Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/4A6679EC14DF11EEAB46A86DC4F9AE02.roa
File: 4A6679EC14DF11EEAB46A86DC4F9AE02.roa (raw, json)
Hash identifier: yY5rZMTsOpnGO6cAR5A6bi22J/lJ789z+ED1oN3orxw=
Subject key identifier: B3:15:FD:91:37:81:01:00:15:4A:22:8B:7B:07:78:5A:F6:26:6D:6E
Certificate issuer: /CN=A91A4B1A/serialNumber=CE114680FF6F4D9BC3F1880D610D6AEEEAEBF0D4
Certificate serial: 1DC2
Authority key identifier: CE:11:46:80:FF:6F:4D:9B:C3:F1:88:0D:61:0D:6A:EE:EA:EB:F0:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/4A6679EC14DF11EEAB46A86DC4F9AE02.roa
Signing time: Wed 18 Dec 2024 16:13:37 +0000
ROA not before: Wed 18 Dec 2024 16:13:37 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 2511
IP address blocks: 163.138.0.0/17 maxlen: 17
163.138.128.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7618 (0x1dc2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4B1A
Validity
Not Before: Dec 18 16:13:37 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6762f4b0-c6b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:65:d4:1f:d8:b9:06:71:a1:bd:41:f3:b2:79:
30:7e:37:29:e0:36:25:27:a4:7c:b0:21:5b:96:44:
0d:ac:6b:51:da:8a:71:d3:18:bb:0b:35:fc:5f:8d:
b7:e0:7c:9b:a1:23:04:b3:3f:b9:e4:99:ef:cb:01:
27:ec:ed:df:d7:e8:39:69:ea:d2:44:fc:df:d3:80:
78:5e:f9:e4:13:c3:59:54:0b:8a:13:7e:33:a0:02:
05:23:bc:e8:31:6c:46:88:03:fd:3a:a8:a9:47:bb:
08:a1:c8:ec:a8:36:ea:b2:ec:eb:93:4a:6d:1f:4f:
18:8a:bf:df:70:2c:71:ef:19:21:f3:ad:e6:07:ae:
fa:45:ee:1f:d5:e4:fb:0c:ba:c7:f9:ad:0c:79:ff:
a4:71:02:32:20:ad:17:bd:a1:48:27:18:52:da:d1:
74:28:86:ab:28:aa:75:25:9e:c2:9f:a0:e3:e1:38:
bd:fe:96:e6:36:90:fc:06:29:97:d7:61:ad:6d:ea:
57:fb:d8:24:3b:e9:d7:d7:2c:56:90:25:18:59:82:
84:56:0d:12:a8:d2:dc:b2:fe:11:15:d0:a1:6b:2b:
58:d5:cc:1b:b9:a8:2e:61:81:b2:4b:71:c8:07:1a:
8a:5f:68:f7:cb:df:5d:c8:09:bc:18:cf:40:0e:b2:
85:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:15:FD:91:37:81:01:00:15:4A:22:8B:7B:07:78:5A:F6:26:6D:6E
X509v3 Authority Key Identifier:
keyid:CE:11:46:80:FF:6F:4D:9B:C3:F1:88:0D:61:0D:6A:EE:EA:EB:F0:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/4A6679EC14DF11EEAB46A86DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.138.0.0-163.138.159.255
Signature Algorithm: sha256WithRSAEncryption
83:ac:1c:a1:0b:45:9c:54:41:cd:1d:ba:d7:3b:52:4e:2a:ac:
af:fc:af:d2:55:98:49:36:14:e0:26:fd:e5:4e:24:cd:39:b3:
ef:cb:df:c7:30:3b:21:01:20:bf:4c:6b:0e:1b:aa:2c:b8:bb:
57:d4:64:51:35:d4:d0:ad:2a:99:2c:69:9e:67:f7:b4:59:61:
33:ef:1c:29:20:f9:75:3a:f8:63:12:25:88:1d:2c:d3:76:36:
f2:32:e7:be:ac:be:29:6f:d5:f9:b2:4f:da:92:40:97:3f:cb:
52:c0:4e:9e:c0:41:aa:8f:a3:45:b5:19:79:b1:92:47:4b:02:
21:e5:f6:92:ed:f1:37:6f:a7:ff:00:ed:f6:ef:c5:d8:6f:7a:
81:00:d2:e3:8b:63:85:18:a1:b8:88:fe:b5:1f:96:2f:a2:c9:
f1:0f:e1:12:8b:b9:c4:f6:76:08:f6:a4:09:c9:25:5e:26:35:
10:ca:7e:c4:50:35:3a:eb:47:5b:8c:dc:94:5e:69:b3:ef:1f:
13:97:97:65:ff:9b:5e:36:3b:dc:9e:81:27:6d:89:f8:78:d2:
30:ff:67:b1:1b:21:fd:5d:a5:88:9a:6a:5a:03:0b:6a:3b:3e:
0f:8c:a9:4d:45:ae:84:af:67:ca:5f:ba:b5:f6:f0:cd:c4:1f:
25:c2:ad:30
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgICHcIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTRCMUExMTAvBgNVBAUTKENFMTE0NjgwRkY2RjREOUJDM0YxODgwRDYxMEQ2QUVF
RUFFQkYwRDQwHhcNMjQxMjE4MTYxMzM3WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYyZjRiMC1jNmI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuWXUH9i5BnGhvUHzsnkwfjcp4DYlJ6R8sCFblkQNrGtR2opx0xi7CzX8X423
4HyboSMEsz+55JnvywEn7O3f1+g5aerSRPzf04B4XvnkE8NZVAuKE34zoAIFI7zo
MWxGiAP9OqipR7sIocjsqDbqsuzrk0ptH08Yir/fcCxx7xkh863mB676Re4f1eT7
DLrH+a0Mef+kcQIyIK0XvaFIJxhS2tF0KIarKKp1JZ7Cn6Dj4Ti9/pbmNpD8BimX
12GtbepX+9gkO+nX1yxWkCUYWYKEVg0SqNLcsv4RFdChaytY1cwbuaguYYGyS3HI
BxqKX2j3y99dyAm8GM9ADrKFrwIDAQABo4ICnDCCApgwHQYDVR0OBBYEFLMV/ZE3
gQEAFUoii3sHeFr2Jm1uMB8GA1UdIwQYMBaAFM4RRoD/b02bw/GIDWENau7q6/DU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEIxQS81REQ0OEFCNjg5
RjIxMUU2OUU1RjYzMzlDNEY5QUUwMi96aEZHZ1A5dlRadkQ4WWdOWVExcTd1cnI4
TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3poRkdnUDl2VFp2RDhZZ05ZUTFxN3VycjhOUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTRCMUEvNURENDhBQjY4OUYyMTFFNjlFNUY2MzM5QzRGOUFFMDIvNEE2Njc5RUMx
NERGMTFFRUFCNDZBODZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJgYIKwYBBQUHAQcBAf8E
FzAVMBMEAgABMA0wCwMDAaOKAwQFo4qAMA0GCSqGSIb3DQEBCwUAA4IBAQCDrByh
C0WcVEHNHbrXO1JOKqyv/K/SVZhJNhTgJv3lTiTNObPvy9/HMDshASC/TGsOG6os
uLtX1GRRNdTQrSqZLGmeZ/e0WWEz7xwpIPl1OvhjEiWIHSzTdjbyMue+rL4pb9X5
sk/akkCXP8tSwE6ewEGqj6NFtRl5sZJHSwIh5faS7fE3b6f/AO3278XYb3qBANLj
i2OFGKG4iP61H5YvosnxD+ESi7nE9nYI9qQJySVeJjUQyn7EUDU660dbjNyUXmmz
7x8Tl5dl/5teNjvcnoEnbYn4eNIw/2exGyH9XaWImmpaAwtqOz4PjKlNRa6Er2fK
X7q19vDNxB8lwq0w
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:16:45 2025 by rpki-client