Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E46B1/F00DF366679711E8A7891C48C4F9AE02/D0D94718CB8111E89EDE697DC4F9AE02.roa
File: D0D94718CB8111E89EDE697DC4F9AE02.roa (raw, json)
Hash identifier: 9jViCMxta64fmIo5dm4osOtVC5SSmRZm2YRKWH3IWTM=
Subject key identifier: 04:62:B4:03:CF:FA:D0:EC:E5:D5:03:CB:17:62:08:11:9B:31:D1:53
Certificate issuer: /CN=A91E46B1/serialNumber=3007844AAA199BA9C88D6404C3DFE876E1E39FC6
Certificate serial: 13DD
Authority key identifier: 30:07:84:4A:AA:19:9B:A9:C8:8D:64:04:C3:DF:E8:76:E1:E3:9F:C6
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MAeESqoZm6nIjWQEw9_oduHjn8Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E46B1/F00DF366679711E8A7891C48C4F9AE02/D0D94718CB8111E89EDE697DC4F9AE02.roa
Signing time: Tue 18 Jun 2024 18:09:21 +0000
ROA not before: Tue 18 Jun 2024 18:09:21 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 23779
IP address blocks: 138.243.0.0/16 maxlen: 31
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5085 (0x13dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E46B1
Validity
Not Before: Jun 18 18:09:21 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6671cd51-5d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7a:80:11:a8:1c:83:a7:73:e7:33:b0:c9:21:
5e:fe:d7:ce:25:fe:f3:3a:3b:7a:a2:36:fb:87:01:
07:3a:ba:e8:23:b6:3d:b5:6f:75:55:79:68:9f:1c:
5d:cd:06:91:24:a1:97:37:5a:67:5b:a1:db:f3:0a:
02:3c:bb:2d:8a:f7:25:2e:45:e0:58:5a:2c:c7:79:
e4:50:92:42:56:12:83:66:04:31:b9:3d:bc:86:cd:
f1:22:f4:43:33:fa:6f:f9:1c:a8:07:6f:77:bb:5f:
0e:9c:ab:91:e8:38:7f:77:08:b3:61:05:0a:12:f0:
c5:c1:e4:16:24:3f:64:d5:a3:1e:ef:f8:c5:10:a5:
b6:fc:1f:40:d6:84:b3:f1:c2:d3:d9:ad:79:e6:95:
f5:6a:e6:87:c2:86:47:70:56:3c:93:6f:78:9a:c9:
74:7d:49:c1:d5:32:12:3d:04:d6:d2:37:a2:d3:f1:
77:f5:7b:85:08:d8:3c:10:60:6d:44:79:26:8c:f7:
32:be:b3:d5:7f:68:56:df:4d:0b:3f:36:1f:63:fb:
cb:28:a1:6d:08:c7:75:55:be:a3:cc:9d:f9:17:e4:
6c:ec:7a:2c:0e:ca:1e:f0:e2:66:94:e8:91:f1:f4:
50:3d:fe:32:df:06:bf:53:b5:a8:f1:81:90:4b:c6:
03:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:62:B4:03:CF:FA:D0:EC:E5:D5:03:CB:17:62:08:11:9B:31:D1:53
X509v3 Authority Key Identifier:
keyid:30:07:84:4A:AA:19:9B:A9:C8:8D:64:04:C3:DF:E8:76:E1:E3:9F:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E46B1/F00DF366679711E8A7891C48C4F9AE02/MAeESqoZm6nIjWQEw9_oduHjn8Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MAeESqoZm6nIjWQEw9_oduHjn8Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E46B1/F00DF366679711E8A7891C48C4F9AE02/D0D94718CB8111E89EDE697DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
138.243.0.0/16
Signature Algorithm: sha256WithRSAEncryption
34:d8:d3:98:c2:7e:e7:c2:b4:a0:46:94:2d:72:d4:2b:04:53:
7c:74:80:35:a4:83:95:4b:8b:03:eb:bc:30:9a:cb:2f:b9:1a:
96:38:4e:2c:23:66:d4:77:13:e7:7d:08:65:51:35:aa:5e:94:
a3:62:15:8f:44:62:02:43:fa:88:80:02:71:a7:16:1b:b6:e6:
dc:12:67:b9:00:40:af:95:71:a7:8a:af:05:24:66:ad:e5:d0:
0b:bf:26:4e:f3:2e:51:fe:47:a4:ab:fd:80:b7:bf:5e:c5:35:
45:c2:c2:85:3f:1d:01:c0:ad:88:67:33:27:b8:7c:e1:5b:8a:
7a:70:05:2d:95:e2:83:6f:08:76:e7:93:fe:23:53:b0:6f:06:
b2:74:ba:a7:1a:86:2d:13:d1:29:43:5b:f0:c5:24:c4:af:16:
2b:3f:a1:72:f6:f4:5d:11:91:60:d2:6c:1d:69:32:e9:4a:4f:
be:ca:0e:14:37:92:e8:fe:4a:43:4f:ec:c1:18:81:c2:ab:b0:
8e:d3:3d:27:36:b7:3c:01:0c:15:10:8f:d4:0d:13:fc:c6:77:
ba:c8:6c:7a:c9:fd:32:47:34:c6:ac:c5:06:fe:3d:f2:c7:cd:
ff:0c:b8:ca:4c:e5:b5:a6:fe:03:d3:35:db:c7:ce:99:23:06:
bd:60:ca:56
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICE90wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTQ2QjExMTAvBgNVBAUTKDMwMDc4NDRBQUExOTlCQTlDODhENjQwNEMzREZFODc2
RTFFMzlGQzYwHhcNMjQwNjE4MTgwOTIxWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjcxY2Q1MS01ZDNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw3qAEagcg6dz5zOwySFe/tfOJf7zOjt6ojb7hwEHOrroI7Y9tW91VXlonxxd
zQaRJKGXN1pnW6Hb8woCPLstivclLkXgWFosx3nkUJJCVhKDZgQxuT28hs3xIvRD
M/pv+RyoB293u18OnKuR6Dh/dwizYQUKEvDFweQWJD9k1aMe7/jFEKW2/B9A1oSz
8cLT2a155pX1auaHwoZHcFY8k294msl0fUnB1TISPQTW0jei0/F39XuFCNg8EGBt
RHkmjPcyvrPVf2hW300LPzYfY/vLKKFtCMd1Vb6jzJ35F+Rs7HosDsoe8OJmlOiR
8fRQPf4y3wa/U7Wo8YGQS8YDLwIDAQABo4IClDCCApAwHQYDVR0OBBYEFARitAPP
+tDs5dUDyxdiCBGbMdFTMB8GA1UdIwQYMBaAFDAHhEqqGZupyI1kBMPf6Hbh45/G
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDZCMS9GMDBERjM2NjY3
OTcxMUU4QTc4OTFDNDhDNEY5QUUwMi9NQWVFU3FvWm02bklqV1FFdzlfb2R1SGpu
OFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL01BZUVTcW9abTZuSWpXUUV3OV9vZHVIam44WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTQ2QjEvRjAwREYzNjY2Nzk3MTFFOEE3ODkxQzQ4QzRGOUFFMDIvRDBEOTQ3MThD
QjgxMTFFODlFREU2OTdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwCK8zANBgkqhkiG9w0BAQsFAAOCAQEANNjTmMJ+58K0oEaU
LXLUKwRTfHSANaSDlUuLA+u8MJrLL7kaljhOLCNm1HcT530IZVE1ql6Uo2IVj0Ri
AkP6iIACcacWG7bm3BJnuQBAr5Vxp4qvBSRmreXQC78mTvMuUf5HpKv9gLe/XsU1
RcLChT8dAcCtiGczJ7h84VuKenAFLZXig28IdueT/iNTsG8GsnS6pxqGLRPRKUNb
8MUkxK8WKz+hcvb0XRGRYNJsHWky6UpPvsoOFDeS6P5KQ0/swRiBwquwjtM9Jza3
PAEMFRCP1A0T/MZ3ushsesn9Mkc0xqzFBv498sfN/wy4ykzltab+A9M128fOmSMG
vWDKVg==
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:34:29 2025 by rpki-client