Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9199CFF/20BE1A30D7E011EF8B173D2FC4F9AE02/8A941156D7E211EFBF26DA72C4F9AE02.roa
File: 8A941156D7E211EFBF26DA72C4F9AE02.roa (raw, json)
Hash identifier: IV+yFZlpYAcj8P+yyk8bYHAo0MmcigDE6SILVv3+Jug=
Subject key identifier: 8A:22:E5:08:A3:CE:AD:D6:FB:3F:D3:C6:E6:FE:65:E7:5B:8F:35:6A
Certificate issuer: /CN=A9199CFF/serialNumber=5EFDE98C4FBF8D1187B6858EBC81F0625B293160
Certificate serial: 03
Authority key identifier: 5E:FD:E9:8C:4F:BF:8D:11:87:B6:85:8E:BC:81:F0:62:5B:29:31:60
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Xv3pjE-_jRGHtoWOvIHwYlspMWA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9199CFF/20BE1A30D7E011EF8B173D2FC4F9AE02/8A941156D7E211EFBF26DA72C4F9AE02.roa
Signing time: Tue 21 Jan 2025 10:29:06 +0000
ROA not before: Tue 21 Jan 2025 10:29:06 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 153523
IP address blocks: 161.248.188.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9199CFF
Validity
Not Before: Jan 21 10:29:06 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=678f76f2-e579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4c:7f:8e:ce:e1:44:a4:fe:50:6e:76:65:65:
64:95:5f:2a:0b:4a:c1:f4:5b:0c:10:a1:c2:fc:50:
cf:92:d4:37:73:9b:8f:ee:01:a4:98:95:50:38:8f:
29:e0:be:5e:82:e3:58:ed:e4:e4:c0:7c:a0:fc:4e:
8d:9c:45:de:22:f0:cb:db:00:3f:7b:a4:ab:c6:4e:
06:e9:f1:b6:87:1a:75:87:7f:1f:19:c3:9c:85:90:
3e:0a:70:00:76:09:c3:67:ec:67:8f:99:8e:0a:49:
3d:db:ac:8d:41:39:bc:24:f9:6e:34:fa:e6:49:4c:
c2:5f:45:26:9f:1d:cd:ba:f1:42:f1:92:d4:aa:55:
ca:28:f0:9b:49:5e:6f:35:25:11:1a:ec:fa:4f:a8:
ef:ac:29:17:bb:ed:2b:44:30:c7:c3:5d:85:67:65:
5e:20:81:31:6f:a9:0a:b4:04:5f:b3:16:47:25:0b:
e9:0e:f0:85:8f:0d:11:36:2c:92:07:1d:77:43:30:
90:66:9f:f9:bc:96:30:89:81:59:04:d9:a0:a1:5e:
9a:e6:89:7f:5b:76:b8:eb:b7:14:1b:fd:b6:40:1d:
85:e1:ec:27:37:15:0a:07:35:b2:16:46:87:ac:f1:
65:69:6a:3e:2a:42:7d:59:b4:47:a8:ed:9c:63:43:
39:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:22:E5:08:A3:CE:AD:D6:FB:3F:D3:C6:E6:FE:65:E7:5B:8F:35:6A
X509v3 Authority Key Identifier:
keyid:5E:FD:E9:8C:4F:BF:8D:11:87:B6:85:8E:BC:81:F0:62:5B:29:31:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9199CFF/20BE1A30D7E011EF8B173D2FC4F9AE02/Xv3pjE-_jRGHtoWOvIHwYlspMWA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Xv3pjE-_jRGHtoWOvIHwYlspMWA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9199CFF/20BE1A30D7E011EF8B173D2FC4F9AE02/8A941156D7E211EFBF26DA72C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.188.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:65:77:a1:d0:b6:74:9e:6f:d4:3d:a3:8d:59:a7:65:4d:f3:
e0:a3:db:51:37:02:26:9f:a8:f1:a0:6e:b9:cd:db:3e:59:19:
65:c5:5d:c2:00:b5:88:57:c8:36:6b:19:59:68:35:08:2b:82:
18:2b:dd:91:17:ec:7f:bd:88:ab:f2:3a:08:cf:c8:20:4e:cd:
7d:75:62:d8:28:c0:36:f9:f1:0f:54:f5:6b:1f:bb:c6:93:9c:
90:15:52:af:40:0d:e0:41:97:96:a2:8f:79:fd:9b:88:08:35:
90:e5:f7:cd:6b:ea:5c:d3:c0:44:b5:a0:5a:42:df:c4:fb:df:
0f:8e:e1:7e:69:1b:ac:85:11:b6:69:ff:98:5e:6f:5d:da:4d:
76:ec:0c:ce:2a:12:3a:5d:5a:08:18:81:c1:0d:96:81:59:f8:
0c:92:78:2f:66:42:49:5b:d6:c5:0d:6c:f7:88:c7:04:1e:ed:
b4:15:10:0b:b6:cd:bf:69:86:67:92:a1:3d:12:7e:a6:7d:1f:
8e:e7:48:2c:2c:cc:e3:ed:e8:d4:a2:a8:f1:26:2b:24:93:40:
27:7d:09:e1:6b:18:2a:fc:e7:e4:f9:68:ef:7e:be:cb:e3:9f:
29:0d:87:bf:3d:c1:9f:94:7b:bf:56:ee:b6:1c:dd:39:24:52:
f0:66:b8:43
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
OUNGRjExMC8GA1UEBRMoNUVGREU5OEM0RkJGOEQxMTg3QjY4NThFQkM4MUYwNjI1
QjI5MzE2MDAeFw0yNTAxMjExMDI5MDZaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3OGY3NmYyLWU1NzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCyTH+OzuFEpP5QbnZlZWSVXyoLSsH0WwwQocL8UM+S1Ddzm4/uAaSYlVA4jyng
vl6C41jt5OTAfKD8To2cRd4i8MvbAD97pKvGTgbp8baHGnWHfx8Zw5yFkD4KcAB2
CcNn7GePmY4KST3brI1BObwk+W40+uZJTMJfRSafHc268ULxktSqVcoo8JtJXm81
JREa7PpPqO+sKRe77StEMMfDXYVnZV4ggTFvqQq0BF+zFkclC+kO8IWPDRE2LJIH
HXdDMJBmn/m8ljCJgVkE2aChXprmiX9bdrjrtxQb/bZAHYXh7Cc3FQoHNbIWRoes
8WVpaj4qQn1ZtEeo7ZxjQzlNAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUiiLlCKPO
rdb7P9PG5v5l51uPNWowHwYDVR0jBBgwFoAUXv3pjE+/jRGHtoWOvIHwYlspMWAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk5Q0ZGLzIwQkUxQTMwRDdF
MDExRUY4QjE3M0QyRkM0RjlBRTAyL1h2M3BqRS1falJHSHRvV092SUh3WWxzcE1X
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvWHYzcGpFLV9qUkdIdG9XT3ZJSHdZbHNwTVdBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
OUNGRi8yMEJFMUEzMEQ3RTAxMUVGOEIxNzNEMkZDNEY5QUUwMi84QTk0MTE1NkQ3
RTIxMUVGQkYyNkRBNzJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKH4vDANBgkqhkiG9w0BAQsFAAOCAQEAX2V3odC2dJ5v1D2j
jVmnZU3z4KPbUTcCJp+o8aBuuc3bPlkZZcVdwgC1iFfINmsZWWg1CCuCGCvdkRfs
f72Iq/I6CM/IIE7NfXVi2CjANvnxD1T1ax+7xpOckBVSr0AN4EGXlqKPef2biAg1
kOX3zWvqXNPARLWgWkLfxPvfD47hfmkbrIURtmn/mF5vXdpNduwMzioSOl1aCBiB
wQ2WgVn4DJJ4L2ZCSVvWxQ1s94jHBB7ttBUQC7bNv2mGZ5KhPRJ+pn0fjudILCzM
4+3o1KKo8SYrJJNAJ30J4WsYKvzn5Plo736+y+OfKQ2Hvz3Bn5R7v1buthzdOSRS
8Ga4Qw==
-----END CERTIFICATE-----
Generated at Fri Apr 11 04:29:44 2025 by rpki-client