Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/9E189DF2C4F411E9829EC138C4F9AE02.roa
File: 9E189DF2C4F411E9829EC138C4F9AE02.roa (raw, json)
Hash identifier: 4a39GCSRC4qB6TdrSDSgzJa1CQ3f90CkNweJJ+deDS0=
Subject key identifier: 0C:AE:9E:27:EE:B1:D1:07:76:53:9E:D9:4B:EA:E9:0A:D9:A7:33:F4
Certificate issuer: /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Certificate serial: 34D0
Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/9E189DF2C4F411E9829EC138C4F9AE02.roa
Signing time: Fri 24 Jan 2025 16:02:38 +0000
ROA not before: Fri 24 Jan 2025 16:02:38 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 45705
IP address blocks: 175.111.88.0/22 maxlen: 24
202.43.92.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13520 (0x34d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186214
Validity
Not Before: Jan 24 16:02:38 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6793b99e-7e68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:0e:04:ca:7e:e0:b0:42:fe:d9:9e:42:63:bd:
01:89:ce:71:3e:1c:7f:61:0b:2e:d1:7a:02:6e:21:
27:e6:65:f3:88:70:39:24:0f:f4:90:92:f6:ab:e5:
c0:b4:d2:ba:88:d1:d0:0a:a6:49:0c:a5:f2:9a:38:
1e:2e:7f:7f:ee:7f:14:c5:14:4a:29:a9:64:22:0f:
9b:48:65:e9:1e:85:f0:34:c6:c2:bc:97:72:bd:ae:
00:7a:d8:6e:f1:bc:cf:cd:1c:b6:1d:37:d8:4b:19:
20:9e:7b:49:82:9d:dc:f5:43:ca:a0:cf:15:50:ea:
db:ea:60:53:1c:e0:39:91:89:46:25:d5:98:7b:55:
54:8d:ec:bc:fd:99:29:03:89:91:ee:24:bd:c8:50:
8c:89:03:60:83:62:45:eb:bf:61:a2:37:79:da:f4:
10:8f:43:96:c2:5e:2d:79:cb:4c:95:bb:78:ec:7b:
4b:8e:8b:59:0b:b0:89:69:fa:d9:47:35:63:0e:63:
10:17:19:5f:5c:45:6b:6e:4c:07:d1:fd:59:8c:48:
2a:80:74:1b:3d:a2:57:16:29:ed:7f:77:d1:9d:ef:
c2:8a:2b:ca:c6:d4:4f:59:64:20:63:9d:57:6f:9d:
a8:d0:39:3d:b3:78:e4:11:89:0f:bb:08:53:60:ea:
c2:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:AE:9E:27:EE:B1:D1:07:76:53:9E:D9:4B:EA:E9:0A:D9:A7:33:F4
X509v3 Authority Key Identifier:
keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/9E189DF2C4F411E9829EC138C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
175.111.88.0/22
202.43.92.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:9e:23:7a:c5:df:a6:34:d7:75:41:3c:3d:14:7c:3d:ab:ef:
0b:82:09:b9:f5:78:2b:c2:a1:15:a4:28:af:86:cc:9a:58:67:
7f:d2:f8:e8:6d:d1:70:b1:32:4c:55:85:c0:97:d6:8c:fa:48:
33:cb:df:3b:85:dc:7e:27:df:37:64:77:57:5e:41:d2:f2:53:
8f:29:76:36:27:1c:92:23:b6:ba:30:12:fb:0e:5d:5d:65:49:
81:c4:ec:48:3c:ef:5e:b2:c6:b4:a2:b9:c4:11:31:bd:e1:e2:
38:98:bc:6f:70:56:43:93:b0:ab:4a:c1:ca:fa:68:43:d8:79:
fd:96:f6:c6:8e:aa:dd:7a:02:3a:b3:f2:01:39:4a:63:3b:c1:
4e:d0:86:c6:0e:98:11:3a:4f:d0:a0:33:cc:29:c7:45:99:4e:
1a:08:d9:2b:fd:57:33:86:eb:05:69:a0:ae:44:a7:a0:bb:e9:
9b:58:b6:26:b0:8a:c2:5a:ce:80:88:6f:ad:af:30:53:dc:46:
09:50:2f:c6:30:bd:28:a7:54:dd:43:a8:24:38:49:51:9d:af:
e3:b4:6b:ac:2e:a3:32:4d:06:5a:95:c4:a8:2f:77:cb:4b:9e:
a6:f1:18:69:80:46:96:28:a0:31:d4:26:23:be:5a:ad:fe:c4:
a1:56:2f:af
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICNNAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG
QUIyNEQ3RTcwHhcNMjUwMTI0MTYwMjM4WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkzYjk5ZS03ZTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlg4Eyn7gsEL+2Z5CY70Bic5xPhx/YQsu0XoCbiEn5mXziHA5JA/0kJL2q+XA
tNK6iNHQCqZJDKXymjgeLn9/7n8UxRRKKalkIg+bSGXpHoXwNMbCvJdyva4Aethu
8bzPzRy2HTfYSxkgnntJgp3c9UPKoM8VUOrb6mBTHOA5kYlGJdWYe1VUjey8/Zkp
A4mR7iS9yFCMiQNgg2JF679hojd52vQQj0OWwl4tectMlbt47HtLjotZC7CJafrZ
RzVjDmMQFxlfXEVrbkwH0f1ZjEgqgHQbPaJXFintf3fRne/CiivKxtRPWWQgY51X
b52o0Dk9s3jkEYkPuwhTYOrC0wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAyunifu
sdEHdlOe2Uvq6QrZpzP0MB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz
MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvOUUxODlERjJD
NEY0MTFFOTgyOUVDMTM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAKvb1gDBALKK1wwDQYJKoZIhvcNAQELBQADggEBALyeI3rF
36Y013VBPD0UfD2r7wuCCbn1eCvCoRWkKK+GzJpYZ3/S+Oht0XCxMkxVhcCX1oz6
SDPL3zuF3H4n3zdkd1deQdLyU48pdjYnHJIjtrowEvsOXV1lSYHE7Eg8716yxrSi
ucQRMb3h4jiYvG9wVkOTsKtKwcr6aEPYef2W9saOqt16Ajqz8gE5SmM7wU7QhsYO
mBE6T9CgM8wpx0WZThoI2Sv9VzOG6wVpoK5Ep6C76ZtYtiawisJazoCIb62vMFPc
RglQL8YwvSinVN1DqCQ4SVGdr+O0a6wuozJNBlqVxKgvd8tLnqbxGGmARpYooDHU
JiO+Wq3+xKFWL68=
-----END CERTIFICATE-----
Generated at Mon Apr 7 22:41:50 2025 by rpki-client