Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DCD09/EAC7EEA0112D11EC8D87057DC4F9AE02/0ECA9B023D9F11EC9EC18739C4F9AE02.roa
File: 0ECA9B023D9F11EC9EC18739C4F9AE02.roa (raw, json)
Hash identifier: Cywfb2Rnt+MB9wFrcD0/BbNel0gnNnVhinHv2K8l9OM=
Subject key identifier: B4:E2:79:2B:55:97:42:E8:11:17:50:B1:C7:8B:88:DA:75:14:F2:90
Certificate issuer: /CN=A91DCD09/serialNumber=ADB98978FD751F99D9A8EB2AE72D3C0C550453A4
Certificate serial: 049D
Authority key identifier: AD:B9:89:78:FD:75:1F:99:D9:A8:EB:2A:E7:2D:3C:0C:55:04:53:A4
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rbmJeP11H5nZqOsq5y08DFUEU6Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DCD09/EAC7EEA0112D11EC8D87057DC4F9AE02/0ECA9B023D9F11EC9EC18739C4F9AE02.roa
Signing time: Tue 24 Sep 2024 16:54:17 +0000
ROA not before: Tue 24 Sep 2024 16:54:17 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 134433
IP address blocks: 213.170.156.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1181 (0x49d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DCD09
Validity
Not Before: Sep 24 16:54:17 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66f2eeb8-b46a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fa:f3:f5:dd:07:ed:42:a8:58:96:73:b4:00:
77:f3:5c:40:64:4a:0a:45:07:72:8f:90:74:04:69:
58:79:12:19:73:0c:47:65:55:31:a3:26:2e:a3:08:
0e:82:66:00:b6:fa:46:e9:b0:10:aa:6b:d9:46:8d:
31:d2:d5:64:47:9d:40:e8:bb:99:e7:3d:be:a2:09:
6f:4a:69:f0:f0:b6:64:15:1d:dc:94:ef:cf:4f:96:
27:40:55:5f:da:00:5f:ed:8a:6d:ee:c5:e3:05:c7:
03:a0:92:0a:ff:aa:ef:46:a9:64:cb:90:93:76:d2:
91:86:7d:89:6b:bc:40:25:37:8a:64:3c:22:40:82:
37:7c:ba:91:e0:99:85:2f:9b:5b:a7:40:80:7c:0f:
08:34:10:94:77:99:35:ac:5f:fc:df:3b:b3:4d:db:
3d:e7:3f:69:25:b6:5f:82:33:92:b7:f4:bf:f6:6c:
59:05:d5:f4:73:28:0f:bf:20:c7:8c:13:9b:17:11:
be:46:2a:45:b3:35:ba:ca:51:f4:41:74:07:00:dc:
cc:49:e4:09:33:0c:3d:71:67:0c:b8:96:7f:89:04:
76:43:42:19:d1:80:21:16:48:dd:c9:8e:c7:56:a4:
5b:4e:49:f7:4e:0c:88:e1:b1:d9:33:92:93:57:7d:
cb:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E2:79:2B:55:97:42:E8:11:17:50:B1:C7:8B:88:DA:75:14:F2:90
X509v3 Authority Key Identifier:
keyid:AD:B9:89:78:FD:75:1F:99:D9:A8:EB:2A:E7:2D:3C:0C:55:04:53:A4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DCD09/EAC7EEA0112D11EC8D87057DC4F9AE02/rbmJeP11H5nZqOsq5y08DFUEU6Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rbmJeP11H5nZqOsq5y08DFUEU6Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DCD09/EAC7EEA0112D11EC8D87057DC4F9AE02/0ECA9B023D9F11EC9EC18739C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
213.170.156.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:0e:42:03:6a:46:57:9b:26:8d:44:76:29:25:03:f5:fd:1a:
9f:47:80:b7:b2:db:3a:28:bd:37:1f:5b:c9:60:08:94:31:27:
ca:95:ea:ad:15:f1:4a:93:5b:d7:6d:c5:61:6d:dd:79:09:88:
35:3c:7a:13:43:83:14:83:eb:05:0c:6a:bf:0b:4d:44:63:b7:
1b:d5:4f:75:d8:97:16:c5:1a:30:0b:d0:65:1f:e4:7d:eb:cb:
b8:a3:0b:0f:7d:0e:b0:c3:04:22:09:95:df:51:e1:99:d0:29:
58:e3:e2:9a:1c:6a:fb:47:cd:76:a7:3e:00:28:c6:19:19:a4:
f1:ac:06:61:ed:ef:40:c8:c2:fd:2a:2b:c3:fc:f7:4d:a3:97:
ad:90:40:41:7f:54:68:52:3f:47:81:49:29:45:14:bb:9d:c1:
29:26:2c:31:30:eb:18:09:9b:ac:95:3f:8b:7b:eb:72:20:df:
9a:d3:0d:eb:ee:c0:b0:60:82:c0:d6:c6:1f:8b:fa:22:41:e6:
f7:ad:86:a3:60:92:c6:5a:6d:dd:aa:23:5a:3a:1c:42:c7:7f:
0f:9a:a1:cf:1d:20:ca:5e:1e:4a:a2:fb:7e:4c:e2:54:c1:91:
44:d6:76:dd:8e:09:fb:00:ca:32:bd:1e:2c:35:3b:ec:b3:e3:
d9:86:c6:16
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBJ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RENEMDkxMTAvBgNVBAUTKEFEQjk4OTc4RkQ3NTFGOTlEOUE4RUIyQUU3MkQzQzBD
NTUwNDUzQTQwHhcNMjQwOTI0MTY1NDE3WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYyZWViOC1iNDZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsvrz9d0H7UKoWJZztAB381xAZEoKRQdyj5B0BGlYeRIZcwxHZVUxoyYuowgO
gmYAtvpG6bAQqmvZRo0x0tVkR51A6LuZ5z2+oglvSmnw8LZkFR3clO/PT5YnQFVf
2gBf7Ypt7sXjBccDoJIK/6rvRqlky5CTdtKRhn2Ja7xAJTeKZDwiQII3fLqR4JmF
L5tbp0CAfA8INBCUd5k1rF/83zuzTds95z9pJbZfgjOSt/S/9mxZBdX0cygPvyDH
jBObFxG+RipFszW6ylH0QXQHANzMSeQJMww9cWcMuJZ/iQR2Q0IZ0YAhFkjdyY7H
VqRbTkn3TgyI4bHZM5KTV33L7QIDAQABo4IClTCCApEwHQYDVR0OBBYEFLTieStV
l0LoERdQsceLiNp1FPKQMB8GA1UdIwQYMBaAFK25iXj9dR+Z2ajrKuctPAxVBFOk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQ0QwOS9FQUM3RUVBMDEx
MkQxMUVDOEQ4NzA1N0RDNEY5QUUwMi9yYm1KZVAxMUg1blpxT3NxNXkwOERGVUVV
NlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL3JibUplUDExSDVuWnFPc3E1eTA4REZVRVU2US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RENEMDkvRUFDN0VFQTAxMTJEMTFFQzhEODcwNTdEQzRGOUFFMDIvMEVDQTlCMDIz
RDlGMTFFQzlFQzE4NzM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALVqpwwDQYJKoZIhvcNAQELBQADggEBAIoOQgNqRlebJo1E
diklA/X9Gp9HgLey2zoovTcfW8lgCJQxJ8qV6q0V8UqTW9dtxWFt3XkJiDU8ehND
gxSD6wUMar8LTURjtxvVT3XYlxbFGjAL0GUf5H3ry7ijCw99DrDDBCIJld9R4ZnQ
KVjj4pocavtHzXanPgAoxhkZpPGsBmHt70DIwv0qK8P8902jl62QQEF/VGhSP0eB
SSlFFLudwSkmLDEw6xgJm6yVP4t763Ig35rTDevuwLBggsDWxh+L+iJB5vethqNg
ksZabd2qI1o6HELHfw+aoc8dIMpeHkqi+35M4lTBkUTWdt2OCfsAyjK9Hiw1O+yz
49mGxhY=
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:48:00 2025 by rpki-client