Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DCD09/EAC7EEA0112D11EC8D87057DC4F9AE02/CF49BBDAD33811EDAAE97C1BC4F9AE02.roa
File: CF49BBDAD33811EDAAE97C1BC4F9AE02.roa (raw, json)
Hash identifier: ACLXZnrak+BWFZVdvvziA50vZItebg8EqCvB342Th1I=
Subject key identifier: CC:63:BA:D8:D7:D4:0F:E5:75:F7:05:84:53:72:CF:66:03:68:49:B2
Certificate issuer: /CN=A91DCD09/serialNumber=ADB98978FD751F99D9A8EB2AE72D3C0C550453A4
Certificate serial: 04A1
Authority key identifier: AD:B9:89:78:FD:75:1F:99:D9:A8:EB:2A:E7:2D:3C:0C:55:04:53:A4
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rbmJeP11H5nZqOsq5y08DFUEU6Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DCD09/EAC7EEA0112D11EC8D87057DC4F9AE02/CF49BBDAD33811EDAAE97C1BC4F9AE02.roa
Signing time: Tue 24 Sep 2024 16:54:21 +0000
ROA not before: Tue 24 Sep 2024 16:54:21 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 8987
IP address blocks: 213.170.156.0/24 maxlen: 24
213.170.157.0/24 maxlen: 24
213.170.158.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1185 (0x4a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DCD09
Validity
Not Before: Sep 24 16:54:21 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66f2eebd-15de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:68:b3:41:45:bf:65:92:1c:9c:4e:71:a4:9e:
35:7b:cc:a5:e4:ed:d4:e7:84:47:ed:3b:3b:92:e3:
c0:23:f6:51:f7:80:fc:e1:eb:0a:da:fa:fe:37:da:
93:08:3e:81:85:d6:fc:29:c1:ef:61:16:42:1e:85:
8b:77:dd:9f:02:94:47:7c:38:e6:d7:07:d4:66:02:
69:32:ba:60:4d:2a:99:cc:40:f2:d7:85:90:ff:b8:
67:f9:ff:0e:93:cd:78:28:18:6f:55:d1:dd:64:88:
bc:db:ca:32:4c:0d:de:ca:81:d0:53:da:e0:c3:f9:
c7:c5:00:60:c8:e7:ba:fa:4e:20:63:50:1f:22:f7:
b3:e6:15:f3:da:74:c8:aa:be:7b:8b:c0:19:96:93:
44:35:4c:53:58:d8:cd:23:68:02:ff:a1:e8:f8:e0:
2a:be:7a:94:3b:fe:67:40:3f:2f:64:b7:2c:86:12:
34:cd:90:3a:85:c1:77:9e:24:3c:79:4b:b1:3b:04:
46:8f:85:46:89:a7:87:1a:f7:60:d5:27:8a:48:1f:
cd:d6:22:9f:77:b6:6f:74:56:bd:60:3c:43:9b:8f:
c3:5a:06:7d:38:2d:a1:87:64:75:cf:c4:cc:f1:78:
dc:de:9e:f5:4a:65:9e:d4:ea:85:c5:f0:00:f0:aa:
75:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:63:BA:D8:D7:D4:0F:E5:75:F7:05:84:53:72:CF:66:03:68:49:B2
X509v3 Authority Key Identifier:
keyid:AD:B9:89:78:FD:75:1F:99:D9:A8:EB:2A:E7:2D:3C:0C:55:04:53:A4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DCD09/EAC7EEA0112D11EC8D87057DC4F9AE02/rbmJeP11H5nZqOsq5y08DFUEU6Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rbmJeP11H5nZqOsq5y08DFUEU6Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DCD09/EAC7EEA0112D11EC8D87057DC4F9AE02/CF49BBDAD33811EDAAE97C1BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
213.170.156.0-213.170.158.255
Signature Algorithm: sha256WithRSAEncryption
2d:31:85:1a:a8:60:f9:76:8f:fd:1b:a1:4c:a2:2e:94:b3:75:
b5:ba:4f:98:47:df:2b:5e:36:1e:df:04:27:a4:bf:9f:58:f5:
48:bc:33:63:f5:c7:e6:55:71:4d:47:eb:a5:c9:ee:0a:b6:fe:
48:89:b8:33:2e:cd:a9:27:23:cb:b2:fe:08:77:c3:67:5f:da:
e9:7a:60:a6:2c:c6:45:ab:68:59:52:e3:3a:59:44:9c:85:55:
5b:08:c3:b3:e8:9c:7a:91:d3:dc:ec:86:25:f5:e1:25:6c:54:
91:4b:43:e6:90:77:8d:aa:b1:75:17:5e:1c:93:c0:68:41:5b:
e0:90:2e:c7:95:ce:16:f2:87:58:aa:5c:05:05:c2:7a:08:09:
07:fe:1e:c0:65:63:3b:fd:34:79:0f:fe:46:dc:e7:16:fa:73:
5c:2b:2c:4c:8f:a0:25:5a:a9:42:d3:95:dc:2c:55:9d:12:85:
de:dd:a5:11:8c:52:29:32:bb:64:1e:19:ae:53:44:7f:4a:95:
f9:b0:86:16:51:82:ba:d6:d9:90:ef:08:f6:e4:f3:ff:a2:b2:
fa:2e:21:75:8c:19:1f:08:56:67:05:c6:88:bd:e9:d7:5d:b9:
29:89:f4:71:b7:44:17:ba:49:bb:22:ff:18:c5:22:86:5b:71:
5e:94:bb:ca
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICBKEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RENEMDkxMTAvBgNVBAUTKEFEQjk4OTc4RkQ3NTFGOTlEOUE4RUIyQUU3MkQzQzBD
NTUwNDUzQTQwHhcNMjQwOTI0MTY1NDIxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYyZWViZC0xNWRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAomizQUW/ZZIcnE5xpJ41e8yl5O3U54RH7Ts7kuPAI/ZR94D84esK2vr+N9qT
CD6Bhdb8KcHvYRZCHoWLd92fApRHfDjm1wfUZgJpMrpgTSqZzEDy14WQ/7hn+f8O
k814KBhvVdHdZIi828oyTA3eyoHQU9rgw/nHxQBgyOe6+k4gY1AfIvez5hXz2nTI
qr57i8AZlpNENUxTWNjNI2gC/6Ho+OAqvnqUO/5nQD8vZLcshhI0zZA6hcF3niQ8
eUuxOwRGj4VGiaeHGvdg1SeKSB/N1iKfd7ZvdFa9YDxDm4/DWgZ9OC2hh2R1z8TM
8Xjc3p71SmWe1OqFxfAA8Kp1QwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFMxjutjX
1A/ldfcFhFNyz2YDaEmyMB8GA1UdIwQYMBaAFK25iXj9dR+Z2ajrKuctPAxVBFOk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQ0QwOS9FQUM3RUVBMDEx
MkQxMUVDOEQ4NzA1N0RDNEY5QUUwMi9yYm1KZVAxMUg1blpxT3NxNXkwOERGVUVV
NlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL3JibUplUDExSDVuWnFPc3E1eTA4REZVRVU2US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RENEMDkvRUFDN0VFQTAxMTJEMTFFQzhEODcwNTdEQzRGOUFFMDIvQ0Y0OUJCREFE
MzM4MTFFREFBRTk3QzFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAtWqnAMEANWqnjANBgkqhkiG9w0BAQsFAAOCAQEALTGF
Gqhg+XaP/RuhTKIulLN1tbpPmEffK142Ht8EJ6S/n1j1SLwzY/XH5lVxTUfrpcnu
Crb+SIm4My7NqScjy7L+CHfDZ1/a6XpgpizGRatoWVLjOllEnIVVWwjDs+icepHT
3OyGJfXhJWxUkUtD5pB3jaqxdRdeHJPAaEFb4JAux5XOFvKHWKpcBQXCeggJB/4e
wGVjO/00eQ/+RtznFvpzXCssTI+gJVqpQtOV3CxVnRKF3t2lEYxSKTK7ZB4ZrlNE
f0qV+bCGFlGCutbZkO8I9uTz/6Ky+i4hdYwZHwhWZwXGiL3p1125KYn0cbdEF7pJ
uyL/GMUihltxXpS7yg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:11:33 2025 by rpki-client