Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/11BAFC08E09911EAB8D3B833C4F9AE02.roa
File: 11BAFC08E09911EAB8D3B833C4F9AE02.roa (raw, json)
Hash identifier: nMCODmmNHRPyTJQL+suYw2CsRxIUVmpXezulX/rRiwk=
Subject key identifier: 6A:D1:A1:D1:05:7B:FB:67:DC:37:06:38:62:D4:03:4C:7A:8C:93:93
Certificate issuer: /CN=A91955C8/serialNumber=C6673D3648F43F4674F5F5EBFCBFA31BB964F64B
Certificate serial: 2FC7
Authority key identifier: C6:67:3D:36:48:F4:3F:46:74:F5:F5:EB:FC:BF:A3:1B:B9:64:F6:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/11BAFC08E09911EAB8D3B833C4F9AE02.roa
Signing time: Tue 30 Apr 2024 15:52:56 +0000
ROA not before: Tue 30 Apr 2024 15:52:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 17451
IP address blocks: 180.87.86.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12231 (0x2fc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91955C8
Validity
Not Before: Apr 30 15:52:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=663113d8-9de5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c3:ed:41:9d:8b:0f:8a:61:c3:a3:64:60:51:
af:81:c1:32:b0:66:04:2f:b1:db:a2:f3:65:a2:1a:
71:de:6e:a0:c5:21:ce:13:c5:a9:be:df:e6:16:03:
0f:41:d3:cf:24:f7:0b:da:56:23:b7:27:a1:c4:d5:
60:39:6b:cb:a9:3a:92:42:e4:53:38:0c:b3:a6:10:
c6:c3:20:6c:cc:c7:b7:5b:86:47:2e:34:66:fa:49:
d5:8b:31:0f:6d:0e:48:96:d9:e6:ba:49:31:99:38:
ff:61:1e:72:8d:67:23:d8:66:90:17:0e:c3:71:30:
4d:d6:ab:a7:7b:25:9e:6f:5c:b5:14:e5:57:0c:8b:
97:7a:11:86:e4:24:6d:03:74:8c:b6:f2:74:2a:b8:
3b:c6:a2:4d:05:7b:b3:6f:b3:60:07:a1:8a:76:d0:
14:12:29:03:8e:4e:6a:b8:9b:7d:8f:8f:ef:99:ac:
b3:ae:92:15:d1:08:01:23:47:50:62:96:71:80:c6:
02:3f:75:c2:67:3a:92:c1:27:83:e5:43:c3:dc:ba:
64:48:d5:b4:37:6b:2f:c7:1d:60:9b:90:63:33:49:
5e:c7:cd:0a:5e:77:d6:0c:5f:e8:f6:df:c6:37:eb:
db:af:9c:46:42:42:6d:63:a9:68:e9:8c:8b:67:bd:
70:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:D1:A1:D1:05:7B:FB:67:DC:37:06:38:62:D4:03:4C:7A:8C:93:93
X509v3 Authority Key Identifier:
keyid:C6:67:3D:36:48:F4:3F:46:74:F5:F5:EB:FC:BF:A3:1B:B9:64:F6:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/11BAFC08E09911EAB8D3B833C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
180.87.86.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:54:98:4b:d2:47:03:2d:25:f9:c5:3d:9b:4e:15:7a:17:22:
b4:f7:85:76:23:60:2b:6d:8d:7f:99:be:fe:c1:b9:a3:01:09:
fe:84:73:0a:3f:12:53:0b:f3:59:cc:d6:37:40:f4:5e:2a:e2:
da:ea:48:2d:98:0a:e2:21:a4:e9:4f:2a:89:7d:b0:fd:aa:1a:
ee:fe:be:69:bd:df:d2:8e:4d:20:7a:fd:3d:ac:92:8b:38:2b:
85:20:46:ce:df:08:26:b6:b4:49:04:0d:6d:5f:b9:ce:52:31:
ff:90:4b:2a:4b:4f:11:e9:e8:ce:c0:37:f0:ac:14:55:c6:0d:
0e:fa:63:c4:e2:46:ac:86:0c:3c:8f:9a:69:e8:1c:af:e2:bf:
e9:52:c9:b9:4b:99:08:9c:5b:96:b4:e4:f3:59:51:7e:7d:d9:
cb:f6:45:5d:b7:65:bf:27:cf:e1:e6:b1:72:f3:1a:49:4b:67:
bd:e9:8e:3c:82:3b:8a:fa:4f:00:db:55:2c:c9:5c:f1:1e:6d:
f4:18:00:a0:f0:c4:95:d1:1b:17:0a:8d:fe:c8:06:f6:f5:97:
e6:db:1d:9f:ee:63:88:bc:6b:f4:dd:e8:36:b4:8b:80:c3:c2:
82:6e:02:c5:9f:f9:68:9c:fa:86:49:c9:d6:e5:80:74:96:32:
73:e0:d2:ed
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICL8cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTU1QzgxMTAvBgNVBAUTKEM2NjczRDM2NDhGNDNGNDY3NEY1RjVFQkZDQkZBMzFC
Qjk2NEY2NEIwHhcNMjQwNDMwMTU1MjU2WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMxMTNkOC05ZGU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAl8PtQZ2LD4phw6NkYFGvgcEysGYEL7HbovNlohpx3m6gxSHOE8Wpvt/mFgMP
QdPPJPcL2lYjtyehxNVgOWvLqTqSQuRTOAyzphDGwyBszMe3W4ZHLjRm+knVizEP
bQ5IltnmukkxmTj/YR5yjWcj2GaQFw7DcTBN1quneyWeb1y1FOVXDIuXehGG5CRt
A3SMtvJ0Krg7xqJNBXuzb7NgB6GKdtAUEikDjk5quJt9j4/vmayzrpIV0QgBI0dQ
YpZxgMYCP3XCZzqSwSeD5UPD3LpkSNW0N2svxx1gm5BjM0lex80KXnfWDF/o9t/G
N+vbr5xGQkJtY6lo6YyLZ71w1wIDAQABo4IClTCCApEwHQYDVR0OBBYEFGrRodEF
e/tn3DcGOGLUA0x6jJOTMB8GA1UdIwQYMBaAFMZnPTZI9D9GdPX16/y/oxu5ZPZL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTVDOC85Q0QzRThGNkZG
NTgxMUUyQkI0QjJFM0Y1OTExRUEzMi94bWM5TmtqMFAwWjA5ZlhyX0wtakc3bGs5
a3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3htYzlOa2owUDBaMDlmWHJfTC1qRzdsazlrcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTU1QzgvOUNEM0U4RjZGRjU4MTFFMkJCNEIyRTNGNTkxMUVBMzIvMTFCQUZDMDhF
MDk5MTFFQUI4RDNCODMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAC0V1YwDQYJKoZIhvcNAQELBQADggEBAC9UmEvSRwMtJfnF
PZtOFXoXIrT3hXYjYCttjX+Zvv7BuaMBCf6Ecwo/ElML81nM1jdA9F4q4trqSC2Y
CuIhpOlPKol9sP2qGu7+vmm939KOTSB6/T2skos4K4UgRs7fCCa2tEkEDW1fuc5S
Mf+QSypLTxHp6M7AN/CsFFXGDQ76Y8TiRqyGDDyPmmnoHK/iv+lSyblLmQicW5a0
5PNZUX592cv2RV23Zb8nz+HmsXLzGklLZ73pjjyCO4r6TwDbVSzJXPEebfQYAKDw
xJXRGxcKjf7IBvb1l+bbHZ/uY4i8a/Td6Da0i4DDwoJuAsWf+Wic+oZJydblgHSW
MnPg0u0=
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:23:34 2025 by rpki-client