Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/F2CEE3CEBE7711EFB34D6959C4F9AE02.roa
File: F2CEE3CEBE7711EFB34D6959C4F9AE02.roa (raw, json)
Hash identifier: c/zVI3V70E1Wu6EQXw+rtLMreURhxjP1Lrx+c37+kQM=
Subject key identifier: 33:FC:86:2E:99:9A:8F:76:83:B5:36:38:43:4A:AB:19:03:E3:2B:94
Certificate issuer: /CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Certificate serial: 02A4
Authority key identifier: F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/F2CEE3CEBE7711EFB34D6959C4F9AE02.roa
Signing time: Fri 28 Feb 2025 06:49:11 +0000
ROA not before: Fri 28 Feb 2025 06:49:11 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 395793
IP address blocks: 202.155.128.0/24 maxlen: 24
202.155.131.0/24 maxlen: 24
218.33.96.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 676 (0x2a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9192C18
Validity
Not Before: Feb 28 06:49:11 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67c15c67-1caa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:39:28:94:2f:17:a3:b7:32:93:4d:47:6c:17:
7c:88:a0:9e:a6:d1:f4:2f:67:d7:99:8c:fa:8d:9e:
fa:f7:3a:0a:79:86:89:bd:81:10:70:9d:89:47:32:
d0:0a:c6:e3:dc:72:a0:79:c4:75:88:f4:8e:9f:db:
04:e3:28:54:ec:4f:36:67:48:03:7d:89:33:23:b7:
af:0e:70:58:14:28:f8:9f:4d:3a:f5:77:76:23:8c:
98:ed:35:4b:a2:ef:d6:ac:fe:09:0e:89:d2:ab:36:
a2:51:df:49:85:61:0e:b6:0c:7d:75:fd:42:d1:31:
99:c0:eb:11:75:7e:11:68:88:32:a0:0a:c5:1c:c1:
be:9f:f4:c4:0f:9d:c2:f7:49:b1:5b:4f:f6:1b:c1:
7c:58:fb:b6:a1:8a:7e:48:92:55:e5:c7:e6:60:70:
d1:e4:f1:aa:63:ca:17:eb:c8:79:71:53:ee:49:13:
5c:17:7d:cf:39:dd:ec:df:10:14:02:74:2e:d9:c1:
7a:4d:b4:4c:51:28:82:a3:a0:a5:68:d9:1d:7d:3d:
af:e2:af:7c:36:aa:4d:6a:c8:46:5a:98:01:17:38:
85:24:29:a5:e5:82:7d:7a:18:88:93:ea:c6:ce:73:
ba:5d:0f:f9:69:e7:1d:48:d8:eb:06:bd:c4:ac:20:
c7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:FC:86:2E:99:9A:8F:76:83:B5:36:38:43:4A:AB:19:03:E3:2B:94
X509v3 Authority Key Identifier:
keyid:F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/8f4MMn555a9D4VsOb4zWbAMp0Tg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/F2CEE3CEBE7711EFB34D6959C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.155.128.0/24
202.155.131.0/24
218.33.96.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:37:d4:99:55:52:47:47:e2:de:fa:1c:3b:67:86:af:46:a1:
08:59:71:51:83:1a:79:e3:5c:8e:bb:70:5f:87:b4:9c:03:3a:
b3:d3:5c:9a:9a:ff:fe:ee:8e:26:95:81:5f:48:21:44:7b:47:
59:da:c3:a1:33:a9:b2:85:80:22:3c:87:60:a7:f6:86:22:a5:
48:92:f4:d9:11:e4:3f:ca:72:8a:08:a7:22:46:bb:54:ce:26:
ff:e2:f5:9d:06:93:00:2e:72:4c:8f:3e:16:30:f6:96:34:d1:
f1:36:06:d6:d3:26:7e:53:5c:27:df:33:3c:c9:9b:23:3c:60:
60:fa:3b:03:aa:c1:74:a7:ef:88:d9:d0:3c:1c:44:36:d6:21:
b1:f6:2b:5b:4a:d1:82:7d:dc:20:7e:b1:0d:ea:80:de:f5:5b:
58:75:a7:2c:96:ed:6d:be:f7:d0:97:c0:97:68:52:d0:a3:68:
33:06:80:b6:da:ca:20:18:94:b1:e2:86:03:d5:fb:29:16:28:
38:bf:8e:8d:f9:4c:fe:b3:55:5e:17:0a:c1:c2:fa:bc:b9:55:
0e:ef:85:4a:12:c3:bb:df:b5:9e:9b:0f:9a:7b:0f:4d:9b:07:
df:43:34:de:67:70:08:35:ea:f6:95:cf:78:6a:6e:16:dd:74:
fa:98:01:e7
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAqQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTJDMTgxMTAvBgNVBAUTKEYxRkUwQzMyN0U3OUU1QUY0M0UxNUIwRTZGOENENjZD
MDMyOUQxMzgwHhcNMjUwMjI4MDY0OTExWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MxNWM2Ny0xY2FhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+zkolC8Xo7cyk01HbBd8iKCeptH0L2fXmYz6jZ769zoKeYaJvYEQcJ2JRzLQ
Csbj3HKgecR1iPSOn9sE4yhU7E82Z0gDfYkzI7evDnBYFCj4n0069Xd2I4yY7TVL
ou/WrP4JDonSqzaiUd9JhWEOtgx9df1C0TGZwOsRdX4RaIgyoArFHMG+n/TED53C
90mxW0/2G8F8WPu2oYp+SJJV5cfmYHDR5PGqY8oX68h5cVPuSRNcF33POd3s3xAU
AnQu2cF6TbRMUSiCo6ClaNkdfT2v4q98NqpNashGWpgBFziFJCml5YJ9ehiIk+rG
znO6XQ/5aecdSNjrBr3ErCDHawIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFDP8hi6Z
mo92g7U2OENKqxkD4yuUMB8GA1UdIwQYMBaAFPH+DDJ+eeWvQ+FbDm+M1mwDKdE4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MkMxOC85QTVFRUE4QzNE
RjQxMUVEODA0MUY5MzBDNEY5QUUwMi84ZjRNTW41NTVhOUQ0VnNPYjR6V2JBTXAw
VGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhmNE1NbjU1NWE5RDRWc09iNHpXYkFNcDBUZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTJDMTgvOUE1RUVBOEMzREY0MTFFRDgwNDFGOTMwQzRGOUFFMDIvRjJDRUUzQ0VC
RTc3MTFFRkIzNEQ2OTU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBADKm4ADBADKm4MDBALaIWAwDQYJKoZIhvcNAQELBQADggEB
AG031JlVUkdH4t76HDtnhq9GoQhZcVGDGnnjXI67cF+HtJwDOrPTXJqa//7ujiaV
gV9IIUR7R1naw6EzqbKFgCI8h2Cn9oYipUiS9NkR5D/KcooIpyJGu1TOJv/i9Z0G
kwAuckyPPhYw9pY00fE2BtbTJn5TXCffMzzJmyM8YGD6OwOqwXSn74jZ0DwcRDbW
IbH2K1tK0YJ93CB+sQ3qgN71W1h1pyyW7W2+99CXwJdoUtCjaDMGgLbayiAYlLHi
hgPV+ykWKDi/jo35TP6zVV4XCsHC+ry5VQ7vhUoSw7vftZ6bD5p7D02bB99DNN5n
cAg16vaVz3hqbhbddPqYAec=
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:45:32 2025 by rpki-client