Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919AB89/CE06A9EC9BDA11EA82336A50C4F9AE02/1272DB7A5E9411EF8F629227C4F9AE02.roa
File: 1272DB7A5E9411EF8F629227C4F9AE02.roa (raw, json)
Hash identifier: MDNFqFfY3zWOF+QV9ZRjj8KrmxnxQxZQ1F22UzD9wD8=
Subject key identifier: 53:34:F6:40:C4:FC:D7:E1:66:CF:3C:3F:29:F6:C6:12:DF:A1:A7:BC
Certificate issuer: /CN=A919AB89/serialNumber=947EFD1BF6F93A98DFEBC153DAB0DA77CC4028C7
Certificate serial: 08CA
Authority key identifier: 94:7E:FD:1B:F6:F9:3A:98:DF:EB:C1:53:DA:B0:DA:77:CC:40:28:C7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lH79G_b5Opjf68FT2rDad8xAKMc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919AB89/CE06A9EC9BDA11EA82336A50C4F9AE02/1272DB7A5E9411EF8F629227C4F9AE02.roa
Signing time: Tue 20 Aug 2024 01:32:33 +0000
ROA not before: Tue 20 Aug 2024 01:32:33 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 14618
IP address blocks: 202.160.115.0/24 maxlen: 24
202.160.117.0/24 maxlen: 24
202.160.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2250 (0x8ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919AB89, serialNumber=947EFD1BF6F93A98DFEBC153DAB0DA77CC4028C7
Validity
Not Before: Aug 20 01:32:33 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=66c3f231-206e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ae:6d:02:3a:03:8f:bd:67:fb:73:d0:4c:8b:
38:69:07:fe:f6:a0:b4:60:60:ab:ba:d3:31:89:ba:
e8:52:58:8c:ea:a1:a4:f0:58:5e:36:b0:1f:71:87:
85:8b:c9:70:d6:c8:8d:bf:5e:94:fe:34:80:5f:df:
e8:44:ff:21:ff:59:39:0f:10:28:62:9a:c0:13:51:
67:f8:7b:64:cc:0b:17:83:94:ec:1e:52:90:fe:ae:
4a:25:b8:a3:ee:f8:0c:2d:96:4a:90:b8:31:1f:5f:
ce:7a:41:ba:5f:a1:15:07:b7:bd:2d:1d:e4:a8:f2:
16:26:e2:92:1c:53:97:4d:0a:df:2d:b0:a1:f8:95:
35:bc:55:f3:8d:57:be:57:db:d5:c1:aa:8b:7b:85:
95:24:13:73:83:b6:50:62:18:d6:79:a1:5b:c9:dc:
3f:e9:06:0b:29:67:26:5a:07:55:5c:5e:8d:65:ba:
55:db:72:22:b1:e0:65:fe:1f:21:52:6f:f2:b0:d1:
37:ac:81:ba:30:a8:f2:4a:ec:1c:c9:89:29:ba:02:
13:a4:ec:6a:93:07:47:ba:4c:02:06:52:1e:3f:34:
99:e9:25:a9:4c:3d:63:e3:25:e7:96:5e:9a:75:a9:
26:7a:2e:83:ed:11:b5:aa:b6:0c:65:52:70:30:8c:
3e:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:34:F6:40:C4:FC:D7:E1:66:CF:3C:3F:29:F6:C6:12:DF:A1:A7:BC
X509v3 Authority Key Identifier:
keyid:94:7E:FD:1B:F6:F9:3A:98:DF:EB:C1:53:DA:B0:DA:77:CC:40:28:C7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919AB89/CE06A9EC9BDA11EA82336A50C4F9AE02/lH79G_b5Opjf68FT2rDad8xAKMc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lH79G_b5Opjf68FT2rDad8xAKMc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919AB89/CE06A9EC9BDA11EA82336A50C4F9AE02/1272DB7A5E9411EF8F629227C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.160.115.0/24
202.160.117.0/24
202.160.119.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:5f:aa:9b:85:62:32:8a:31:a5:1a:85:d6:b0:e9:cf:ee:52:
25:9f:59:51:1d:3c:03:19:5c:30:f3:46:7f:7f:d0:ae:cd:01:
a1:93:42:7a:ee:79:1c:5d:6c:2f:74:56:b3:31:dd:37:ca:51:
ac:de:f8:16:c3:b9:fc:57:cd:c1:c1:8d:91:ef:d7:8f:7d:81:
47:ed:07:b9:d0:73:37:7c:12:f1:59:28:50:56:ae:8e:47:af:
44:35:d0:85:9b:e7:38:08:c2:39:dd:32:e3:8f:fd:4a:5d:54:
49:a1:9a:2e:2c:63:60:b9:33:84:26:c8:a5:e9:38:09:75:db:
21:e0:15:0f:5e:7c:ef:28:cb:66:c7:14:85:86:04:b3:ee:3a:
d8:6e:4b:29:e1:9f:03:7b:59:b9:3a:cc:cb:2f:0f:66:29:84:
7a:1a:49:e3:77:0c:2c:ac:1d:c4:b6:31:74:32:ce:4d:4a:48:
9a:27:0c:b1:84:f3:12:41:a7:01:6f:1e:63:71:a6:67:22:72:
b1:61:29:cd:ce:dd:91:1c:a4:0e:80:92:5c:e6:f5:f4:b0:8a:
46:34:87:10:7f:76:84:73:ed:3e:b4:6c:fc:12:c3:88:36:76:
4c:08:cc:b9:6b:c5:83:27:a0:56:66:21:3b:ff:ee:ca:d2:99:
1e:34:bf:c5
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICCMowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUFCODkxMTAvBgNVBAUTKDk0N0VGRDFCRjZGOTNBOThERkVCQzE1M0RBQjBEQTc3
Q0M0MDI4QzcwHhcNMjQwODIwMDEzMjMzWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmMzZjIzMS0yMDZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv65tAjoDj71n+3PQTIs4aQf+9qC0YGCrutMxibroUliM6qGk8FheNrAfcYeF
i8lw1siNv16U/jSAX9/oRP8h/1k5DxAoYprAE1Fn+HtkzAsXg5TsHlKQ/q5KJbij
7vgMLZZKkLgxH1/OekG6X6EVB7e9LR3kqPIWJuKSHFOXTQrfLbCh+JU1vFXzjVe+
V9vVwaqLe4WVJBNzg7ZQYhjWeaFbydw/6QYLKWcmWgdVXF6NZbpV23IiseBl/h8h
Um/ysNE3rIG6MKjySuwcyYkpugITpOxqkwdHukwCBlIePzSZ6SWpTD1j4yXnll6a
dakmei6D7RG1qrYMZVJwMIw+7QIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFFM09kDE
/NfhZs88Pyn2xhLfoae8MB8GA1UdIwQYMBaAFJR+/Rv2+TqY3+vBU9qw2nfMQCjH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QUI4OS9DRTA2QTlFQzlC
REExMUVBODIzMzZBNTBDNEY5QUUwMi9sSDc5R19iNU9wamY2OEZUMnJEYWQ4eEFL
TWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xINzlHX2I1T3BqZjY4RlQyckRhZDh4QUtNYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUFCODkvQ0UwNkE5RUM5QkRBMTFFQTgyMzM2QTUwQzRGOUFFMDIvMTI3MkRCN0E1
RTk0MTFFRjhGNjI5MjI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBADKoHMDBADKoHUDBADKoHcwDQYJKoZIhvcNAQELBQADggEB
AItfqpuFYjKKMaUahdaw6c/uUiWfWVEdPAMZXDDzRn9/0K7NAaGTQnrueRxdbC90
VrMx3TfKUaze+BbDufxXzcHBjZHv1499gUftB7nQczd8EvFZKFBWro5Hr0Q10IWb
5zgIwjndMuOP/UpdVEmhmi4sY2C5M4QmyKXpOAl12yHgFQ9efO8oy2bHFIWGBLPu
OthuSynhnwN7Wbk6zMsvD2YphHoaSeN3DCysHcS2MXQyzk1KSJonDLGE8xJBpwFv
HmNxpmcicrFhKc3O3ZEcpA6Aklzm9fSwikY0hxB/doRz7T60bPwSw4g2dkwIzLlr
xYMnoFZmITv/7srSmR40v8U=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:03:03 2025 by rpki-client