Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913CAE9/08DA60C6F1B211E68E74A26CC4F9AE02/9B315A5E46A011E7B9BAF254C4F9AE02.roa
File: 9B315A5E46A011E7B9BAF254C4F9AE02.roa (raw, json)
Hash identifier: 9EcXEyYQS23lcV2U+HKPELhdNtW+6VqWRslfao0UNEU=
Subject key identifier: B8:FE:C2:F9:AB:1B:8D:84:C5:64:50:26:A9:2A:F8:01:F4:E1:7B:6E
Certificate issuer: /CN=A913CAE9/serialNumber=1D56FE4DA42B8866FE96A297F772EE80B518A40A
Certificate serial: 1B90
Authority key identifier: 1D:56:FE:4D:A4:2B:88:66:FE:96:A2:97:F7:72:EE:80:B5:18:A4:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HVb-TaQriGb-lqKX93LugLUYpAo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913CAE9/08DA60C6F1B211E68E74A26CC4F9AE02/9B315A5E46A011E7B9BAF254C4F9AE02.roa
Signing time: Fri 30 Aug 2024 16:54:08 +0000
ROA not before: Fri 30 Aug 2024 16:54:08 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 54825
IP address blocks: 203.33.22.0/24 maxlen: 24
2001:df3:ba00::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7056 (0x1b90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913CAE9
Validity
Not Before: Aug 30 16:54:08 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d1f930-f602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:90:46:86:9c:cd:0e:20:62:f3:28:b2:7f:bd:
72:84:db:74:6b:75:8e:23:77:3e:3c:b9:6f:76:77:
d1:e6:91:f4:1f:26:de:87:70:d1:4b:16:b4:29:7e:
9c:ca:c2:2e:20:bb:23:d1:4c:bc:ee:f2:58:08:6a:
e2:2d:5e:a8:62:76:3f:7e:dc:11:02:ca:46:fa:5e:
23:55:e9:8b:5a:6d:bc:a6:dc:db:58:89:30:82:da:
d1:2b:fa:de:14:9b:97:bb:43:99:09:0b:28:85:ba:
f5:7d:a3:3f:fa:c2:28:ae:de:9f:48:94:02:dd:c5:
95:e1:df:da:01:83:80:16:28:89:f9:c8:45:8f:e3:
22:09:21:cf:6c:2d:a9:ad:55:ce:8b:81:ec:23:91:
be:d7:d1:f9:f4:94:f8:7d:80:f8:8c:0c:7e:46:5b:
9c:77:3a:2f:a4:2e:01:05:af:22:ed:b3:c2:4e:f2:
18:c2:73:d9:ec:61:e4:c1:82:fb:c3:ce:ce:5a:54:
16:50:13:29:dc:57:38:b6:c6:d6:65:e6:7d:50:43:
ce:f6:f2:9c:8f:7c:b4:4d:3c:3e:6a:e9:2d:c6:72:
05:a3:e4:ff:be:d4:6e:94:23:c4:15:d7:c2:ca:06:
b1:be:95:e0:be:cc:80:31:e9:76:99:a2:3d:1e:70:
98:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:FE:C2:F9:AB:1B:8D:84:C5:64:50:26:A9:2A:F8:01:F4:E1:7B:6E
X509v3 Authority Key Identifier:
keyid:1D:56:FE:4D:A4:2B:88:66:FE:96:A2:97:F7:72:EE:80:B5:18:A4:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913CAE9/08DA60C6F1B211E68E74A26CC4F9AE02/HVb-TaQriGb-lqKX93LugLUYpAo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HVb-TaQriGb-lqKX93LugLUYpAo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913CAE9/08DA60C6F1B211E68E74A26CC4F9AE02/9B315A5E46A011E7B9BAF254C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.33.22.0/24
IPv6:
2001:df3:ba00::/48
Signature Algorithm: sha256WithRSAEncryption
60:63:0f:e7:6c:8a:aa:16:84:b3:d5:99:a2:d5:08:a8:f1:12:
5d:e4:2f:f7:02:20:d9:7b:5c:eb:a2:39:c1:86:d1:87:ef:3a:
57:69:29:8f:df:08:69:37:6a:1a:c0:f7:20:a9:7f:03:76:1a:
66:5d:dc:9c:ad:4e:2c:65:b6:6e:76:63:1a:5b:4c:2c:d2:ec:
6d:39:04:17:39:d9:eb:5d:26:cf:25:06:23:57:e6:3f:a8:5d:
ad:db:92:df:b3:66:3c:8a:b1:2a:14:66:7b:85:a3:9b:79:fc:
32:16:86:fb:05:a8:f3:74:2a:52:81:b3:78:71:be:e6:65:9a:
68:0b:82:cf:98:91:1f:07:a6:8c:d6:be:9b:c9:cb:3a:49:b7:
15:c3:84:c5:19:12:42:c3:20:ea:04:d1:eb:c6:5c:d9:92:5d:
cd:ee:fd:2a:8c:1c:74:fa:f4:35:38:14:9b:97:5d:de:d7:7f:
4b:12:5a:51:62:c4:7d:da:e8:cc:95:f4:93:fb:b3:b1:37:a8:
90:c1:74:34:0b:a0:98:82:a3:0b:09:f8:b7:6f:96:62:41:92:
43:0d:de:74:ce:9c:89:2d:f4:85:14:8f:8c:ce:7e:4d:95:f2:
25:af:84:0e:c0:d9:17:a0:bd:2f:99:4e:fc:f0:52:16:a1:ee:
5a:2a:f6:db
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICG5AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0NBRTkxMTAvBgNVBAUTKDFENTZGRTREQTQyQjg4NjZGRTk2QTI5N0Y3NzJFRTgw
QjUxOEE0MEEwHhcNMjQwODMwMTY1NDA4WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQxZjkzMC1mNjAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq5BGhpzNDiBi8yiyf71yhNt0a3WOI3c+PLlvdnfR5pH0Hybeh3DRSxa0KX6c
ysIuILsj0Uy87vJYCGriLV6oYnY/ftwRAspG+l4jVemLWm28ptzbWIkwgtrRK/re
FJuXu0OZCQsohbr1faM/+sIort6fSJQC3cWV4d/aAYOAFiiJ+chFj+MiCSHPbC2p
rVXOi4HsI5G+19H59JT4fYD4jAx+RlucdzovpC4BBa8i7bPCTvIYwnPZ7GHkwYL7
w87OWlQWUBMp3Fc4tsbWZeZ9UEPO9vKcj3y0TTw+auktxnIFo+T/vtRulCPEFdfC
ygaxvpXgvsyAMel2maI9HnCY9QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFLj+wvmr
G42ExWRQJqkq+AH04XtuMB8GA1UdIwQYMBaAFB1W/k2kK4hm/pail/dy7oC1GKQK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQ0FFOS8wOERBNjBDNkYx
QjIxMUU2OEU3NEEyNkNDNEY5QUUwMi9IVmItVGFRcmlHYi1scUtYOTNMdWdMVVlw
QW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hWYi1UYVFyaUdiLWxxS1g5M0x1Z0xVWXBBby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0NBRTkvMDhEQTYwQzZGMUIyMTFFNjhFNzRBMjZDQzRGOUFFMDIvOUIzMTVBNUU0
NkEwMTFFN0I5QkFGMjU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBADLIRYwDwQCAAIwCQMHACABDfO6ADANBgkqhkiG9w0BAQsF
AAOCAQEAYGMP52yKqhaEs9WZotUIqPESXeQv9wIg2Xtc66I5wYbRh+86V2kpj98I
aTdqGsD3IKl/A3YaZl3cnK1OLGW2bnZjGltMLNLsbTkEFznZ610mzyUGI1fmP6hd
rduS37NmPIqxKhRme4Wjm3n8MhaG+wWo83QqUoGzeHG+5mWaaAuCz5iRHwemjNa+
m8nLOkm3FcOExRkSQsMg6gTR68Zc2ZJdze79KowcdPr0NTgUm5dd3td/SxJaUWLE
fdrozJX0k/uzsTeokMF0NAugmIKjCwn4t2+WYkGSQw3edM6ciS30hRSPjM5+TZXy
Ja+EDsDZF6C9L5lO/PBSFqHuWir22w==
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:35:14 2025 by rpki-client