Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF1CC/3AFC33E2EF6311EFBF64AB6AC4F9AE02/B7E221E4024311F0BD990F64C4F9AE02.roa
File: B7E221E4024311F0BD990F64C4F9AE02.roa (raw, json)
Hash identifier: d1zImNClufU6mQa0qsoJOx/6gPAzww6pSPXhwifVLOo=
Subject key identifier: 82:F9:8F:B4:5B:1B:CC:43:2A:78:C2:26:4E:D0:32:6C:47:8A:61:54
Certificate issuer: /CN=A91FF1CC/serialNumber=446FAF923BEBAF96357287FE250991C75491454D
Certificate serial: 12
Authority key identifier: 44:6F:AF:92:3B:EB:AF:96:35:72:87:FE:25:09:91:C7:54:91:45:4D
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RG-vkjvrr5Y1cof-JQmRx1SRRU0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FF1CC/3AFC33E2EF6311EFBF64AB6AC4F9AE02/B7E221E4024311F0BD990F64C4F9AE02.roa
Signing time: Sun 16 Mar 2025 08:50:32 +0000
ROA not before: Sun 16 Mar 2025 08:50:32 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 138346
IP address blocks: 161.248.56.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18 (0x12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FF1CC
Validity
Not Before: Mar 16 08:50:32 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67d690d8-6128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:92:4a:6e:3e:68:08:ff:c1:7f:4a:3a:cd:74:
dc:5b:9d:00:68:e1:ee:5b:30:fd:80:f2:db:ec:95:
f0:36:22:44:09:1d:6a:d2:47:e5:7b:f7:5c:aa:99:
44:45:a4:56:1b:c8:f2:63:1f:dc:8d:30:7f:7b:2b:
53:b8:b0:b1:ee:b9:42:f1:7f:da:71:10:04:d4:e8:
93:b1:88:c5:28:51:32:2c:34:88:49:b0:82:95:5b:
17:a5:d3:56:65:30:16:e5:68:bb:ac:10:09:11:26:
29:88:dc:68:25:fc:7d:4b:52:c8:37:21:f2:9d:d8:
c9:ae:cf:7d:2c:86:b6:dd:1d:64:4a:62:86:b1:42:
81:bc:db:6c:bd:a9:2f:20:6f:82:ef:c1:34:dd:69:
a2:7f:24:19:66:d3:ab:de:a6:c6:40:77:97:56:08:
94:68:0c:57:3e:43:ff:e2:cb:fd:72:58:91:eb:84:
b7:de:f0:bf:4c:54:ed:1e:49:5b:f2:1a:40:39:83:
9b:6b:79:0d:07:cc:e7:1a:97:a1:44:a9:30:3b:d3:
c9:3e:3f:af:d0:16:6f:3d:5e:05:7e:fd:d9:ad:45:
86:8f:c4:81:fa:c1:e8:f5:58:cf:f9:11:88:40:6d:
5b:dc:76:48:a8:78:be:00:df:f3:84:87:2d:13:1c:
3f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:F9:8F:B4:5B:1B:CC:43:2A:78:C2:26:4E:D0:32:6C:47:8A:61:54
X509v3 Authority Key Identifier:
keyid:44:6F:AF:92:3B:EB:AF:96:35:72:87:FE:25:09:91:C7:54:91:45:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FF1CC/3AFC33E2EF6311EFBF64AB6AC4F9AE02/RG-vkjvrr5Y1cof-JQmRx1SRRU0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RG-vkjvrr5Y1cof-JQmRx1SRRU0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF1CC/3AFC33E2EF6311EFBF64AB6AC4F9AE02/B7E221E4024311F0BD990F64C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.56.0/24
Signature Algorithm: sha256WithRSAEncryption
81:66:df:f4:d5:c0:2c:f5:28:99:40:9e:04:f8:67:0a:d6:59:
18:ab:78:e7:a2:bc:a1:19:7e:2a:10:fb:01:5c:22:94:b0:a8:
b4:81:9b:4a:a6:5f:9c:85:2f:3f:1a:8c:06:ab:3f:9c:13:8a:
f3:c4:04:13:39:ae:30:a7:b0:f4:c5:29:8f:96:7c:40:7a:cc:
8b:fc:62:a5:f6:d7:c1:c0:ac:e3:f3:38:d7:f6:38:1d:47:7b:
99:d2:ef:8c:60:1e:89:9f:b7:35:8d:c5:e4:89:24:36:cf:35:
4e:18:fc:5f:23:0e:43:f1:ba:d5:ec:62:2e:98:04:e9:27:10:
21:c0:80:bd:26:88:1c:39:28:81:ef:8c:78:d2:93:c4:14:15:
dc:37:65:3d:50:1f:98:6a:a4:ae:a3:a6:bd:64:1f:0e:80:2f:
51:5e:49:89:b5:80:af:a3:da:1f:3a:03:02:b9:ee:ee:03:48:
7f:11:b8:d6:17:78:16:5c:65:fd:c5:a8:d1:cd:27:9c:dc:a3:
3d:41:60:ea:41:21:4f:ef:1c:ce:aa:b3:6e:4d:90:07:bb:5e:
5b:29:37:fa:41:e2:cc:d9:a9:ea:4b:8c:f2:1f:4a:a5:cb:81:
a8:ba:d8:78:5e:10:5a:a1:10:25:31:e7:bf:38:2b:17:bb:32:
5a:83:24:75
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBEjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
RjFDQzExMC8GA1UEBRMoNDQ2RkFGOTIzQkVCQUY5NjM1NzI4N0ZFMjUwOTkxQzc1
NDkxNDU0RDAeFw0yNTAzMTYwODUwMzJaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ZDY5MGQ4LTYxMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCxkkpuPmgI/8F/SjrNdNxbnQBo4e5bMP2A8tvslfA2IkQJHWrSR+V791yqmURF
pFYbyPJjH9yNMH97K1O4sLHuuULxf9pxEATU6JOxiMUoUTIsNIhJsIKVWxel01Zl
MBblaLusEAkRJimI3Ggl/H1LUsg3IfKd2Mmuz30shrbdHWRKYoaxQoG822y9qS8g
b4LvwTTdaaJ/JBlm06vepsZAd5dWCJRoDFc+Q//iy/1yWJHrhLfe8L9MVO0eSVvy
GkA5g5treQ0HzOcal6FEqTA708k+P6/QFm89XgV+/dmtRYaPxIH6wej1WM/5EYhA
bVvcdkioeL4A3/OEhy0THD+dAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUgvmPtFsb
zEMqeMImTtAybEeKYVQwHwYDVR0jBBgwFoAURG+vkjvrr5Y1cof+JQmRx1SRRU0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZGMUNDLzNBRkMzM0UyRUY2
MzExRUZCRjY0QUI2QUM0RjlBRTAyL1JHLXZranZycjVZMWNvZi1KUW1SeDFTUlJV
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvUkctdmtqdnJyNVkxY29mLUpRbVJ4MVNSUlUwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
RjFDQy8zQUZDMzNFMkVGNjMxMUVGQkY2NEFCNkFDNEY5QUUwMi9CN0UyMjFFNDAy
NDMxMUYwQkQ5OTBGNjRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKH4ODANBgkqhkiG9w0BAQsFAAOCAQEAgWbf9NXALPUomUCe
BPhnCtZZGKt456K8oRl+KhD7AVwilLCotIGbSqZfnIUvPxqMBqs/nBOK88QEEzmu
MKew9MUpj5Z8QHrMi/xipfbXwcCs4/M41/Y4HUd7mdLvjGAeiZ+3NY3F5IkkNs81
Thj8XyMOQ/G61exiLpgE6ScQIcCAvSaIHDkoge+MeNKTxBQV3DdlPVAfmGqkrqOm
vWQfDoAvUV5JibWAr6PaHzoDArnu7gNIfxG41hd4Flxl/cWo0c0nnNyjPUFg6kEh
T+8czqqzbk2QB7teWyk3+kHizNmp6kuM8h9KpcuBqLrYeF4QWqEQJTHnvzgrF7sy
WoMkdQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:07:37 2025 by rpki-client