Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9197277/43A7E894B56011EE911C5D4FC4F9AE02/2E31B8FCB57211EEBB68526DC4F9AE02.roa
File: 2E31B8FCB57211EEBB68526DC4F9AE02.roa (raw, json)
Hash identifier: XVC372fFbzyMJ0najd3nCWGY6qSm44Rgv1v3SKiEpsU=
Subject key identifier: 0E:98:30:7D:27:02:B3:5B:85:F2:2E:23:53:6D:2D:2E:D5:DE:58:9F
Certificate issuer: /CN=A9197277/serialNumber=D83B93E31E939937D8CB15FE39CA5E6E8FEAFA9B
Certificate serial: 6B
Authority key identifier: D8:3B:93:E3:1E:93:99:37:D8:CB:15:FE:39:CA:5E:6E:8F:EA:FA:9B
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2DuT4x6TmTfYyxX-Ocpebo_q-ps.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9197277/43A7E894B56011EE911C5D4FC4F9AE02/2E31B8FCB57211EEBB68526DC4F9AE02.roa
Signing time: Sat 27 Jul 2024 06:56:53 +0000
ROA not before: Sat 27 Jul 2024 06:56:53 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 6461
IP address blocks: 64.124.188.0/23 maxlen: 23
216.200.188.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107 (0x6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9197277
Validity
Not Before: Jul 27 06:56:53 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66a49a35-b173
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f8:d6:24:9b:4f:43:79:f9:8b:e7:a4:b0:2e:
ae:b6:9f:d2:49:41:e1:c0:55:94:a3:1e:14:11:28:
2b:28:fd:81:a9:31:e4:66:6a:ea:51:1c:0a:f5:3a:
05:97:93:dd:87:cc:00:20:ba:18:7a:b1:97:bc:40:
03:65:44:85:0b:d0:47:27:a4:d8:b8:69:26:9b:4d:
eb:09:f4:17:5b:cc:52:40:f0:20:2d:64:85:c2:bc:
be:fd:14:3e:6e:df:04:be:32:70:d8:cc:f1:c6:13:
3a:ef:d3:00:c2:5d:0b:aa:e0:a5:44:b7:e1:2e:a7:
83:ce:14:57:08:dc:5e:62:85:f4:c8:96:56:21:8a:
b7:63:3e:77:a0:25:9d:b2:4c:49:00:53:d0:48:90:
af:f5:37:11:68:5a:11:12:80:a3:7e:ca:bc:2a:fe:
03:d8:c3:78:6d:f8:86:da:2c:a7:39:1a:6a:1a:7a:
bd:80:6a:e6:16:5c:7e:56:26:3c:3e:8d:11:d5:fe:
17:a9:d8:7c:ca:91:98:22:13:ee:d8:3a:0c:ee:e2:
6f:dc:bb:ee:93:9e:23:5b:a3:0f:cd:32:23:14:ff:
2d:c4:d7:37:0f:4d:53:8f:61:98:91:b7:bb:9b:37:
81:06:c4:4b:e5:7f:ae:78:fa:81:87:3d:05:9a:16:
9f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:98:30:7D:27:02:B3:5B:85:F2:2E:23:53:6D:2D:2E:D5:DE:58:9F
X509v3 Authority Key Identifier:
keyid:D8:3B:93:E3:1E:93:99:37:D8:CB:15:FE:39:CA:5E:6E:8F:EA:FA:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9197277/43A7E894B56011EE911C5D4FC4F9AE02/2DuT4x6TmTfYyxX-Ocpebo_q-ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2DuT4x6TmTfYyxX-Ocpebo_q-ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197277/43A7E894B56011EE911C5D4FC4F9AE02/2E31B8FCB57211EEBB68526DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
64.124.188.0/23
216.200.188.0/22
Signature Algorithm: sha256WithRSAEncryption
44:da:47:c1:ff:d9:b1:15:3d:7a:3c:48:51:7b:83:6f:42:aa:
d2:93:9c:8a:7c:d0:5d:d9:98:7b:79:4e:52:85:f8:c7:e4:5e:
d9:17:e5:36:29:2f:67:10:53:26:30:8e:1c:91:d9:cb:c8:81:
85:e6:83:61:44:77:3d:2a:f5:17:e5:72:35:0a:64:79:18:38:
83:b0:02:06:90:c0:bb:77:78:91:68:56:2c:ea:d8:cc:2c:75:
25:14:62:0b:0e:9f:7f:4b:15:60:c4:c8:c2:2c:62:f0:a3:df:
39:de:43:41:8f:b3:2d:f0:96:80:27:2a:fc:aa:39:4d:58:9d:
62:2a:af:cb:25:bb:7e:6e:5b:4c:ee:cd:01:be:a8:80:69:e3:
fb:41:9a:f0:d3:ef:aa:15:f9:98:a3:35:f9:7f:ae:63:74:d6:
a6:09:ee:5a:a4:21:a3:5b:c1:ec:75:cd:99:97:d3:e4:d4:65:
ca:a3:2e:0c:8d:5d:b4:94:15:e2:41:d2:3f:aa:15:46:41:1c:
a4:9c:be:58:7c:5c:52:1b:7e:6f:58:8a:82:c3:a1:44:c7:46:
a7:19:8f:a6:27:7b:e1:ed:62:c8:28:38:87:0b:c5:a9:e1:eb:
ac:f4:1c:e4:0d:96:5e:f5:1c:c5:a3:42:56:e1:5e:0a:92:cf:
fb:f1:48:0e
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBazANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NzI3NzExMC8GA1UEBRMoRDgzQjkzRTMxRTkzOTkzN0Q4Q0IxNUZFMzlDQTVFNkU4
RkVBRkE5QjAeFw0yNDA3MjcwNjU2NTNaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YTQ5YTM1LWIxNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDL+NYkm09DefmL56SwLq62n9JJQeHAVZSjHhQRKCso/YGpMeRmaupRHAr1OgWX
k92HzAAguhh6sZe8QANlRIUL0EcnpNi4aSabTesJ9BdbzFJA8CAtZIXCvL79FD5u
3wS+MnDYzPHGEzrv0wDCXQuq4KVEt+Eup4POFFcI3F5ihfTIllYhirdjPnegJZ2y
TEkAU9BIkK/1NxFoWhESgKN+yrwq/gPYw3ht+IbaLKc5Gmoaer2AauYWXH5WJjw+
jRHV/hep2HzKkZgiE+7YOgzu4m/cu+6TniNbow/NMiMU/y3E1zcPTVOPYZiRt7ub
N4EGxEvlf654+oGHPQWaFp8nAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUDpgwfScC
s1uF8i4jU20tLtXeWJ8wHwYDVR0jBBgwFoAU2DuT4x6TmTfYyxX+Ocpebo/q+psw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk3Mjc3LzQzQTdFODk0QjU2
MDExRUU5MTFDNUQ0RkM0RjlBRTAyLzJEdVQ0eDZUbVRmWXl4WC1PY3BlYm9fcS1w
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvMkR1VDR4NlRtVGZZeXhYLU9jcGVib19xLXBzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NzI3Ny80M0E3RTg5NEI1NjAxMUVFOTExQzVENEZDNEY5QUUwMi8yRTMxQjhGQ0I1
NzIxMUVFQkI2ODUyNkRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAUB8vAMEAtjIvDANBgkqhkiG9w0BAQsFAAOCAQEARNpHwf/Z
sRU9ejxIUXuDb0Kq0pOcinzQXdmYe3lOUoX4x+Re2RflNikvZxBTJjCOHJHZy8iB
heaDYUR3PSr1F+VyNQpkeRg4g7ACBpDAu3d4kWhWLOrYzCx1JRRiCw6ff0sVYMTI
wixi8KPfOd5DQY+zLfCWgCcq/Ko5TVidYiqvyyW7fm5bTO7NAb6ogGnj+0Ga8NPv
qhX5mKM1+X+uY3TWpgnuWqQho1vB7HXNmZfT5NRlyqMuDI1dtJQV4kHSP6oVRkEc
pJy+WHxcUht+b1iKgsOhRMdGpxmPpid74e1iyCg4hwvFqeHrrPQc5A2WXvUcxaNC
VuFeCpLP+/FIDg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:02:14 2025 by rpki-client