Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/1F83E7E6C75311EFA131190AC4F9AE02.roa
File: 1F83E7E6C75311EFA131190AC4F9AE02.roa (raw, json)
Hash identifier: CCp1Lh5P1/E1TTxrPI19Zn2NIBPTfuKWWur8AZZZHwo=
Subject key identifier: BE:AA:37:FC:C8:5C:B7:EC:34:13:F4:50:E0:E0:4E:C5:84:93:63:28
Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Certificate serial: 1C5F
Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/1F83E7E6C75311EFA131190AC4F9AE02.roa
Signing time: Tue 31 Dec 2024 08:42:10 +0000
ROA not before: Tue 31 Dec 2024 08:42:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 140139
IP address blocks: 161.248.46.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7263 (0x1c5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Dec 31 08:42:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6773ae61-f04e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:0e:79:e7:f2:87:46:6b:ca:95:fa:83:cf:f9:
36:a2:81:8e:7e:8b:c3:44:1d:93:af:42:2c:a8:d6:
4f:8f:7f:a6:01:d9:f9:d8:c4:15:08:aa:ab:5e:c5:
3f:2c:f3:28:b1:46:31:5e:8d:1b:74:62:fe:0d:07:
82:92:fa:c9:d8:1d:b7:75:20:fb:7f:45:47:3f:bb:
ac:90:57:cc:16:77:78:1a:6e:30:c2:24:99:7a:f5:
8a:77:f8:6a:d0:b9:60:75:b9:2c:6a:ae:0f:a0:71:
4a:41:52:c7:46:58:c6:12:0b:5f:20:28:e9:d6:c1:
f4:af:28:bd:29:76:f7:12:c6:c2:f7:82:76:bf:3e:
63:0b:d6:49:6d:46:99:06:c6:1c:c9:d1:9c:c1:7a:
a7:85:9f:6f:90:30:2f:98:09:6f:72:29:82:b3:5c:
ca:b1:fe:2a:bb:5b:61:1d:27:ec:ba:d1:2a:5c:97:
ac:f2:83:fe:16:a9:4e:b7:11:f6:cb:48:3f:48:3c:
63:75:2f:cd:68:ad:d6:ff:7f:81:f5:fc:7f:23:23:
1a:01:7d:f5:96:5b:85:66:96:15:32:c1:c0:93:94:
72:97:1b:24:c2:a9:40:b9:2c:e0:18:78:55:d3:7e:
c5:f2:90:37:28:13:ae:74:19:62:7d:40:fb:45:9e:
6a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:AA:37:FC:C8:5C:B7:EC:34:13:F4:50:E0:E0:4E:C5:84:93:63:28
X509v3 Authority Key Identifier:
keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/1F83E7E6C75311EFA131190AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.46.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:6f:e8:38:df:f3:4f:c5:12:41:de:9e:f2:c2:a7:db:16:0b:
d5:77:80:e1:05:b9:07:e9:a0:e0:6c:c0:77:56:7c:d4:61:d4:
f4:82:cd:e0:27:ce:84:fd:9a:d3:1a:8a:91:5b:c1:f7:56:ca:
45:c2:39:0d:c5:58:96:d8:12:3f:66:b1:28:81:3a:32:8a:cf:
e2:c1:8f:3f:59:a8:65:67:87:d1:57:50:ff:50:ab:ca:b0:6f:
c1:d5:b6:e5:9e:ed:15:d8:c9:19:83:46:16:f3:50:87:aa:37:
6e:3d:e0:cc:7a:26:04:dd:8a:f8:25:72:b8:f5:6b:4c:71:57:
47:f4:d2:d8:de:d7:52:1b:cb:05:69:19:a2:3d:de:d4:ea:35:
8c:6c:ba:02:5e:9b:36:ba:f7:d6:be:c1:42:47:99:fe:d3:0a:
6d:ad:5d:46:d0:08:91:52:54:a1:3f:41:5c:84:a1:ac:d5:22:
b4:77:e5:e7:a7:9a:a1:9b:87:f7:7e:21:88:7a:97:ee:34:79:
9e:e3:b1:f7:7f:8d:31:56:37:22:19:10:81:81:97:8b:23:d3:
28:9c:89:80:1b:eb:dc:58:f1:5f:63:77:59:96:0f:8a:84:b4:
91:11:97:71:65:ce:5e:4c:6c:1d:1e:62:d8:a0:09:39:df:0f:
6d:9d:49:39
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICHF8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF
QkU2OTczRjkwHhcNMjQxMjMxMDg0MjEwWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzczYWU2MS1mMDRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzA555/KHRmvKlfqDz/k2ooGOfovDRB2Tr0IsqNZPj3+mAdn52MQVCKqrXsU/
LPMosUYxXo0bdGL+DQeCkvrJ2B23dSD7f0VHP7uskFfMFnd4Gm4wwiSZevWKd/hq
0Llgdbksaq4PoHFKQVLHRljGEgtfICjp1sH0ryi9KXb3EsbC94J2vz5jC9ZJbUaZ
BsYcydGcwXqnhZ9vkDAvmAlvcimCs1zKsf4qu1thHSfsutEqXJes8oP+FqlOtxH2
y0g/SDxjdS/NaK3W/3+B9fx/IyMaAX31lluFZpYVMsHAk5RylxskwqlAuSzgGHhV
037F8pA3KBOudBlifUD7RZ5qoQIDAQABo4IClTCCApEwHQYDVR0OBBYEFL6qN/zI
XLfsNBP0UODgTsWEk2MoMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMUY4M0U3RTZD
NzUzMTFFRkExMzExOTBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGh+C4wDQYJKoZIhvcNAQELBQADggEBAA5v6Djf80/FEkHe
nvLCp9sWC9V3gOEFuQfpoOBswHdWfNRh1PSCzeAnzoT9mtMaipFbwfdWykXCOQ3F
WJbYEj9msSiBOjKKz+LBjz9ZqGVnh9FXUP9Qq8qwb8HVtuWe7RXYyRmDRhbzUIeq
N2494Mx6JgTdivglcrj1a0xxV0f00tje11IbywVpGaI93tTqNYxsugJemza699a+
wUJHmf7TCm2tXUbQCJFSVKE/QVyEoazVIrR35eenmqGbh/d+IYh6l+40eZ7jsfd/
jTFWNyIZEIGBl4sj0yiciYAb69xY8V9jd1mWD4qEtJERl3Flzl5MbB0eYtigCTnf
D22dSTk=
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:47:42 2025 by rpki-client