Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158568/3618AB6E72A311EE94557211C4F9AE02/203DB338782111EEAFDDBD86C4F9AE02.roa
File: 203DB338782111EEAFDDBD86C4F9AE02.roa (raw, json)
Hash identifier: wX9s/s7jxKKJJyFHtP8kJqChB04GKqVy3xgEjOBVe9Q=
Subject key identifier: D0:73:DA:42:E2:DC:AC:13:AC:01:D7:7C:65:A1:4D:0B:DF:B8:4C:C3
Certificate issuer: /CN=A9158568/serialNumber=943AD9BC6177AB8C2F8E8131C14A5465EC42954F
Certificate serial: FA
Authority key identifier: 94:3A:D9:BC:61:77:AB:8C:2F:8E:81:31:C1:4A:54:65:EC:42:95:4F
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/lDrZvGF3q4wvjoExwUpUZexClU8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158568/3618AB6E72A311EE94557211C4F9AE02/203DB338782111EEAFDDBD86C4F9AE02.roa
Signing time: Tue 04 Feb 2025 18:47:31 +0000
ROA not before: Tue 04 Feb 2025 18:47:31 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 8739
IP address blocks: 37.139.131.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 250 (0xfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158568
Validity
Not Before: Feb 4 18:47:31 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67a260c3-4cd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8d:f9:8b:5b:39:e8:cc:46:8b:25:eb:b2:cd:
a9:8a:36:d0:d9:ec:f1:4d:c3:f0:64:e4:82:56:ed:
53:8f:d3:c6:39:3c:61:d4:47:79:19:c8:1f:43:8c:
2e:62:0f:ae:61:3c:26:74:06:aa:05:3d:05:82:3a:
51:90:0d:29:e4:41:eb:f6:d2:88:42:f2:17:4b:01:
a6:9d:77:15:48:d8:08:09:f6:94:6d:57:c5:fb:e2:
31:eb:3b:97:54:48:61:34:9b:a8:88:95:eb:78:ce:
b8:b1:a3:95:27:f5:5f:ad:bd:c1:7b:5a:74:54:51:
42:35:27:5d:2e:08:c8:8a:be:55:e7:6c:07:f7:57:
51:8a:18:a3:18:b3:9c:f0:1d:18:8a:50:29:36:af:
09:07:66:88:20:5e:2d:29:e2:89:9e:46:95:22:d8:
10:8f:f5:ed:67:00:fc:d2:81:67:7c:a9:d9:5b:83:
ba:04:73:bc:92:ff:66:bc:55:57:72:e3:3b:42:e1:
4c:54:5f:0d:50:6a:44:95:e0:06:ae:9d:e8:55:37:
6c:4d:b4:42:42:c6:52:79:8f:ab:5d:c0:53:df:47:
29:bc:49:df:66:96:39:e3:7d:39:0c:81:a9:ad:5a:
d5:d3:5a:18:32:98:b5:74:3e:26:28:37:cf:a5:fa:
59:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:73:DA:42:E2:DC:AC:13:AC:01:D7:7C:65:A1:4D:0B:DF:B8:4C:C3
X509v3 Authority Key Identifier:
keyid:94:3A:D9:BC:61:77:AB:8C:2F:8E:81:31:C1:4A:54:65:EC:42:95:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158568/3618AB6E72A311EE94557211C4F9AE02/lDrZvGF3q4wvjoExwUpUZexClU8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/lDrZvGF3q4wvjoExwUpUZexClU8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158568/3618AB6E72A311EE94557211C4F9AE02/203DB338782111EEAFDDBD86C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
37.139.131.0/24
193.47.63.0/24
Signature Algorithm: sha256WithRSAEncryption
05:3f:30:b7:97:bb:22:bc:dd:91:4b:28:c3:2c:75:5d:34:51:
18:2f:5e:ce:f5:5d:2d:22:cd:ce:6d:a9:9e:11:f3:cc:c6:2d:
27:23:eb:2a:0b:7e:f5:70:c7:d2:5c:2f:49:13:b1:3c:c9:fa:
25:f8:f9:ce:c5:05:9d:25:e6:34:15:bc:0c:49:73:39:89:40:
9f:d1:21:34:77:90:b8:46:1d:d8:59:3d:a8:2c:c0:e1:9b:c6:
39:d1:c9:1d:d2:4b:c4:72:be:84:3c:cf:3b:99:2f:0a:b6:0d:
e8:0f:21:42:61:f0:d4:56:a4:a5:5d:28:2a:15:e8:ea:c4:08:
68:86:c2:3e:1e:8a:8b:57:0d:da:7c:be:c6:1c:10:91:7f:fb:
45:42:9e:0e:a7:c0:ba:b9:5a:8c:a9:58:51:97:e5:28:15:11:
0d:7b:74:98:ca:92:44:1e:d4:33:74:7c:90:de:be:16:86:24:
23:09:3b:7d:e9:52:56:0e:81:a5:d7:e6:0a:4e:f3:01:d4:23:
1c:b4:e0:ad:6a:71:9f:a7:ae:bb:ca:e8:ad:ba:0d:d9:90:c0:
af:25:9d:75:90:ab:ce:3c:ef:b1:5d:d3:fe:e7:b0:09:e9:7c:
01:70:dc:25:f3:77:a4:aa:e6:46:4b:7a:ec:21:ec:3b:89:d3:
96:d1:04:67
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAPowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTg1NjgxMTAvBgNVBAUTKDk0M0FEOUJDNjE3N0FCOEMyRjhFODEzMUMxNEE1NDY1
RUM0Mjk1NEYwHhcNMjUwMjA0MTg0NzMxWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EyNjBjMy00Y2QwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxo35i1s56MxGiyXrss2pijbQ2ezxTcPwZOSCVu1Tj9PGOTxh1Ed5GcgfQ4wu
Yg+uYTwmdAaqBT0FgjpRkA0p5EHr9tKIQvIXSwGmnXcVSNgICfaUbVfF++Ix6zuX
VEhhNJuoiJXreM64saOVJ/Vfrb3Be1p0VFFCNSddLgjIir5V52wH91dRihijGLOc
8B0YilApNq8JB2aIIF4tKeKJnkaVItgQj/XtZwD80oFnfKnZW4O6BHO8kv9mvFVX
cuM7QuFMVF8NUGpEleAGrp3oVTdsTbRCQsZSeY+rXcBT30cpvEnfZpY54305DIGp
rVrV01oYMpi1dD4mKDfPpfpZ0QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNBz2kLi
3KwTrAHXfGWhTQvfuEzDMB8GA1UdIwQYMBaAFJQ62bxhd6uML46BMcFKVGXsQpVP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODU2OC8zNjE4QUI2RTcy
QTMxMUVFOTQ1NTcyMTFDNEY5QUUwMi9sRHJadkdGM3E0d3Zqb0V4d1VwVVpleENs
VTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL2xEclp2R0YzcTR3dmpvRXh3VXBVWmV4Q2xVOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTg1NjgvMzYxOEFCNkU3MkEzMTFFRTk0NTU3MjExQzRGOUFFMDIvMjAzREIzMzg3
ODIxMTFFRUFGRERCRDg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAli4MDBADBLz8wDQYJKoZIhvcNAQELBQADggEBAAU/MLeX
uyK83ZFLKMMsdV00URgvXs71XS0izc5tqZ4R88zGLScj6yoLfvVwx9JcL0kTsTzJ
+iX4+c7FBZ0l5jQVvAxJczmJQJ/RITR3kLhGHdhZPagswOGbxjnRyR3SS8RyvoQ8
zzuZLwq2DegPIUJh8NRWpKVdKCoV6OrECGiGwj4eiotXDdp8vsYcEJF/+0VCng6n
wLq5WoypWFGX5SgVEQ17dJjKkkQe1DN0fJDevhaGJCMJO33pUlYOgaXX5gpO8wHU
Ixy04K1qcZ+nrrvK6K26DdmQwK8lnXWQq84877Fd0/7nsAnpfAFw3CXzd6Sq5kZL
euwh7DuJ05bRBGc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:17:13 2025 by rpki-client