Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91972DF/27E3EDA4983311EF83189A57C4F9AE02/D2D7B762995611EFADA5D754C4F9AE02.roa
File: D2D7B762995611EFADA5D754C4F9AE02.roa (raw, json)
Hash identifier: leOkuh3L+EBwiYEQWHLbAuOaBMzDoG4/I9L1fdXLYok=
Subject key identifier: 95:B5:6F:DB:3B:91:DA:A6:39:2F:1E:DA:5A:EB:0C:E1:CE:69:3D:15
Certificate issuer: /CN=A91972DF/serialNumber=4720A2B78C78239926FDEE7344A3680DA0D8071D
Certificate serial: 03
Authority key identifier: 47:20:A2:B7:8C:78:23:99:26:FD:EE:73:44:A3:68:0D:A0:D8:07:1D
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RyCit4x4I5km_e5zRKNoDaDYBx0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91972DF/27E3EDA4983311EF83189A57C4F9AE02/D2D7B762995611EFADA5D754C4F9AE02.roa
Signing time: Sat 02 Nov 2024 20:12:46 +0000
ROA not before: Sat 02 Nov 2024 20:12:46 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 136574
IP address blocks: 160.191.154.0/24 maxlen: 24
160.191.155.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91972DF
Validity
Not Before: Nov 2 20:12:46 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=672687bd-f126
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8f:f3:76:59:cc:c1:e4:d9:fa:19:e0:b6:e8:
5f:f2:5b:02:d6:ba:68:f7:6f:ec:eb:d8:c3:e7:ff:
55:73:7f:2f:94:0f:66:a7:91:fa:63:04:de:97:60:
17:89:ef:b0:02:a8:86:6e:65:ed:75:1d:bc:b3:27:
99:85:81:fa:88:7b:dd:d9:c2:41:aa:43:ce:ae:43:
9a:c7:3e:5b:52:f2:80:8b:c0:ca:53:64:65:7d:36:
69:07:e3:f3:5f:d3:e8:51:34:7d:47:98:e7:3a:bb:
9c:85:71:6a:34:1e:4c:4e:99:cf:78:a0:24:d3:ca:
2e:6e:3f:4d:3c:34:dc:f8:b3:62:04:a8:80:c2:e0:
0d:8f:23:78:b9:51:cb:1d:50:90:88:c1:46:f8:7e:
91:d9:8f:99:70:96:6f:15:67:24:a0:0b:63:a4:0d:
b1:ef:dd:86:8a:66:f3:d1:1c:a0:ec:15:ce:5c:21:
2b:82:b1:83:c8:13:0d:94:d0:e2:19:8d:8b:00:00:
8c:6e:64:31:26:a3:4f:a4:34:09:80:fc:ab:ab:b5:
47:cf:7e:76:8d:ac:06:8a:5d:7b:97:14:5a:3d:0a:
4f:2b:d7:43:e4:21:26:d2:5d:bc:33:d5:4d:c6:a2:
53:1b:c7:4a:7a:92:36:b1:bd:42:95:22:fb:c0:01:
3a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B5:6F:DB:3B:91:DA:A6:39:2F:1E:DA:5A:EB:0C:E1:CE:69:3D:15
X509v3 Authority Key Identifier:
keyid:47:20:A2:B7:8C:78:23:99:26:FD:EE:73:44:A3:68:0D:A0:D8:07:1D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91972DF/27E3EDA4983311EF83189A57C4F9AE02/RyCit4x4I5km_e5zRKNoDaDYBx0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RyCit4x4I5km_e5zRKNoDaDYBx0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91972DF/27E3EDA4983311EF83189A57C4F9AE02/D2D7B762995611EFADA5D754C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.191.154.0/23
Signature Algorithm: sha256WithRSAEncryption
bb:03:a5:fb:15:9b:69:11:e6:3d:82:17:83:22:95:06:43:b1:
00:b7:bf:63:62:2b:1f:1b:04:5c:59:fb:c2:be:90:4f:2e:6d:
cc:8f:c1:0d:3c:c4:b0:9e:0a:74:ae:9a:1b:83:2f:89:91:51:
73:69:95:96:06:5c:cd:df:65:54:e6:85:21:a5:29:0a:4d:32:
c1:ae:64:1c:46:9b:4d:74:30:9d:c6:5e:f6:f6:ce:50:fa:37:
0b:05:24:46:d7:ba:6f:d9:44:ad:95:ec:c7:08:fe:ad:63:53:
df:22:b1:c2:20:a0:80:ca:74:e1:2f:41:b7:97:1d:f3:c1:ca:
ab:44:1c:12:20:b9:bc:6b:40:9f:db:28:ed:fa:d0:f3:3f:a6:
87:dd:9b:de:fc:34:bb:48:71:02:e0:09:3c:f9:13:86:45:e3:
98:cc:76:21:c0:00:a4:44:7a:d0:80:e8:23:58:b5:13:c1:16:
e1:b7:19:60:0a:ca:e8:9f:de:9b:de:8c:6c:96:0c:11:ba:b3:
f1:dc:d4:64:5b:e5:f3:51:52:7c:1e:eb:72:a2:e3:68:a3:73:
54:d0:cd:4c:32:37:89:a2:03:df:02:2c:17:28:fb:46:f8:0d:
be:4f:1e:e3:4e:b8:95:cb:47:3f:29:8a:4e:3d:32:5c:37:03:
d3:ae:f0:24
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NzJERjExMC8GA1UEBRMoNDcyMEEyQjc4Qzc4MjM5OTI2RkRFRTczNDRBMzY4MERB
MEQ4MDcxRDAeFw0yNDExMDIyMDEyNDZaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MjY4N2JkLWYxMjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCvj/N2WczB5Nn6GeC26F/yWwLWumj3b+zr2MPn/1Vzfy+UD2ankfpjBN6XYBeJ
77ACqIZuZe11HbyzJ5mFgfqIe93ZwkGqQ86uQ5rHPltS8oCLwMpTZGV9NmkH4/Nf
0+hRNH1HmOc6u5yFcWo0HkxOmc94oCTTyi5uP008NNz4s2IEqIDC4A2PI3i5Ucsd
UJCIwUb4fpHZj5lwlm8VZySgC2OkDbHv3YaKZvPRHKDsFc5cISuCsYPIEw2U0OIZ
jYsAAIxuZDEmo0+kNAmA/KurtUfPfnaNrAaKXXuXFFo9Ck8r10PkISbSXbwz1U3G
olMbx0p6kjaxvUKVIvvAATrLAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUlbVv2zuR
2qY5Lx7aWusM4c5pPRUwHwYDVR0jBBgwFoAURyCit4x4I5km/e5zRKNoDaDYBx0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk3MkRGLzI3RTNFREE0OTgz
MzExRUY4MzE4OUE1N0M0RjlBRTAyL1J5Q2l0NHg0STVrbV9lNXpSS05vRGFEWUJ4
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvUnlDaXQ0eDRJNWttX2U1elJLTm9EYURZQngwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NzJERi8yN0UzRURBNDk4MzMxMUVGODMxODlBNTdDNEY5QUUwMi9EMkQ3Qjc2Mjk5
NTYxMUVGQURBNUQ3NTRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaC/mjANBgkqhkiG9w0BAQsFAAOCAQEAuwOl+xWbaRHmPYIX
gyKVBkOxALe/Y2IrHxsEXFn7wr6QTy5tzI/BDTzEsJ4KdK6aG4MviZFRc2mVlgZc
zd9lVOaFIaUpCk0ywa5kHEabTXQwncZe9vbOUPo3CwUkRte6b9lErZXsxwj+rWNT
3yKxwiCggMp04S9Bt5cd88HKq0QcEiC5vGtAn9so7frQ8z+mh92b3vw0u0hxAuAJ
PPkThkXjmMx2IcAApER60IDoI1i1E8EW4bcZYArK6J/em96MbJYMEbqz8dzUZFvl
81FSfB7rcqLjaKNzVNDNTDI3iaID3wIsFyj7RvgNvk8e4064lctHPymKTj0yXDcD
067wJA==
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:24:36 2025 by rpki-client