Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7F6A/7A5298760AF011F08531D43CC4F9AE02/DE08EC260AF011F09BE4823DC4F9AE02.roa
File: DE08EC260AF011F09BE4823DC4F9AE02.roa (raw, json)
Hash identifier: tS0pbkGyUAuopYmy/atTnvcHHOXmpYRnPtmCrrMVkIw=
Subject key identifier: 3B:2B:A6:6E:49:8D:55:BA:F9:79:DD:47:1C:62:A7:A0:8F:E7:F0:0A
Certificate issuer: /CN=A91A7F6A/serialNumber=95D42EC2F468B7E38F958C8FBA93180117DC26E0
Certificate serial: 06
Authority key identifier: 95:D4:2E:C2:F4:68:B7:E3:8F:95:8C:8F:BA:93:18:01:17:DC:26:E0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ldQuwvRot-OPlYyPupMYARfcJuA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A7F6A/7A5298760AF011F08531D43CC4F9AE02/DE08EC260AF011F09BE4823DC4F9AE02.roa
Signing time: Thu 27 Mar 2025 09:52:10 +0000
ROA not before: Thu 27 Mar 2025 09:52:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 153737
IP address blocks: 163.223.204.0/23 maxlen: 23
163.223.204.0/24 maxlen: 24
163.223.205.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A7F6A
Validity
Not Before: Mar 27 09:52:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67e51fc9-922f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:fd:94:29:61:06:e1:bf:98:50:44:88:85:e4:
0c:9c:42:f6:ca:8a:d3:2d:02:6a:03:1b:6d:fa:93:
53:37:5c:18:82:6d:5e:28:42:e0:d0:d3:41:f4:20:
fe:40:7b:b9:d0:bf:94:2e:c6:aa:b2:d4:d9:c0:d4:
f6:dd:0e:8c:5d:8b:33:82:0e:71:ab:22:0e:63:e1:
dc:2e:7c:fa:49:f6:88:b3:64:b8:f7:80:43:0a:98:
70:d5:03:d3:23:85:fb:88:e6:0f:57:97:7d:63:c6:
62:73:2e:55:9b:33:9a:06:61:c6:ed:ad:d0:cc:1b:
b4:58:8e:95:74:52:45:1f:5a:0b:3f:41:13:82:30:
a9:08:57:b5:c0:30:fe:b5:51:dd:e4:61:1c:0c:b8:
98:82:66:9a:3f:77:01:91:10:c7:6c:76:27:d8:59:
3f:3f:9b:35:fb:d1:b4:72:f4:14:1f:4a:2a:f5:8e:
ea:dd:0f:f2:99:5f:9d:94:3f:46:59:c6:81:98:b1:
b6:ff:01:8f:33:16:56:35:8b:76:20:3f:5b:60:01:
44:e5:df:53:86:7f:8a:5e:eb:27:b4:b4:cf:fd:60:
53:60:06:4c:95:cc:a0:d5:03:54:1c:71:48:12:ba:
9b:d1:f6:a1:f1:c5:a3:94:af:5f:8f:a0:6b:26:95:
0a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:2B:A6:6E:49:8D:55:BA:F9:79:DD:47:1C:62:A7:A0:8F:E7:F0:0A
X509v3 Authority Key Identifier:
keyid:95:D4:2E:C2:F4:68:B7:E3:8F:95:8C:8F:BA:93:18:01:17:DC:26:E0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A7F6A/7A5298760AF011F08531D43CC4F9AE02/ldQuwvRot-OPlYyPupMYARfcJuA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ldQuwvRot-OPlYyPupMYARfcJuA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7F6A/7A5298760AF011F08531D43CC4F9AE02/DE08EC260AF011F09BE4823DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.223.204.0/23
Signature Algorithm: sha256WithRSAEncryption
53:e7:8b:de:d9:21:a1:99:d3:8a:db:62:d6:0c:b0:33:ae:a9:
2a:b9:e1:38:49:f3:87:04:cb:bb:db:7e:7d:c8:98:9b:8d:53:
26:d4:cd:a3:62:2e:79:df:05:ed:2f:6b:e6:53:36:2a:16:90:
bd:35:cd:13:4a:d1:81:31:d4:28:5b:fa:4e:ed:9c:4f:55:bb:
44:e0:7b:22:02:32:1f:6c:ef:31:79:ea:89:71:8f:ac:66:5a:
54:28:33:06:98:c7:da:7e:68:e6:e2:60:63:a0:76:4d:f6:2f:
28:09:a3:c3:c0:de:d5:e8:f5:db:b8:0f:c1:74:a8:5e:39:b4:
93:15:7d:f2:33:c2:cf:61:fc:02:f6:9f:a5:d1:b4:e5:88:c5:
e5:5c:3a:0a:7a:53:71:00:a0:10:33:68:a8:5e:cd:d4:2a:50:
9f:dd:33:6e:c8:ff:70:ae:bf:2a:8c:08:e1:f2:6e:ad:40:94:
1f:95:c9:5a:f1:e0:b8:c6:dd:ee:1a:d3:eb:b4:19:94:df:3d:
76:4b:fc:a4:18:4e:b7:b8:6f:3d:5d:8a:57:83:27:28:f5:4b:
32:88:a1:30:e2:36:99:cb:8d:ef:6c:eb:d1:84:58:89:1a:78:
3a:f2:69:25:e0:28:24:30:59:5f:c3:d1:3e:32:33:e3:58:cb:
a5:21:1f:84
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
N0Y2QTExMC8GA1UEBRMoOTVENDJFQzJGNDY4QjdFMzhGOTU4QzhGQkE5MzE4MDEx
N0RDMjZFMDAeFw0yNTAzMjcwOTUyMTBaFw0yNjA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ZTUxZmM5LTkyMmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDG/ZQpYQbhv5hQRIiF5AycQvbKitMtAmoDG236k1M3XBiCbV4oQuDQ00H0IP5A
e7nQv5Quxqqy1NnA1PbdDoxdizOCDnGrIg5j4dwufPpJ9oizZLj3gEMKmHDVA9Mj
hfuI5g9Xl31jxmJzLlWbM5oGYcbtrdDMG7RYjpV0UkUfWgs/QROCMKkIV7XAMP61
Ud3kYRwMuJiCZpo/dwGREMdsdifYWT8/mzX70bRy9BQfSir1jurdD/KZX52UP0ZZ
xoGYsbb/AY8zFlY1i3YgP1tgAUTl31OGf4pe6ye0tM/9YFNgBkyVzKDVA1QccUgS
upvR9qHxxaOUr1+PoGsmlQoFAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUOyumbkmN
Vbr5ed1HHGKnoI/n8AowHwYDVR0jBBgwFoAUldQuwvRot+OPlYyPupMYARfcJuAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE3RjZBLzdBNTI5ODc2MEFG
MDExRjA4NTMxRDQzQ0M0RjlBRTAyL2xkUXV3dlJvdC1PUGxZeVB1cE1ZQVJmY0p1
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbGRRdXd2Um90LU9QbFl5UHVwTVlBUmZjSnVBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
N0Y2QS83QTUyOTg3NjBBRjAxMUYwODUzMUQ0M0NDNEY5QUUwMi9ERTA4RUMyNjBB
RjAxMUYwOUJFNDgyM0RDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaPfzDANBgkqhkiG9w0BAQsFAAOCAQEAU+eL3tkhoZnTitti
1gywM66pKrnhOEnzhwTLu9t+fciYm41TJtTNo2Iued8F7S9r5lM2KhaQvTXNE0rR
gTHUKFv6Tu2cT1W7ROB7IgIyH2zvMXnqiXGPrGZaVCgzBpjH2n5o5uJgY6B2TfYv
KAmjw8De1ej127gPwXSoXjm0kxV98jPCz2H8AvafpdG05YjF5Vw6CnpTcQCgEDNo
qF7N1CpQn90zbsj/cK6/KowI4fJurUCUH5XJWvHguMbd7hrT67QZlN89dkv8pBhO
t7hvPV2KV4MnKPVLMoihMOI2mcuN72zr0YRYiRp4OvJpJeAoJDBZX8PRPjIz41jL
pSEfhA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:31:42 2025 by rpki-client