Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915FDD9/B622FA8AD6DE11EFB0474E1BC4F9AE02/BF397606DC8F11EF8821F754C4F9AE02.roa
File: BF397606DC8F11EF8821F754C4F9AE02.roa (raw, json)
Hash identifier: AI/fPhiKCx6JdqbpQTOtb1Rj7S1/CBOlmn0Rx4URo7w=
Subject key identifier: 53:BB:80:9C:C0:CA:83:38:07:1B:2F:18:87:C9:F5:4E:0D:F2:FE:75
Certificate issuer: /CN=A915FDD9/serialNumber=967B97D9E311250D82942D27E4C5F90D98138058
Certificate serial: 09
Authority key identifier: 96:7B:97:D9:E3:11:25:0D:82:94:2D:27:E4:C5:F9:0D:98:13:80:58
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lnuX2eMRJQ2ClC0n5MX5DZgTgFg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915FDD9/B622FA8AD6DE11EFB0474E1BC4F9AE02/BF397606DC8F11EF8821F754C4F9AE02.roa
Signing time: Mon 27 Jan 2025 09:19:02 +0000
ROA not before: Mon 27 Jan 2025 09:19:02 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 132335
IP address blocks: 161.248.218.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915FDD9
Validity
Not Before: Jan 27 09:19:02 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67974f86-114c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:41:7b:74:16:a7:23:04:ad:99:42:72:cb:59:
5b:39:16:5e:7b:e4:81:22:64:c0:15:5f:18:ac:60:
eb:54:ce:40:fe:86:15:4f:e7:c5:7b:81:0b:b7:4e:
bd:0f:24:f4:37:61:00:aa:bb:2b:5a:15:b9:9e:03:
ed:fb:3d:23:0a:df:a4:31:b4:80:d6:8d:2d:98:bb:
08:c4:fc:46:c0:a1:e4:f9:45:1d:8f:7a:a5:02:5f:
35:0f:15:35:1f:e0:cf:e4:31:92:0d:91:b6:d7:5d:
35:fb:aa:76:fe:2c:38:e8:b8:b2:27:3a:bf:14:5f:
92:ae:70:85:bd:c1:08:f0:36:19:e1:44:2f:27:38:
aa:54:b8:94:49:0a:fd:d9:5a:71:15:16:49:42:14:
89:f6:6f:37:50:2f:fe:fd:bc:3d:d3:4f:6a:71:8d:
35:3c:37:ee:4a:2c:b5:84:45:58:71:a2:d9:f2:e1:
fb:ce:7d:af:42:1b:89:db:e3:0f:d3:97:15:39:21:
35:45:45:e2:19:3f:91:dc:1f:9e:b2:9c:52:80:be:
66:b7:89:f0:81:7e:1d:35:60:44:15:70:a9:df:f0:
bb:6c:9c:ad:b2:39:78:04:69:6a:9d:29:6f:cc:55:
e0:b6:20:a0:48:b4:90:4a:c1:00:b9:40:aa:25:89:
c8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:BB:80:9C:C0:CA:83:38:07:1B:2F:18:87:C9:F5:4E:0D:F2:FE:75
X509v3 Authority Key Identifier:
keyid:96:7B:97:D9:E3:11:25:0D:82:94:2D:27:E4:C5:F9:0D:98:13:80:58
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915FDD9/B622FA8AD6DE11EFB0474E1BC4F9AE02/lnuX2eMRJQ2ClC0n5MX5DZgTgFg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lnuX2eMRJQ2ClC0n5MX5DZgTgFg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915FDD9/B622FA8AD6DE11EFB0474E1BC4F9AE02/BF397606DC8F11EF8821F754C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.218.0/23
Signature Algorithm: sha256WithRSAEncryption
79:69:94:32:d5:8e:b9:c7:45:c3:8a:cd:57:2b:5b:69:be:3d:
21:3e:5d:2f:ca:f7:c5:d7:fc:c6:a9:c9:db:83:e8:25:3b:12:
4d:42:c6:e5:26:0e:b0:ec:1f:b1:0c:b5:78:7d:20:75:3d:60:
21:13:c5:a1:f0:ce:11:f9:cf:54:59:38:12:69:64:66:48:e1:
9e:82:6f:cc:f6:6d:c5:eb:45:88:1b:a0:34:f8:4b:17:00:e2:
77:4d:c4:ae:a8:f0:9c:52:5e:1d:96:ec:dc:b4:74:f8:a7:e6:
20:c4:6b:44:55:f7:db:2b:90:88:84:1f:3c:4c:aa:9f:5c:b0:
be:cb:1d:6f:6e:3b:ce:27:57:e6:4c:63:ca:e9:44:1d:4f:09:
10:51:72:d8:80:35:83:db:65:b4:e8:74:91:88:9a:6f:5b:2b:
fd:f6:49:2e:71:c2:71:f3:24:cd:e3:e5:37:82:73:74:a7:71:
e0:50:30:cc:53:c0:cb:da:e7:60:39:f7:b8:77:55:d9:f4:c7:
24:44:3f:5d:84:e9:db:ef:83:a8:75:87:d4:a7:51:3c:cf:6e:
cb:c4:01:d8:fc:7b:45:49:34:37:c7:82:e0:16:e1:35:74:41:
da:66:56:f1:85:18:81:d9:23:a4:50:49:20:2a:ca:bb:d5:b9:
2a:04:d3:56
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
RkREOTExMC8GA1UEBRMoOTY3Qjk3RDlFMzExMjUwRDgyOTQyRDI3RTRDNUY5MEQ5
ODEzODA1ODAeFw0yNTAxMjcwOTE5MDJaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3OTc0Zjg2LTExNGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDVQXt0FqcjBK2ZQnLLWVs5Fl575IEiZMAVXxisYOtUzkD+hhVP58V7gQu3Tr0P
JPQ3YQCquytaFbmeA+37PSMK36QxtIDWjS2YuwjE/EbAoeT5RR2PeqUCXzUPFTUf
4M/kMZINkbbXXTX7qnb+LDjouLInOr8UX5KucIW9wQjwNhnhRC8nOKpUuJRJCv3Z
WnEVFklCFIn2bzdQL/79vD3TT2pxjTU8N+5KLLWERVhxotny4fvOfa9CG4nb4w/T
lxU5ITVFReIZP5HcH56ynFKAvma3ifCBfh01YEQVcKnf8LtsnK2yOXgEaWqdKW/M
VeC2IKBItJBKwQC5QKolicjRAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUU7uAnMDK
gzgHGy8Yh8n1Tg3y/nUwHwYDVR0jBBgwFoAUlnuX2eMRJQ2ClC0n5MX5DZgTgFgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVGREQ5L0I2MjJGQThBRDZE
RTExRUZCMDQ3NEUxQkM0RjlBRTAyL2xudVgyZU1SSlEyQ2xDMG41TVg1RFpnVGdG
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvbG51WDJlTVJKUTJDbEMwbjVNWDVEWmdUZ0ZnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
RkREOS9CNjIyRkE4QUQ2REUxMUVGQjA0NzRFMUJDNEY5QUUwMi9CRjM5NzYwNkRD
OEYxMUVGODgyMUY3NTRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaH42jANBgkqhkiG9w0BAQsFAAOCAQEAeWmUMtWOucdFw4rN
Vytbab49IT5dL8r3xdf8xqnJ24PoJTsSTULG5SYOsOwfsQy1eH0gdT1gIRPFofDO
EfnPVFk4EmlkZkjhnoJvzPZtxetFiBugNPhLFwDid03ErqjwnFJeHZbs3LR0+Kfm
IMRrRFX32yuQiIQfPEyqn1ywvssdb247zidX5kxjyulEHU8JEFFy2IA1g9tltOh0
kYiab1sr/fZJLnHCcfMkzePlN4JzdKdx4FAwzFPAy9rnYDn3uHdV2fTHJEQ/XYTp
2++DqHWH1KdRPM9uy8QB2Px7RUk0N8eC4BbhNXRB2mZW8YUYgdkjpFBJICrKu9W5
KgTTVg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:55:02 2025 by rpki-client