Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A99F8/7A4D7B8804A711F0B4D73982C4F9AE02/2C85E816062011F0B0CCFB73C4F9AE02.roa
File: 2C85E816062011F0B0CCFB73C4F9AE02.roa (raw, json)
Hash identifier: 8aYqOb0WxmeZs6QAtf0y7rudLC0LQSdIL+LI3T4/O2Y=
Subject key identifier: DB:E3:C6:73:A9:82:F9:E7:02:CC:EF:32:90:57:D5:FF:CA:23:F9:5C
Certificate issuer: /CN=A91A99F8/serialNumber=F9CDB06188D54FD1373030B920C8E445DB2D3D57
Certificate serial: 07
Authority key identifier: F9:CD:B0:61:88:D5:4F:D1:37:30:30:B9:20:C8:E4:45:DB:2D:3D:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-c2wYYjVT9E3MDC5IMjkRdstPVc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A99F8/7A4D7B8804A711F0B4D73982C4F9AE02/2C85E816062011F0B0CCFB73C4F9AE02.roa
Signing time: Fri 21 Mar 2025 06:46:10 +0000
ROA not before: Fri 21 Mar 2025 06:46:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 153712
IP address blocks: 163.223.156.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A99F8
Validity
Not Before: Mar 21 06:46:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67dd0b32-83e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d4:27:78:99:87:7d:eb:6c:69:47:b9:15:78:
33:73:0e:f6:fc:46:88:6e:b4:a5:e8:7f:72:b2:97:
a8:14:48:cb:1d:d6:3f:5d:a3:3c:c1:c8:49:4f:d4:
87:81:a4:81:d2:91:92:ff:10:a2:78:67:8c:9c:3a:
a5:45:0a:e8:97:8c:df:3d:cb:cb:68:05:f2:e4:79:
83:39:07:83:9b:b2:33:ec:e9:d4:be:1c:c5:b4:e7:
d9:34:08:6c:67:fc:72:95:38:b1:1f:4d:e2:b2:15:
0a:48:60:92:19:00:e4:b2:70:dd:91:ac:54:dd:b5:
eb:2e:e5:44:b0:b5:65:0b:85:e1:1d:ce:02:58:a3:
ed:2f:43:47:e1:f0:a0:78:5f:bd:54:b5:a4:bb:77:
18:de:ab:11:ba:8c:a0:63:dd:10:69:7c:5e:15:ce:
42:5c:ad:d9:bd:39:25:cd:85:71:f2:7f:c6:cd:a0:
9a:93:53:5a:83:09:7e:d4:25:d4:76:84:a5:34:99:
d4:4d:4b:40:6e:5b:f0:82:ec:90:5d:08:22:86:cb:
bb:15:6e:5e:7a:54:bc:91:51:d6:ff:fa:b3:cb:06:
ab:d4:2f:c8:97:1c:c6:e2:99:61:f0:28:08:10:48:
02:77:9c:4f:8f:70:38:08:e4:24:15:a9:1b:d9:5f:
06:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:E3:C6:73:A9:82:F9:E7:02:CC:EF:32:90:57:D5:FF:CA:23:F9:5C
X509v3 Authority Key Identifier:
keyid:F9:CD:B0:61:88:D5:4F:D1:37:30:30:B9:20:C8:E4:45:DB:2D:3D:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A99F8/7A4D7B8804A711F0B4D73982C4F9AE02/-c2wYYjVT9E3MDC5IMjkRdstPVc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-c2wYYjVT9E3MDC5IMjkRdstPVc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A99F8/7A4D7B8804A711F0B4D73982C4F9AE02/2C85E816062011F0B0CCFB73C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.223.156.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:c3:25:70:b6:04:31:b7:f9:08:15:f9:10:9c:a3:0d:1b:de:
37:0a:5b:00:3e:6f:0e:c9:99:cc:9b:26:05:02:6e:69:14:41:
c1:75:e8:da:5c:8f:18:17:31:8b:50:9c:bc:e8:87:7d:f7:30:
8c:a7:18:23:77:5c:65:91:57:5b:5f:0e:34:81:67:22:25:74:
92:4c:ae:2d:c0:59:13:d9:bf:90:34:d4:69:a5:9e:f2:12:de:
95:d5:a2:4d:c4:bf:7c:02:4f:f0:fb:f1:b9:0f:65:6d:52:c9:
55:3d:53:86:2f:53:95:08:19:a6:03:ce:3e:aa:0f:55:e3:cc:
5b:61:1d:8e:11:4d:ed:89:72:a0:36:09:89:65:2d:6e:dd:b3:
cd:49:6a:88:f2:1e:84:b0:e7:69:3d:a2:a8:26:ab:80:01:6e:
de:29:89:ad:01:9d:14:04:a6:8a:aa:3c:b1:c4:c3:c6:15:97:
41:ed:1d:f8:4a:99:20:8d:09:6b:70:76:77:5f:9a:f6:37:62:
3f:41:c0:59:6c:5a:e4:90:3a:4f:17:f0:9b:ea:d3:e4:6e:15:
4b:f3:4b:30:a0:7f:5f:2d:49:95:71:20:e0:de:53:76:2d:23:
12:fe:ca:67:c6:41:f7:fa:73:21:42:fb:52:b4:0d:e2:5f:77:
8d:81:b3:d3
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
OTlGODExMC8GA1UEBRMoRjlDREIwNjE4OEQ1NEZEMTM3MzAzMEI5MjBDOEU0NDVE
QjJEM0Q1NzAeFw0yNTAzMjEwNjQ2MTBaFw0yNjA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ZGQwYjMyLTgzZTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC71Cd4mYd962xpR7kVeDNzDvb8RohutKXof3Kyl6gUSMsd1j9dozzByElP1IeB
pIHSkZL/EKJ4Z4ycOqVFCuiXjN89y8toBfLkeYM5B4ObsjPs6dS+HMW059k0CGxn
/HKVOLEfTeKyFQpIYJIZAOSycN2RrFTdtesu5USwtWULheEdzgJYo+0vQ0fh8KB4
X71UtaS7dxjeqxG6jKBj3RBpfF4VzkJcrdm9OSXNhXHyf8bNoJqTU1qDCX7UJdR2
hKU0mdRNS0BuW/CC7JBdCCKGy7sVbl56VLyRUdb/+rPLBqvUL8iXHMbimWHwKAgQ
SAJ3nE+PcDgI5CQVqRvZXwYTAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU2+PGc6mC
+ecCzO8ykFfV/8oj+VwwHwYDVR0jBBgwFoAU+c2wYYjVT9E3MDC5IMjkRdstPVcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE5OUY4LzdBNEQ3Qjg4MDRB
NzExRjBCNEQ3Mzk4MkM0RjlBRTAyLy1jMndZWWpWVDlFM01EQzVJTWprUmRzdFBW
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvLWMyd1lZalZUOUUzTURDNUlNamtSZHN0UFZjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
OTlGOC83QTREN0I4ODA0QTcxMUYwQjRENzM5ODJDNEY5QUUwMi8yQzg1RTgxNjA2
MjAxMUYwQjBDQ0ZCNzNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaPfnDANBgkqhkiG9w0BAQsFAAOCAQEATcMlcLYEMbf5CBX5
EJyjDRveNwpbAD5vDsmZzJsmBQJuaRRBwXXo2lyPGBcxi1CcvOiHffcwjKcYI3dc
ZZFXW18ONIFnIiV0kkyuLcBZE9m/kDTUaaWe8hLeldWiTcS/fAJP8PvxuQ9lbVLJ
VT1Thi9TlQgZpgPOPqoPVePMW2EdjhFN7YlyoDYJiWUtbt2zzUlqiPIehLDnaT2i
qCargAFu3imJrQGdFASmiqo8scTDxhWXQe0d+EqZII0Ja3B2d1+a9jdiP0HAWWxa
5JA6Txfwm+rT5G4VS/NLMKB/Xy1JlXEg4N5Tdi0jEv7KZ8ZB9/pzIUL7UrQN4l93
jYGz0w==
-----END CERTIFICATE-----
Generated at Fri Apr 11 16:30:38 2025 by rpki-client