Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9176E1D/FE8835BCF9F011EFB77A8C6EC4F9AE02/73F12D0EF9F111EF8A2C536FC4F9AE02.roa
File: 73F12D0EF9F111EF8A2C536FC4F9AE02.roa (raw, json)
Hash identifier: OiAX09rlgvM12IUKPv4EPdwFb54qDu5+y8gMTdeYAkk=
Subject key identifier: 05:E3:1B:39:0E:F4:96:C0:7F:EA:93:D7:E3:09:B0:AD:D0:25:46:E7
Certificate issuer: /CN=A9176E1D/serialNumber=0AA6E48328425E124C561C2AC187C8A196247110
Certificate serial: 02
Authority key identifier: 0A:A6:E4:83:28:42:5E:12:4C:56:1C:2A:C1:87:C8:A1:96:24:71:10
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CqbkgyhCXhJMVhwqwYfIoZYkcRA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9176E1D/FE8835BCF9F011EFB77A8C6EC4F9AE02/73F12D0EF9F111EF8A2C536FC4F9AE02.roa
Signing time: Wed 05 Mar 2025 18:41:30 +0000
ROA not before: Wed 05 Mar 2025 18:41:30 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 136969
IP address blocks: 163.223.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9176E1D
Validity
Not Before: Mar 5 18:41:30 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67c89ada-ef3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:88:83:62:5c:d3:75:9e:70:14:9f:ff:97:f3:
38:39:d9:19:7d:1d:67:d9:39:a4:e7:fc:11:3d:c2:
f5:76:b2:1e:3c:9d:9b:1c:24:ae:e3:11:b1:e4:76:
90:da:6a:e3:9e:87:d8:48:32:2b:eb:e6:6a:a7:ed:
8f:8a:f7:73:66:03:40:42:cd:3e:4c:9f:ef:12:43:
2f:13:4d:61:c1:fb:f3:01:e8:6b:0e:d7:ac:1f:ce:
cc:84:15:f1:93:97:f7:a9:23:a6:c3:b1:43:ed:d8:
62:92:be:de:73:84:e8:66:89:08:12:bd:07:37:9a:
9f:6f:1b:01:62:cd:b9:c4:c8:33:fb:25:36:00:0d:
4c:17:11:82:f3:26:ed:ae:07:98:cc:8f:2b:e5:22:
8d:f6:1f:79:a5:15:a4:99:0f:5d:93:0e:60:0b:fe:
10:13:4a:f0:26:40:54:a8:a1:18:13:df:e8:98:52:
3c:de:15:fc:f8:ba:89:13:c4:00:d0:d8:8e:cf:d3:
de:3e:87:ad:f0:24:a2:86:da:4e:f5:bc:8e:a7:87:
44:53:57:30:90:cb:bf:b4:1b:d7:75:af:06:b4:ba:
6f:59:79:16:f1:2d:49:4a:d3:e7:d4:00:66:05:e5:
f0:7b:6c:c0:1e:1a:ef:26:9d:1e:a9:db:e2:5a:ae:
13:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:E3:1B:39:0E:F4:96:C0:7F:EA:93:D7:E3:09:B0:AD:D0:25:46:E7
X509v3 Authority Key Identifier:
keyid:0A:A6:E4:83:28:42:5E:12:4C:56:1C:2A:C1:87:C8:A1:96:24:71:10
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9176E1D/FE8835BCF9F011EFB77A8C6EC4F9AE02/CqbkgyhCXhJMVhwqwYfIoZYkcRA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CqbkgyhCXhJMVhwqwYfIoZYkcRA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9176E1D/FE8835BCF9F011EFB77A8C6EC4F9AE02/73F12D0EF9F111EF8A2C536FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.223.4.0/24
Signature Algorithm: sha256WithRSAEncryption
87:fe:24:ce:70:d4:d4:0a:d2:69:9f:e3:b2:88:79:54:de:a2:
0e:a1:67:0d:88:15:69:8f:da:9f:85:5f:30:ff:81:96:ff:96:
e3:8e:7e:5a:5d:be:b3:32:45:82:40:2b:f3:02:03:81:59:0f:
06:77:4e:49:93:36:6a:ff:f8:d7:cc:7f:77:7a:4d:9d:27:c5:
c4:33:3a:e2:f0:a8:ce:57:f0:ba:0c:e5:25:e6:18:06:16:87:
55:6a:ae:f4:18:ca:44:2f:e4:8f:0a:c1:a6:b7:7c:22:d8:28:
f7:41:08:18:43:7a:e8:84:89:a4:51:72:dc:ba:6b:e3:b5:d5:
b4:0f:14:4b:cd:d7:0f:ac:a6:f3:eb:e8:cc:72:94:1b:36:1a:
57:ca:c6:17:b3:73:53:f2:96:39:7d:06:30:50:21:a1:d9:1d:
ad:11:5e:09:f3:23:8f:67:c5:62:e1:c4:ca:0f:c6:8d:15:ba:
8d:83:cb:5c:5d:54:b9:7d:4f:64:e1:f9:e3:6c:e6:72:d5:d7:
0f:4e:c8:a9:c2:2e:da:3c:b6:c5:1e:20:33:63:c3:00:07:86:
a2:4c:25:94:d0:c9:17:6e:3a:af:79:ae:eb:47:e8:4b:98:11:
b5:dd:cc:f3:84:01:e6:66:cd:63:90:e4:bb:31:69:f4:74:5b:
e4:a0:d5:a5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
NkUxRDExMC8GA1UEBRMoMEFBNkU0ODMyODQyNUUxMjRDNTYxQzJBQzE4N0M4QTE5
NjI0NzExMDAeFw0yNTAzMDUxODQxMzBaFw0yNjA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3Yzg5YWRhLWVmM2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDDiINiXNN1nnAUn/+X8zg52Rl9HWfZOaTn/BE9wvV2sh48nZscJK7jEbHkdpDa
auOeh9hIMivr5mqn7Y+K93NmA0BCzT5Mn+8SQy8TTWHB+/MB6GsO16wfzsyEFfGT
l/epI6bDsUPt2GKSvt5zhOhmiQgSvQc3mp9vGwFizbnEyDP7JTYADUwXEYLzJu2u
B5jMjyvlIo32H3mlFaSZD12TDmAL/hATSvAmQFSooRgT3+iYUjzeFfz4uokTxADQ
2I7P094+h63wJKKG2k71vI6nh0RTVzCQy7+0G9d1rwa0um9ZeRbxLUlK0+fUAGYF
5fB7bMAeGu8mnR6p2+JarhMTAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUBeMbOQ70
lsB/6pPX4wmwrdAlRucwHwYDVR0jBBgwFoAUCqbkgyhCXhJMVhwqwYfIoZYkcRAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc2RTFEL0ZFODgzNUJDRjlG
MDExRUZCNzdBOEM2RUM0RjlBRTAyL0NxYmtneWhDWGhKTVZod3F3WWZJb1pZa2NS
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQ3Fia2d5aENYaEpNVmh3cXdZZklvWllrY1JBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NkUxRC9GRTg4MzVCQ0Y5RjAxMUVGQjc3QThDNkVDNEY5QUUwMi83M0YxMkQwRUY5
RjExMUVGOEEyQzUzNkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKPfBDANBgkqhkiG9w0BAQsFAAOCAQEAh/4kznDU1ArSaZ/j
soh5VN6iDqFnDYgVaY/an4VfMP+Blv+W445+Wl2+szJFgkAr8wIDgVkPBndOSZM2
av/418x/d3pNnSfFxDM64vCozlfwugzlJeYYBhaHVWqu9BjKRC/kjwrBprd8Itgo
90EIGEN66ISJpFFy3Lpr47XVtA8US83XD6ym8+vozHKUGzYaV8rGF7NzU/KWOX0G
MFAhodkdrRFeCfMjj2fFYuHEyg/GjRW6jYPLXF1UuX1PZOH542zmctXXD07IqcIu
2jy2xR4gM2PDAAeGokwllNDJF246r3mu60foS5gRtd3M84QB5mbNY5DkuzFp9HRb
5KDVpQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:33:19 2025 by rpki-client