Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9156B5D/98FD1A42F1C011EFA5716B54C4F9AE02/8CF57F0EF1C111EFAC8BCA59C4F9AE02.roa
File: 8CF57F0EF1C111EFAC8BCA59C4F9AE02.roa (raw, json)
Hash identifier: BMK5egNvgRPb4zFSiHjhQ8AJphJuXdtk94523bl6Tzs=
Subject key identifier: 2E:28:C4:C1:AE:1E:58:42:8B:D9:27:D5:D4:98:07:84:D1:38:8A:48
Certificate issuer: /CN=A9156B5D/serialNumber=0FE06324F1787C8F214FBEAE67D886D22F816702
Certificate serial: 04
Authority key identifier: 0F:E0:63:24:F1:78:7C:8F:21:4F:BE:AE:67:D8:86:D2:2F:81:67:02
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D-BjJPF4fI8hT76uZ9iG0i-BZwI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9156B5D/98FD1A42F1C011EFA5716B54C4F9AE02/8CF57F0EF1C111EFAC8BCA59C4F9AE02.roa
Signing time: Sun 23 Feb 2025 08:38:27 +0000
ROA not before: Sun 23 Feb 2025 08:38:27 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 9825
IP address blocks: 163.61.27.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9156B5D
Validity
Not Before: Feb 23 08:38:27 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67bade83-708d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b0:9e:5c:02:1e:a6:59:fe:fd:e4:d2:34:0f:
4f:95:47:fd:af:c6:58:3b:ec:4f:ab:98:e1:f6:56:
30:81:7c:0a:99:f7:c0:ff:64:a6:56:b2:bd:fe:4a:
c1:fe:68:ab:0b:1a:50:3a:8d:42:a5:ce:13:71:f7:
60:9e:20:65:8d:ad:cc:89:0c:e4:ee:fb:40:03:91:
e1:18:35:e9:df:44:da:ba:0f:47:a6:e3:3b:1e:3b:
e1:42:49:49:f1:e1:21:35:1e:4e:e3:f7:36:d2:dd:
1c:e9:1f:b4:4c:17:9c:f2:76:81:45:74:4d:d5:3b:
9c:38:da:b1:8d:76:4c:1c:92:50:64:e3:d0:ae:d7:
d7:78:b9:bc:5a:4b:93:8c:f5:57:e5:54:b7:49:1a:
e8:a8:33:18:29:af:8c:92:df:9f:14:00:4a:a5:98:
58:e0:a8:32:86:4e:0d:ac:9d:4e:7c:c8:81:63:61:
02:d0:4b:7e:63:2a:37:59:05:19:4c:45:b4:00:c5:
3f:7e:99:1d:92:f4:c2:46:f8:2a:87:35:98:11:70:
05:6f:c5:e0:1a:80:b3:72:c9:47:16:81:23:71:5c:
52:0f:28:e6:9c:57:0f:ae:cc:52:2d:45:a1:b5:7d:
a9:20:f3:63:46:31:09:cd:ca:e2:d6:50:78:f3:31:
5b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:28:C4:C1:AE:1E:58:42:8B:D9:27:D5:D4:98:07:84:D1:38:8A:48
X509v3 Authority Key Identifier:
keyid:0F:E0:63:24:F1:78:7C:8F:21:4F:BE:AE:67:D8:86:D2:2F:81:67:02
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9156B5D/98FD1A42F1C011EFA5716B54C4F9AE02/D-BjJPF4fI8hT76uZ9iG0i-BZwI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D-BjJPF4fI8hT76uZ9iG0i-BZwI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156B5D/98FD1A42F1C011EFA5716B54C4F9AE02/8CF57F0EF1C111EFAC8BCA59C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.61.27.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:d9:8a:ed:ea:61:ae:0b:77:22:ee:4c:be:ee:f0:5c:ac:22:
37:8f:c8:7b:f0:6b:6c:68:ec:f1:87:ad:b2:22:d0:19:f6:8c:
04:e9:4c:5e:fc:1c:7a:50:b9:69:ea:c6:1d:7c:33:de:c3:cc:
54:33:6d:6e:4e:d2:fe:47:36:c4:b4:91:2d:ee:61:d6:c3:da:
73:d5:57:0b:e3:d3:7d:ff:a5:48:d1:af:3d:04:54:65:bc:24:
26:61:f1:f7:99:16:9c:57:84:f6:cd:f3:24:bc:54:21:f3:98:
fb:e8:54:4b:31:09:42:5e:d1:ff:71:78:0b:52:3f:32:63:78:
12:98:0a:92:f7:2f:85:ac:0b:79:b5:f9:17:dd:a6:0b:c1:67:
5d:40:73:74:cf:ba:cb:e0:2a:19:a7:7a:52:07:a5:b4:2a:1c:
bd:32:6a:68:d5:9f:13:a4:b1:7c:d1:04:b4:41:a5:d9:f3:5c:
98:25:52:9f:a8:64:81:39:f3:f0:c3:a9:05:af:48:32:5d:a1:
df:96:00:18:63:9f:bc:4e:53:58:74:e0:38:e1:96:cd:68:c2:
ed:e5:18:54:fc:b1:79:cb:19:16:3f:4e:75:0c:79:8c:89:54:
bd:65:42:be:5b:0b:d0:57:c2:5e:ac:b8:f3:a5:7c:fc:a0:2d:
89:b2:8f:49
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
NkI1RDExMC8GA1UEBRMoMEZFMDYzMjRGMTc4N0M4RjIxNEZCRUFFNjdEODg2RDIy
RjgxNjcwMjAeFw0yNTAyMjMwODM4MjdaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YmFkZTgzLTcwOGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFsJ5cAh6mWf795NI0D0+VR/2vxlg77E+rmOH2VjCBfAqZ98D/ZKZWsr3+SsH+
aKsLGlA6jUKlzhNx92CeIGWNrcyJDOTu+0ADkeEYNenfRNq6D0em4zseO+FCSUnx
4SE1Hk7j9zbS3RzpH7RMF5zydoFFdE3VO5w42rGNdkwcklBk49Cu19d4ubxaS5OM
9VflVLdJGuioMxgpr4yS358UAEqlmFjgqDKGTg2snU58yIFjYQLQS35jKjdZBRlM
RbQAxT9+mR2S9MJG+CqHNZgRcAVvxeAagLNyyUcWgSNxXFIPKOacVw+uzFItRaG1
fakg82NGMQnNyuLWUHjzMVshAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQULijEwa4e
WEKL2SfV1JgHhNE4ikgwHwYDVR0jBBgwFoAUD+BjJPF4fI8hT76uZ9iG0i+BZwIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU2QjVELzk4RkQxQTQyRjFD
MDExRUZBNTcxNkI1NEM0RjlBRTAyL0QtQmpKUEY0Zkk4aFQ3NnVaOWlHMGktQlp3
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRC1CakpQRjRmSThoVDc2dVo5aUcwaS1CWndJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
NkI1RC85OEZEMUE0MkYxQzAxMUVGQTU3MTZCNTRDNEY5QUUwMi84Q0Y1N0YwRUYx
QzExMUVGQUM4QkNBNTlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKM9GzANBgkqhkiG9w0BAQsFAAOCAQEAT9mK7ephrgt3Iu5M
vu7wXKwiN4/Ie/BrbGjs8YetsiLQGfaMBOlMXvwcelC5aerGHXwz3sPMVDNtbk7S
/kc2xLSRLe5h1sPac9VXC+PTff+lSNGvPQRUZbwkJmHx95kWnFeE9s3zJLxUIfOY
++hUSzEJQl7R/3F4C1I/MmN4EpgKkvcvhawLebX5F92mC8FnXUBzdM+6y+AqGad6
UgeltCocvTJqaNWfE6SxfNEEtEGl2fNcmCVSn6hkgTnz8MOpBa9IMl2h35YAGGOf
vE5TWHTgOOGWzWjC7eUYVPyxecsZFj9OdQx5jIlUvWVCvlsL0FfCXqy486V8/KAt
ibKPSQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:34:49 2025 by rpki-client