Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA8C2/95A69BE2005311F08E73E14AC4F9AE02/32EE2B68005411F08A6FEB4BC4F9AE02.roa
File: 32EE2B68005411F08A6FEB4BC4F9AE02.roa (raw, json)
Hash identifier: wwcr+8+DOyZmloRteEL56x1j3vM+7vfdbP5INKVgy7U=
Subject key identifier: 41:29:CA:BE:C1:90:F7:EF:CE:7A:15:22:67:9C:89:85:17:22:08:30
Certificate issuer: /CN=A91DA8C2/serialNumber=D24FCCAD3ACE7FFE5BF02A6A8F68C0602E1C1B51
Certificate serial: 02
Authority key identifier: D2:4F:CC:AD:3A:CE:7F:FE:5B:F0:2A:6A:8F:68:C0:60:2E:1C:1B:51
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0k_MrTrOf_5b8Cpqj2jAYC4cG1E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA8C2/95A69BE2005311F08E73E14AC4F9AE02/32EE2B68005411F08A6FEB4BC4F9AE02.roa
Signing time: Thu 13 Mar 2025 21:43:28 +0000
ROA not before: Thu 13 Mar 2025 21:43:28 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 36352
IP address blocks: 203.25.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA8C2
Validity
Not Before: Mar 13 21:43:28 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67d35180-ab66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b4:4c:fc:3e:a1:c5:18:20:15:7b:ee:26:59:
fc:d6:61:58:7e:9b:88:2e:eb:65:f2:63:69:3d:96:
5f:fd:56:73:9f:2b:83:2b:0b:50:1b:22:79:10:f0:
80:4b:2e:de:3d:3f:d0:92:cb:db:b1:b2:ea:72:ba:
16:29:f8:ca:72:f8:c4:a3:3a:e9:87:bc:43:f8:96:
06:13:cf:48:38:6f:cb:29:00:7a:df:a1:4c:cf:a4:
6a:67:62:2c:12:4d:93:d7:8d:d3:0f:85:06:14:52:
da:57:87:7e:ac:cd:c7:fa:11:09:35:c6:fa:62:81:
1b:56:cf:4f:24:ef:e9:92:3a:2e:85:2e:31:df:85:
bb:f3:99:35:94:57:a7:a8:6a:10:52:b6:65:f1:57:
1b:a6:e6:ed:55:f0:b5:59:96:e0:12:4b:8c:c4:55:
06:5c:4d:e5:60:99:3c:b3:48:d2:b2:0b:73:b1:f5:
0c:cd:0a:f3:8d:1c:d7:01:73:2f:8a:51:79:e1:9c:
2a:57:ff:12:76:52:4d:f9:7b:aa:56:88:30:c4:96:
5b:bf:1f:d8:d6:76:57:89:29:ae:f3:ad:94:2a:8b:
d1:23:05:30:59:a9:60:70:4c:b9:37:ae:90:cd:bf:
4c:6a:aa:a8:ef:1a:2d:d1:34:fb:d9:2f:8c:64:6d:
53:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:29:CA:BE:C1:90:F7:EF:CE:7A:15:22:67:9C:89:85:17:22:08:30
X509v3 Authority Key Identifier:
keyid:D2:4F:CC:AD:3A:CE:7F:FE:5B:F0:2A:6A:8F:68:C0:60:2E:1C:1B:51
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA8C2/95A69BE2005311F08E73E14AC4F9AE02/0k_MrTrOf_5b8Cpqj2jAYC4cG1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0k_MrTrOf_5b8Cpqj2jAYC4cG1E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA8C2/95A69BE2005311F08E73E14AC4F9AE02/32EE2B68005411F08A6FEB4BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.25.159.0/24
Signature Algorithm: sha256WithRSAEncryption
16:32:7f:af:61:a4:32:33:84:6f:1c:e9:d5:51:ed:e5:42:6c:
36:6c:ac:ae:be:35:66:54:f5:f3:73:2a:fd:76:86:8b:3e:3b:
43:3a:53:82:cd:01:f6:d7:81:ea:70:c8:73:8f:66:06:69:42:
df:28:63:32:a0:00:88:e1:8e:53:86:dd:9e:79:fa:53:d0:26:
5b:bf:c4:4d:08:02:7f:2e:30:0e:1e:b6:33:23:d5:b0:be:e5:
2a:56:9c:e0:d9:12:af:83:f3:7e:78:73:11:48:71:ff:85:9a:
e3:2c:2a:2f:de:57:12:73:51:a1:d3:4c:2b:c2:d5:6d:c6:c5:
d3:f5:ca:b5:81:5d:72:f7:88:0c:d1:88:4f:35:0d:c5:13:d8:
5b:90:07:61:f0:99:2a:2f:ad:2c:49:ab:00:3a:28:c8:58:b5:
80:d4:e8:bd:0b:98:82:e3:a7:b8:f2:a6:0a:8e:30:11:8a:17:
11:13:03:bd:23:46:4e:3b:21:64:ff:52:7a:7e:9c:fb:b7:9d:
26:8c:1e:71:ea:ad:b4:f6:3d:44:88:b9:65:4c:ea:7f:d9:50:
4b:cb:0c:5a:bf:d3:4b:b5:7a:2d:f1:65:1a:74:81:a5:16:d4:
fb:e0:ad:24:c5:b0:ed:04:27:a7:77:47:dd:37:60:92:0e:14:
2f:09:ec:09
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
QThDMjExMC8GA1UEBRMoRDI0RkNDQUQzQUNFN0ZGRTVCRjAyQTZBOEY2OEMwNjAy
RTFDMUI1MTAeFw0yNTAzMTMyMTQzMjhaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ZDM1MTgwLWFiNjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLtEz8PqHFGCAVe+4mWfzWYVh+m4gu62XyY2k9ll/9VnOfK4MrC1AbInkQ8IBL
Lt49P9CSy9uxsupyuhYp+Mpy+MSjOumHvEP4lgYTz0g4b8spAHrfoUzPpGpnYiwS
TZPXjdMPhQYUUtpXh36szcf6EQk1xvpigRtWz08k7+mSOi6FLjHfhbvzmTWUV6eo
ahBStmXxVxum5u1V8LVZluASS4zEVQZcTeVgmTyzSNKyC3Ox9QzNCvONHNcBcy+K
UXnhnCpX/xJ2Uk35e6pWiDDEllu/H9jWdleJKa7zrZQqi9EjBTBZqWBwTLk3rpDN
v0xqqqjvGi3RNPvZL4xkbVM9AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUQSnKvsGQ
9+/OehUiZ5yJhRciCDAwHwYDVR0jBBgwFoAU0k/MrTrOf/5b8Cpqj2jAYC4cG1Ew
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURBOEMyLzk1QTY5QkUyMDA1
MzExRjA4RTczRTE0QUM0RjlBRTAyLzBrX01yVHJPZl81YjhDcHFqMmpBWUM0Y0cx
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMGtfTXJUck9mXzViOENwcWoyakFZQzRjRzFFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
QThDMi85NUE2OUJFMjAwNTMxMUYwOEU3M0UxNEFDNEY5QUUwMi8zMkVFMkI2ODAw
NTQxMUYwOEE2RkVCNEJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMsZnzANBgkqhkiG9w0BAQsFAAOCAQEAFjJ/r2GkMjOEbxzp
1VHt5UJsNmysrr41ZlT183Mq/XaGiz47QzpTgs0B9teB6nDIc49mBmlC3yhjMqAA
iOGOU4bdnnn6U9AmW7/ETQgCfy4wDh62MyPVsL7lKlac4NkSr4PzfnhzEUhx/4Wa
4ywqL95XEnNRodNMK8LVbcbF0/XKtYFdcveIDNGITzUNxRPYW5AHYfCZKi+tLEmr
ADooyFi1gNTovQuYguOnuPKmCo4wEYoXERMDvSNGTjshZP9Sen6c+7edJoweceqt
tPY9RIi5ZUzqf9lQS8sMWr/TS7V6LfFlGnSBpRbU++CtJMWw7QQnp3dH3Tdgkg4U
LwnsCQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:27:58 2025 by rpki-client