Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D66A0/625FF726D9E711E988054016C4F9AE02/2B17862A82EE11EAB170FD4BC4F9AE02.roa
File: 2B17862A82EE11EAB170FD4BC4F9AE02.roa (raw, json)
Hash identifier: Kvq9xzCrVcc/vYKOgXHbGDUWHenbRQHuJZ7CogmXIPc=
Subject key identifier: 4B:D8:AD:D8:F8:16:D6:B0:7D:40:5C:49:BE:0E:30:EA:86:D9:D0:A0
Certificate issuer: /CN=A91D66A0/serialNumber=9C94A5DCCF6A65B68986C7043846C721BD33BE99
Certificate serial: 0C7B
Authority key identifier: 9C:94:A5:DC:CF:6A:65:B6:89:86:C7:04:38:46:C7:21:BD:33:BE:99
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nJSl3M9qZbaJhscEOEbHIb0zvpk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D66A0/625FF726D9E711E988054016C4F9AE02/2B17862A82EE11EAB170FD4BC4F9AE02.roa
Signing time: Mon 10 Jun 2024 19:32:56 +0000
ROA not before: Mon 10 Jun 2024 19:32:56 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 18197
IP address blocks: 116.68.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3195 (0xc7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D66A0
Validity
Not Before: Jun 10 19:32:56 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=666754e8-f9ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:26:c7:31:6c:ec:df:19:f9:65:34:cb:14:e7:
c2:06:fc:c0:3a:a2:cf:e5:be:2f:0e:ad:91:5d:25:
14:bf:00:0e:97:65:87:10:50:69:28:79:c0:df:93:
15:3f:10:58:7b:13:de:04:d0:f7:92:fe:6f:d4:9d:
44:18:bf:85:f1:82:55:02:8b:36:00:29:2a:f4:5b:
82:2b:35:9f:2b:a0:a7:a8:5b:66:cc:2d:c2:03:ca:
fd:64:4c:df:00:51:38:6a:0c:fd:18:bd:0e:17:6a:
28:7e:97:ec:8f:f7:72:83:8b:3c:cd:a3:43:36:a3:
2d:06:5a:f6:20:c1:c7:34:5f:1d:49:cf:19:6b:8f:
b6:8d:07:1b:31:66:33:3b:40:62:fb:6c:94:93:4f:
99:20:26:11:08:fe:e0:02:08:4b:11:59:ad:d5:e1:
76:bb:39:db:17:b0:4d:69:85:61:a2:10:94:e5:d3:
00:f9:68:00:b6:48:1b:00:b4:4b:84:82:f2:b7:fe:
49:d7:2e:66:0c:a0:2b:3d:eb:d2:fa:43:77:cd:a4:
d8:bb:47:c5:77:52:53:c8:09:e0:eb:e3:e5:ff:1c:
3e:44:f7:64:9d:4b:0b:7e:85:56:0a:2e:8b:8e:04:
9f:76:fc:13:9a:6a:0a:58:83:02:57:15:b3:98:05:
8a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:D8:AD:D8:F8:16:D6:B0:7D:40:5C:49:BE:0E:30:EA:86:D9:D0:A0
X509v3 Authority Key Identifier:
keyid:9C:94:A5:DC:CF:6A:65:B6:89:86:C7:04:38:46:C7:21:BD:33:BE:99
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D66A0/625FF726D9E711E988054016C4F9AE02/nJSl3M9qZbaJhscEOEbHIb0zvpk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nJSl3M9qZbaJhscEOEbHIb0zvpk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D66A0/625FF726D9E711E988054016C4F9AE02/2B17862A82EE11EAB170FD4BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.68.159.0/24
Signature Algorithm: sha256WithRSAEncryption
61:f4:21:f3:fa:b3:47:7d:dc:70:e4:db:8e:f0:23:03:7e:b6:
b5:e6:97:91:95:36:b0:3e:66:4e:37:a8:e1:d8:2c:c7:4f:ed:
38:78:eb:45:53:3d:a7:e1:f1:4c:81:a1:e7:34:55:b2:21:95:
db:6e:6e:d4:a1:90:38:a8:22:0f:eb:ed:fe:a4:07:2e:bb:da:
d2:d7:10:2c:44:6f:47:3b:8c:98:2c:79:5b:f5:a9:8f:4f:e1:
ff:9d:08:da:3a:db:55:8e:55:31:00:e8:38:aa:9a:40:8c:d2:
90:1e:cd:5c:a3:ef:1a:98:05:0a:84:9a:02:da:70:28:d8:bc:
93:bc:38:ea:51:c4:8b:1c:3d:6a:f4:54:12:95:fe:66:6d:8b:
5d:4e:49:6c:59:f8:b5:e7:39:bc:45:36:d6:50:1f:75:ae:d3:
bf:ed:bd:8c:97:5f:1a:39:c8:72:8e:a8:fe:dc:b5:e1:87:18:
37:4e:c2:13:ed:fa:a3:63:5c:2a:eb:35:3d:56:77:88:f4:bd:
1d:f5:22:d9:04:15:07:9f:a0:97:d0:2b:7e:04:59:3f:7f:a7:
8d:d0:43:fe:4f:da:11:a1:fe:9c:4b:c8:39:b5:2a:c3:cf:96:
5d:ec:77:dc:05:ec:62:10:5a:5c:11:df:57:74:9e:9a:e6:25:
55:c6:78:b4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDHswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDY2QTAxMTAvBgNVBAUTKDlDOTRBNURDQ0Y2QTY1QjY4OTg2QzcwNDM4NDZDNzIx
QkQzM0JFOTkwHhcNMjQwNjEwMTkzMjU2WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjY3NTRlOC1mOWFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuCbHMWzs3xn5ZTTLFOfCBvzAOqLP5b4vDq2RXSUUvwAOl2WHEFBpKHnA35MV
PxBYexPeBND3kv5v1J1EGL+F8YJVAos2ACkq9FuCKzWfK6CnqFtmzC3CA8r9ZEzf
AFE4agz9GL0OF2oofpfsj/dyg4s8zaNDNqMtBlr2IMHHNF8dSc8Za4+2jQcbMWYz
O0Bi+2yUk0+ZICYRCP7gAghLEVmt1eF2uznbF7BNaYVhohCU5dMA+WgAtkgbALRL
hILyt/5J1y5mDKArPevS+kN3zaTYu0fFd1JTyAng6+Pl/xw+RPdknUsLfoVWCi6L
jgSfdvwTmmoKWIMCVxWzmAWKLwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEvYrdj4
FtawfUBcSb4OMOqG2dCgMB8GA1UdIwQYMBaAFJyUpdzPamW2iYbHBDhGxyG9M76Z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENjZBMC82MjVGRjcyNkQ5
RTcxMUU5ODgwNTQwMTZDNEY5QUUwMi9uSlNsM005cVpiYUpoc2NFT0ViSEliMHp2
cGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25KU2wzTTlxWmJhSmhzY0VPRWJISWIwenZway5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDY2QTAvNjI1RkY3MjZEOUU3MTFFOTg4MDU0MDE2QzRGOUFFMDIvMkIxNzg2MkE4
MkVFMTFFQUIxNzBGRDRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB0RJ8wDQYJKoZIhvcNAQELBQADggEBAGH0IfP6s0d93HDk
247wIwN+trXml5GVNrA+Zk43qOHYLMdP7Th460VTPafh8UyBoec0VbIhldtubtSh
kDioIg/r7f6kBy672tLXECxEb0c7jJgseVv1qY9P4f+dCNo621WOVTEA6DiqmkCM
0pAezVyj7xqYBQqEmgLacCjYvJO8OOpRxIscPWr0VBKV/mZti11OSWxZ+LXnObxF
NtZQH3Wu07/tvYyXXxo5yHKOqP7cteGHGDdOwhPt+qNjXCrrNT1Wd4j0vR31ItkE
FQefoJfQK34EWT9/p43QQ/5P2hGh/pxLyDm1KsPPll3sd9wF7GIQWlwR31d0nprm
JVXGeLQ=
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:04:56 2025 by rpki-client