Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/4B52A44814DF11EEAB46A86DC4F9AE02.roa
File: 4B52A44814DF11EEAB46A86DC4F9AE02.roa (raw, json)
Hash identifier: 36rBW03tvoWvEp5FFhkEkP0PegguzR76VTv8hEMsFNk=
Subject key identifier: 1E:38:87:34:C8:40:4D:E6:F8:94:89:1E:7A:02:6A:8F:50:F2:55:E8
Certificate issuer: /CN=A91A4B1A/serialNumber=CE114680FF6F4D9BC3F1880D610D6AEEEAEBF0D4
Certificate serial: 1DC4
Authority key identifier: CE:11:46:80:FF:6F:4D:9B:C3:F1:88:0D:61:0D:6A:EE:EA:EB:F0:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/4B52A44814DF11EEAB46A86DC4F9AE02.roa
Signing time: Wed 18 Dec 2024 16:13:38 +0000
ROA not before: Wed 18 Dec 2024 16:13:38 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 59091
IP address blocks: 163.138.192.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7620 (0x1dc4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4B1A
Validity
Not Before: Dec 18 16:13:38 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6762f4b2-8952
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c8:c9:bd:80:2c:e6:5f:e9:19:5c:8f:22:76:
f1:14:eb:1a:41:14:61:2e:3f:0c:1b:8f:c0:4c:00:
15:a2:69:22:a4:12:a9:ca:9d:52:03:97:f3:14:f2:
f5:13:61:02:be:db:f0:da:ce:89:e9:bf:d3:47:07:
05:09:81:53:f3:3c:2b:a8:cd:e8:13:bd:79:37:79:
af:43:3c:76:7b:04:46:a4:01:2c:8a:52:bc:15:88:
de:9c:6c:3e:04:fb:52:da:b6:ec:d4:4a:d9:5c:10:
4b:73:81:d5:de:22:9f:7f:73:39:45:0b:9c:85:56:
e0:04:97:ba:3d:ac:2d:e7:5e:09:54:f8:0d:e3:e4:
54:2b:db:ff:c4:cb:d0:d8:e7:46:ac:e4:89:43:30:
f1:08:41:ed:89:f2:65:68:69:b2:13:ba:1d:d2:a0:
b7:45:de:16:43:e8:69:32:a3:92:39:5f:4b:4c:97:
66:4d:7b:95:61:ab:6e:63:28:1c:8a:76:8f:ad:89:
c8:66:cb:4e:d8:ff:35:ee:3b:42:cb:40:ea:4c:32:
e2:60:fb:46:97:71:70:e6:2d:d8:c6:b3:db:9f:1b:
ee:83:f7:87:d9:0d:7d:8f:9f:c4:e3:e6:c8:dd:5d:
f7:95:af:67:56:22:89:96:bd:db:e9:e1:88:9c:75:
51:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:38:87:34:C8:40:4D:E6:F8:94:89:1E:7A:02:6A:8F:50:F2:55:E8
X509v3 Authority Key Identifier:
keyid:CE:11:46:80:FF:6F:4D:9B:C3:F1:88:0D:61:0D:6A:EE:EA:EB:F0:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/4B52A44814DF11EEAB46A86DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.138.192.0/19
Signature Algorithm: sha256WithRSAEncryption
5c:4d:b0:76:ea:e9:1b:ad:de:bf:2f:51:51:42:d9:62:0e:2e:
91:89:56:c6:9b:31:96:25:74:67:ed:51:53:b6:50:c9:1e:1e:
a8:cb:59:50:31:28:cb:e5:7c:4a:2c:36:5a:e6:b0:a8:68:b2:
c4:51:85:c0:fd:95:24:ab:34:50:55:f6:4d:0a:1b:4e:7b:56:
00:46:cd:bd:43:25:19:fe:78:fe:09:b0:26:42:9d:82:a1:9d:
fd:38:d9:ca:46:4c:e2:59:83:09:11:f4:ee:60:df:97:54:2d:
e2:f9:98:3d:74:b0:e8:05:6d:6f:a5:1e:eb:e2:ea:09:1b:4f:
0f:a4:b6:09:fd:24:af:29:67:26:68:ee:4e:bd:77:36:c3:61:
39:de:b5:1c:6d:d2:3d:3b:76:2d:5e:1d:9c:d4:9c:c5:b0:98:
66:ff:92:ce:94:a9:98:73:bd:f0:46:d1:7d:ba:bf:ec:54:0c:
c1:20:46:4d:1e:08:3b:96:f9:56:92:b6:20:06:b9:3c:92:31:
31:89:01:d9:51:e5:50:5a:08:21:c1:d7:a5:75:75:79:a5:c0:
c1:5b:19:19:c6:97:e7:18:24:9e:08:5b:17:76:46:35:63:44:
aa:6e:b6:30:08:91:31:1d:86:68:f1:28:7f:56:86:a1:09:21:
d4:d2:10:8d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICHcQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTRCMUExMTAvBgNVBAUTKENFMTE0NjgwRkY2RjREOUJDM0YxODgwRDYxMEQ2QUVF
RUFFQkYwRDQwHhcNMjQxMjE4MTYxMzM4WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYyZjRiMi04OTUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsMjJvYAs5l/pGVyPInbxFOsaQRRhLj8MG4/ATAAVomkipBKpyp1SA5fzFPL1
E2ECvtvw2s6J6b/TRwcFCYFT8zwrqM3oE715N3mvQzx2ewRGpAEsilK8FYjenGw+
BPtS2rbs1ErZXBBLc4HV3iKff3M5RQuchVbgBJe6Pawt514JVPgN4+RUK9v/xMvQ
2OdGrOSJQzDxCEHtifJlaGmyE7od0qC3Rd4WQ+hpMqOSOV9LTJdmTXuVYatuYygc
inaPrYnIZstO2P817jtCy0DqTDLiYPtGl3Fw5i3YxrPbnxvug/eH2Q19j5/E4+bI
3V33la9nViKJlr3b6eGInHVRAwIDAQABo4IClTCCApEwHQYDVR0OBBYEFB44hzTI
QE3m+JSJHnoCao9Q8lXoMB8GA1UdIwQYMBaAFM4RRoD/b02bw/GIDWENau7q6/DU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEIxQS81REQ0OEFCNjg5
RjIxMUU2OUU1RjYzMzlDNEY5QUUwMi96aEZHZ1A5dlRadkQ4WWdOWVExcTd1cnI4
TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3poRkdnUDl2VFp2RDhZZ05ZUTFxN3VycjhOUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTRCMUEvNURENDhBQjY4OUYyMTFFNjlFNUY2MzM5QzRGOUFFMDIvNEI1MkE0NDgx
NERGMTFFRUFCNDZBODZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAWjisAwDQYJKoZIhvcNAQELBQADggEBAFxNsHbq6Rut3r8v
UVFC2WIOLpGJVsabMZYldGftUVO2UMkeHqjLWVAxKMvlfEosNlrmsKhossRRhcD9
lSSrNFBV9k0KG057VgBGzb1DJRn+eP4JsCZCnYKhnf042cpGTOJZgwkR9O5g35dU
LeL5mD10sOgFbW+lHuvi6gkbTw+ktgn9JK8pZyZo7k69dzbDYTnetRxt0j07di1e
HZzUnMWwmGb/ks6UqZhzvfBG0X26v+xUDMEgRk0eCDuW+VaStiAGuTySMTGJAdlR
5VBaCCHB16V1dXmlwMFbGRnGl+cYJJ4IWxd2RjVjRKputjAIkTEdhmjxKH9WhqEJ
IdTSEI0=
-----END CERTIFICATE-----
Generated at Fri Apr 11 22:56:16 2025 by rpki-client