Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/F1C7A044D91E11EFAD3C7613C4F9AE02.roa
File: F1C7A044D91E11EFAD3C7613C4F9AE02.roa (raw, json)
Hash identifier: iDEEL9U9FxQCZ93LBYj286NgN76ygoYjLl0M4z8SPpI=
Subject key identifier: E2:66:96:63:6A:BA:90:5B:36:72:D6:12:EE:A2:77:E7:4F:67:23:92
Certificate issuer: /CN=A91514B1/serialNumber=9682C2ABE25323580776B1D0E275D2FD2D697EB6
Certificate serial: 0515
Authority key identifier: 96:82:C2:AB:E2:53:23:58:07:76:B1:D0:E2:75:D2:FD:2D:69:7E:B6
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/loLCq-JTI1gHdrHQ4nXS_S1pfrY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/F1C7A044D91E11EFAD3C7613C4F9AE02.roa
Signing time: Thu 23 Jan 2025 00:14:00 +0000
ROA not before: Thu 23 Jan 2025 00:14:00 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 4804
IP address blocks: 161.43.224.0/21 maxlen: 21
161.43.232.0/21 maxlen: 21
198.142.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1301 (0x515)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91514B1
Validity
Not Before: Jan 23 00:14:00 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=679189c8-b6d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fe:10:ed:ec:8b:6d:73:f1:0a:d6:9b:92:38:
e5:ea:e0:3b:c2:4f:8f:f7:9d:6f:ef:1a:dd:d9:7e:
c0:48:f5:36:84:0c:5d:ed:51:cc:61:94:24:24:b0:
9d:76:7c:72:9b:34:10:4d:b3:3e:63:f8:94:bb:f9:
a6:41:80:03:6f:c8:47:c9:e9:93:70:3b:3f:d5:5b:
19:1c:e6:a1:92:6d:22:f3:00:d5:1b:82:38:f6:47:
2f:55:a0:fc:e4:7c:73:22:34:f5:78:38:50:8e:e9:
8c:be:cc:b6:24:41:6c:3a:f1:1e:68:0d:26:31:99:
ef:c8:08:bd:d7:8b:c1:7a:a9:5e:dc:d4:61:5c:82:
1f:6a:bd:8f:80:96:ec:4a:50:07:60:da:03:5b:e2:
6a:19:23:8e:a1:8b:e3:6a:e9:bc:b4:6a:2a:8c:ae:
ed:6a:14:b0:a5:be:d6:09:9d:72:8b:8f:ec:17:34:
9f:f7:f9:ee:2f:3f:55:2e:01:a0:7c:a3:cb:8f:08:
47:45:3d:89:73:ec:56:b3:c0:c2:72:fa:28:f8:f5:
66:5e:8e:68:ad:c2:16:bc:63:58:53:7d:b7:06:14:
70:c5:b9:93:bd:8f:08:ca:49:0a:bf:40:c0:48:1e:
c1:bc:4d:3f:3d:5d:09:5f:6e:80:79:e5:1f:5d:86:
58:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:66:96:63:6A:BA:90:5B:36:72:D6:12:EE:A2:77:E7:4F:67:23:92
X509v3 Authority Key Identifier:
keyid:96:82:C2:AB:E2:53:23:58:07:76:B1:D0:E2:75:D2:FD:2D:69:7E:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/loLCq-JTI1gHdrHQ4nXS_S1pfrY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/loLCq-JTI1gHdrHQ4nXS_S1pfrY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/F1C7A044D91E11EFAD3C7613C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.43.224.0/20
198.142.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0a:9b:9b:b2:2b:93:c4:6e:92:04:f6:70:e1:40:a2:4c:0d:05:
da:fe:43:5b:d3:6d:f0:52:36:ec:2e:9a:6f:a7:5f:61:a4:a5:
0c:53:1c:8a:e5:fa:d0:df:74:ae:6e:59:57:a9:83:7c:0e:0c:
62:a9:8f:6d:3b:53:13:6c:e8:d6:a5:33:1f:55:01:00:ac:23:
c3:1d:73:54:9e:dc:6c:3c:24:80:ff:cb:5b:28:f7:5c:50:44:
d8:97:c0:4f:5a:e7:a7:af:24:2b:d7:df:4b:8a:f9:42:0b:55:
5b:bf:8d:95:ba:7d:c6:89:0a:d2:de:d5:ba:80:78:42:7b:dd:
89:65:64:b5:d1:aa:60:36:30:0b:ad:8e:1a:6e:51:16:1b:73:
7a:09:ab:a4:6a:87:2e:44:88:75:bf:08:5a:79:30:d5:7e:92:
be:f2:ed:c3:3d:69:bc:81:50:7e:eb:db:7d:c6:04:8c:eb:cc:
7d:2e:a2:68:66:cd:a2:02:86:ab:dd:56:f6:be:7b:b6:19:63:
82:bb:97:05:d1:0d:42:e7:9f:bf:e9:91:2e:9b:3d:a5:ca:ed:
b3:2e:c0:3b:22:9e:d6:09:f1:5e:a5:91:7a:18:00:6f:c3:38:
0a:d2:2b:0b:20:85:e5:51:7a:7b:ac:af:6f:eb:24:5a:90:bb:
83:f2:06:27
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgICBRUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTE0QjExMTAvBgNVBAUTKDk2ODJDMkFCRTI1MzIzNTgwNzc2QjFEMEUyNzVEMkZE
MkQ2OTdFQjYwHhcNMjUwMTIzMDAxNDAwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkxODljOC1iNmQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr/4Q7eyLbXPxCtabkjjl6uA7wk+P951v7xrd2X7ASPU2hAxd7VHMYZQkJLCd
dnxymzQQTbM+Y/iUu/mmQYADb8hHyemTcDs/1VsZHOahkm0i8wDVG4I49kcvVaD8
5HxzIjT1eDhQjumMvsy2JEFsOvEeaA0mMZnvyAi914vBeqle3NRhXIIfar2PgJbs
SlAHYNoDW+JqGSOOoYvjaum8tGoqjK7tahSwpb7WCZ1yi4/sFzSf9/nuLz9VLgGg
fKPLjwhHRT2Jc+xWs8DCcvoo+PVmXo5orcIWvGNYU323BhRwxbmTvY8IykkKv0DA
SB7BvE0/PV0JX26AeeUfXYZYTQIDAQABo4ICmjCCApYwHQYDVR0OBBYEFOJmlmNq
upBbNnLWEu6id+dPZyOSMB8GA1UdIwQYMBaAFJaCwqviUyNYB3ax0OJ10v0taX62
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTRCMS83QTg4NjRBQ0ZC
RTQxMUVCODJCNjI2NEZDNEY5QUUwMi9sb0xDcS1KVEkxZ0hkckhRNG5YU19TMXBm
clkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2xvTENxLUpUSTFnSGRySFE0blhTX1MxcGZyWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTE0QjEvN0E4ODY0QUNGQkU0MTFFQjgyQjYyNjRGQzRGOUFFMDIvRjFDN0EwNDRE
OTFFMTFFRkFEM0M3NjEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJAYIKwYBBQUHAQcBAf8E
FTATMBEEAgABMAsDBAShK+ADAwDGjjANBgkqhkiG9w0BAQsFAAOCAQEACpubsiuT
xG6SBPZw4UCiTA0F2v5DW9Nt8FI27C6ab6dfYaSlDFMciuX60N90rm5ZV6mDfA4M
YqmPbTtTE2zo1qUzH1UBAKwjwx1zVJ7cbDwkgP/LWyj3XFBE2JfAT1rnp68kK9ff
S4r5QgtVW7+Nlbp9xokK0t7VuoB4QnvdiWVktdGqYDYwC62OGm5RFhtzegmrpGqH
LkSIdb8IWnkw1X6SvvLtwz1pvIFQfuvbfcYEjOvMfS6iaGbNogKGq91W9r57thlj
gruXBdENQuefv+mRLps9pcrtsy7AOyKe1gnxXqWRehgAb8M4CtIrCyCF5VF6e6yv
b+skWpC7g/IGJw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:44:49 2025 by rpki-client