Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9120974/033240C03A4A11E9940F2D16C4F9AE02/A87BA1063A4B11E99182B31BC4F9AE02.roa
File: A87BA1063A4B11E99182B31BC4F9AE02.roa (raw, json)
Hash identifier: hG1fGJzQ3JbtXbpeIbWQ7QaLlc8Fngz5Q1TdRya0bg4=
Subject key identifier: FF:78:3C:8E:C8:1D:2C:C0:82:53:D4:AF:C4:B2:98:7C:4B:49:81:23
Certificate issuer: /CN=A9120974/serialNumber=A65104DC76A8E0E6A3D92146789680B73DDE5F58
Certificate serial: 0FA1
Authority key identifier: A6:51:04:DC:76:A8:E0:E6:A3:D9:21:46:78:96:80:B7:3D:DE:5F:58
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/plEE3Hao4Oaj2SFGeJaAtz3eX1g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9120974/033240C03A4A11E9940F2D16C4F9AE02/A87BA1063A4B11E99182B31BC4F9AE02.roa
Signing time: Thu 30 May 2024 18:51:12 +0000
ROA not before: Thu 30 May 2024 18:51:12 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 45090
IP address blocks: 109.244.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4001 (0xfa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9120974
Validity
Not Before: May 30 18:51:12 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6658ca9f-5dcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:7e:f7:31:af:6f:aa:5c:ff:d2:19:34:60:46:
2b:dc:76:9b:dc:e5:98:6e:01:25:50:c9:49:71:bb:
38:e2:26:39:17:94:36:08:0f:d4:93:86:33:9f:85:
af:52:37:59:43:da:49:54:01:64:20:4e:9f:18:1d:
e3:fb:63:c2:70:af:21:94:84:65:25:4a:3b:8e:e2:
05:57:45:82:de:8f:fa:97:96:b6:02:80:ef:b3:58:
9e:78:e2:8f:f4:46:8e:7e:4d:31:37:54:97:b6:45:
43:08:a8:46:6a:e2:69:76:87:60:8b:4f:ad:a0:57:
8f:69:db:51:30:0c:a7:9e:77:7f:68:4a:3d:13:c8:
66:b8:5f:d0:17:bc:96:d6:8d:50:e3:75:25:ec:c1:
06:32:78:4e:9e:97:ea:2a:cc:b0:18:8a:d0:b1:78:
57:d9:9d:62:88:32:71:f5:24:c7:6c:2a:c1:03:e8:
ac:19:7f:f2:9b:e0:56:50:fd:11:bf:04:9e:01:4b:
11:7e:1c:44:d8:80:84:a3:09:df:d0:5b:99:05:a8:
41:9f:ef:ad:2e:d3:bb:02:8e:3a:07:5d:6f:23:a8:
c7:f1:24:ec:55:be:e4:0f:85:66:2e:e3:ec:c7:df:
68:55:05:f5:6f:ca:3a:b6:4b:c7:e6:a0:95:55:0c:
93:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:78:3C:8E:C8:1D:2C:C0:82:53:D4:AF:C4:B2:98:7C:4B:49:81:23
X509v3 Authority Key Identifier:
keyid:A6:51:04:DC:76:A8:E0:E6:A3:D9:21:46:78:96:80:B7:3D:DE:5F:58
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9120974/033240C03A4A11E9940F2D16C4F9AE02/plEE3Hao4Oaj2SFGeJaAtz3eX1g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/plEE3Hao4Oaj2SFGeJaAtz3eX1g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9120974/033240C03A4A11E9940F2D16C4F9AE02/A87BA1063A4B11E99182B31BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
109.244.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bd:ba:0a:1a:d2:6e:4f:83:2e:b5:6a:a0:0b:58:f6:83:99:c6:
ea:b4:cd:94:3c:51:e7:1e:bd:c0:27:83:73:70:48:7c:fc:95:
13:a8:9e:f6:d1:aa:b6:66:0a:e7:50:0b:c7:f1:0a:85:ef:05:
76:29:6b:02:c7:07:ee:ba:ce:20:1b:2f:46:e4:ea:54:99:bb:
a7:42:43:45:e4:c9:bd:5a:10:e3:1d:af:3d:5f:19:f9:df:93:
b7:62:70:ea:92:3c:4c:30:61:a8:a5:a4:79:e9:34:08:96:ed:
d0:56:85:f9:d4:8d:6c:5d:20:5f:56:f4:ad:bd:e9:26:d4:44:
e8:fc:56:f9:f1:08:f0:0d:fb:26:52:29:42:40:2d:10:d2:cb:
93:7c:97:66:de:9f:53:89:74:72:04:42:da:bc:a8:09:2c:d9:
18:a0:b4:0d:3d:81:42:a1:f1:c9:59:ef:19:f4:ba:70:cd:f9:
e6:9f:d0:38:0a:4f:88:95:dd:1f:08:c9:19:b7:9f:00:fa:99:
d5:32:61:3b:fb:2a:05:0f:da:f2:cd:a7:79:98:0b:52:0b:23:
48:e2:fa:20:9d:1c:12:ec:09:6e:91:ed:40:92:e0:4b:31:ab:
02:af:c3:f7:99:d8:8e:2e:e4:25:6a:3f:00:a6:81:98:4f:ba:
8e:4a:ec:23
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICD6EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjA5NzQxMTAvBgNVBAUTKEE2NTEwNERDNzZBOEUwRTZBM0Q5MjE0Njc4OTY4MEI3
M0RERTVGNTgwHhcNMjQwNTMwMTg1MTEyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjU4Y2E5Zi01ZGNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3373Ma9vqlz/0hk0YEYr3Hab3OWYbgElUMlJcbs44iY5F5Q2CA/Uk4Yzn4Wv
UjdZQ9pJVAFkIE6fGB3j+2PCcK8hlIRlJUo7juIFV0WC3o/6l5a2AoDvs1ieeOKP
9EaOfk0xN1SXtkVDCKhGauJpdodgi0+toFePadtRMAynnnd/aEo9E8hmuF/QF7yW
1o1Q43Ul7MEGMnhOnpfqKsywGIrQsXhX2Z1iiDJx9STHbCrBA+isGX/ym+BWUP0R
vwSeAUsRfhxE2ICEownf0FuZBahBn++tLtO7Ao46B11vI6jH8STsVb7kD4VmLuPs
x99oVQX1b8o6tkvH5qCVVQyTXQIDAQABo4IClDCCApAwHQYDVR0OBBYEFP94PI7I
HSzAglPUr8SymHxLSYEjMB8GA1UdIwQYMBaAFKZRBNx2qODmo9khRniWgLc93l9Y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMDk3NC8wMzMyNDBDMDNB
NEExMUU5OTQwRjJEMTZDNEY5QUUwMi9wbEVFM0hhbzRPYWoyU0ZHZUphQXR6M2VY
MWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL3BsRUUzSGFvNE9hajJTRkdlSmFBdHozZVgxZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjA5NzQvMDMzMjQwQzAzQTRBMTFFOTk0MEYyRDE2QzRGOUFFMDIvQTg3QkExMDYz
QTRCMTFFOTkxODJCMzFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwBt9DANBgkqhkiG9w0BAQsFAAOCAQEAvboKGtJuT4MutWqg
C1j2g5nG6rTNlDxR5x69wCeDc3BIfPyVE6ie9tGqtmYK51ALx/EKhe8FdilrAscH
7rrOIBsvRuTqVJm7p0JDReTJvVoQ4x2vPV8Z+d+Tt2Jw6pI8TDBhqKWkeek0CJbt
0FaF+dSNbF0gX1b0rb3pJtRE6PxW+fEI8A37JlIpQkAtENLLk3yXZt6fU4l0cgRC
2ryoCSzZGKC0DT2BQqHxyVnvGfS6cM355p/QOApPiJXdHwjJGbefAPqZ1TJhO/sq
BQ/a8s2neZgLUgsjSOL6IJ0cEuwJbpHtQJLgSzGrAq/D95nYji7kJWo/AKaBmE+6
jkrsIw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:31:36 2025 by rpki-client