Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9127F37/E51237EAEE8311EFAF58B73FC4F9AE02/4FFEB60AEE8411EF981CD840C4F9AE02.roa
File: 4FFEB60AEE8411EF981CD840C4F9AE02.roa (raw, json)
Hash identifier: 6QHt7FPePc9ME7gIJCijX1TcfEpQyK9WI3BiH/AqMwc=
Subject key identifier: A2:8B:B0:47:B2:C0:6D:D6:46:6A:F6:53:BC:71:A5:CC:CE:BE:63:29
Certificate issuer: /CN=A9127F37/serialNumber=6AF1915C89F50C72AD16F419CD36EF12F4ADA3C7
Certificate serial: 04
Authority key identifier: 6A:F1:91:5C:89:F5:0C:72:AD:16:F4:19:CD:36:EF:12:F4:AD:A3:C7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/avGRXIn1DHKtFvQZzTbvEvSto8c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9127F37/E51237EAEE8311EFAF58B73FC4F9AE02/4FFEB60AEE8411EF981CD840C4F9AE02.roa
Signing time: Wed 19 Feb 2025 05:54:29 +0000
ROA not before: Wed 19 Feb 2025 05:54:29 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 153566
IP address blocks: 163.61.40.0/23 maxlen: 24
2001:df5:640::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9127F37
Validity
Not Before: Feb 19 05:54:29 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67b57215-fdee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4d:cc:88:f5:a2:fc:06:a9:36:6e:47:cd:08:
e9:ac:ef:73:06:d3:dd:5c:72:47:be:8b:e7:38:99:
f0:56:ba:39:b3:14:ad:a6:b2:07:7a:06:c9:d8:6e:
42:4d:04:65:49:bc:40:0d:25:7a:65:e3:3a:d1:10:
8d:c6:21:eb:3e:32:89:3e:de:3a:ae:84:c8:9e:dd:
8b:52:f2:ed:4c:a7:ae:20:b9:5d:3b:2e:10:ca:fc:
cb:82:9c:13:d9:e8:86:0f:24:26:72:6b:ff:4b:f2:
25:0d:51:b0:bb:d7:f5:fb:c9:ce:b0:e4:5d:05:c6:
c9:48:63:41:13:6f:a6:a0:bd:88:38:5c:3c:0b:75:
00:69:56:7c:62:a3:c1:ac:cc:c8:77:a6:81:9d:0a:
3b:94:d5:19:98:a7:e0:2a:7b:c0:18:4b:4d:b0:2f:
93:ce:8d:14:59:b2:73:a4:b8:a1:c6:29:a6:64:43:
6b:b1:30:82:3b:3c:d4:c3:98:54:9a:97:08:5c:c8:
31:e2:fc:78:ce:30:85:9e:18:eb:eb:f6:64:f9:f6:
35:a9:5c:c3:4e:b5:d8:b1:7b:c8:5a:f8:ee:bf:0a:
7c:5c:85:8b:40:78:63:0b:40:8e:ae:3f:6e:99:a8:
0e:d2:16:48:6c:dc:5f:93:55:73:bc:5c:e9:60:e9:
63:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:8B:B0:47:B2:C0:6D:D6:46:6A:F6:53:BC:71:A5:CC:CE:BE:63:29
X509v3 Authority Key Identifier:
keyid:6A:F1:91:5C:89:F5:0C:72:AD:16:F4:19:CD:36:EF:12:F4:AD:A3:C7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9127F37/E51237EAEE8311EFAF58B73FC4F9AE02/avGRXIn1DHKtFvQZzTbvEvSto8c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/avGRXIn1DHKtFvQZzTbvEvSto8c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127F37/E51237EAEE8311EFAF58B73FC4F9AE02/4FFEB60AEE8411EF981CD840C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.61.40.0/23
IPv6:
2001:df5:640::/48
Signature Algorithm: sha256WithRSAEncryption
2f:b3:ef:a5:06:c2:d7:ce:c5:ae:ec:bc:bf:61:e4:3c:02:b4:
06:cd:c7:c4:75:42:b2:e1:1b:94:00:06:c2:38:60:60:b4:f9:
a4:62:6d:a3:50:a5:1b:e1:55:e2:0b:61:5f:58:cc:bc:9c:d0:
51:09:08:f0:06:f0:35:07:13:cf:ea:1e:8d:58:b3:85:d0:48:
b0:a1:0a:6f:85:24:f1:d4:03:16:76:f0:c8:7e:35:dc:3d:69:
ab:dd:15:1e:19:cd:aa:2d:c7:5e:04:b8:59:3c:3c:17:7e:74:
80:27:fe:6a:f2:1a:27:1c:86:81:36:f4:81:22:b9:76:11:40:
5d:69:37:e6:a8:63:9e:7f:59:31:f5:94:ae:bc:d1:02:e9:65:
23:02:a0:07:f9:b4:57:2d:92:e7:6e:c0:99:77:69:bf:6e:b2:
3e:08:dd:94:93:1d:58:ae:46:e2:39:c6:c8:09:8b:50:2b:eb:
d6:0b:3a:d4:44:7c:ad:02:72:d2:d4:4f:b2:8a:b0:e9:aa:4b:
b7:19:1f:02:12:81:cd:09:b6:2b:ad:40:80:7b:df:f6:2c:19:
08:79:56:5f:bb:10:1f:d9:c1:31:35:1e:f0:88:d2:e2:fe:70:
c7:0f:fa:11:97:ab:7c:60:74:9f:03:c7:43:9f:17:77:e0:73:
b7:dd:7c:6e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
N0YzNzExMC8GA1UEBRMoNkFGMTkxNUM4OUY1MEM3MkFEMTZGNDE5Q0QzNkVGMTJG
NEFEQTNDNzAeFw0yNTAyMTkwNTU0MjlaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YjU3MjE1LWZkZWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDNTcyI9aL8Bqk2bkfNCOms73MG091ccke+i+c4mfBWujmzFK2msgd6BsnYbkJN
BGVJvEANJXpl4zrREI3GIes+Mok+3jquhMie3YtS8u1Mp64guV07LhDK/MuCnBPZ
6IYPJCZya/9L8iUNUbC71/X7yc6w5F0FxslIY0ETb6agvYg4XDwLdQBpVnxio8Gs
zMh3poGdCjuU1RmYp+Aqe8AYS02wL5POjRRZsnOkuKHGKaZkQ2uxMII7PNTDmFSa
lwhcyDHi/HjOMIWeGOvr9mT59jWpXMNOtdixe8ha+O6/CnxchYtAeGMLQI6uP26Z
qA7SFkhs3F+TVXO8XOlg6WODAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUoouwR7LA
bdZGavZTvHGlzM6+YykwHwYDVR0jBBgwFoAUavGRXIn1DHKtFvQZzTbvEvSto8cw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI3RjM3L0U1MTIzN0VBRUU4
MzExRUZBRjU4QjczRkM0RjlBRTAyL2F2R1JYSW4xREhLdEZ2UVp6VGJ2RXZTdG84
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYXZHUlhJbjFESEt0RnZRWnpUYnZFdlN0bzhjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
N0YzNy9FNTEyMzdFQUVFODMxMUVGQUY1OEI3M0ZDNEY5QUUwMi80RkZFQjYwQUVF
ODQxMUVGOTgxQ0Q4NDBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAaM9KDAPBAIAAjAJAwcAIAEN9QZAMA0GCSqGSIb3DQEBCwUA
A4IBAQAvs++lBsLXzsWu7Ly/YeQ8ArQGzcfEdUKy4RuUAAbCOGBgtPmkYm2jUKUb
4VXiC2FfWMy8nNBRCQjwBvA1BxPP6h6NWLOF0EiwoQpvhSTx1AMWdvDIfjXcPWmr
3RUeGc2qLcdeBLhZPDwXfnSAJ/5q8honHIaBNvSBIrl2EUBdaTfmqGOef1kx9ZSu
vNEC6WUjAqAH+bRXLZLnbsCZd2m/brI+CN2Ukx1YrkbiOcbICYtQK+vWCzrURHyt
AnLS1E+yirDpqku3GR8CEoHNCbYrrUCAe9/2LBkIeVZfuxAf2cExNR7wiNLi/nDH
D/oRl6t8YHSfA8dDnxd34HO33Xxu
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:12:46 2025 by rpki-client