Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B87FC/3978E31686E111EF8F773F82C4F9AE02/64517A3886E311EFA2B33527C4F9AE02.roa
File: 64517A3886E311EFA2B33527C4F9AE02.roa (raw, json)
Hash identifier: a8PUztMZjKwlO5oAsBw+JL1gQU9NMI2G6jad/TSX5I0=
Subject key identifier: A1:36:8A:CB:00:03:9A:57:57:50:F0:0D:B9:8C:F3:4B:7C:58:87:60
Certificate issuer: /CN=A91B87FC/serialNumber=3A87871E3BAE65EDE2F31BB1AD5C59BB7A74ABDD
Certificate serial: 02
Authority key identifier: 3A:87:87:1E:3B:AE:65:ED:E2:F3:1B:B1:AD:5C:59:BB:7A:74:AB:DD
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OoeHHjuuZe3i8xuxrVxZu3p0q90.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B87FC/3978E31686E111EF8F773F82C4F9AE02/64517A3886E311EFA2B33527C4F9AE02.roa
Signing time: Thu 10 Oct 2024 08:41:07 +0000
ROA not before: Thu 10 Oct 2024 08:41:07 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 133551
IP address blocks: 160.30.108.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B87FC
Validity
Not Before: Oct 10 08:41:07 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67079323-e2d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:91:7a:90:c9:c4:3a:63:5f:42:3d:92:ee:84:
1b:f2:e3:5d:85:cd:7a:b9:0d:dd:aa:a4:fd:ec:83:
32:55:31:56:29:e6:82:72:50:bb:67:a8:2d:ec:46:
5a:52:60:52:36:a9:07:c9:20:3b:45:8f:89:bb:b6:
20:af:45:ce:4d:3e:fe:26:c0:81:84:08:14:4d:33:
4e:d2:d0:59:5e:35:37:57:c7:60:6c:bd:47:9a:41:
83:7e:8c:20:a8:6c:73:aa:7c:28:8a:c1:2d:2e:77:
e5:6d:15:7d:da:d7:d5:d9:c5:6e:71:d2:09:d9:74:
ce:45:d8:12:76:00:c3:18:10:85:c8:9b:46:61:67:
85:88:5f:a4:cf:9e:ba:5e:d9:aa:f6:11:91:12:3c:
eb:ad:cb:e1:d7:8b:4c:f5:6c:2c:85:28:c7:c2:81:
8d:3e:39:0b:89:a5:3f:8e:6e:e5:7a:e6:fd:a6:a6:
0a:3a:ea:29:35:29:31:b6:c9:70:86:ee:02:b9:38:
f4:fd:73:58:53:77:d7:1c:67:96:30:54:dd:de:ab:
3a:2a:bc:e0:7e:6c:87:94:9c:f3:fd:b1:18:68:71:
67:4d:a4:fd:80:f2:53:84:f9:55:7e:e8:66:9f:ea:
83:dc:b3:5b:5d:7a:94:b4:4c:73:95:c4:aa:f4:68:
ac:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:36:8A:CB:00:03:9A:57:57:50:F0:0D:B9:8C:F3:4B:7C:58:87:60
X509v3 Authority Key Identifier:
keyid:3A:87:87:1E:3B:AE:65:ED:E2:F3:1B:B1:AD:5C:59:BB:7A:74:AB:DD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B87FC/3978E31686E111EF8F773F82C4F9AE02/OoeHHjuuZe3i8xuxrVxZu3p0q90.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OoeHHjuuZe3i8xuxrVxZu3p0q90.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B87FC/3978E31686E111EF8F773F82C4F9AE02/64517A3886E311EFA2B33527C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.30.108.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:8b:51:c0:3f:69:24:f1:f1:f9:ed:5c:ed:7d:dd:a9:2a:2d:
3e:43:97:01:d9:45:23:6a:14:4b:8b:7d:08:fc:5d:72:98:bf:
79:f4:88:6b:61:53:52:b0:1d:0c:ad:7f:04:b8:28:d7:4b:21:
35:02:86:20:a6:a7:ea:dd:47:fe:86:5c:19:09:b2:39:08:4e:
9a:29:98:cc:64:94:24:68:bd:30:7b:8d:2e:95:24:00:72:4c:
d8:48:03:a3:d8:54:29:3f:a8:b4:1f:56:b7:78:67:48:e3:23:
95:31:14:e9:84:5b:16:7a:7a:b4:dc:1e:b1:ce:44:b1:23:c6:
06:45:19:f8:de:3b:59:9c:5c:a9:a2:9b:a8:f4:d8:8b:83:8b:
87:b3:74:08:ca:04:ad:33:fc:d2:aa:44:85:5c:16:52:2e:23:
ee:e7:16:e1:f9:cb:93:fa:8b:ad:e8:88:be:e7:5f:aa:53:10:
61:53:0c:f8:1a:59:a7:a4:2f:60:d3:2b:0f:07:6c:82:fb:85:
3a:54:22:e0:81:9d:38:07:37:6d:ea:0e:5a:ae:4d:7b:89:99:
70:40:13:ae:e9:84:08:eb:0b:17:92:bc:b2:bd:d1:9e:c6:86:
56:68:70:a9:b0:b7:10:2d:73:b3:0e:f0:95:74:8a:c1:b3:15:
a4:1e:9b:69
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
ODdGQzExMC8GA1UEBRMoM0E4Nzg3MUUzQkFFNjVFREUyRjMxQkIxQUQ1QzU5QkI3
QTc0QUJERDAeFw0yNDEwMTAwODQxMDdaFw0yNTEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MDc5MzIzLWUyZDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCxkXqQycQ6Y19CPZLuhBvy412FzXq5Dd2qpP3sgzJVMVYp5oJyULtnqC3sRlpS
YFI2qQfJIDtFj4m7tiCvRc5NPv4mwIGECBRNM07S0FleNTdXx2BsvUeaQYN+jCCo
bHOqfCiKwS0ud+VtFX3a19XZxW5x0gnZdM5F2BJ2AMMYEIXIm0ZhZ4WIX6TPnrpe
2ar2EZESPOuty+HXi0z1bCyFKMfCgY0+OQuJpT+ObuV65v2mpgo66ik1KTG2yXCG
7gK5OPT9c1hTd9ccZ5YwVN3eqzoqvOB+bIeUnPP9sRhocWdNpP2A8lOE+VV+6Gaf
6oPcs1tdepS0THOVxKr0aKz9AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUoTaKywAD
mldXUPANuYzzS3xYh2AwHwYDVR0jBBgwFoAUOoeHHjuuZe3i8xuxrVxZu3p0q90w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI4N0ZDLzM5NzhFMzE2ODZF
MTExRUY4Rjc3M0Y4MkM0RjlBRTAyL09vZUhIanV1WmUzaTh4dXhyVnhadTNwMHE5
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvT29lSEhqdXVaZTNpOHh1eHJWeFp1M3AwcTkwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
ODdGQy8zOTc4RTMxNjg2RTExMUVGOEY3NzNGODJDNEY5QUUwMi82NDUxN0EzODg2
RTMxMUVGQTJCMzM1MjdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKAebDANBgkqhkiG9w0BAQsFAAOCAQEAtotRwD9pJPHx+e1c
7X3dqSotPkOXAdlFI2oUS4t9CPxdcpi/efSIa2FTUrAdDK1/BLgo10shNQKGIKan
6t1H/oZcGQmyOQhOmimYzGSUJGi9MHuNLpUkAHJM2EgDo9hUKT+otB9Wt3hnSOMj
lTEU6YRbFnp6tNwesc5EsSPGBkUZ+N47WZxcqaKbqPTYi4OLh7N0CMoErTP80qpE
hVwWUi4j7ucW4fnLk/qLreiIvudfqlMQYVMM+BpZp6QvYNMrDwdsgvuFOlQi4IGd
OAc3beoOWq5Ne4mZcEATrumECOsLF5K8sr3RnsaGVmhwqbC3EC1zsw7wlXSKwbMV
pB6baQ==
-----END CERTIFICATE-----
Generated at Fri Apr 11 06:46:50 2025 by rpki-client