:39:
e9:a0:fc:78:75:e8:fc:21:19:1f:a9:8e:f8:50:b7:
95:50:81:69:07:ca:65:6e:a5:2e:f5:3a:e3:1c:f9:
ee:08:e0:63:e9:35:b5:fa:89:8d:56:9a:b9:b2:37:
2a:da:1c:f4:ba:3c:3b:16:d7:f7:77:65:99:86:10:
be:54:33:93:d8:dd:a1:ac:39:93:70:95:62:ae:78:
48:fc:2d:ca:c6:42:50:b3:f3:d5:5d:e1:c7:46:42:
7d:c0:3a:dc:41:87:51:86:f2:3e:69:af:85:ac:ab:
07:02:bf:08:db:3c:a1:ad:92:4f:0b:cc:cf:ab:d7:
89:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:F2:81:8C:4C:59:EB:07:EA:42:2C:E5:26:94:ED:79:76:ED:1D:61
X509v3 Authority Key Identifier:
keyid:D5:87:1E:9F:C6:FB:DE:7D:C7:1B:7E:89:5C:8A:04:C3:D0:02:1D:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F8A49/47D0446447B711EE8A0A9C43C4F9AE02/1Ycen8b73n3HG36JXIoEw9ACHYU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1Ycen8b73n3HG36JXIoEw9ACHYU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8A49/47D0446447B711EE8A0A9C43C4F9AE02/B78CCA4E4C5711EE9FE2EA35C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.6.120.0/22
202.58.248.0/22
Signature Algorithm: sha256WithRSAEncryption
56:7e:ab:65:a8:ac:10:81:21:6d:1b:3d:61:2e:af:34:ca:a0:
e6:84:81:55:8b:c0:a3:36:00:2a:12:cc:da:75:f8:42:84:20:
f4:0d:da:81:e6:24:6c:26:c6:71:e7:fb:1c:ac:56:1e:1c:0b:
4a:6a:b4:95:0b:a5:65:c7:46:3c:da:28:3b:51:00:fb:ed:75:
b5:9c:06:01:1b:da:19:65:b8:e0:3e:4a:bf:7c:e0:ba:bd:85:
e2:6e:85:0d:39:5a:2a:17:1e:94:a3:d1:81:ec:09:d6:b0:24:
b1:2d:87:38:cf:1c:0a:24:f6:17:ff:b6:8e:0c:fd:b8:32:b4:
77:4d:df:59:b0:64:92:6d:a0:5a:c9:b3:d1:f1:5d:12:91:44:
a3:32:86:e8:f1:17:60:cb:cc:28:cb:b9:bb:12:7c:e2:12:40:
7f:32:dc:75:25:80:bc:c0:6e:04:44:59:58:b4:94:74:a6:99:
1e:89:8e:c1:99:9c:ca:b4:a1:d5:59:a2:ea:3b:7e:bb:3b:ed:
a8:21:a7:21:84:8e:d6:6d:db:8d:77:29:51:ec:93:1a:0f:94:
a0:72:7d:7e:c1:b1:d8:12:84:a8:be:bb:11:01:a6:5e:68:10:
a3:65:a4:59:48:ac:98:f5:9a:e2:d7:8a:91:f5:2a:6a:d5:44:
1d:8a:e8:28
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICARgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjhBNDkxMTAvBgNVBAUTKEQ1ODcxRTlGQzZGQkRFN0RDNzFCN0U4OTVDOEEwNEMz
RDAwMjFEODUwHhcNMjUwMjExMDM1NzMyWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FhY2FhYy01MDczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtfFnCmZ20jm5MzH9Gj3io7dFdXcQPaJhSq185rgxoC9ldyEne4ATlfBzuTZo
GzjeJlO4zVOge6LuB6xFwA3/k2OtSh4DX197fnGBFHEVIYgpr3+4aYjg8U7OS226
GJ3b0kbChE1OGU5MdVe/oN63DRQfq6K9M19N+sO9cV5Fye+ApCw3ZznpoPx4dej8
IRkfqY74ULeVUIFpB8plbqUu9TrjHPnuCOBj6TW1+omNVpq5sjcq2hz0ujw7Ftf3
d2WZhhC+VDOT2N2hrDmTcJVirnhI/C3KxkJQs/PVXeHHRkJ9wDrcQYdRhvI+aa+F
rKsHAr8I2zyhrZJPC8zPq9eJswIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPnygYxM
WesH6kIs5SaU7Xl27R1hMB8GA1UdIwQYMBaAFNWHHp/G+959xxt+iVyKBMPQAh2F
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOEE0OS80N0QwNDQ2NDQ3
QjcxMUVFOEEwQTlDNDNDNEY5QUUwMi8xWWNlbjhiNzNuM0hHMzZKWElvRXc5QUNI
WVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFZY2VuOGI3M24zSEczNkpYSW9FdzlBQ0hZVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjhBNDkvNDdEMDQ0NjQ0N0I3MTFFRThBMEE5QzQzQzRGOUFFMDIvQjc4Q0NBNEU0
QzU3MTFFRTlGRTJFQTM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBALKBngDBALKOvgwDQYJKoZIhvcNAQELBQADggEBAFZ+q2Wo
rBCBIW0bPWEurzTKoOaEgVWLwKM2ACoSzNp1+EKEIPQN2oHmJGwmxnHn+xysVh4c
C0pqtJULpWXHRjzaKDtRAPvtdbWcBgEb2hlluOA+Sr984Lq9heJuhQ05WioXHpSj
0YHsCdawJLEthzjPHAok9hf/to4M/bgytHdN31mwZJJtoFrJs9HxXRKRRKMyhujx
F2DLzCjLubsSfOISQH8y3HUlgLzAbgREWVi0lHSmmR6JjsGZnMq0odVZouo7frs7
7aghpyGEjtZt2413KVHskxoPlKByfX7BsdgShKi+uxEBpl5oEKNlpFlIrJj1muLX
ipH1KmrVRB2K6Cg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:04:44 2025 by rpki-client