Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/D1424FC8E0E111ECBFF27B44C4F9AE02.roa
File: D1424FC8E0E111ECBFF27B44C4F9AE02.roa (raw, json)
Hash identifier: aCk5dw5oxFHrUmANk28KoR3AF4mj3OF8t0MW7sG5Ktg=
Subject key identifier: F3:3D:7E:62:D2:1C:0E:B4:B0:3A:C0:39:A4:23:DA:B0:DF:83:2B:82
Certificate issuer: /CN=A919A713/serialNumber=24C8BBF930CD2D12399ABDF9C9CAB14B1CD79F6B
Certificate serial: 02DA
Authority key identifier: 24:C8:BB:F9:30:CD:2D:12:39:9A:BD:F9:C9:CA:B1:4B:1C:D7:9F:6B
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/D1424FC8E0E111ECBFF27B44C4F9AE02.roa
Signing time: Fri 31 Jan 2025 01:44:58 +0000
ROA not before: Fri 31 Jan 2025 01:44:58 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 2764
IP address blocks: 168.153.0.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 730 (0x2da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919A713
Validity
Not Before: Jan 31 01:44:58 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679c2b19-5d5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:43:f8:cb:52:c4:16:5d:8e:d2:cf:47:20:60:
38:1e:91:ed:c1:55:51:ca:d1:7b:1f:aa:51:29:bc:
81:d4:da:83:7b:13:8d:ce:00:df:5a:67:a7:45:46:
ef:1f:3f:a6:3f:85:19:b3:bc:60:bf:8b:7a:4c:9d:
0f:b9:3a:8a:33:2e:3e:79:f4:c2:73:df:c4:34:9e:
2b:7f:35:11:54:cf:dc:1b:8c:37:3e:dd:7b:8d:d8:
74:dd:9a:7a:e0:44:3e:33:cd:19:5b:c4:e8:ad:92:
53:59:14:b4:aa:3e:3c:7d:5d:55:02:43:f3:84:a4:
d8:41:61:be:64:6a:9c:cd:a5:bd:81:b2:57:3c:e1:
b6:01:fb:89:6c:e3:f7:a6:45:92:f1:ca:6f:77:3f:
d4:97:13:43:23:64:c5:fe:ac:62:a3:b5:d8:52:d7:
71:2f:55:82:e2:ab:e0:89:ea:74:83:8b:59:4f:d9:
c0:5d:a3:1a:83:95:2b:11:2a:10:cb:c6:f0:bf:a4:
ce:51:80:ce:11:96:f1:68:21:25:4a:00:e3:de:08:
b8:8c:5b:b0:4f:1d:27:d5:da:54:9b:31:58:7f:36:
94:95:6a:dc:05:a3:07:7b:87:18:7d:e8:ba:12:5a:
92:4f:41:de:78:8b:53:7e:c0:4e:60:24:96:51:d6:
b9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:3D:7E:62:D2:1C:0E:B4:B0:3A:C0:39:A4:23:DA:B0:DF:83:2B:82
X509v3 Authority Key Identifier:
keyid:24:C8:BB:F9:30:CD:2D:12:39:9A:BD:F9:C9:CA:B1:4B:1C:D7:9F:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/JMi7-TDNLRI5mr35ycqxSxzXn2s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/D1424FC8E0E111ECBFF27B44C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
168.153.0.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:82:00:3a:fc:54:c8:c9:ff:78:d3:8f:b5:b3:ae:06:25:31:
1c:9f:4d:ea:c8:f0:3f:3e:b4:b8:4a:25:a9:00:72:9a:34:70:
02:17:b5:0a:19:4a:9f:73:6c:10:33:aa:e6:79:c1:1f:66:8c:
48:68:f9:80:ad:00:80:f3:9e:ff:c6:1e:e5:1b:85:02:96:0c:
5b:95:f5:4d:c0:b0:a2:97:55:7d:85:58:3f:87:57:c0:1c:28:
4d:4f:7e:23:20:92:e9:68:04:7f:4a:11:14:dd:ff:5a:86:ca:
42:da:61:cf:1d:d0:cd:0f:32:2a:f5:b9:7d:e9:9d:68:fd:cc:
7d:92:e4:b2:35:43:67:00:a1:ff:6b:9f:54:54:00:12:59:f2:
95:90:97:14:73:66:45:2d:d0:40:62:87:16:c4:1d:e4:98:99:
d6:fe:b3:3c:f4:06:cf:60:3f:4d:6e:73:ea:54:f6:bf:e9:99:
35:f9:5f:19:d1:4e:7f:b4:87:b0:df:74:8c:8a:ba:20:a7:a1:
a1:63:7f:93:d0:95:c0:8b:45:d9:3f:1d:6b:6f:99:4f:54:68:
dc:b5:22:44:b1:fa:1a:81:cf:4b:b9:12:07:79:f3:a6:b5:e8:
df:7d:e5:6e:18:40:77:43:a4:d6:b8:98:89:54:54:05:a0:bc:
b6:f4:45:65
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAtowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUE3MTMxMTAvBgNVBAUTKDI0QzhCQkY5MzBDRDJEMTIzOTlBQkRGOUM5Q0FCMTRC
MUNENzlGNkIwHhcNMjUwMTMxMDE0NDU4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzljMmIxOS01ZDVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAykP4y1LEFl2O0s9HIGA4HpHtwVVRytF7H6pRKbyB1NqDexONzgDfWmenRUbv
Hz+mP4UZs7xgv4t6TJ0PuTqKMy4+efTCc9/ENJ4rfzURVM/cG4w3Pt17jdh03Zp6
4EQ+M80ZW8TorZJTWRS0qj48fV1VAkPzhKTYQWG+ZGqczaW9gbJXPOG2AfuJbOP3
pkWS8cpvdz/UlxNDI2TF/qxio7XYUtdxL1WC4qvgiep0g4tZT9nAXaMag5UrESoQ
y8bwv6TOUYDOEZbxaCElSgDj3gi4jFuwTx0n1dpUmzFYfzaUlWrcBaMHe4cYfei6
ElqST0HeeItTfsBOYCSWUda5mwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPM9fmLS
HA60sDrAOaQj2rDfgyuCMB8GA1UdIwQYMBaAFCTIu/kwzS0SOZq9+cnKsUsc159r
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTcxMy8zNDk5NENCNEUw
REExMUVDOTRDN0UwNjJDNEY5QUUwMi9KTWk3LVRETkxSSTVtcjM1eWNxeFN4elhu
MnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0pNaTctVEROTFJJNW1yMzV5Y3F4U3h6WG4ycy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUE3MTMvMzQ5OTRDQjRFMERBMTFFQzk0QzdFMDYyQzRGOUFFMDIvRDE0MjRGQzhF
MEUxMTFFQ0JGRjI3QjQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAComQAwDQYJKoZIhvcNAQELBQADggEBAB6CADr8VMjJ/3jT
j7WzrgYlMRyfTerI8D8+tLhKJakAcpo0cAIXtQoZSp9zbBAzquZ5wR9mjEho+YCt
AIDznv/GHuUbhQKWDFuV9U3AsKKXVX2FWD+HV8AcKE1PfiMgkuloBH9KERTd/1qG
ykLaYc8d0M0PMir1uX3pnWj9zH2S5LI1Q2cAof9rn1RUABJZ8pWQlxRzZkUt0EBi
hxbEHeSYmdb+szz0Bs9gP01uc+pU9r/pmTX5XxnRTn+0h7DfdIyKuiCnoaFjf5PQ
lcCLRdk/HWtvmU9UaNy1IkSx+hqBz0u5Egd586a16N995W4YQHdDpNa4mIlUVAWg
vLb0RWU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:14:31 2025 by rpki-client