Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AD34B/B3DB51D2DF3511EFA58D653BC4F9AE02/CAB9B360E20211EF80FC810DC4F9AE02.roa
File: CAB9B360E20211EF80FC810DC4F9AE02.roa (raw, json)
Hash identifier: 65X5sPIhdKM1lp6V7hevZEuaDbWujUAm7MoeXT80kOw=
Subject key identifier: C8:DB:49:93:55:34:44:74:62:0E:50:FC:8B:A2:92:75:9A:48:84:8C
Certificate issuer: /CN=A91AD34B/serialNumber=64CB6EA7D7D0E51F4D42B2D6847274ABB0736598
Certificate serial: 12
Authority key identifier: 64:CB:6E:A7:D7:D0:E5:1F:4D:42:B2:D6:84:72:74:AB:B0:73:65:98
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZMtup9fQ5R9NQrLWhHJ0q7BzZZg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AD34B/B3DB51D2DF3511EFA58D653BC4F9AE02/CAB9B360E20211EF80FC810DC4F9AE02.roa
Signing time: Mon 03 Feb 2025 07:45:09 +0000
ROA not before: Mon 03 Feb 2025 07:45:09 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 147180
IP address blocks: 163.61.45.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18 (0x12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AD34B
Validity
Not Before: Feb 3 07:45:09 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67a07405-4916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:26:54:79:17:df:7f:ba:a4:2d:d6:78:c2:e3:
a8:f4:7f:85:58:14:56:e2:91:c2:9a:c5:2f:48:4b:
b0:a6:d4:14:be:59:f9:47:8c:e8:fc:ff:93:0b:17:
7b:3b:16:f2:2a:b7:fc:b0:67:20:a8:36:d3:fa:ae:
aa:f5:30:f2:3a:8f:73:ce:08:85:6d:e4:cd:39:2f:
ee:69:2b:74:9b:1b:0a:78:f5:b2:23:76:94:2a:ee:
61:70:38:d5:5d:ff:d1:ec:1d:bf:5e:3c:c5:31:50:
32:6c:c0:cf:d5:66:d2:90:02:29:bf:1a:d7:27:26:
e9:04:89:5e:1e:b1:28:79:72:f9:07:5e:45:cd:9f:
3b:97:d3:67:cd:18:a9:4b:e2:7a:84:a9:b0:0e:5d:
6a:c7:46:b9:fa:01:e9:44:07:e0:7e:b5:68:2a:20:
9f:42:c2:3b:85:a0:41:37:42:c1:19:09:b7:ba:49:
1b:e5:d0:9e:a2:ac:e7:9a:6b:3d:ed:94:1d:f0:53:
40:3f:78:c0:22:0c:61:ab:f2:a7:91:dc:0b:63:61:
6b:fb:dc:6f:79:38:1a:22:75:ea:da:98:50:00:aa:
08:e7:4f:ab:40:5a:8e:2e:23:10:a3:87:34:98:e4:
6c:4a:6d:d3:be:e4:87:e1:1e:f6:41:0c:26:20:6b:
82:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:DB:49:93:55:34:44:74:62:0E:50:FC:8B:A2:92:75:9A:48:84:8C
X509v3 Authority Key Identifier:
keyid:64:CB:6E:A7:D7:D0:E5:1F:4D:42:B2:D6:84:72:74:AB:B0:73:65:98
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AD34B/B3DB51D2DF3511EFA58D653BC4F9AE02/ZMtup9fQ5R9NQrLWhHJ0q7BzZZg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZMtup9fQ5R9NQrLWhHJ0q7BzZZg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AD34B/B3DB51D2DF3511EFA58D653BC4F9AE02/CAB9B360E20211EF80FC810DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.61.45.0/24
Signature Algorithm: sha256WithRSAEncryption
85:b7:6b:62:9b:ae:46:39:be:98:07:a7:3e:c1:be:0f:c9:8c:
d6:15:98:eb:27:13:18:2d:cf:65:63:46:81:af:be:c7:a9:07:
28:d6:95:b3:c5:12:76:ce:e3:64:13:64:b7:d2:d3:c4:ff:1e:
9b:b1:7a:a2:ad:06:8d:f8:63:12:18:2e:20:e8:24:f4:d2:b7:
52:78:b7:cd:b5:7e:e2:38:f0:68:4b:bc:14:cd:f1:f7:9b:cb:
20:97:ce:b1:89:28:20:c4:df:c9:c4:48:08:d5:b7:07:88:9f:
f6:6f:a3:66:43:3a:8f:16:89:84:03:f8:a7:5f:22:d5:14:4a:
5c:e0:8d:b0:d5:d7:74:f5:d9:eb:9c:d4:85:95:60:32:56:e0:
af:46:d6:40:d8:84:30:44:18:2e:29:cc:d6:d8:74:35:84:ad:
fa:d9:a7:97:49:4c:58:93:c6:b1:c9:c0:90:86:a2:fe:bf:f0:
d9:eb:38:e1:c5:8c:fd:89:72:44:80:c5:a8:58:fc:1f:84:4e:
fb:e0:42:fe:dc:ee:b9:fe:a2:0b:1d:67:6d:26:0f:73:fa:d9:
c6:a2:ae:08:3f:8c:d2:f0:ff:f9:60:93:8b:97:e9:24:88:20:
4e:3c:06:c9:7d:c3:95:f3:07:dd:65:4a:68:b3:18:10:21:8d:
ff:b2:85:ef
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBEjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
RDM0QjExMC8GA1UEBRMoNjRDQjZFQTdEN0QwRTUxRjRENDJCMkQ2ODQ3Mjc0QUJC
MDczNjU5ODAeFw0yNTAyMDMwNzQ1MDlaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YTA3NDA1LTQ5MTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJJlR5F99/uqQt1njC46j0f4VYFFbikcKaxS9IS7Cm1BS+WflHjOj8/5MLF3s7
FvIqt/ywZyCoNtP6rqr1MPI6j3POCIVt5M05L+5pK3SbGwp49bIjdpQq7mFwONVd
/9HsHb9ePMUxUDJswM/VZtKQAim/GtcnJukEiV4esSh5cvkHXkXNnzuX02fNGKlL
4nqEqbAOXWrHRrn6AelEB+B+tWgqIJ9CwjuFoEE3QsEZCbe6SRvl0J6irOeaaz3t
lB3wU0A/eMAiDGGr8qeR3AtjYWv73G95OBoideramFAAqgjnT6tAWo4uIxCjhzSY
5GxKbdO+5IfhHvZBDCYga4JBAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUyNtJk1U0
RHRiDlD8i6KSdZpIhIwwHwYDVR0jBBgwFoAUZMtup9fQ5R9NQrLWhHJ0q7BzZZgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFEMzRCL0IzREI1MUQyREYz
NTExRUZBNThENjUzQkM0RjlBRTAyL1pNdHVwOWZRNVI5TlFyTFdoSEowcTdCelpa
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWk10dXA5ZlE1UjlOUXJMV2hISjBxN0J6WlpnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
RDM0Qi9CM0RCNTFEMkRGMzUxMUVGQTU4RDY1M0JDNEY5QUUwMi9DQUI5QjM2MEUy
MDIxMUVGODBGQzgxMERDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKM9LTANBgkqhkiG9w0BAQsFAAOCAQEAhbdrYpuuRjm+mAen
PsG+D8mM1hWY6ycTGC3PZWNGga++x6kHKNaVs8USds7jZBNkt9LTxP8em7F6oq0G
jfhjEhguIOgk9NK3Uni3zbV+4jjwaEu8FM3x95vLIJfOsYkoIMTfycRICNW3B4if
9m+jZkM6jxaJhAP4p18i1RRKXOCNsNXXdPXZ65zUhZVgMlbgr0bWQNiEMEQYLinM
1th0NYSt+tmnl0lMWJPGscnAkIai/r/w2es44cWM/YlyRIDFqFj8H4RO++BC/tzu
uf6iCx1nbSYPc/rZxqKuCD+M0vD/+WCTi5fpJIggTjwGyX3DlfMH3WVKaLMYECGN
/7KF7w==
-----END CERTIFICATE-----
Generated at Sat Feb 22 04:31:30 2025 by rpki-client