Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916A983/28B1B61CCD0F11E89D9FF165C4F9AE02/1C839F861BA111EA8BDD6114C4F9AE02.roa
File: 1C839F861BA111EA8BDD6114C4F9AE02.roa (raw, json)
Hash identifier: /xC7PbFaPdYR1z14EMh8nZ3np50j+H8RH/0TSNmCnBQ=
Subject key identifier: FA:88:2D:20:CD:E9:05:D3:B1:DA:45:3C:8F:7A:3A:68:8D:86:80:03
Certificate issuer: /CN=A916A983/serialNumber=B4A96AADEEDC7BEDD57D62FC9A49EA0B3FF6F50C
Certificate serial: 11E4
Authority key identifier: B4:A9:6A:AD:EE:DC:7B:ED:D5:7D:62:FC:9A:49:EA:0B:3F:F6:F5:0C
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/tKlqre7ce-3VfWL8mknqCz_29Qw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916A983/28B1B61CCD0F11E89D9FF165C4F9AE02/1C839F861BA111EA8BDD6114C4F9AE02.roa
Signing time: Wed 24 Jul 2024 17:35:19 +0000
ROA not before: Wed 24 Jul 2024 17:35:19 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 135887
IP address blocks: 141.168.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4580 (0x11e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916A983
Validity
Not Before: Jul 24 17:35:19 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66a13b57-8fe7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:91:15:b0:85:6c:82:3a:d6:63:ea:9b:70:cb:
b5:a8:b2:13:40:3b:a2:8c:15:9d:c6:da:f6:3d:1f:
18:51:dd:10:20:40:af:44:2a:e0:95:43:be:f5:f5:
b7:56:72:0b:ca:46:ef:0a:74:96:98:d3:98:a8:7b:
64:11:1c:c6:45:fe:f6:2d:67:9f:73:b4:db:58:71:
3d:9d:e8:19:61:03:e2:f8:78:b6:64:08:7e:6d:2c:
f0:ab:7b:ff:d2:f2:8f:2a:31:e2:56:4b:69:c9:a9:
c3:7d:89:eb:c9:d9:13:f7:6d:96:12:03:90:20:bf:
84:0a:7c:df:b3:29:06:06:ef:16:2f:70:b1:a5:85:
a5:d1:10:5a:22:c7:93:fb:c4:4d:64:00:0b:0c:12:
dc:39:b2:fa:b4:a4:f8:83:cb:a5:a3:9c:15:69:85:
a1:67:f9:63:e8:74:72:66:d6:90:1b:6f:46:aa:08:
c8:d2:7e:31:0b:48:7d:9b:7a:c6:1b:dd:35:2d:fe:
26:be:11:46:45:32:6f:63:e8:14:67:c4:21:64:6e:
01:c1:72:6a:26:ba:b0:e6:4e:f3:c3:0f:66:83:27:
11:f8:d8:c9:38:31:42:88:99:45:00:61:01:ea:e0:
50:da:08:33:1f:fa:b1:60:57:c7:ea:53:d4:fd:87:
ff:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:88:2D:20:CD:E9:05:D3:B1:DA:45:3C:8F:7A:3A:68:8D:86:80:03
X509v3 Authority Key Identifier:
keyid:B4:A9:6A:AD:EE:DC:7B:ED:D5:7D:62:FC:9A:49:EA:0B:3F:F6:F5:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916A983/28B1B61CCD0F11E89D9FF165C4F9AE02/tKlqre7ce-3VfWL8mknqCz_29Qw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/tKlqre7ce-3VfWL8mknqCz_29Qw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A983/28B1B61CCD0F11E89D9FF165C4F9AE02/1C839F861BA111EA8BDD6114C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
141.168.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7a:4d:9b:0a:e1:fb:1b:33:a1:e6:f0:36:51:eb:7e:7e:5e:d2:
2a:f0:1b:2d:e6:8f:d2:75:20:46:d3:87:10:70:0a:72:a7:9f:
4d:c0:2b:e2:f0:0f:65:0e:04:7b:cf:49:39:14:98:63:35:e1:
2d:90:de:a5:a6:7b:54:fa:2b:08:d3:64:0f:82:02:3d:d8:ce:
c5:52:c8:76:aa:86:4c:83:ab:df:ed:ca:03:75:9d:08:54:fc:
8b:f3:09:41:5f:1c:de:c3:d6:c3:f9:86:49:7e:b8:9e:3d:c9:
06:0a:b8:58:51:c8:76:87:0f:d5:4c:d8:60:a0:ea:b4:8d:91:
99:97:c5:ba:b6:8a:ce:fc:a7:e8:ba:8e:3d:60:b8:ce:0c:ee:
a2:78:68:7a:f7:25:a7:6b:27:5a:c9:0b:e8:4d:ff:cd:9d:ae:
dc:99:a0:64:c1:bd:3d:76:e8:b1:6e:ca:b0:0f:1f:a1:ca:9e:
78:63:75:db:8a:9e:7e:a3:f0:56:de:fa:73:0b:9b:a2:ae:5e:
6f:f3:88:fa:ba:cd:37:b7:39:9f:7a:b4:b5:4d:92:b1:7d:90:
b6:ff:dc:2e:9f:49:ca:64:3f:7e:61:7f:9e:d0:f0:6e:b2:07:
94:9d:34:6d:27:a3:05:52:89:0c:fb:d1:7e:8d:52:f8:27:b2:
07:9b:09:bc
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICEeQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkE5ODMxMTAvBgNVBAUTKEI0QTk2QUFERUVEQzdCRURENTdENjJGQzlBNDlFQTBC
M0ZGNkY1MEMwHhcNMjQwNzI0MTczNTE5WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmExM2I1Ny04ZmU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq5EVsIVsgjrWY+qbcMu1qLITQDuijBWdxtr2PR8YUd0QIECvRCrglUO+9fW3
VnILykbvCnSWmNOYqHtkERzGRf72LWefc7TbWHE9negZYQPi+Hi2ZAh+bSzwq3v/
0vKPKjHiVktpyanDfYnrydkT922WEgOQIL+ECnzfsykGBu8WL3CxpYWl0RBaIseT
+8RNZAALDBLcObL6tKT4g8ulo5wVaYWhZ/lj6HRyZtaQG29GqgjI0n4xC0h9m3rG
G901Lf4mvhFGRTJvY+gUZ8QhZG4BwXJqJrqw5k7zww9mgycR+NjJODFCiJlFAGEB
6uBQ2ggzH/qxYFfH6lPU/Yf/ZwIDAQABo4IClDCCApAwHQYDVR0OBBYEFPqILSDN
6QXTsdpFPI96OmiNhoADMB8GA1UdIwQYMBaAFLSpaq3u3Hvt1X1i/JpJ6gs/9vUM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QTk4My8yOEIxQjYxQ0NE
MEYxMUU4OUQ5RkYxNjVDNEY5QUUwMi90S2xxcmU3Y2UtM1ZmV0w4bWtucUN6XzI5
UXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL3RLbHFyZTdjZS0zVmZXTDhta25xQ3pfMjlRdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkE5ODMvMjhCMUI2MUNDRDBGMTFFODlEOUZGMTY1QzRGOUFFMDIvMUM4MzlGODYx
QkExMTFFQThCREQ2MTE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwCNqDANBgkqhkiG9w0BAQsFAAOCAQEAek2bCuH7GzOh5vA2
Uet+fl7SKvAbLeaP0nUgRtOHEHAKcqefTcAr4vAPZQ4Ee89JORSYYzXhLZDepaZ7
VPorCNNkD4ICPdjOxVLIdqqGTIOr3+3KA3WdCFT8i/MJQV8c3sPWw/mGSX64nj3J
Bgq4WFHIdocP1UzYYKDqtI2RmZfFuraKzvyn6LqOPWC4zgzuonhoevclp2snWskL
6E3/zZ2u3JmgZMG9PXbosW7KsA8focqeeGN124qefqPwVt76cwuboq5eb/OI+rrN
N7c5n3q0tU2SsX2Qtv/cLp9JymQ/fmF/ntDwbrIHlJ00bSejBVKJDPvRfo1S+Cey
B5sJvA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:22:05 2025 by rpki-client