Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FBECF/B8F59F20183C11EBB945EC0BC4F9AE02/8C7351567CD511EBA76D3567C4F9AE02.roa
File: 8C7351567CD511EBA76D3567C4F9AE02.roa (raw, json)
Hash identifier: fhioSZ5JnI+HzDaYAiu/xtYkalZuzrMX7ArA7EEHCJY=
Subject key identifier: DB:07:B7:2B:17:A5:88:F2:4E:85:9F:BD:DF:B2:38:24:4C:BF:45:86
Certificate issuer: /CN=A91FBECF/serialNumber=7CB09D2FA2F3F0914A97E594F80BF7B1E3E34E61
Certificate serial: 05AA
Authority key identifier: 7C:B0:9D:2F:A2:F3:F0:91:4A:97:E5:94:F8:0B:F7:B1:E3:E3:4E:61
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fLCdL6Lz8JFKl-WU-Av3sePjTmE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FBECF/B8F59F20183C11EBB945EC0BC4F9AE02/8C7351567CD511EBA76D3567C4F9AE02.roa
Signing time: Thu 08 Dec 2022 12:31:09 +0000
ROA not before: Thu 08 Dec 2022 12:31:09 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 59243
IP address blocks: 146.88.92.0/24 maxlen: 24
146.88.95.0/24 maxlen: 24
159.117.40.0/21 maxlen: 24
159.117.96.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1450 (0x5aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FBECF
Validity
Not Before: Dec 8 12:31:09 2022 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=6391d90d-b0c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:5f:a5:1d:27:95:0b:b7:88:a0:f4:76:11:52:
31:f2:84:33:c7:70:37:7f:31:17:62:8a:2f:ba:0a:
87:ba:39:15:6f:2d:1c:48:26:ea:76:20:29:1a:e9:
0e:94:a7:01:00:b1:75:f8:7c:d2:43:ae:40:09:88:
03:4c:e6:38:12:01:a3:fb:6a:7f:7d:40:58:5d:f2:
de:72:72:ed:a8:13:4a:ed:b1:01:9c:66:e2:53:28:
8e:98:f0:51:df:2a:77:34:73:8b:5b:1c:ed:b7:05:
fa:b2:9e:01:2b:f6:f4:92:77:48:bb:5b:df:99:f8:
66:37:29:33:b7:cd:1a:26:e0:e6:48:0a:72:a9:1e:
7b:64:ce:c1:95:5d:4d:91:37:c5:ff:03:99:02:6c:
d6:35:ae:8e:03:eb:af:28:78:14:23:0f:28:19:54:
9a:4d:1b:8a:99:64:55:e9:58:dd:21:87:a2:ba:f0:
f6:15:9f:b8:99:ac:bf:5e:a6:12:02:98:a6:47:ea:
cd:6e:67:f1:78:b6:de:9a:00:01:5f:d5:e6:f4:f0:
43:a5:62:db:e4:3e:32:d4:22:d2:9d:08:5b:88:04:
d6:02:75:05:3f:08:f1:77:85:95:83:40:6e:4a:f8:
43:58:4f:9c:cd:9d:6a:5a:34:0b:b3:08:0f:98:f1:
36:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:07:B7:2B:17:A5:88:F2:4E:85:9F:BD:DF:B2:38:24:4C:BF:45:86
X509v3 Authority Key Identifier:
keyid:7C:B0:9D:2F:A2:F3:F0:91:4A:97:E5:94:F8:0B:F7:B1:E3:E3:4E:61
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FBECF/B8F59F20183C11EBB945EC0BC4F9AE02/fLCdL6Lz8JFKl-WU-Av3sePjTmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fLCdL6Lz8JFKl-WU-Av3sePjTmE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FBECF/B8F59F20183C11EBB945EC0BC4F9AE02/8C7351567CD511EBA76D3567C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
146.88.92.0/24
146.88.95.0/24
159.117.40.0/21
159.117.96.0/21
Signature Algorithm: sha256WithRSAEncryption
82:6c:8e:76:3c:2c:af:2b:f4:6f:82:6c:a7:e6:dd:02:29:aa:
1f:2a:ae:d9:f2:d5:82:e4:c2:8a:61:0d:98:14:7a:62:02:34:
46:e2:3c:b6:a3:8f:24:1f:0e:59:1f:b2:96:1f:34:fa:b6:44:
3b:62:b5:cf:f1:77:59:2c:2d:78:f5:db:13:0f:fc:43:1f:f4:
09:9b:59:2a:2d:36:b0:4e:f9:48:6f:6e:18:ec:fa:39:b6:b2:
30:10:67:13:74:20:00:f2:71:ad:eb:f3:0a:61:eb:21:d6:21:
18:cf:6c:a1:37:28:eb:df:73:07:87:49:09:5e:6f:c5:4c:35:
b5:fd:e7:16:31:c1:f3:69:fe:95:ed:b0:b5:84:c8:d6:a6:da:
64:36:b9:33:d9:b3:16:f9:e8:48:ec:b6:20:89:67:ac:9e:3c:
e5:bc:34:33:b1:15:3b:5a:39:bd:75:20:15:8c:5e:08:38:36:
d1:09:f2:ad:54:4d:28:f3:df:78:1a:2b:ad:46:ca:53:c8:fe:
f1:36:8f:bd:a2:b7:c5:07:97:88:b9:80:1d:a3:03:c5:4f:f8:
65:c5:89:2c:66:59:7b:a0:dc:e2:08:63:ed:69:03:ba:a6:0f:
aa:ba:95:c2:7d:b9:e2:56:14:8c:8d:0b:5b:d3:68:37:6b:2c:
c6:a1:bc:2e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBaowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkJFQ0YxMTAvBgNVBAUTKDdDQjA5RDJGQTJGM0YwOTE0QTk3RTU5NEY4MEJGN0Ix
RTNFMzRFNjEwHhcNMjIxMjA4MTIzMTA5WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzkxZDkwZC1iMGMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApV+lHSeVC7eIoPR2EVIx8oQzx3A3fzEXYoovugqHujkVby0cSCbqdiApGukO
lKcBALF1+HzSQ65ACYgDTOY4EgGj+2p/fUBYXfLecnLtqBNK7bEBnGbiUyiOmPBR
3yp3NHOLWxzttwX6sp4BK/b0kndIu1vfmfhmNykzt80aJuDmSApyqR57ZM7BlV1N
kTfF/wOZAmzWNa6OA+uvKHgUIw8oGVSaTRuKmWRV6VjdIYeiuvD2FZ+4may/XqYS
ApimR+rNbmfxeLbemgABX9Xm9PBDpWLb5D4y1CLSnQhbiATWAnUFPwjxd4WVg0Bu
SvhDWE+czZ1qWjQLswgPmPE2wQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFNsHtysX
pYjyToWfvd+yOCRMv0WGMB8GA1UdIwQYMBaAFHywnS+i8/CRSpfllPgL97Hj405h
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQkVDRi9COEY1OUYyMDE4
M0MxMUVCQjk0NUVDMEJDNEY5QUUwMi9mTENkTDZMejhKRktsLVdVLUF2M3NlUGpU
bUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2ZMQ2RMNkx6OEpGS2wtV1UtQXYzc2VQalRtRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkJFQ0YvQjhGNTlGMjAxODNDMTFFQkI5NDVFQzBCQzRGOUFFMDIvOEM3MzUxNTY3
Q0Q1MTFFQkE3NkQzNTY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBACSWFwDBACSWF8DBAOfdSgDBAOfdWAwDQYJKoZIhvcNAQEL
BQADggEBAIJsjnY8LK8r9G+CbKfm3QIpqh8qrtny1YLkwophDZgUemICNEbiPLaj
jyQfDlkfspYfNPq2RDtitc/xd1ksLXj12xMP/EMf9AmbWSotNrBO+Uhvbhjs+jm2
sjAQZxN0IADyca3r8wph6yHWIRjPbKE3KOvfcweHSQleb8VMNbX95xYxwfNp/pXt
sLWEyNam2mQ2uTPZsxb56EjstiCJZ6yePOW8NDOxFTtaOb11IBWMXgg4NtEJ8q1U
TSjz33gaK61GylPI/vE2j72it8UHl4i5gB2jA8VP+GXFiSxmWXug3OIIY+1pA7qm
D6q6lcJ9ueJWFIyNC1vTaDdrLMahvC4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:16:38 2025 by rpki-client