Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7B94/CC741BB6377011EE8DC8BB34C4F9AE02/268DF20A940C11EE9B034255C4F9AE02.roa
File: 268DF20A940C11EE9B034255C4F9AE02.roa (raw, json)
Hash identifier: kgaZFM6PEa7OxBpQNYQJyC2BXzh6kZmUunDtbxoanho=
Subject key identifier: E1:37:80:E7:26:A7:29:03:C2:24:B9:6E:95:4A:37:64:99:96:C9:3C
Certificate issuer: /CN=A91A7B94/serialNumber=3126F4EF05E3AE75A09144B667D39347D4DAA890
Certificate serial: BA
Authority key identifier: 31:26:F4:EF:05:E3:AE:75:A0:91:44:B6:67:D3:93:47:D4:DA:A8:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MSb07wXjrnWgkUS2Z9OTR9TaqJA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A7B94/CC741BB6377011EE8DC8BB34C4F9AE02/268DF20A940C11EE9B034255C4F9AE02.roa
Signing time: Wed 03 Jul 2024 06:07:29 +0000
ROA not before: Wed 03 Jul 2024 06:07:29 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 136897
IP address blocks: 116.204.232.0/24 maxlen: 24
116.204.233.0/24 maxlen: 24
116.204.234.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 186 (0xba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A7B94
Validity
Not Before: Jul 3 06:07:29 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6684eaa1-7011
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:37:15:9c:3c:b9:f8:14:f4:9f:ab:e6:b7:ad:
d4:7a:fa:fb:8d:2d:48:e5:19:e0:53:66:43:9c:f5:
ea:42:a9:d2:e4:01:78:ba:8a:b6:46:2b:f7:72:3d:
fa:94:54:63:73:2b:cf:eb:7f:5f:35:28:40:65:6e:
51:f0:1b:a9:04:09:1c:b5:5d:90:83:81:06:ac:8e:
2a:28:14:1a:a9:8f:6a:bb:37:a6:ec:98:85:35:01:
36:6d:c0:98:51:97:05:77:7b:e3:f7:13:58:79:b1:
bb:37:d6:35:a7:ca:d6:aa:d5:d3:72:95:6e:f9:e4:
c7:da:73:3f:91:05:a2:e3:b5:c1:5c:82:62:ec:a8:
b0:e1:a1:76:df:01:29:b0:78:65:a8:66:0f:69:1a:
ab:f3:76:5b:95:95:75:86:d0:99:c0:63:59:cc:ac:
63:90:44:3a:89:37:37:f0:7c:63:3b:3c:aa:a2:c7:
77:4c:26:1e:94:04:02:24:fd:3c:9f:9e:46:3c:3a:
f5:a2:47:a4:54:17:aa:21:36:ea:69:36:f3:22:dc:
0c:cf:ad:07:ea:57:29:d0:eb:53:09:0e:1a:df:62:
c7:38:a6:c9:1b:50:2b:ae:19:fc:66:8f:dc:32:b9:
4f:b6:16:31:ba:2f:04:40:01:3e:fe:70:8f:28:3e:
e8:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:37:80:E7:26:A7:29:03:C2:24:B9:6E:95:4A:37:64:99:96:C9:3C
X509v3 Authority Key Identifier:
keyid:31:26:F4:EF:05:E3:AE:75:A0:91:44:B6:67:D3:93:47:D4:DA:A8:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A7B94/CC741BB6377011EE8DC8BB34C4F9AE02/MSb07wXjrnWgkUS2Z9OTR9TaqJA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MSb07wXjrnWgkUS2Z9OTR9TaqJA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7B94/CC741BB6377011EE8DC8BB34C4F9AE02/268DF20A940C11EE9B034255C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.204.232.0-116.204.234.255
Signature Algorithm: sha256WithRSAEncryption
42:98:4e:23:cd:e8:bc:d7:0b:86:04:35:33:25:98:60:15:05:
09:6c:dc:d6:76:72:9c:c6:28:52:97:42:be:03:b8:78:1f:0b:
f1:b6:a6:cc:8c:9a:a2:1b:54:54:84:43:0e:d3:a9:53:2d:62:
cd:f8:f0:4b:f6:49:ac:6e:1e:f8:9b:50:df:bc:5c:fc:a6:05:
32:5c:e3:63:51:6f:97:4f:db:a7:c9:e2:d2:98:02:b8:ae:4f:
6d:f4:0f:a7:ab:bc:15:65:06:09:d0:10:f4:3f:58:8f:92:69:
98:0e:ed:31:84:a1:ad:78:2f:e0:0c:09:c7:94:48:d5:83:bc:
1b:1c:47:d1:ab:7c:3d:cd:b0:84:d8:31:9c:d3:6e:f1:9a:c7:
71:bd:aa:d7:de:55:f6:da:2e:31:5c:18:b4:8a:22:a1:01:cc:
cb:99:63:77:81:55:68:9c:96:bf:89:0b:bb:e5:bc:e9:b9:47:
5d:40:16:12:61:d9:f7:c4:ec:d8:bc:bc:70:93:35:ba:da:cf:
da:61:c2:f3:6c:29:03:7d:31:3c:d7:e3:0f:00:e5:9a:16:3e:
cd:34:f9:f7:86:52:39:d4:2b:03:36:04:64:ad:74:91:f1:33:
10:bb:f7:53:f1:09:8a:40:ba:ca:81:68:c3:e9:4e:07:4b:c9:
9d:7d:5c:f2
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICALowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTdCOTQxMTAvBgNVBAUTKDMxMjZGNEVGMDVFM0FFNzVBMDkxNDRCNjY3RDM5MzQ3
RDREQUE4OTAwHhcNMjQwNzAzMDYwNzI5WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg0ZWFhMS03MDExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvTcVnDy5+BT0n6vmt63Uevr7jS1I5RngU2ZDnPXqQqnS5AF4uoq2Riv3cj36
lFRjcyvP639fNShAZW5R8BupBAkctV2Qg4EGrI4qKBQaqY9quzem7JiFNQE2bcCY
UZcFd3vj9xNYebG7N9Y1p8rWqtXTcpVu+eTH2nM/kQWi47XBXIJi7Kiw4aF23wEp
sHhlqGYPaRqr83ZblZV1htCZwGNZzKxjkEQ6iTc38HxjOzyqosd3TCYelAQCJP08
n55GPDr1okekVBeqITbqaTbzItwMz60H6lcp0OtTCQ4a32LHOKbJG1Arrhn8Zo/c
MrlPthYxui8EQAE+/nCPKD7ohQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFOE3gOcm
pykDwiS5bpVKN2SZlsk8MB8GA1UdIwQYMBaAFDEm9O8F4651oJFEtmfTk0fU2qiQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBN0I5NC9DQzc0MUJCNjM3
NzAxMUVFOERDOEJCMzRDNEY5QUUwMi9NU2IwN3dYanJuV2drVVMyWjlPVFI5VGFx
SkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01TYjA3d1hqcm5XZ2tVUzJaOU9UUjlUYXFKQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTdCOTQvQ0M3NDFCQjYzNzcwMTFFRThEQzhCQjM0QzRGOUFFMDIvMjY4REYyMEE5
NDBDMTFFRTlCMDM0MjU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEA3TM6AMEAHTM6jANBgkqhkiG9w0BAQsFAAOCAQEAQphO
I83ovNcLhgQ1MyWYYBUFCWzc1nZynMYoUpdCvgO4eB8L8bamzIyaohtUVIRDDtOp
Uy1izfjwS/ZJrG4e+JtQ37xc/KYFMlzjY1Fvl0/bp8ni0pgCuK5PbfQPp6u8FWUG
CdAQ9D9Yj5JpmA7tMYShrXgv4AwJx5RI1YO8GxxH0at8Pc2whNgxnNNu8ZrHcb2q
195V9touMVwYtIoioQHMy5ljd4FVaJyWv4kLu+W86blHXUAWEmHZ98Ts2Ly8cJM1
utrP2mHC82wpA30xPNfjDwDlmhY+zTT594ZSOdQrAzYEZK10kfEzELv3U/EJikC6
yoFow+lOB0vJnX1c8g==
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:23:22 2025 by rpki-client