Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91847A4/F29EB20A07E011F0B6185162C4F9AE02/1201EAF6083911F0B43D9172C4F9AE02.roa
File: 1201EAF6083911F0B43D9172C4F9AE02.roa (raw, json)
Hash identifier: uAnBgSZhSmrvFmkynr5ZDyN/xYOEHNfe2WWeRhfO1A8=
Subject key identifier: AE:D4:06:8A:6C:B3:F2:C6:D9:34:70:D5:75:24:D3:18:6C:08:18:DD
Certificate issuer: /CN=A91847A4/serialNumber=4CDF99E707F902338E14D510249A9625BCA0FF9D
Certificate serial: 05
Authority key identifier: 4C:DF:99:E7:07:F9:02:33:8E:14:D5:10:24:9A:96:25:BC:A0:FF:9D
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TN-Z5wf5AjOOFNUQJJqWJbyg_50.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91847A4/F29EB20A07E011F0B6185162C4F9AE02/1201EAF6083911F0B43D9172C4F9AE02.roa
Signing time: Mon 24 Mar 2025 07:15:36 +0000
ROA not before: Mon 24 Mar 2025 07:15:36 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 142631
IP address blocks: 160.191.18.0/23 maxlen: 23
160.191.18.0/24 maxlen: 24
160.191.19.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91847A4
Validity
Not Before: Mar 24 07:15:36 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67e10698-4d06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:bb:c2:ef:a0:43:64:06:d1:da:8f:3f:29:ea:
5c:5f:82:d4:34:4c:f2:d6:46:d4:2b:06:53:27:29:
0e:0b:96:11:ac:86:dc:8d:f2:53:1c:26:94:3c:3f:
69:ba:00:4e:38:40:71:b7:d2:b8:c1:39:a5:4d:2f:
48:d5:d9:c9:94:b1:4c:2d:76:ec:55:0d:7a:04:7d:
a7:9c:9b:25:0e:13:d0:4f:88:f5:62:d6:76:da:64:
00:61:5a:38:b8:f8:8f:c9:6c:82:dc:a1:12:4a:69:
b7:d6:4e:b3:45:45:98:ef:e4:16:5c:b6:e5:db:91:
9c:37:69:26:32:fc:77:47:bd:89:6a:a5:46:55:46:
b2:a6:b3:4e:0f:6f:1d:62:a4:a3:77:72:ce:22:d8:
af:ff:ea:11:5e:be:c2:11:a3:67:da:bb:00:f6:0f:
0a:cc:d7:ef:f3:fa:68:9f:bd:ba:e3:a1:15:30:18:
26:ec:4f:eb:14:4c:f6:24:48:8e:fe:b5:6e:15:7b:
ef:b4:7c:d5:a5:9f:e3:48:c9:f8:d8:eb:2d:04:37:
88:b1:5c:97:8e:41:eb:01:17:3f:2d:86:fa:1b:a6:
89:6d:b8:da:90:81:42:f8:20:39:55:60:91:49:55:
fc:84:a0:79:fd:df:84:d9:20:21:24:75:0a:0a:d3:
36:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D4:06:8A:6C:B3:F2:C6:D9:34:70:D5:75:24:D3:18:6C:08:18:DD
X509v3 Authority Key Identifier:
keyid:4C:DF:99:E7:07:F9:02:33:8E:14:D5:10:24:9A:96:25:BC:A0:FF:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91847A4/F29EB20A07E011F0B6185162C4F9AE02/TN-Z5wf5AjOOFNUQJJqWJbyg_50.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TN-Z5wf5AjOOFNUQJJqWJbyg_50.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91847A4/F29EB20A07E011F0B6185162C4F9AE02/1201EAF6083911F0B43D9172C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.191.18.0/23
Signature Algorithm: sha256WithRSAEncryption
77:55:c5:1f:c7:47:d8:85:93:0b:fe:53:65:cb:b7:31:a9:41:
d1:c1:ba:9f:10:8c:52:86:ed:e2:18:bf:e7:bc:0c:ba:ec:dc:
94:5a:bb:30:3d:d3:81:bd:e4:db:f6:04:a9:99:71:e6:a0:c8:
de:58:5f:68:c6:ad:a0:81:ea:d7:37:5c:d3:04:da:61:17:07:
80:98:a2:0d:3d:d1:3e:d0:0d:58:1e:35:a4:93:6b:11:ea:b0:
2d:0e:c4:73:71:f0:78:f1:4e:30:6e:50:a8:d3:ba:7b:c7:17:
c0:16:f4:bb:e3:94:40:4d:0d:7d:5a:d5:bd:6b:2a:15:28:70:
fc:c6:55:11:1a:a6:7c:cb:91:f9:ca:8b:bd:a0:6d:01:f3:95:
70:b4:ec:6c:b7:e7:20:aa:7f:e1:47:e4:89:f1:5f:2d:77:be:
90:28:8b:75:f7:7b:4f:b1:70:21:e9:ff:c7:d3:da:73:72:e1:
b6:0c:08:dc:62:a0:5f:b5:f7:8c:60:3b:ec:42:e7:b7:d8:fd:
57:ed:c1:73:55:45:00:6a:10:6b:dd:51:e1:77:43:1e:18:7c:
66:0e:a7:2d:1e:6f:8f:3b:82:ea:98:bc:bc:c1:8d:dc:e2:bf:
98:28:48:be:ca:a4:d4:b4:79:7e:1a:6a:50:63:fd:92:33:fd:
0f:5c:ea:69
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
NDdBNDExMC8GA1UEBRMoNENERjk5RTcwN0Y5MDIzMzhFMTRENTEwMjQ5QTk2MjVC
Q0EwRkY5RDAeFw0yNTAzMjQwNzE1MzZaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ZTEwNjk4LTRkMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDKu8LvoENkBtHajz8p6lxfgtQ0TPLWRtQrBlMnKQ4LlhGshtyN8lMcJpQ8P2m6
AE44QHG30rjBOaVNL0jV2cmUsUwtduxVDXoEfaecmyUOE9BPiPVi1nbaZABhWji4
+I/JbILcoRJKabfWTrNFRZjv5BZctuXbkZw3aSYy/HdHvYlqpUZVRrKms04Pbx1i
pKN3cs4i2K//6hFevsIRo2fauwD2DwrM1+/z+mifvbrjoRUwGCbsT+sUTPYkSI7+
tW4Ve++0fNWln+NIyfjY6y0EN4ixXJeOQesBFz8thvobpoltuNqQgUL4IDlVYJFJ
VfyEoHn934TZICEkdQoK0zYpAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUrtQGimyz
8sbZNHDVdSTTGGwIGN0wHwYDVR0jBBgwFoAUTN+Z5wf5AjOOFNUQJJqWJbyg/50w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg0N0E0L0YyOUVCMjBBMDdF
MDExRjBCNjE4NTE2MkM0RjlBRTAyL1ROLVo1d2Y1QWpPT0ZOVVFKSnFXSmJ5Z181
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvVE4tWjV3ZjVBak9PRk5VUUpKcVdKYnlnXzUwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
NDdBNC9GMjlFQjIwQTA3RTAxMUYwQjYxODUxNjJDNEY5QUUwMi8xMjAxRUFGNjA4
MzkxMUYwQjQzRDkxNzJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaC/EjANBgkqhkiG9w0BAQsFAAOCAQEAd1XFH8dH2IWTC/5T
Zcu3MalB0cG6nxCMUobt4hi/57wMuuzclFq7MD3Tgb3k2/YEqZlx5qDI3lhfaMat
oIHq1zdc0wTaYRcHgJiiDT3RPtANWB41pJNrEeqwLQ7Ec3HwePFOMG5QqNO6e8cX
wBb0u+OUQE0NfVrVvWsqFShw/MZVERqmfMuR+cqLvaBtAfOVcLTsbLfnIKp/4Ufk
ifFfLXe+kCiLdfd7T7FwIen/x9Pac3LhtgwI3GKgX7X3jGA77ELnt9j9V+3Bc1VF
AGoQa91R4XdDHhh8Zg6nLR5vjzuC6pi8vMGN3OK/mChIvsqk1LR5fhpqUGP9kjP9
D1zqaQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:17:38 2025 by rpki-client