Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9155FAB/FA863772F5AC11EFAE40E71BC4F9AE02/4E66D766F5AD11EFA64C671CC4F9AE02.roa
File: 4E66D766F5AD11EFA64C671CC4F9AE02.roa (raw, json)
Hash identifier: ddGHr0kpolkDLC4jRmYbLqkLIgOm/5JeTXQQ5En7IJw=
Subject key identifier: C7:42:09:15:76:58:55:3E:B9:C1:DC:9A:C5:24:AD:DA:0D:9A:84:00
Certificate issuer: /CN=A9155FAB/serialNumber=26F8BD03C5A2B7AA7175459EA047A88676239EE0
Certificate serial: 02
Authority key identifier: 26:F8:BD:03:C5:A2:B7:AA:71:75:45:9E:A0:47:A8:86:76:23:9E:E0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jvi9A8Wit6pxdUWeoEeohnYjnuA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9155FAB/FA863772F5AC11EFAE40E71BC4F9AE02/4E66D766F5AD11EFA64C671CC4F9AE02.roa
Signing time: Fri 28 Feb 2025 08:23:37 +0000
ROA not before: Fri 28 Feb 2025 08:23:37 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 141421
IP address blocks: 163.61.226.0/24 maxlen: 24
163.61.227.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9155FAB
Validity
Not Before: Feb 28 08:23:37 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67c17288-eb91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a4:bb:12:b9:7c:81:ad:1f:17:d8:70:90:d7:
58:78:60:a0:bf:69:df:bc:b7:b8:35:c8:5c:39:25:
4e:9f:c7:99:78:49:41:6c:08:bf:c9:6e:32:06:a6:
59:26:ab:c1:07:6a:04:ad:f9:3d:71:ec:f3:e5:c2:
77:30:ce:62:b4:69:23:ce:15:9a:85:7e:79:f0:c6:
e5:1c:1e:4f:8f:8d:19:06:a4:8c:2e:ae:a4:40:87:
01:03:6b:e3:1c:02:c4:13:90:ce:67:d4:a2:35:d2:
92:d8:83:a8:ed:05:28:9b:9f:a9:c7:b9:82:7b:2a:
78:de:34:5d:b4:16:90:dc:cb:d5:c1:7c:ab:da:eb:
e6:6d:ae:5c:fd:c9:14:06:93:b6:6e:c8:6c:04:86:
58:5c:f2:b6:be:9e:da:88:45:56:e1:7b:27:ae:1e:
da:b2:d6:15:5c:c0:c5:74:e1:ab:0f:5a:60:c7:82:
a4:95:8e:49:42:8d:d2:7b:ac:6b:65:d0:31:5d:18:
0a:c3:4d:83:d9:ce:8c:cc:59:3c:3b:9b:39:f6:7b:
98:1f:7d:c1:df:94:0c:d4:c5:0f:50:85:d2:e9:db:
dd:64:4d:60:1f:0f:46:af:96:4e:f3:b3:27:54:0d:
20:55:40:51:94:ef:c4:b9:9f:8b:42:93:ef:62:9c:
3c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:42:09:15:76:58:55:3E:B9:C1:DC:9A:C5:24:AD:DA:0D:9A:84:00
X509v3 Authority Key Identifier:
keyid:26:F8:BD:03:C5:A2:B7:AA:71:75:45:9E:A0:47:A8:86:76:23:9E:E0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9155FAB/FA863772F5AC11EFAE40E71BC4F9AE02/Jvi9A8Wit6pxdUWeoEeohnYjnuA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jvi9A8Wit6pxdUWeoEeohnYjnuA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155FAB/FA863772F5AC11EFAE40E71BC4F9AE02/4E66D766F5AD11EFA64C671CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.61.226.0/23
Signature Algorithm: sha256WithRSAEncryption
66:1e:43:40:67:0a:c0:c5:da:c5:9b:03:4b:30:6b:4b:a8:2f:
92:b5:16:f6:98:e5:3a:7d:bd:ba:41:45:e1:97:03:d4:cf:cf:
ce:48:99:50:78:e2:2d:00:0e:72:90:54:d0:92:eb:fa:6d:be:
71:db:fd:7c:86:7d:bd:37:db:74:43:bb:5a:d1:1d:07:63:7c:
c2:02:77:1c:e9:91:26:9b:e2:42:3e:c2:ee:06:fc:0b:53:13:
7e:30:67:d1:3d:10:45:f5:a5:20:22:3b:87:25:ba:a0:1c:30:
9c:8f:e8:eb:bd:80:3e:39:06:17:41:ed:b8:30:8d:81:b2:71:
06:35:c0:b9:f0:51:d5:88:cc:90:39:f0:a8:cc:08:70:90:b3:
e5:da:97:fb:a3:bc:cc:e9:d1:c9:2b:56:64:32:32:db:a2:03:
70:af:e0:e0:80:79:f3:f6:24:f0:8e:c6:be:f6:ac:f3:91:f5:
99:4c:9c:04:ca:31:41:b6:dc:b9:3a:23:9b:7a:c4:1b:59:ab:
10:87:67:52:f0:79:49:b1:5e:c9:3a:a5:d9:ff:89:8d:d1:26:
5d:e6:54:13:c9:b5:70:9e:7b:62:88:55:b0:50:e7:79:6b:8f:
d8:90:59:d1:59:2f:fe:e3:bb:f1:c9:12:39:56:9b:14:62:c0:
07:1e:f2:76
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
NUZBQjExMC8GA1UEBRMoMjZGOEJEMDNDNUEyQjdBQTcxNzU0NTlFQTA0N0E4ODY3
NjIzOUVFMDAeFw0yNTAyMjgwODIzMzdaFw0yNjA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YzE3Mjg4LWViOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQpLsSuXyBrR8X2HCQ11h4YKC/ad+8t7g1yFw5JU6fx5l4SUFsCL/JbjIGplkm
q8EHagSt+T1x7PPlwncwzmK0aSPOFZqFfnnwxuUcHk+PjRkGpIwurqRAhwEDa+Mc
AsQTkM5n1KI10pLYg6jtBSibn6nHuYJ7KnjeNF20FpDcy9XBfKva6+Ztrlz9yRQG
k7ZuyGwEhlhc8ra+ntqIRVbheyeuHtqy1hVcwMV04asPWmDHgqSVjklCjdJ7rGtl
0DFdGArDTYPZzozMWTw7mzn2e5gffcHflAzUxQ9QhdLp291kTWAfD0avlk7zsydU
DSBVQFGU78S5n4tCk+9inDytAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUx0IJFXZY
VT65wdyaxSSt2g2ahAAwHwYDVR0jBBgwFoAUJvi9A8Wit6pxdUWeoEeohnYjnuAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU1RkFCL0ZBODYzNzcyRjVB
QzExRUZBRTQwRTcxQkM0RjlBRTAyL0p2aTlBOFdpdDZweGRVV2VvRWVvaG5Zam51
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSnZpOUE4V2l0NnB4ZFVXZW9FZW9obllqbnVBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
NUZBQi9GQTg2Mzc3MkY1QUMxMUVGQUU0MEU3MUJDNEY5QUUwMi80RTY2RDc2NkY1
QUQxMUVGQTY0QzY3MUNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaM94jANBgkqhkiG9w0BAQsFAAOCAQEAZh5DQGcKwMXaxZsD
SzBrS6gvkrUW9pjlOn29ukFF4ZcD1M/PzkiZUHjiLQAOcpBU0JLr+m2+cdv9fIZ9
vTfbdEO7WtEdB2N8wgJ3HOmRJpviQj7C7gb8C1MTfjBn0T0QRfWlICI7hyW6oBww
nI/o672APjkGF0HtuDCNgbJxBjXAufBR1YjMkDnwqMwIcJCz5dqX+6O8zOnRyStW
ZDIy26IDcK/g4IB58/Yk8I7Gvvas85H1mUycBMoxQbbcuTojm3rEG1mrEIdnUvB5
SbFeyTql2f+JjdEmXeZUE8m1cJ57YohVsFDneWuP2JBZ0Vkv/uO78ckSOVabFGLA
Bx7ydg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:36:48 2025 by rpki-client