Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9146B28/FAEF8CBE134311E596F5401EC4F9AE02/141AEAA8BD1C11EFB070C357C4F9AE02.roa
File: 141AEAA8BD1C11EFB070C357C4F9AE02.roa (raw, json)
Hash identifier: ZHukmgPHIC0gOsj5QiPuNBG0Yrwwix4FGf6Zp9Vgl4M=
Subject key identifier: EB:89:BE:62:C3:2E:E2:A7:4F:8E:E2:20:85:1C:FA:9F:26:01:96:B1
Certificate issuer: /CN=A9146B28/serialNumber=471606785B32F4DF3EC943F2A787DBA212696E1F
Certificate serial: 255B
Authority key identifier: 47:16:06:78:5B:32:F4:DF:3E:C9:43:F2:A7:87:DB:A2:12:69:6E:1F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RxYGeFsy9N8-yUPyp4fbohJpbh8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9146B28/FAEF8CBE134311E596F5401EC4F9AE02/141AEAA8BD1C11EFB070C357C4F9AE02.roa
Signing time: Wed 18 Dec 2024 08:42:57 +0000
ROA not before: Wed 18 Dec 2024 08:42:57 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 7712
IP address blocks: 118.67.200.0/22 maxlen: 24
2405:aa00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9563 (0x255b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9146B28
Validity
Not Before: Dec 18 08:42:57 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67628b10-77fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fa:6b:b6:71:51:89:6f:11:ab:dd:88:a8:13:
21:2f:55:d7:96:67:41:fe:a1:6d:43:66:2e:e0:0e:
3a:a3:91:e8:8f:3a:4a:d2:6d:ad:1e:7b:75:25:6a:
94:66:97:52:ae:12:d4:ed:98:b4:d5:c9:53:cb:41:
92:1b:96:d2:c6:b7:e5:fa:77:4c:2c:0a:e5:a2:c1:
12:aa:11:0d:5c:09:7a:23:90:1c:0f:ef:1a:5f:25:
17:ee:03:3c:4a:d8:51:7a:af:0a:a5:0a:ac:1e:fe:
91:47:f5:0d:90:f6:c8:a4:9c:b2:4f:0f:48:13:3e:
c2:d4:42:86:b1:fe:0a:56:9b:a0:11:87:6d:50:70:
2e:e2:19:76:57:ee:8f:25:80:69:17:d7:a6:af:53:
28:f9:d0:09:a6:7b:ac:0d:97:cb:c3:41:60:ab:76:
1c:58:62:90:53:4c:ad:c6:e0:5b:69:84:f9:ea:a4:
c4:3a:69:6b:96:1c:23:a7:c8:0d:da:81:28:79:8b:
41:aa:42:cd:03:38:c8:73:2a:c7:58:5d:6d:01:38:
5d:60:80:95:55:8a:0a:22:5b:eb:26:29:2d:3a:bf:
87:58:05:b3:c9:82:40:f1:3e:93:6e:37:da:d8:7d:
bc:87:95:f8:ab:5f:e8:92:5f:80:49:a1:5a:a5:34:
7a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:89:BE:62:C3:2E:E2:A7:4F:8E:E2:20:85:1C:FA:9F:26:01:96:B1
X509v3 Authority Key Identifier:
keyid:47:16:06:78:5B:32:F4:DF:3E:C9:43:F2:A7:87:DB:A2:12:69:6E:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9146B28/FAEF8CBE134311E596F5401EC4F9AE02/RxYGeFsy9N8-yUPyp4fbohJpbh8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RxYGeFsy9N8-yUPyp4fbohJpbh8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146B28/FAEF8CBE134311E596F5401EC4F9AE02/141AEAA8BD1C11EFB070C357C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
118.67.200.0/22
IPv6:
2405:aa00::/32
Signature Algorithm: sha256WithRSAEncryption
95:f3:06:78:d0:79:fb:17:b1:8e:92:66:48:02:dd:fc:08:7f:
79:54:f8:68:25:0d:7e:b0:c0:3e:d9:aa:64:11:0e:b0:92:8e:
38:40:50:39:46:ae:f7:08:c0:a6:01:11:96:9b:5e:74:d6:bd:
66:8d:ba:08:2d:a0:c6:04:e6:4d:a1:45:ab:dc:39:70:c1:56:
c0:09:24:85:f8:12:08:89:63:62:d8:cf:cf:f4:d4:89:6e:a8:
9a:62:4f:4f:2f:c1:fe:4f:56:60:dd:be:0d:cb:86:af:6f:a7:
85:ac:6e:6f:ac:cd:2e:ec:a5:cd:d8:d3:64:c9:71:91:51:25:
ca:21:c6:b9:ba:76:5d:b7:34:ba:ac:b3:b3:b3:cf:d1:59:68:
8a:00:a9:2e:a1:6c:fb:b8:b7:a6:40:ef:d4:53:47:83:05:42:
db:92:89:7d:c5:3b:49:50:30:e5:50:37:67:ed:8b:8f:d6:08:
f6:1b:9d:25:9a:a7:c0:ff:21:eb:97:73:c9:3c:0b:19:54:2f:
83:94:46:c8:c4:42:0a:78:82:db:80:28:97:b5:98:be:9b:11:
2b:3d:0a:fb:6e:ec:89:63:e1:24:05:e7:9c:0a:46:bf:05:73:
42:a1:69:8a:ea:bc:b1:c0:e2:1d:bb:6f:ee:d8:94:61:49:db:
e1:72:2f:9c
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICJVswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDZCMjgxMTAvBgNVBAUTKDQ3MTYwNjc4NUIzMkY0REYzRUM5NDNGMkE3ODdEQkEy
MTI2OTZFMUYwHhcNMjQxMjE4MDg0MjU3WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYyOGIxMC03N2ZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuvprtnFRiW8Rq92IqBMhL1XXlmdB/qFtQ2Yu4A46o5HojzpK0m2tHnt1JWqU
ZpdSrhLU7Zi01clTy0GSG5bSxrfl+ndMLArlosESqhENXAl6I5AcD+8aXyUX7gM8
SthReq8KpQqsHv6RR/UNkPbIpJyyTw9IEz7C1EKGsf4KVpugEYdtUHAu4hl2V+6P
JYBpF9emr1Mo+dAJpnusDZfLw0Fgq3YcWGKQU0ytxuBbaYT56qTEOmlrlhwjp8gN
2oEoeYtBqkLNAzjIcyrHWF1tAThdYICVVYoKIlvrJiktOr+HWAWzyYJA8T6Tbjfa
2H28h5X4q1/okl+ASaFapTR6HwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFOuJvmLD
LuKnT47iIIUc+p8mAZaxMB8GA1UdIwQYMBaAFEcWBnhbMvTfPslD8qeH26ISaW4f
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NkIyOC9GQUVGOENCRTEz
NDMxMUU1OTZGNTQwMUVDNEY5QUUwMi9SeFlHZUZzeTlOOC15VVB5cDRmYm9oSnBi
aDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1J4WUdlRnN5OU44LXlVUHlwNGZib2hKcGJoOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDZCMjgvRkFFRjhDQkUxMzQzMTFFNTk2RjU0MDFFQzRGOUFFMDIvMTQxQUVBQThC
RDFDMTFFRkIwNzBDMzU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJ2Q8gwDQQCAAIwBwMFACQFqgAwDQYJKoZIhvcNAQELBQAD
ggEBAJXzBnjQefsXsY6SZkgC3fwIf3lU+GglDX6wwD7ZqmQRDrCSjjhAUDlGrvcI
wKYBEZabXnTWvWaNuggtoMYE5k2hRavcOXDBVsAJJIX4EgiJY2LYz8/01IluqJpi
T08vwf5PVmDdvg3Lhq9vp4Wsbm+szS7spc3Y02TJcZFRJcohxrm6dl23NLqss7Oz
z9FZaIoAqS6hbPu4t6ZA79RTR4MFQtuSiX3FO0lQMOVQN2fti4/WCPYbnSWap8D/
IeuXc8k8CxlUL4OURsjEQgp4gtuAKJe1mL6bESs9Cvtu7Ilj4SQF55wKRr8Fc0Kh
aYrqvLHA4h27b+7YlGFJ2+FyL5w=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:25 2025 by rpki-client