Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/BD4E85B09E6311ECA6EC8071C4F9AE02.roa
File: BD4E85B09E6311ECA6EC8071C4F9AE02.roa (raw, json)
Hash identifier: 2jfJLAfv4sSmTjn+t4R2DbosLO6LZGV4JERzq1/IuT0=
Subject key identifier: B4:71:4C:FA:EE:9F:15:A5:64:E3:CC:50:6D:81:97:0B:E6:74:27:42
Certificate issuer: /CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
Certificate serial: 04E2
Authority key identifier: 2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/BD4E85B09E6311ECA6EC8071C4F9AE02.roa
Signing time: Sat 28 Dec 2024 23:32:31 +0000
ROA not before: Sat 28 Dec 2024 23:32:31 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 25369
IP address blocks: 202.43.6.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1250 (0x4e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ACD72
Validity
Not Before: Dec 28 23:32:31 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67708a8f-014b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d7:bb:d3:83:44:59:dd:75:6e:59:f5:81:27:
79:d3:89:65:25:7b:09:72:75:87:60:9b:06:20:8e:
0a:ff:f1:1c:a8:1b:a2:ec:79:46:e6:16:92:e0:c7:
9e:46:33:b1:90:88:a5:85:a3:84:bb:5f:bf:5b:c9:
20:c2:11:31:69:82:42:9f:45:29:64:8e:2f:d1:21:
b9:e8:d6:97:60:17:2c:40:78:8e:1c:14:22:b2:38:
87:7c:02:82:1b:7b:73:c6:3b:21:fa:ec:d6:85:94:
1d:f8:17:62:7f:4d:b0:75:d9:d9:14:ba:5b:c7:e3:
c0:05:27:31:16:73:bb:28:8a:3a:82:79:cb:6d:b9:
fd:42:34:62:66:53:03:d8:4f:a0:c0:f8:c0:b9:91:
9f:5d:5f:6d:7f:ee:b2:91:78:64:f2:9c:88:4a:b1:
5b:31:b1:54:23:77:da:d8:81:53:d2:48:0d:84:7f:
d1:e5:93:b0:b6:71:f0:71:c1:35:d1:47:23:84:ec:
7e:c9:a2:5f:3e:9e:09:38:79:64:71:7e:3a:6b:ef:
46:f1:86:14:29:93:93:77:ee:d7:ae:9b:9c:65:7f:
b1:59:ac:96:91:f5:7a:66:5f:98:35:7f:4a:c2:7e:
f7:3f:bb:43:b8:d4:be:e7:9e:f9:63:56:c1:42:a6:
78:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:71:4C:FA:EE:9F:15:A5:64:E3:CC:50:6D:81:97:0B:E6:74:27:42
X509v3 Authority Key Identifier:
keyid:2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/BD4E85B09E6311ECA6EC8071C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.43.6.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:8d:a3:c8:4b:4f:b0:6b:af:bf:39:a6:f5:75:c8:19:b0:18:
59:f9:e4:0e:5c:c8:75:c9:45:0f:15:dc:d3:5c:a3:db:af:80:
a3:71:d5:a5:5e:b2:4d:4a:72:a7:0c:e8:19:7d:80:45:69:b3:
e2:1c:34:e8:53:91:97:2c:50:92:32:b6:d0:6d:fa:26:15:80:
bc:0f:60:7d:9e:ad:31:07:c3:c6:29:cb:56:2b:d3:92:0d:b7:
de:e1:4c:1e:1d:ea:5c:13:d4:9e:d8:35:a8:0c:4d:2f:d7:ac:
78:1f:e6:b7:25:83:e6:71:a3:c6:21:f3:e1:93:e5:c1:32:2a:
65:b6:86:9f:b7:6c:1c:7e:ed:1d:aa:37:ef:60:78:67:20:cf:
e8:1c:dc:4b:6d:99:4f:46:fb:69:ed:a3:ef:ba:9c:30:82:58:
a5:52:9f:42:ca:38:48:07:af:96:83:67:9c:45:58:c0:4b:07:
a9:c0:13:31:26:7b:04:8d:e1:e5:fb:e7:56:69:b1:4f:54:1f:
4f:a9:84:6c:66:f1:6a:2b:5c:7d:87:60:cc:2b:ff:56:8d:d4:
e1:79:d7:c1:17:0b:70:ab:45:60:30:27:32:7e:96:e8:0a:78:
ff:08:d3:8d:f4:dc:fe:90:a8:f5:21:e0:59:ae:73:57:cf:d6:
37:3f:65:48
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBOIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUNENzIxMTAvBgNVBAUTKDJDMTkxNzUzMjVBNUYzNkMwQkI1OEY5MjExOUU2NTgy
MEM4RkQ1N0IwHhcNMjQxMjI4MjMzMjMxWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzcwOGE4Zi0wMTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArde704NEWd11bln1gSd504llJXsJcnWHYJsGII4K//EcqBui7HlG5haS4Mee
RjOxkIilhaOEu1+/W8kgwhExaYJCn0UpZI4v0SG56NaXYBcsQHiOHBQisjiHfAKC
G3tzxjsh+uzWhZQd+Bdif02wddnZFLpbx+PABScxFnO7KIo6gnnLbbn9QjRiZlMD
2E+gwPjAuZGfXV9tf+6ykXhk8pyISrFbMbFUI3fa2IFT0kgNhH/R5ZOwtnHwccE1
0UcjhOx+yaJfPp4JOHlkcX46a+9G8YYUKZOTd+7XrpucZX+xWayWkfV6Zl+YNX9K
wn73P7tDuNS+5575Y1bBQqZ43QIDAQABo4IClTCCApEwHQYDVR0OBBYEFLRxTPru
nxWlZOPMUG2BlwvmdCdCMB8GA1UdIwQYMBaAFCwZF1MlpfNsC7WPkhGeZYIMj9V7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q3Mi80NTc2QTY3MjI2
MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgyd0x0WS1TRVo1bGdneVAx
WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xCa1hVeVdsODJ3THRZLVNFWjVsZ2d5UDFYcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUNENzIvNDU3NkE2NzIyNjEyMTFFQ0I5MzE5OTQyQzRGOUFFMDIvQkQ0RTg1QjA5
RTYzMTFFQ0E2RUM4MDcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKKwYwDQYJKoZIhvcNAQELBQADggEBALCNo8hLT7Brr785
pvV1yBmwGFn55A5cyHXJRQ8V3NNco9uvgKNx1aVesk1KcqcM6Bl9gEVps+IcNOhT
kZcsUJIyttBt+iYVgLwPYH2erTEHw8Ypy1Yr05INt97hTB4d6lwT1J7YNagMTS/X
rHgf5rclg+Zxo8Yh8+GT5cEyKmW2hp+3bBx+7R2qN+9geGcgz+gc3EttmU9G+2nt
o++6nDCCWKVSn0LKOEgHr5aDZ5xFWMBLB6nAEzEmewSN4eX751ZpsU9UH0+phGxm
8WorXH2HYMwr/1aN1OF518EXC3CrRWAwJzJ+lugKeP8I04303P6QqPUh4Fmuc1fP
1jc/ZUg=
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:24:03 2025 by rpki-client