Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB063/63B47602D6ED11EF9D9BF36AC4F9AE02/ED795D30D6ED11EFBC37E16BC4F9AE02.roa
File: ED795D30D6ED11EFBC37E16BC4F9AE02.roa (raw, json)
Hash identifier: ytwFD4jangW+gR76bRXjWLpiY6QBAfomC9SAsY7jMYQ=
Subject key identifier: AD:4F:F0:0D:3B:EF:6D:E1:41:3C:39:72:A2:A5:3B:FE:98:2F:01:34
Certificate issuer: /CN=A91CB063/serialNumber=BEDB4D31C801C78B1EFA3487639D0355AC91354B
Certificate serial: 06
Authority key identifier: BE:DB:4D:31:C8:01:C7:8B:1E:FA:34:87:63:9D:03:55:AC:91:35:4B
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vttNMcgBx4se-jSHY50DVayRNUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB063/63B47602D6ED11EF9D9BF36AC4F9AE02/ED795D30D6ED11EFBC37E16BC4F9AE02.roa
Signing time: Mon 20 Jan 2025 05:19:20 +0000
ROA not before: Mon 20 Jan 2025 05:19:20 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 153530
IP address blocks: 161.248.220.0/23 maxlen: 23
161.248.220.0/24 maxlen: 24
161.248.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB063
Validity
Not Before: Jan 20 05:19:20 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=678ddcd7-f0ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a9:e1:8b:2c:a2:bb:b8:4d:23:36:20:ab:d4:
59:f6:86:36:80:7e:ee:4f:bf:9d:f7:60:24:3f:f2:
cd:ff:66:36:e6:5f:59:3f:ed:61:1d:84:55:4e:65:
24:f9:82:81:92:55:93:6e:2e:7f:c7:08:61:f7:8d:
e4:18:cd:85:64:55:92:d6:14:6e:c1:37:31:1a:50:
0b:32:9b:05:4e:7e:55:31:cd:0e:20:f6:ce:df:a4:
99:8d:64:75:c0:de:f8:73:de:22:ec:ce:27:a2:dc:
aa:45:d1:70:03:ee:4f:4c:7c:89:88:50:79:d6:41:
66:4d:03:4b:00:f4:31:3a:e7:5e:a4:2e:07:11:8f:
ee:aa:ac:5f:e1:04:90:90:9a:b1:79:93:5d:5e:62:
93:e8:b0:8c:9e:01:1b:31:9e:bd:25:59:a1:83:f5:
e6:7a:13:ce:f0:58:6b:9a:c9:12:92:57:d9:73:6a:
78:9a:e6:0a:ad:58:14:a0:e4:bc:b7:02:83:8b:0c:
60:7f:f1:92:42:ed:61:8a:05:f7:3d:b4:38:84:c3:
ad:4a:e9:b2:71:ed:df:d2:47:6e:78:03:0d:89:1e:
ee:e8:cf:b4:ef:ad:12:10:66:32:79:0e:37:44:e7:
83:f7:74:d6:21:33:f4:6c:64:30:61:bd:74:cd:e9:
66:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:4F:F0:0D:3B:EF:6D:E1:41:3C:39:72:A2:A5:3B:FE:98:2F:01:34
X509v3 Authority Key Identifier:
keyid:BE:DB:4D:31:C8:01:C7:8B:1E:FA:34:87:63:9D:03:55:AC:91:35:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB063/63B47602D6ED11EF9D9BF36AC4F9AE02/vttNMcgBx4se-jSHY50DVayRNUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vttNMcgBx4se-jSHY50DVayRNUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB063/63B47602D6ED11EF9D9BF36AC4F9AE02/ED795D30D6ED11EFBC37E16BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.220.0/23
Signature Algorithm: sha256WithRSAEncryption
92:c9:81:50:98:5a:2e:a1:a3:17:c2:82:8e:ef:d0:6a:8d:c1:
98:cd:b6:1c:78:0c:4a:03:09:ee:e6:f9:64:c7:a7:4d:09:9f:
0a:21:d8:8d:ed:38:32:e1:cd:ac:56:1c:67:1c:7a:e7:fa:da:
16:71:23:b7:d5:bb:c3:26:17:d2:db:b9:53:45:40:7d:dd:af:
2e:f5:ac:ea:09:df:4e:85:a6:40:11:ab:c8:1f:4e:eb:8f:6f:
a4:22:64:f6:fa:3f:1c:b2:f3:f0:bb:28:37:3f:e4:a6:4c:75:
80:35:78:10:f7:ce:28:fc:0a:70:2a:c1:b6:e7:42:d9:91:b3:
43:75:a6:75:ce:94:6f:cf:fd:57:ce:fd:5f:e5:ba:62:4c:cd:
b4:ea:76:c0:1f:c3:d6:6d:fe:d7:f1:5e:9a:07:82:2f:6e:25:
73:84:ae:45:f7:33:14:bf:90:18:86:31:40:43:ab:a7:59:f0:
f5:8d:f5:12:1b:8d:94:1e:55:c4:4b:c7:e6:66:61:c8:12:b9:
c5:79:5c:94:03:61:94:d9:f5:77:4f:23:15:f7:bc:0d:6f:83:
64:72:64:8d:eb:fc:7c:ec:16:da:a3:22:f6:fb:76:11:80:c0:
4b:06:d3:12:3a:8f:fa:a0:2b:f3:d6:51:5a:10:25:2e:ef:2b:
7c:c4:b7:cc
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
QjA2MzExMC8GA1UEBRMoQkVEQjREMzFDODAxQzc4QjFFRkEzNDg3NjM5RDAzNTVB
QzkxMzU0QjAeFw0yNTAxMjAwNTE5MjBaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3OGRkY2Q3LWYwYmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCiqeGLLKK7uE0jNiCr1Fn2hjaAfu5Pv533YCQ/8s3/ZjbmX1k/7WEdhFVOZST5
goGSVZNuLn/HCGH3jeQYzYVkVZLWFG7BNzEaUAsymwVOflUxzQ4g9s7fpJmNZHXA
3vhz3iLsziei3KpF0XAD7k9MfImIUHnWQWZNA0sA9DE6516kLgcRj+6qrF/hBJCQ
mrF5k11eYpPosIyeARsxnr0lWaGD9eZ6E87wWGuayRKSV9lzania5gqtWBSg5Ly3
AoOLDGB/8ZJC7WGKBfc9tDiEw61K6bJx7d/SR254Aw2JHu7oz7TvrRIQZjJ5DjdE
54P3dNYhM/RsZDBhvXTN6WbnAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUrU/wDTvv
beFBPDlyoqU7/pgvATQwHwYDVR0jBBgwFoAUvttNMcgBx4se+jSHY50DVayRNUsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNCMDYzLzYzQjQ3NjAyRDZF
RDExRUY5RDlCRjM2QUM0RjlBRTAyL3Z0dE5NY2dCeDRzZS1qU0hZNTBEVmF5Uk5V
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvdnR0Tk1jZ0J4NHNlLWpTSFk1MERWYXlSTlVzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
QjA2My82M0I0NzYwMkQ2RUQxMUVGOUQ5QkYzNkFDNEY5QUUwMi9FRDc5NUQzMEQ2
RUQxMUVGQkMzN0UxNkJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaH43DANBgkqhkiG9w0BAQsFAAOCAQEAksmBUJhaLqGjF8KC
ju/Qao3BmM22HHgMSgMJ7ub5ZMenTQmfCiHYje04MuHNrFYcZxx65/raFnEjt9W7
wyYX0tu5U0VAfd2vLvWs6gnfToWmQBGryB9O649vpCJk9vo/HLLz8LsoNz/kpkx1
gDV4EPfOKPwKcCrBtudC2ZGzQ3Wmdc6Ub8/9V879X+W6YkzNtOp2wB/D1m3+1/Fe
mgeCL24lc4SuRfczFL+QGIYxQEOrp1nw9Y31EhuNlB5VxEvH5mZhyBK5xXlclANh
lNn1d08jFfe8DW+DZHJkjev8fOwW2qMi9vt2EYDASwbTEjqP+qAr89ZRWhAlLu8r
fMS3zA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:39:49 2025 by rpki-client