Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91565C6/D265B0C6F41F11EF81708868C4F9AE02/6462446CF42011EF93E88D4EC4F9AE02.roa
File: 6462446CF42011EF93E88D4EC4F9AE02.roa (raw, json)
Hash identifier: QdOzbZRkuMz0UytPVOfoxBBq+ZIqRX1lFRBL81igXjU=
Subject key identifier: 7B:E0:0E:F9:E7:5A:92:64:92:99:80:F1:92:D6:1F:B3:E0:43:76:75
Certificate issuer: /CN=A91565C6/serialNumber=CD535C7EB31A40A3FDB8AC4D5D577AF9D6C58848
Certificate serial: 02
Authority key identifier: CD:53:5C:7E:B3:1A:40:A3:FD:B8:AC:4D:5D:57:7A:F9:D6:C5:88:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zVNcfrMaQKP9uKxNXVd6-dbFiEg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91565C6/D265B0C6F41F11EF81708868C4F9AE02/6462446CF42011EF93E88D4EC4F9AE02.roa
Signing time: Wed 26 Feb 2025 09:02:23 +0000
ROA not before: Wed 26 Feb 2025 09:02:23 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 153377
IP address blocks: 163.61.236.0/23 maxlen: 23
163.61.236.0/24 maxlen: 24
163.61.237.0/24 maxlen: 24
2001:df5:2640::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91565C6
Validity
Not Before: Feb 26 09:02:23 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67bed89f-b603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:db:ea:88:62:88:97:96:80:39:bb:44:c1:87:
9e:da:83:b2:5e:17:f0:e4:6c:1c:ed:10:16:bd:14:
06:fa:c6:94:6b:09:86:ec:11:63:47:31:ce:30:8d:
9a:b4:82:7b:f3:55:14:60:cb:f2:22:96:d6:f1:b1:
51:33:a7:da:40:1c:1a:5d:87:48:0f:5a:8b:73:d4:
8c:5d:bf:91:3a:b4:b1:ab:2b:67:7b:6a:6f:15:8a:
34:d4:91:d0:28:eb:7d:91:5d:48:35:2c:26:bc:f4:
6b:60:5c:09:df:e5:30:91:3f:35:01:40:20:63:da:
2f:ab:4e:dd:59:4f:2e:99:be:21:40:e9:9d:ad:58:
27:6b:4c:c2:73:d7:43:9d:c3:08:25:b3:47:12:ed:
d5:e1:3f:fe:f6:3c:c0:ac:a0:f3:90:b4:d7:5d:06:
15:3c:06:61:a5:3f:1e:7f:82:ce:30:74:c5:f8:d8:
93:3f:a4:ea:12:15:18:a4:bd:28:89:93:f2:15:d1:
27:22:4f:9b:42:d5:19:0e:a3:a1:49:33:2b:e0:ff:
3c:18:3b:8c:68:9a:12:91:5c:e1:61:9a:32:1b:5b:
97:bc:5e:00:d2:1e:30:67:96:15:87:d1:93:f8:04:
46:e2:45:f4:54:b6:6e:cb:07:62:89:37:35:d9:cb:
04:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:E0:0E:F9:E7:5A:92:64:92:99:80:F1:92:D6:1F:B3:E0:43:76:75
X509v3 Authority Key Identifier:
keyid:CD:53:5C:7E:B3:1A:40:A3:FD:B8:AC:4D:5D:57:7A:F9:D6:C5:88:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91565C6/D265B0C6F41F11EF81708868C4F9AE02/zVNcfrMaQKP9uKxNXVd6-dbFiEg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zVNcfrMaQKP9uKxNXVd6-dbFiEg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91565C6/D265B0C6F41F11EF81708868C4F9AE02/6462446CF42011EF93E88D4EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.61.236.0/23
IPv6:
2001:df5:2640::/48
Signature Algorithm: sha256WithRSAEncryption
ab:c2:04:07:97:59:d6:a7:25:41:a9:9c:01:6c:24:55:0f:dd:
cc:d3:e5:ee:64:88:e8:47:f5:fb:dd:28:66:59:15:12:98:c9:
bc:e2:64:cf:6e:4c:ac:16:f0:14:2c:25:8d:93:fe:f9:78:7d:
13:ec:c7:92:fd:66:e0:c2:29:37:a3:c8:18:ce:02:4c:d1:eb:
1b:d7:a2:dd:a6:a6:28:1f:bd:3e:7d:1a:2c:b9:bc:60:91:92:
b0:74:f0:a2:d8:a5:c8:c9:17:ce:25:9e:58:61:fb:b9:b6:13:
b3:05:d9:f6:ec:9a:1f:35:cf:5b:cb:53:db:40:3e:d2:d9:3a:
80:8c:f2:50:64:8e:5c:ec:5a:52:8e:0f:d5:5a:3b:13:57:d6:
2c:68:6d:e0:6a:ec:78:1a:81:99:a5:ea:49:84:14:ef:b5:c7:
f9:29:0f:9e:93:2b:a2:fd:b5:d4:c6:b6:a8:84:22:33:76:51:
9b:ce:52:3e:f7:f3:e5:ac:eb:74:b4:b8:21:73:54:9b:74:54:
00:7b:36:40:09:24:f6:bd:de:00:8c:e5:65:7b:86:21:6d:83:
d0:77:10:9b:32:46:6c:78:c9:b6:e5:05:ef:b6:9e:77:73:53:
e6:93:13:85:d4:d6:33:39:c6:d9:30:02:b3:2b:28:78:b0:9b:
b3:84:12:ac
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
NjVDNjExMC8GA1UEBRMoQ0Q1MzVDN0VCMzFBNDBBM0ZEQjhBQzRENUQ1NzdBRjlE
NkM1ODg0ODAeFw0yNTAyMjYwOTAyMjNaFw0yNjA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YmVkODlmLWI2MDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC22+qIYoiXloA5u0TBh57ag7JeF/DkbBztEBa9FAb6xpRrCYbsEWNHMc4wjZq0
gnvzVRRgy/IiltbxsVEzp9pAHBpdh0gPWotz1Ixdv5E6tLGrK2d7am8VijTUkdAo
632RXUg1LCa89GtgXAnf5TCRPzUBQCBj2i+rTt1ZTy6ZviFA6Z2tWCdrTMJz10Od
wwgls0cS7dXhP/72PMCsoPOQtNddBhU8BmGlPx5/gs4wdMX42JM/pOoSFRikvSiJ
k/IV0SciT5tC1RkOo6FJMyvg/zwYO4xomhKRXOFhmjIbW5e8XgDSHjBnlhWH0ZP4
BEbiRfRUtm7LB2KJNzXZywSpAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUe+AO+eda
kmSSmYDxktYfs+BDdnUwHwYDVR0jBBgwFoAUzVNcfrMaQKP9uKxNXVd6+dbFiEgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU2NUM2L0QyNjVCMEM2RjQx
RjExRUY4MTcwODg2OEM0RjlBRTAyL3pWTmNmck1hUUtQOXVLeE5YVmQ2LWRiRmlF
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvelZOY2ZyTWFRS1A5dUt4TlhWZDYtZGJGaUVnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
NjVDNi9EMjY1QjBDNkY0MUYxMUVGODE3MDg4NjhDNEY5QUUwMi82NDYyNDQ2Q0Y0
MjAxMUVGOTNFODhENEVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAaM97DAPBAIAAjAJAwcAIAEN9SZAMA0GCSqGSIb3DQEBCwUA
A4IBAQCrwgQHl1nWpyVBqZwBbCRVD93M0+XuZIjoR/X73ShmWRUSmMm84mTPbkys
FvAULCWNk/75eH0T7MeS/Wbgwik3o8gYzgJM0esb16LdpqYoH70+fRosubxgkZKw
dPCi2KXIyRfOJZ5YYfu5thOzBdn27JofNc9by1PbQD7S2TqAjPJQZI5c7FpSjg/V
WjsTV9YsaG3gaux4GoGZpepJhBTvtcf5KQ+ekyui/bXUxraohCIzdlGbzlI+9/Pl
rOt0tLghc1SbdFQAezZACST2vd4AjOVle4YhbYPQdxCbMkZseMm25QXvtp53c1Pm
kxOF1NYzOcbZMAKzKyh4sJuzhBKs
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:56:28 2025 by rpki-client