Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/3420BD0E902C11EA898EFD7FC4F9AE02.roa
File: 3420BD0E902C11EA898EFD7FC4F9AE02.roa (raw, json)
Hash identifier: 8Vt0vedoklkslOnz2Z1wL8KgTgWALQ+K4RanzdNW1jE=
Subject key identifier: FA:BE:73:EF:6D:AF:39:CA:49:06:44:7E:38:38:C0:6C:3F:F1:2D:7E
Certificate issuer: /CN=A9125475/serialNumber=4440F6C422E9500C7D46A62D7DEB70D33A88750E
Certificate serial: 3634
Authority key identifier: 44:40:F6:C4:22:E9:50:0C:7D:46:A6:2D:7D:EB:70:D3:3A:88:75:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/3420BD0E902C11EA898EFD7FC4F9AE02.roa
Signing time: Mon 02 Dec 2024 14:30:24 +0000
ROA not before: Mon 02 Dec 2024 14:30:23 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 133761
IP address blocks: 122.154.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13876 (0x3634)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9125475
Validity
Not Before: Dec 2 14:30:23 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=674dc47f-d880
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2e:b5:2f:5f:5b:82:c8:da:83:07:72:87:44:
70:ad:64:b3:13:1d:56:03:a6:f3:05:62:26:41:7c:
ff:f5:88:52:a9:8c:28:56:61:f2:44:88:e7:aa:d2:
ae:e7:4e:ac:32:8c:a5:3f:e8:cf:50:97:f0:97:5f:
6d:e4:a1:58:8b:41:73:1d:85:3c:ed:e7:fe:f6:8f:
74:51:74:bd:80:d9:6a:4b:06:eb:4c:4a:d9:8d:d7:
da:56:16:5d:ce:72:2b:20:03:7c:e5:1c:75:67:69:
89:24:7a:de:f2:b8:08:eb:e8:12:d2:e5:c2:e4:a0:
88:7d:e9:b2:ff:78:7e:c8:fc:98:50:a2:2d:70:9c:
1f:13:c6:81:96:55:06:bc:e3:bc:86:9f:9e:3c:75:
ae:cd:6f:ab:f4:f9:3f:5e:3c:44:f2:0d:93:74:bd:
84:38:63:1b:88:7d:11:e0:0c:bf:3c:85:93:ba:87:
9f:4c:c9:a2:82:71:f2:21:17:32:51:79:b4:66:81:
f5:bd:fa:07:a3:c0:f1:ad:12:ee:85:97:9a:69:a2:
42:01:92:19:ac:e6:5c:f9:4f:98:41:c7:38:17:eb:
ab:ac:a3:c8:62:0d:70:35:c5:87:5c:a9:0e:7d:e0:
f5:fb:0f:5e:31:3d:2e:35:e0:75:23:93:e6:07:29:
c0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:BE:73:EF:6D:AF:39:CA:49:06:44:7E:38:38:C0:6C:3F:F1:2D:7E
X509v3 Authority Key Identifier:
keyid:44:40:F6:C4:22:E9:50:0C:7D:46:A6:2D:7D:EB:70:D3:3A:88:75:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/RED2xCLpUAx9RqYtfetw0zqIdQ4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/3420BD0E902C11EA898EFD7FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.154.20.0/24
Signature Algorithm: sha256WithRSAEncryption
35:79:22:6f:56:b1:9d:99:88:9f:0f:ca:22:a6:99:de:26:0b:
30:3b:e5:40:0b:2f:41:c0:df:ed:61:fe:f1:0f:5c:d5:05:73:
27:aa:3c:d4:af:b7:b5:53:ec:82:0a:a4:8f:c5:1d:b1:ab:21:
0a:d2:1b:97:31:b2:ea:f1:20:ae:b4:9c:0b:68:17:81:ad:aa:
19:11:cc:96:57:c7:29:a1:f0:6a:31:c9:1d:36:7c:1e:54:fc:
25:08:7b:3a:99:2e:41:81:f0:77:85:26:16:9d:e7:bd:82:56:
21:54:1a:b4:8c:cb:8d:37:90:8b:11:cd:87:df:96:20:08:2c:
f0:f8:96:68:b4:ab:39:8f:02:12:73:e5:a0:8f:21:68:86:a0:
e8:85:3c:24:03:a0:3c:0d:55:2e:2e:e2:a5:0e:9f:ea:d7:7c:
21:66:68:5f:e0:36:4e:88:c6:09:b1:6e:94:65:d2:3e:8b:e9:
b9:83:5f:02:58:39:f6:14:25:03:4b:9a:46:9a:64:4b:b6:37:
66:f4:55:5c:20:43:99:e9:4a:7c:e0:9b:f1:74:b8:84:f9:b1:
c0:15:d3:e7:7d:2a:be:49:dc:46:09:c7:e3:58:ca:1b:9c:c3:
a3:cb:8a:17:51:bf:0b:f6:77:41:be:e0:fd:1c:f8:81:74:59:
5e:df:22:7c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNjQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjU0NzUxMTAvBgNVBAUTKDQ0NDBGNkM0MjJFOTUwMEM3RDQ2QTYyRDdERUI3MEQz
M0E4ODc1MEUwHhcNMjQxMjAyMTQzMDIzWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRkYzQ3Zi1kODgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxC61L19bgsjagwdyh0RwrWSzEx1WA6bzBWImQXz/9YhSqYwoVmHyRIjnqtKu
506sMoylP+jPUJfwl19t5KFYi0FzHYU87ef+9o90UXS9gNlqSwbrTErZjdfaVhZd
znIrIAN85Rx1Z2mJJHre8rgI6+gS0uXC5KCIfemy/3h+yPyYUKItcJwfE8aBllUG
vOO8hp+ePHWuzW+r9Pk/XjxE8g2TdL2EOGMbiH0R4Ay/PIWTuoefTMmignHyIRcy
UXm0ZoH1vfoHo8DxrRLuhZeaaaJCAZIZrOZc+U+YQcc4F+urrKPIYg1wNcWHXKkO
feD1+w9eMT0uNeB1I5PmBynAPwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPq+c+9t
rznKSQZEfjg4wGw/8S1+MB8GA1UdIwQYMBaAFERA9sQi6VAMfUamLX3rcNM6iHUO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNTQ3NS9BQjQ0Nzk3MjFE
NzgxMUUyQURCNkYyQzQwOEIwMkNEMi9SRUQyeENMcFVBeDlScVl0ZmV0dzB6cUlk
UTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JFRDJ4Q0xwVUF4OVJxWXRmZXR3MHpxSWRRNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjU0NzUvQUI0NDc5NzIxRDc4MTFFMkFEQjZGMkM0MDhCMDJDRDIvMzQyMEJEMEU5
MDJDMTFFQTg5OEVGRDdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB6mhQwDQYJKoZIhvcNAQELBQADggEBADV5Im9WsZ2ZiJ8P
yiKmmd4mCzA75UALL0HA3+1h/vEPXNUFcyeqPNSvt7VT7IIKpI/FHbGrIQrSG5cx
surxIK60nAtoF4GtqhkRzJZXxymh8GoxyR02fB5U/CUIezqZLkGB8HeFJhad572C
ViFUGrSMy403kIsRzYffliAILPD4lmi0qzmPAhJz5aCPIWiGoOiFPCQDoDwNVS4u
4qUOn+rXfCFmaF/gNk6IxgmxbpRl0j6L6bmDXwJYOfYUJQNLmkaaZEu2N2b0VVwg
Q5npSnzgm/F0uIT5scAV0+d9Kr5J3EYJx+NYyhucw6PLihdRvwv2d0G+4P0c+IF0
WV7fInw=
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:47:28 2025 by rpki-client