Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5F9FA12E0CA411ED96936D79C4F9AE02.roa
File: 5F9FA12E0CA411ED96936D79C4F9AE02.roa (raw, json)
Hash identifier: 0ekBq+u3qTtCrN1H3WBpcyEBXqtT/nmRB1wnzUy864Q=
Subject key identifier: 51:C4:53:BB:DB:2D:1E:53:73:60:F2:24:F4:DC:1F:61:53:CE:75:2C
Certificate issuer: /CN=A91E504E/serialNumber=E477D38AAAC4A37CC6DF1665BF1C880AF99B7B4F
Certificate serial: 031E
Authority key identifier: E4:77:D3:8A:AA:C4:A3:7C:C6:DF:16:65:BF:1C:88:0A:F9:9B:7B:4F
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5HfTiqrEo3zG3xZlvxyICvmbe08.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5F9FA12E0CA411ED96936D79C4F9AE02.roa
Signing time: Fri 19 Jul 2024 02:24:14 +0000
ROA not before: Fri 19 Jul 2024 02:24:14 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 133861
IP address blocks: 208.87.200.0/24 maxlen: 24
208.87.201.0/24 maxlen: 24
208.87.202.0/24 maxlen: 24
208.87.203.0/24 maxlen: 24
208.87.204.0/24 maxlen: 24
208.87.205.0/24 maxlen: 24
208.87.206.0/24 maxlen: 24
208.87.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 798 (0x31e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E504E
Validity
Not Before: Jul 19 02:24:14 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6699ce4d-8550
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:05:fb:57:8c:2a:bf:cf:1c:f6:0c:e9:74:7a:
b9:dd:02:2b:67:00:4c:63:55:c3:4b:70:e7:f5:9d:
aa:0a:ec:21:27:8c:08:f1:cb:ab:39:da:f7:43:6d:
20:ee:38:3e:f8:77:0c:76:0c:f0:8b:97:f4:d7:92:
00:16:a1:0a:95:5f:1b:8b:85:88:38:3a:a4:91:df:
e6:eb:c8:b2:69:35:69:d4:1a:65:4b:56:e2:e8:d0:
f2:2f:7e:60:67:84:dc:2d:a2:4f:87:d0:e8:d1:ae:
e4:45:22:7e:54:4b:e9:fb:d9:4b:26:d0:96:20:29:
e7:1e:d3:4e:49:93:c7:56:65:5b:89:2d:72:fb:ca:
4b:27:91:80:9e:7e:18:1a:54:d2:a5:8c:a6:81:c3:
c7:ff:78:e7:cc:a9:8f:7e:62:ad:e1:77:6b:aa:fa:
fb:45:3e:73:e9:b3:ca:b8:db:bc:50:64:4b:7a:f4:
ee:34:72:12:49:c6:7d:c0:65:f2:16:44:08:f7:66:
60:a1:92:97:21:2b:e0:76:06:ba:65:db:69:ee:1a:
e6:39:27:ae:2f:ea:43:84:02:02:cc:b7:64:b4:bd:
8c:a9:31:e1:0a:71:92:80:3a:6d:a3:56:db:41:43:
10:8a:a8:3e:ee:a0:73:70:c7:4b:49:a1:77:44:9b:
ae:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:C4:53:BB:DB:2D:1E:53:73:60:F2:24:F4:DC:1F:61:53:CE:75:2C
X509v3 Authority Key Identifier:
keyid:E4:77:D3:8A:AA:C4:A3:7C:C6:DF:16:65:BF:1C:88:0A:F9:9B:7B:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5HfTiqrEo3zG3xZlvxyICvmbe08.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5HfTiqrEo3zG3xZlvxyICvmbe08.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5F9FA12E0CA411ED96936D79C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
208.87.200.0/21
Signature Algorithm: sha256WithRSAEncryption
a8:27:f2:cb:d9:89:35:de:4a:92:fd:aa:53:99:76:ea:56:52:
15:61:e2:e1:4e:f7:8e:04:dc:6a:f6:e5:f0:76:69:81:31:23:
a2:36:b5:90:8b:fd:2c:d5:15:8b:5a:30:c0:e4:fa:a1:2a:78:
17:13:d0:e9:b9:79:9e:00:0b:57:3f:6a:55:37:62:f0:86:dd:
07:1a:8a:df:93:63:dd:2d:0f:75:12:67:44:df:6a:06:70:20:
d5:ba:7f:e7:58:ee:2d:03:2e:9b:d9:73:5e:b5:9c:e5:12:c2:
50:39:e5:1a:c9:32:b7:97:3a:43:2a:2c:f2:43:ce:12:08:64:
bb:9b:47:4f:0b:5e:ac:1e:25:d3:8f:51:88:c0:d2:6e:8a:a8:
68:b1:dd:df:ec:f6:a8:23:6c:2e:01:1f:e0:ed:24:d6:53:4c:
68:b7:9b:61:03:78:b6:16:ae:05:4d:40:6c:48:3b:4f:13:89:
17:a3:5c:15:42:6c:71:48:3d:0f:52:41:2d:dd:09:8f:c3:8f:
bb:97:64:8d:72:9e:a9:36:c8:e8:e9:7c:53:00:57:34:8e:33:
a0:d4:72:f5:db:30:11:5d:ed:47:ab:c7:79:12:49:0f:21:c4:
eb:8f:e7:d9:80:cd:45:c6:23:11:ab:eb:74:be:47:42:85:d0:
36:78:1a:4e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAx4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTUwNEUxMTAvBgNVBAUTKEU0NzdEMzhBQUFDNEEzN0NDNkRGMTY2NUJGMUM4ODBB
Rjk5QjdCNEYwHhcNMjQwNzE5MDIyNDE0WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njk5Y2U0ZC04NTUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoAX7V4wqv88c9gzpdHq53QIrZwBMY1XDS3Dn9Z2qCuwhJ4wI8curOdr3Q20g
7jg++HcMdgzwi5f015IAFqEKlV8bi4WIODqkkd/m68iyaTVp1BplS1bi6NDyL35g
Z4TcLaJPh9Do0a7kRSJ+VEvp+9lLJtCWICnnHtNOSZPHVmVbiS1y+8pLJ5GAnn4Y
GlTSpYymgcPH/3jnzKmPfmKt4Xdrqvr7RT5z6bPKuNu8UGRLevTuNHISScZ9wGXy
FkQI92ZgoZKXISvgdga6Zdtp7hrmOSeuL+pDhAICzLdktL2MqTHhCnGSgDpto1bb
QUMQiqg+7qBzcMdLSaF3RJuu+QIDAQABo4IClTCCApEwHQYDVR0OBBYEFFHEU7vb
LR5Tc2DyJPTcH2FTznUsMB8GA1UdIwQYMBaAFOR304qqxKN8xt8WZb8ciAr5m3tP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTA0RS80RTNFMzY3RTk2
MDgxMUVDQTA0QTAwODZDNEY5QUUwMi81SGZUaXFyRW8zekczeFpsdnh5SUN2bWJl
MDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzVIZlRpcXJFbzN6RzN4Wmx2eHlJQ3ZtYmUwOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTUwNEUvNEUzRTM2N0U5NjA4MTFFQ0EwNEEwMDg2QzRGOUFFMDIvNUY5RkExMkUw
Q0E0MTFFRDk2OTM2RDc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAPQV8gwDQYJKoZIhvcNAQELBQADggEBAKgn8svZiTXeSpL9
qlOZdupWUhVh4uFO944E3Gr25fB2aYExI6I2tZCL/SzVFYtaMMDk+qEqeBcT0Om5
eZ4AC1c/alU3YvCG3Qcait+TY90tD3USZ0TfagZwINW6f+dY7i0DLpvZc161nOUS
wlA55RrJMreXOkMqLPJDzhIIZLubR08LXqweJdOPUYjA0m6KqGix3d/s9qgjbC4B
H+DtJNZTTGi3m2EDeLYWrgVNQGxIO08TiRejXBVCbHFIPQ9SQS3dCY/Dj7uXZI1y
nqk2yOjpfFMAVzSOM6DUcvXbMBFd7Uerx3kSSQ8hxOuP59mAzUXGIxGr63S+R0KF
0DZ4Gk4=
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:24:58 2025 by rpki-client