Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915FDD9/B622FA8AD6DE11EFB0474E1BC4F9AE02/E996121AD95611EF82DDB94DC4F9AE02.roa
File: E996121AD95611EF82DDB94DC4F9AE02.roa (raw, json)
Hash identifier: 1H/8kH8lZqprMisjAZbIz79VEf7DftVuV7Bd08RDA3Q=
Subject key identifier: 12:DE:69:54:D6:06:44:9C:9C:66:8D:A8:84:23:56:9D:2B:4F:C8:F8
Certificate issuer: /CN=A915FDD9/serialNumber=967B97D9E311250D82942D27E4C5F90D98138058
Certificate serial: 05
Authority key identifier: 96:7B:97:D9:E3:11:25:0D:82:94:2D:27:E4:C5:F9:0D:98:13:80:58
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lnuX2eMRJQ2ClC0n5MX5DZgTgFg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915FDD9/B622FA8AD6DE11EFB0474E1BC4F9AE02/E996121AD95611EF82DDB94DC4F9AE02.roa
Signing time: Thu 23 Jan 2025 06:54:38 +0000
ROA not before: Thu 23 Jan 2025 06:54:38 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 132335
IP address blocks: 161.248.218.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915FDD9
Validity
Not Before: Jan 23 06:54:38 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6791e7ae-e9c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:02:ee:01:0d:b6:f5:42:db:51:eb:04:c5:5d:
4f:0f:3f:af:8f:8c:e5:83:49:67:51:25:20:8a:aa:
90:9c:6d:5c:32:74:8e:a3:29:5b:7a:a0:bc:66:15:
90:7f:30:b0:77:0b:08:6e:58:87:2a:11:90:e5:ee:
20:99:97:5e:9e:a9:8a:2d:35:f6:a4:b9:e9:b3:73:
a6:c0:c3:2f:ce:ea:a7:45:3e:2c:83:5e:c7:97:0b:
d9:37:b3:4e:58:28:19:93:4a:08:f5:26:42:49:75:
89:d4:4f:1d:19:3b:f8:41:25:1d:64:01:56:29:4c:
fa:5f:20:aa:f5:b8:b5:f7:a7:9d:8d:66:92:7d:26:
2a:7f:10:9e:2c:f5:e5:0d:35:5c:49:3a:cf:63:87:
6e:4d:95:13:d2:a8:5a:b6:c8:4b:77:8d:e1:34:48:
58:2b:58:0f:80:28:5f:35:d5:0d:15:01:fa:cb:5d:
fd:5d:8c:23:f4:af:fb:97:82:6c:23:f8:5d:36:77:
df:b4:bb:30:70:8c:18:44:f9:b4:42:fc:e4:29:49:
23:ad:a4:af:91:5a:5b:96:db:14:68:06:b3:d7:6a:
6d:fb:a7:37:f0:90:e4:93:70:c6:63:0f:70:23:ff:
59:dd:5c:ce:33:b3:27:60:d3:54:89:e9:6a:c0:dc:
2e:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:DE:69:54:D6:06:44:9C:9C:66:8D:A8:84:23:56:9D:2B:4F:C8:F8
X509v3 Authority Key Identifier:
keyid:96:7B:97:D9:E3:11:25:0D:82:94:2D:27:E4:C5:F9:0D:98:13:80:58
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915FDD9/B622FA8AD6DE11EFB0474E1BC4F9AE02/lnuX2eMRJQ2ClC0n5MX5DZgTgFg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lnuX2eMRJQ2ClC0n5MX5DZgTgFg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915FDD9/B622FA8AD6DE11EFB0474E1BC4F9AE02/E996121AD95611EF82DDB94DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.218.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:bc:de:ef:e8:ca:e8:d1:73:62:4e:2c:15:4a:0a:68:ca:51:
8a:bf:03:6e:1f:5a:c8:2a:43:65:f8:84:31:c8:26:9f:eb:ac:
70:0d:aa:4b:65:37:ce:3e:50:0a:5c:26:59:23:8b:3d:ec:f2:
d2:7e:31:c7:64:ff:0c:8a:47:8f:75:b4:69:83:bf:c6:50:13:
c1:ab:c6:dd:dd:53:93:d5:f5:5e:60:e1:32:da:f6:7f:5b:7f:
60:23:53:e7:9e:f5:97:bb:a9:24:fb:67:e8:91:2e:2d:b6:b7:
bd:6a:97:24:b9:57:ba:92:fe:25:bb:82:f9:63:35:fc:88:6a:
4e:f5:6a:3f:70:2f:2a:9f:b5:aa:98:6e:80:fb:0f:1a:ba:07:
4f:55:47:6b:6a:f0:ee:b2:13:a3:2d:74:d5:25:ad:02:69:7d:
32:9c:8d:36:f3:72:ca:e7:a3:06:90:35:7a:94:af:5d:d4:05:
50:b3:f0:fb:9c:bd:cc:e9:3c:4e:f4:4a:b9:28:7c:b5:c6:26:
57:30:fc:a9:59:54:bf:89:b8:b9:32:72:55:0f:d3:91:5a:ff:
e2:04:14:16:f0:f5:f6:54:4f:62:2d:e3:81:cb:f4:43:8a:71:
a6:cb:6e:a9:01:27:63:a1:c6:e3:b8:f6:97:91:f2:ba:3f:f2:
35:02:cc:67
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
RkREOTExMC8GA1UEBRMoOTY3Qjk3RDlFMzExMjUwRDgyOTQyRDI3RTRDNUY5MEQ5
ODEzODA1ODAeFw0yNTAxMjMwNjU0MzhaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3OTFlN2FlLWU5YzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC2Au4BDbb1QttR6wTFXU8PP6+PjOWDSWdRJSCKqpCcbVwydI6jKVt6oLxmFZB/
MLB3CwhuWIcqEZDl7iCZl16eqYotNfakuemzc6bAwy/O6qdFPiyDXseXC9k3s05Y
KBmTSgj1JkJJdYnUTx0ZO/hBJR1kAVYpTPpfIKr1uLX3p52NZpJ9Jip/EJ4s9eUN
NVxJOs9jh25NlRPSqFq2yEt3jeE0SFgrWA+AKF811Q0VAfrLXf1djCP0r/uXgmwj
+F02d9+0uzBwjBhE+bRC/OQpSSOtpK+RWluW2xRoBrPXam37pzfwkOSTcMZjD3Aj
/1ndXM4zsydg01SJ6WrA3C7xAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUEt5pVNYG
RJycZo2ohCNWnStPyPgwHwYDVR0jBBgwFoAUlnuX2eMRJQ2ClC0n5MX5DZgTgFgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVGREQ5L0I2MjJGQThBRDZE
RTExRUZCMDQ3NEUxQkM0RjlBRTAyL2xudVgyZU1SSlEyQ2xDMG41TVg1RFpnVGdG
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvbG51WDJlTVJKUTJDbEMwbjVNWDVEWmdUZ0ZnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
RkREOS9CNjIyRkE4QUQ2REUxMUVGQjA0NzRFMUJDNEY5QUUwMi9FOTk2MTIxQUQ5
NTYxMUVGODJEREI5NERDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaH42jANBgkqhkiG9w0BAQsFAAOCAQEAK7ze7+jK6NFzYk4s
FUoKaMpRir8Dbh9ayCpDZfiEMcgmn+uscA2qS2U3zj5QClwmWSOLPezy0n4xx2T/
DIpHj3W0aYO/xlATwavG3d1Tk9X1XmDhMtr2f1t/YCNT5571l7upJPtn6JEuLba3
vWqXJLlXupL+JbuC+WM1/IhqTvVqP3AvKp+1qphugPsPGroHT1VHa2rw7rIToy10
1SWtAml9MpyNNvNyyuejBpA1epSvXdQFULPw+5y9zOk8TvRKuSh8tcYmVzD8qVlU
v4m4uTJyVQ/TkVr/4gQUFvD19lRPYi3jgcv0Q4pxpstuqQEnY6HG47j2l5Hyuj/y
NQLMZw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:55:13 2025 by rpki-client