Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919AB89/CE06A9EC9BDA11EA82336A50C4F9AE02/134F9F605E9411EF8F629227C4F9AE02.roa
File: 134F9F605E9411EF8F629227C4F9AE02.roa (raw, json)
Hash identifier: AdECqSABxkbpyI+HtW+SDK6sVKPFuyhMlbMj26e+gZ8=
Subject key identifier: 9D:53:3B:1D:38:A0:DA:2F:86:BB:C5:DA:D0:8A:8B:51:72:A8:2F:D6
Certificate issuer: /CN=A919AB89/serialNumber=947EFD1BF6F93A98DFEBC153DAB0DA77CC4028C7
Certificate serial: 08CB
Authority key identifier: 94:7E:FD:1B:F6:F9:3A:98:DF:EB:C1:53:DA:B0:DA:77:CC:40:28:C7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lH79G_b5Opjf68FT2rDad8xAKMc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919AB89/CE06A9EC9BDA11EA82336A50C4F9AE02/134F9F605E9411EF8F629227C4F9AE02.roa
Signing time: Tue 20 Aug 2024 01:32:35 +0000
ROA not before: Tue 20 Aug 2024 01:32:35 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 16509
IP address blocks: 202.160.115.0/24 maxlen: 24
202.160.117.0/24 maxlen: 24
202.160.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2251 (0x8cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919AB89, serialNumber=947EFD1BF6F93A98DFEBC153DAB0DA77CC4028C7
Validity
Not Before: Aug 20 01:32:35 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=66c3f232-d864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:53:d6:1a:0b:a9:18:82:1f:08:53:f2:2a:bf:
d0:91:0b:40:f1:27:5c:06:69:da:90:20:52:af:1e:
04:26:26:cd:09:59:f6:13:09:40:32:f3:a0:d9:da:
84:09:35:04:5c:cc:6a:17:d7:d5:71:f4:f6:2a:d3:
31:51:13:d2:92:f9:e7:95:2e:fd:15:6e:2f:2d:9e:
c6:d1:23:dc:d2:a0:c9:e2:f3:69:fd:61:37:e1:be:
89:1f:ac:7d:c3:02:58:b0:ff:f8:37:cd:d0:f0:c7:
6e:1f:38:d6:e1:39:bf:ff:8f:4b:c7:39:b2:fa:d6:
72:2c:44:64:2e:54:36:06:cc:ae:0f:b0:98:0d:6c:
d9:41:ca:f0:72:29:16:9e:8d:d4:22:00:98:c2:50:
27:31:45:15:88:8a:d9:f4:2e:5d:aa:18:e0:5c:c1:
aa:d8:0a:4b:ba:af:17:52:d3:59:8b:4f:4c:86:d2:
6d:eb:78:63:96:b0:e7:7b:1b:c1:1f:12:45:66:ed:
f0:51:2a:e1:4a:c4:c3:0b:ac:99:d6:e5:5c:2e:b2:
16:e5:22:ce:f1:0d:ef:b4:5d:c2:33:66:40:4e:b8:
25:b4:e3:cc:1a:fa:98:80:32:0c:5e:9a:90:5f:1f:
b8:63:1c:34:84:01:33:09:47:66:83:0b:97:30:86:
b9:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:53:3B:1D:38:A0:DA:2F:86:BB:C5:DA:D0:8A:8B:51:72:A8:2F:D6
X509v3 Authority Key Identifier:
keyid:94:7E:FD:1B:F6:F9:3A:98:DF:EB:C1:53:DA:B0:DA:77:CC:40:28:C7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919AB89/CE06A9EC9BDA11EA82336A50C4F9AE02/lH79G_b5Opjf68FT2rDad8xAKMc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lH79G_b5Opjf68FT2rDad8xAKMc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919AB89/CE06A9EC9BDA11EA82336A50C4F9AE02/134F9F605E9411EF8F629227C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.160.115.0/24
202.160.117.0/24
202.160.119.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:2e:fa:81:cd:54:d2:5b:ff:a3:8d:d8:f1:33:02:5e:8d:ff:
a1:9b:7a:c6:c7:5d:7d:07:24:a3:c6:fb:32:63:93:14:26:3a:
2f:0e:5f:75:97:89:e8:8a:5e:c6:48:53:f2:6e:14:24:61:e2:
cd:66:42:b8:11:26:33:e3:3b:da:af:bf:da:42:81:77:2c:cc:
df:fc:27:2e:80:8b:4d:65:ed:fd:3e:e1:de:7c:ef:56:e6:17:
aa:ae:f0:18:a2:ac:19:98:28:8d:e0:69:57:fe:b9:23:27:8b:
e7:c8:c7:fa:fa:50:ad:d2:1a:20:0f:cd:43:82:f8:74:1e:bf:
87:22:df:21:7f:59:67:9d:09:18:6a:a2:d5:0b:77:2d:2f:ea:
e9:1c:f3:61:3b:b0:c8:8b:86:39:a3:db:72:bf:74:b5:10:6f:
3f:7d:73:78:3f:2d:0f:74:fc:aa:8e:22:86:38:e4:c0:9c:1d:
fb:ba:23:f0:98:ae:04:68:93:a1:49:a7:03:57:19:dc:25:94:
ce:ea:c3:77:ba:b4:65:ab:0e:51:b5:53:d4:4c:f1:29:b4:8f:
82:3b:b5:35:79:fb:70:9c:2d:40:d7:73:e7:da:ec:ed:03:29:
9b:59:1a:11:c8:23:96:dd:1d:77:49:99:76:95:5c:0f:40:bf:
7d:3a:4d:9d
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICCMswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUFCODkxMTAvBgNVBAUTKDk0N0VGRDFCRjZGOTNBOThERkVCQzE1M0RBQjBEQTc3
Q0M0MDI4QzcwHhcNMjQwODIwMDEzMjM1WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmMzZjIzMi1kODY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu1PWGgupGIIfCFPyKr/QkQtA8SdcBmnakCBSrx4EJibNCVn2EwlAMvOg2dqE
CTUEXMxqF9fVcfT2KtMxURPSkvnnlS79FW4vLZ7G0SPc0qDJ4vNp/WE34b6JH6x9
wwJYsP/4N83Q8MduHzjW4Tm//49Lxzmy+tZyLERkLlQ2BsyuD7CYDWzZQcrwcikW
no3UIgCYwlAnMUUViIrZ9C5dqhjgXMGq2ApLuq8XUtNZi09MhtJt63hjlrDnexvB
HxJFZu3wUSrhSsTDC6yZ1uVcLrIW5SLO8Q3vtF3CM2ZATrgltOPMGvqYgDIMXpqQ
Xx+4Yxw0hAEzCUdmgwuXMIa5sQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFJ1TOx04
oNovhrvF2tCKi1FyqC/WMB8GA1UdIwQYMBaAFJR+/Rv2+TqY3+vBU9qw2nfMQCjH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QUI4OS9DRTA2QTlFQzlC
REExMUVBODIzMzZBNTBDNEY5QUUwMi9sSDc5R19iNU9wamY2OEZUMnJEYWQ4eEFL
TWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xINzlHX2I1T3BqZjY4RlQyckRhZDh4QUtNYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUFCODkvQ0UwNkE5RUM5QkRBMTFFQTgyMzM2QTUwQzRGOUFFMDIvMTM0RjlGNjA1
RTk0MTFFRjhGNjI5MjI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBADKoHMDBADKoHUDBADKoHcwDQYJKoZIhvcNAQELBQADggEB
AGsu+oHNVNJb/6ON2PEzAl6N/6GbesbHXX0HJKPG+zJjkxQmOi8OX3WXieiKXsZI
U/JuFCRh4s1mQrgRJjPjO9qvv9pCgXcszN/8Jy6Ai01l7f0+4d5871bmF6qu8Bii
rBmYKI3gaVf+uSMni+fIx/r6UK3SGiAPzUOC+HQev4ci3yF/WWedCRhqotULdy0v
6ukc82E7sMiLhjmj23K/dLUQbz99c3g/LQ90/KqOIoY45MCcHfu6I/CYrgRok6FJ
pwNXGdwllM7qw3e6tGWrDlG1U9RM8Sm0j4I7tTV5+3CcLUDXc+fa7O0DKZtZGhHI
I5bdHXdJmXaVXA9Av306TZ0=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:06:05 2025 by rpki-client