Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91992FA/FA46E0D2EE0311EF9C2B8A49C4F9AE02/44A28FACEFEC11EF80EC123DC4F9AE02.roa
File: 44A28FACEFEC11EF80EC123DC4F9AE02.roa (raw, json)
Hash identifier: kIHtM5yk/7E77z9qFDfBUJpQm2RMukSPxAc1zKCnuxc=
Subject key identifier: 89:C3:15:E2:5B:0E:D5:E7:3D:FB:23:27:0B:20:FB:66:F0:CE:3E:5C
Certificate issuer: /CN=A91992FA/serialNumber=057B537740382678A078F5BF284C726794B9D134
Certificate serial: 03
Authority key identifier: 05:7B:53:77:40:38:26:78:A0:78:F5:BF:28:4C:72:67:94:B9:D1:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BXtTd0A4JnigePW_KExyZ5S50TQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91992FA/FA46E0D2EE0311EF9C2B8A49C4F9AE02/44A28FACEFEC11EF80EC123DC4F9AE02.roa
Signing time: Fri 21 Feb 2025 00:39:11 +0000
ROA not before: Fri 21 Feb 2025 00:39:11 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 9294
IP address blocks: 163.61.150.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91992FA
Validity
Not Before: Feb 21 00:39:11 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67b7cb2f-2b72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c3:d3:d0:79:0a:67:8b:fd:4e:66:e5:11:a4:
73:89:b4:80:6a:2b:eb:7a:32:7c:6f:cc:ab:a3:7b:
8b:d0:9f:d0:d4:5e:98:9f:9a:f5:cf:22:38:41:a3:
33:3f:f0:ca:34:35:df:91:f8:f9:63:e3:30:ef:d3:
45:4a:e8:f8:fb:73:d9:b3:fd:c7:44:e3:8d:b4:4d:
5f:37:bf:40:70:26:47:2f:a0:6f:19:82:e6:57:e7:
bc:e8:9c:88:58:21:4e:f5:0e:ee:ae:4a:90:ab:b8:
c7:0a:16:8c:56:b8:32:b2:61:59:ce:04:e1:5b:34:
58:3f:2d:b4:85:e6:a7:2b:ca:0c:1b:fc:e1:3a:17:
71:53:f5:47:31:1d:22:8d:15:9d:4b:03:a4:b1:ee:
e8:b8:fd:93:20:1f:78:ee:bb:57:25:0a:4f:17:f8:
03:0b:44:33:59:54:e0:37:c2:a2:df:46:70:17:48:
19:3e:12:18:f3:09:35:1d:4b:d3:d1:f7:da:d6:65:
a5:9e:53:ff:44:44:36:7b:ab:be:4d:04:72:95:32:
a1:3f:a2:9a:30:22:ca:fc:c7:ec:d6:8b:df:2b:7e:
63:cc:aa:81:a7:ff:7a:7e:a0:19:4e:e0:de:8e:aa:
14:74:f8:72:35:bb:99:d4:bf:69:b5:62:06:46:82:
dd:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:C3:15:E2:5B:0E:D5:E7:3D:FB:23:27:0B:20:FB:66:F0:CE:3E:5C
X509v3 Authority Key Identifier:
keyid:05:7B:53:77:40:38:26:78:A0:78:F5:BF:28:4C:72:67:94:B9:D1:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91992FA/FA46E0D2EE0311EF9C2B8A49C4F9AE02/BXtTd0A4JnigePW_KExyZ5S50TQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BXtTd0A4JnigePW_KExyZ5S50TQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91992FA/FA46E0D2EE0311EF9C2B8A49C4F9AE02/44A28FACEFEC11EF80EC123DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.61.150.0/23
Signature Algorithm: sha256WithRSAEncryption
79:28:34:40:ac:94:9e:3f:c7:23:cb:09:45:b7:5f:70:da:30:
19:d9:cf:09:06:f4:bd:3d:5a:a3:6f:08:f5:b4:db:ff:df:f3:
ab:58:f3:e9:cd:f2:53:18:18:37:d5:d1:bf:2f:c2:9d:fb:63:
c7:4a:8c:e1:27:2d:eb:fa:7e:28:d5:dc:d1:7f:1f:fa:60:c9:
98:6a:c2:d4:bd:af:51:46:c3:16:a4:ff:92:94:66:ec:f7:19:
ff:12:28:b3:df:5c:c1:b8:48:05:92:6c:60:f9:58:67:43:64:
02:3a:60:a1:89:57:ef:6c:fd:6d:88:c1:94:4b:a9:5e:bc:da:
59:9b:67:68:3f:14:d0:0d:41:55:bb:32:3f:78:fa:74:87:e6:
41:92:ce:62:ef:c2:a1:40:56:e5:16:71:1c:72:25:5b:93:a8:
a6:e3:93:9d:82:f2:cf:e4:3e:c4:4a:55:ff:fc:c1:c4:eb:ab:
55:36:b2:7a:2d:ac:e2:2d:f1:2b:bb:c2:cf:a1:73:ae:84:2e:
36:d3:4d:f7:b4:58:db:a4:5b:8c:67:fd:b1:88:f4:07:a3:12:
75:03:31:33:c7:c7:e8:e6:13:3f:a6:4b:98:97:9d:9b:5e:b9:
12:2a:cf:d4:7b:36:b1:c4:46:3d:9a:63:a9:20:21:35:6f:1c:
25:0a:a1:4f
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
OTJGQTExMC8GA1UEBRMoMDU3QjUzNzc0MDM4MjY3OEEwNzhGNUJGMjg0QzcyNjc5
NEI5RDEzNDAeFw0yNTAyMjEwMDM5MTFaFw0yNjA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YjdjYjJmLTJiNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC2w9PQeQpni/1OZuURpHOJtIBqK+t6MnxvzKuje4vQn9DUXpifmvXPIjhBozM/
8Mo0Nd+R+Plj4zDv00VK6Pj7c9mz/cdE4420TV83v0BwJkcvoG8ZguZX57zonIhY
IU71Du6uSpCruMcKFoxWuDKyYVnOBOFbNFg/LbSF5qcrygwb/OE6F3FT9UcxHSKN
FZ1LA6Sx7ui4/ZMgH3juu1clCk8X+AMLRDNZVOA3wqLfRnAXSBk+EhjzCTUdS9PR
99rWZaWeU/9ERDZ7q75NBHKVMqE/opowIsr8x+zWi98rfmPMqoGn/3p+oBlO4N6O
qhR0+HI1u5nUv2m1YgZGgt0PAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUicMV4lsO
1ec9+yMnCyD7ZvDOPlwwHwYDVR0jBBgwFoAUBXtTd0A4JnigePW/KExyZ5S50TQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk5MkZBL0ZBNDZFMEQyRUUw
MzExRUY5QzJCOEE0OUM0RjlBRTAyL0JYdFRkMEE0Sm5pZ2VQV19LRXh5WjVTNTBU
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQlh0VGQwQTRKbmlnZVBXX0tFeHlaNVM1MFRRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
OTJGQS9GQTQ2RTBEMkVFMDMxMUVGOUMyQjhBNDlDNEY5QUUwMi80NEEyOEZBQ0VG
RUMxMUVGODBFQzEyM0RDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaM9ljANBgkqhkiG9w0BAQsFAAOCAQEAeSg0QKyUnj/HI8sJ
RbdfcNowGdnPCQb0vT1ao28I9bTb/9/zq1jz6c3yUxgYN9XRvy/Cnftjx0qM4Sct
6/p+KNXc0X8f+mDJmGrC1L2vUUbDFqT/kpRm7PcZ/xIos99cwbhIBZJsYPlYZ0Nk
AjpgoYlX72z9bYjBlEupXrzaWZtnaD8U0A1BVbsyP3j6dIfmQZLOYu/CoUBW5RZx
HHIlW5OopuOTnYLyz+Q+xEpV//zBxOurVTayei2s4i3xK7vCz6FzroQuNtNN97RY
26RbjGf9sYj0B6MSdQMxM8fH6OYTP6ZLmJedm165EirP1Hs2scRGPZpjqSAhNW8c
JQqhTw==
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:38:52 2025 by rpki-client