Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/AEE9F9E6326011ED9031BC4FC4F9AE02.roa
File: AEE9F9E6326011ED9031BC4FC4F9AE02.roa (raw, json)
Hash identifier: uzprXmLZAeVeFEFGMakzKpKMKq1iIlqcTuQSaK0YrGo=
Subject key identifier: 7E:E0:F4:8B:61:29:D7:18:D5:3B:70:AF:C5:8F:06:72:1A:FC:13:50
Certificate issuer: /CN=A91D1216/serialNumber=6DBD5C4D0121FCB318E78C451B6F567320986002
Certificate serial: 035F
Authority key identifier: 6D:BD:5C:4D:01:21:FC:B3:18:E7:8C:45:1B:6F:56:73:20:98:60:02
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bb1cTQEh_LMY54xFG29WcyCYYAI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/AEE9F9E6326011ED9031BC4FC4F9AE02.roa
Signing time: Wed 11 Dec 2024 01:15:04 +0000
ROA not before: Wed 11 Dec 2024 01:15:04 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 58511
IP address blocks: 58.96.158.0/23 maxlen: 23
125.254.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 863 (0x35f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D1216
Validity
Not Before: Dec 11 01:15:04 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6758e798-8e8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5e:be:65:f7:84:78:56:57:85:a5:dc:3d:92:
d8:04:70:50:5e:ba:42:fd:ed:e1:cd:fb:97:57:12:
72:b5:53:58:bb:35:54:59:a5:7c:a1:8c:65:ac:e0:
fe:ac:75:55:18:32:8b:07:1c:b3:53:e0:9a:40:04:
c2:09:0c:24:7f:ee:08:6f:86:e2:37:42:63:8c:76:
44:16:65:97:c6:91:24:ba:78:19:1c:14:b5:4c:f6:
16:c3:74:eb:a2:b9:a7:0d:b8:20:05:e6:55:ed:eb:
52:b6:a9:21:ff:28:86:17:ac:8c:44:2d:86:66:5f:
a1:49:a1:a1:fe:fc:b0:57:c2:b1:9f:b3:25:d4:a9:
54:0e:e5:ed:0e:a4:d2:67:f0:7e:c6:7b:99:81:17:
ba:9f:8d:c3:a4:d7:58:ce:1e:6c:42:eb:4b:70:3b:
1c:02:22:f8:72:b3:97:47:a3:5f:98:2f:66:45:00:
78:3e:d0:a1:c0:6f:8a:09:fe:33:b9:b6:39:f5:5d:
d4:e9:07:b6:26:f6:db:fe:e6:65:28:65:a9:17:0a:
0c:74:d6:ab:db:86:1a:74:9b:c3:b0:68:54:15:fc:
8e:08:0b:a1:33:56:db:44:1f:82:f4:f5:b0:1e:92:
92:ee:6f:5d:a1:bd:8e:4d:3a:96:b4:84:00:4e:e2:
ae:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:E0:F4:8B:61:29:D7:18:D5:3B:70:AF:C5:8F:06:72:1A:FC:13:50
X509v3 Authority Key Identifier:
keyid:6D:BD:5C:4D:01:21:FC:B3:18:E7:8C:45:1B:6F:56:73:20:98:60:02
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/bb1cTQEh_LMY54xFG29WcyCYYAI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bb1cTQEh_LMY54xFG29WcyCYYAI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/AEE9F9E6326011ED9031BC4FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.96.158.0/23
125.254.64.0/18
Signature Algorithm: sha256WithRSAEncryption
94:8a:9f:91:b3:73:74:da:2b:57:65:2f:fa:ae:ff:e2:f7:bc:
46:16:c6:a0:b6:e2:99:02:7c:94:6e:e0:02:ad:58:8e:53:dc:
79:33:d6:ac:f7:ad:9a:74:53:dd:d9:5c:74:97:95:1e:a7:2e:
e4:8b:58:1a:6a:ea:e7:77:2d:74:88:cf:3d:06:11:5d:a5:bf:
96:dc:39:e5:fd:e9:0d:69:a2:3c:3e:28:d0:2d:f3:d2:fc:8e:
a4:a1:b0:db:3c:54:d0:84:b9:71:e5:37:5e:0b:39:37:72:18:
1c:f9:e4:b5:4b:c8:15:5d:98:50:5b:73:8d:9a:de:9d:57:9a:
da:cc:b1:9d:ef:3f:2e:fe:44:c0:4b:fc:8d:35:6c:fb:e4:36:
dd:97:e2:b2:96:51:46:0e:8e:2c:c5:61:d8:71:b1:2a:be:48:
a5:4a:3f:c7:2b:fd:ab:eb:f7:14:91:e8:95:39:67:2b:f8:05:
32:45:94:0b:3c:71:8d:c7:b1:ca:e3:cb:1c:8e:f1:07:e3:3f:
8e:6c:34:22:65:cb:3e:b9:33:83:c4:5a:83:fc:d9:f4:f4:2f:
05:9e:d1:67:df:5e:7e:f4:e1:8b:70:54:df:19:9e:65:bf:0e:
80:65:0b:0a:68:c0:40:d6:35:8c:b0:43:b7:06:2a:3f:bc:8c:
c2:5c:87:4c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICA18wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDEyMTYxMTAvBgNVBAUTKDZEQkQ1QzREMDEyMUZDQjMxOEU3OEM0NTFCNkY1Njcz
MjA5ODYwMDIwHhcNMjQxMjExMDExNTA0WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU4ZTc5OC04ZThjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu16+ZfeEeFZXhaXcPZLYBHBQXrpC/e3hzfuXVxJytVNYuzVUWaV8oYxlrOD+
rHVVGDKLBxyzU+CaQATCCQwkf+4Ib4biN0JjjHZEFmWXxpEkungZHBS1TPYWw3Tr
ormnDbggBeZV7etStqkh/yiGF6yMRC2GZl+hSaGh/vywV8Kxn7Ml1KlUDuXtDqTS
Z/B+xnuZgRe6n43DpNdYzh5sQutLcDscAiL4crOXR6NfmC9mRQB4PtChwG+KCf4z
ubY59V3U6Qe2Jvbb/uZlKGWpFwoMdNar24YadJvDsGhUFfyOCAuhM1bbRB+C9PWw
HpKS7m9dob2OTTqWtIQATuKumwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFH7g9Ith
KdcY1Ttwr8WPBnIa/BNQMB8GA1UdIwQYMBaAFG29XE0BIfyzGOeMRRtvVnMgmGAC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTIxNi9EQzc4MjY4Q0I5
NEIxMUVDODMyQjc0MTlDNEY5QUUwMi9iYjFjVFFFaF9MTVk1NHhGRzI5V2N5Q1lZ
QUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JiMWNUUUVoX0xNWTU0eEZHMjlXY3lDWVlBSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDEyMTYvREM3ODI2OENCOTRCMTFFQzgzMkI3NDE5QzRGOUFFMDIvQUVFOUY5RTYz
MjYwMTFFRDkwMzFCQzRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAE6YJ4DBAZ9/kAwDQYJKoZIhvcNAQELBQADggEBAJSKn5Gz
c3TaK1dlL/qu/+L3vEYWxqC24pkCfJRu4AKtWI5T3Hkz1qz3rZp0U93ZXHSXlR6n
LuSLWBpq6ud3LXSIzz0GEV2lv5bcOeX96Q1pojw+KNAt89L8jqShsNs8VNCEuXHl
N14LOTdyGBz55LVLyBVdmFBbc42a3p1XmtrMsZ3vPy7+RMBL/I01bPvkNt2X4rKW
UUYOjizFYdhxsSq+SKVKP8cr/avr9xSR6JU5Zyv4BTJFlAs8cY3HscrjyxyO8Qfj
P45sNCJlyz65M4PEWoP82fT0LwWe0WffXn704YtwVN8ZnmW/DoBlCwpowEDWNYyw
Q7cGKj+8jMJch0w=
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:58:47 2025 by rpki-client