Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/1DBC9D405DB411EEA017251AC4F9AE02.roa
File: 1DBC9D405DB411EEA017251AC4F9AE02.roa (raw, json)
Hash identifier: 2w+ZZZiHGzET+UAGMpulJr633xByME/2FAJYerduoZE=
Subject key identifier: 07:9F:02:03:AE:8A:35:A6:20:F7:58:92:69:26:71:A3:35:A4:21:8A
Certificate issuer: /CN=A91A4B1A/serialNumber=CE114680FF6F4D9BC3F1880D610D6AEEEAEBF0D4
Certificate serial: 1DC1
Authority key identifier: CE:11:46:80:FF:6F:4D:9B:C3:F1:88:0D:61:0D:6A:EE:EA:EB:F0:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/1DBC9D405DB411EEA017251AC4F9AE02.roa
Signing time: Wed 18 Dec 2024 16:13:36 +0000
ROA not before: Wed 18 Dec 2024 16:13:36 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 18259
IP address blocks: 163.138.241.0/24 maxlen: 24
163.138.242.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7617 (0x1dc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4B1A
Validity
Not Before: Dec 18 16:13:36 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6762f4b0-c18c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:99:90:96:68:ad:13:28:53:f1:27:55:18:4a:
91:8a:37:94:cf:77:1a:85:59:93:e5:e7:dc:86:ed:
0d:e7:0f:bc:c8:8b:5c:73:be:e0:b7:59:7f:22:35:
18:c0:ed:8d:98:67:56:c0:4a:08:59:f1:37:22:52:
db:75:0b:5c:59:8c:03:6d:95:80:54:ed:4c:ab:12:
5e:3a:a8:2b:ed:dc:d4:e6:04:69:ff:b1:e4:33:19:
55:2f:13:85:1d:5e:ca:27:8b:55:38:86:55:20:b3:
3b:e0:18:c1:10:a2:9a:08:23:b3:98:23:90:ca:cb:
1a:6f:0e:b3:0c:8a:b6:7b:21:1a:e8:dc:a8:12:0a:
51:04:d5:9c:e8:79:74:1d:b5:93:15:88:c7:67:59:
92:8c:a8:10:6d:84:b9:5f:33:4a:1d:ff:4d:68:37:
43:8f:14:4e:0d:7e:d8:16:38:d6:07:10:79:79:0a:
69:76:41:b1:7e:bf:8b:0d:24:5c:42:3f:24:4e:43:
50:5b:02:62:44:10:c7:a3:03:05:15:d7:e0:81:37:
74:75:74:04:2a:f4:38:51:69:64:1f:71:4e:4e:20:
97:be:29:c8:65:c2:89:92:68:f2:45:6c:c0:fd:d1:
a0:17:fe:e0:b4:a6:ad:45:71:c9:c1:ba:94:80:4e:
76:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:9F:02:03:AE:8A:35:A6:20:F7:58:92:69:26:71:A3:35:A4:21:8A
X509v3 Authority Key Identifier:
keyid:CE:11:46:80:FF:6F:4D:9B:C3:F1:88:0D:61:0D:6A:EE:EA:EB:F0:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/1DBC9D405DB411EEA017251AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.138.241.0-163.138.242.255
Signature Algorithm: sha256WithRSAEncryption
6b:a9:60:31:e7:b7:6e:4a:bd:91:cb:23:02:b9:32:37:fe:97:
1c:d0:ba:58:23:9d:8e:ef:b5:fc:54:5c:25:68:24:e9:7a:d7:
3f:b1:d5:0b:53:90:86:37:83:06:4d:b8:e4:eb:ff:7e:00:de:
05:88:be:1b:77:a8:35:a2:57:bf:bf:b0:99:ac:00:66:c8:67:
ba:0f:03:1d:a0:ef:c0:4a:21:c2:34:7b:04:75:e5:a5:a8:db:
c5:e2:50:96:28:27:c2:84:dc:46:64:81:59:a1:f9:32:2c:ad:
6a:9d:68:fb:6a:aa:4e:a9:50:09:f1:fe:fc:fe:87:24:a3:7f:
83:f9:51:84:2b:65:82:5a:31:a5:5c:08:56:89:ff:f4:1e:dd:
f3:39:79:8f:70:f5:e1:d8:e6:90:42:d6:e6:9a:55:65:99:79:
fa:68:67:56:93:01:c4:de:48:e4:49:be:0b:e6:40:71:cf:37:
89:91:6a:58:5c:8a:7f:88:71:2e:c8:c4:03:ba:39:9b:4a:3b:
2b:b4:fe:19:24:4e:78:c5:0b:a5:a5:ac:fb:f7:83:a6:ba:19:
5f:b9:fe:d7:a0:3c:20:4c:15:4d:c0:01:5b:4a:f3:f1:51:ca:
52:e0:ac:e3:1f:c4:71:79:3c:da:be:ae:26:bc:51:6c:21:15:
80:91:fa:c5
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICHcEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTRCMUExMTAvBgNVBAUTKENFMTE0NjgwRkY2RjREOUJDM0YxODgwRDYxMEQ2QUVF
RUFFQkYwRDQwHhcNMjQxMjE4MTYxMzM2WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYyZjRiMC1jMThjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzZmQlmitEyhT8SdVGEqRijeUz3cahVmT5efchu0N5w+8yItcc77gt1l/IjUY
wO2NmGdWwEoIWfE3IlLbdQtcWYwDbZWAVO1MqxJeOqgr7dzU5gRp/7HkMxlVLxOF
HV7KJ4tVOIZVILM74BjBEKKaCCOzmCOQyssabw6zDIq2eyEa6NyoEgpRBNWc6Hl0
HbWTFYjHZ1mSjKgQbYS5XzNKHf9NaDdDjxRODX7YFjjWBxB5eQppdkGxfr+LDSRc
Qj8kTkNQWwJiRBDHowMFFdfggTd0dXQEKvQ4UWlkH3FOTiCXvinIZcKJkmjyRWzA
/dGgF/7gtKatRXHJwbqUgE52XQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFAefAgOu
ijWmIPdYkmkmcaM1pCGKMB8GA1UdIwQYMBaAFM4RRoD/b02bw/GIDWENau7q6/DU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEIxQS81REQ0OEFCNjg5
RjIxMUU2OUU1RjYzMzlDNEY5QUUwMi96aEZHZ1A5dlRadkQ4WWdOWVExcTd1cnI4
TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3poRkdnUDl2VFp2RDhZZ05ZUTFxN3VycjhOUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTRCMUEvNURENDhBQjY4OUYyMTFFNjlFNUY2MzM5QzRGOUFFMDIvMURCQzlENDA1
REI0MTFFRUEwMTcyNTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAKOK8QMEAKOK8jANBgkqhkiG9w0BAQsFAAOCAQEAa6lg
Mee3bkq9kcsjArkyN/6XHNC6WCOdju+1/FRcJWgk6XrXP7HVC1OQhjeDBk245Ov/
fgDeBYi+G3eoNaJXv7+wmawAZshnug8DHaDvwEohwjR7BHXlpajbxeJQlignwoTc
RmSBWaH5Miytap1o+2qqTqlQCfH+/P6HJKN/g/lRhCtlgloxpVwIVon/9B7d8zl5
j3D14djmkELW5ppVZZl5+mhnVpMBxN5I5Em+C+ZAcc83iZFqWFyKf4hxLsjEA7o5
m0o7K7T+GSROeMULpaWs+/eDproZX7n+16A8IEwVTcABW0rz8VHKUuCs4x/EcXk8
2r6uJrxRbCEVgJH6xQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:21:27 2025 by rpki-client