Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8EDF/EA67A98C7C5711EDBF213767C4F9AE02/C44A1D987E0511EDBA2BAF7FC4F9AE02.roa
File: C44A1D987E0511EDBA2BAF7FC4F9AE02.roa (raw, json)
Hash identifier: UGxKabSt5VefJdKh3JQwjTM53St2aD5lvYeCqBjnhKg=
Subject key identifier: 62:7B:12:5D:77:10:9C:B4:84:B2:3B:D3:A3:99:9D:39:72:B7:A0:14
Certificate issuer: /CN=A91C8EDF/serialNumber=05D365500DA4B2C00189F3C6CA5950E0074C7C4A
Certificate serial: 0192
Authority key identifier: 05:D3:65:50:0D:A4:B2:C0:01:89:F3:C6:CA:59:50:E0:07:4C:7C:4A
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BdNlUA2kssABifPGyllQ4AdMfEo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C8EDF/EA67A98C7C5711EDBF213767C4F9AE02/C44A1D987E0511EDBA2BAF7FC4F9AE02.roa
Signing time: Fri 13 Dec 2024 02:36:00 +0000
ROA not before: Fri 13 Dec 2024 02:36:00 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 53766
IP address blocks: 152.65.192.0/18 maxlen: 24
199.247.160.0/20 maxlen: 24
207.66.112.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 402 (0x192)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C8EDF
Validity
Not Before: Dec 13 02:36:00 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=675b9d90-f7e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f3:13:a9:59:d4:5e:4e:6a:c0:1c:ca:83:4f:
23:e3:7a:cc:1d:71:4c:16:96:b9:6f:d9:64:8f:da:
f2:01:46:b5:ca:06:22:3c:b9:93:aa:45:ff:cc:74:
d0:3b:51:a1:a7:45:ce:3b:25:77:db:9e:84:50:16:
95:a0:9d:eb:93:77:29:a7:3a:09:7b:f3:ba:5f:af:
86:a2:fc:48:1a:0b:5c:a2:ff:35:70:2e:3a:e0:58:
ff:c6:55:85:fb:52:76:99:c5:4d:79:87:a6:8f:02:
ca:11:77:07:ed:55:ff:38:7c:4f:f4:12:78:8e:e1:
10:36:29:58:e8:43:c5:f8:0b:63:b5:ab:ad:04:b0:
de:3d:34:8f:be:3a:75:f1:73:2c:5a:fc:7d:6d:6c:
f7:9f:cd:e0:b9:bb:fc:13:4c:03:9a:61:00:ec:7f:
50:6a:b1:ed:9f:d8:2d:f3:3f:84:14:45:1b:e8:22:
b3:a2:b8:56:27:ea:96:3e:fb:8d:0f:a6:c7:8e:53:
79:5f:79:b5:2c:c5:d1:10:c1:36:b2:12:4d:fe:22:
74:b6:98:fe:8e:2d:61:8d:30:68:6a:22:72:a1:45:
d9:1d:48:10:e3:ef:8b:c1:8f:8f:8b:ae:2e:ed:53:
e6:6e:2b:ca:49:43:de:2a:16:4a:86:d4:1e:eb:3b:
ce:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:7B:12:5D:77:10:9C:B4:84:B2:3B:D3:A3:99:9D:39:72:B7:A0:14
X509v3 Authority Key Identifier:
keyid:05:D3:65:50:0D:A4:B2:C0:01:89:F3:C6:CA:59:50:E0:07:4C:7C:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C8EDF/EA67A98C7C5711EDBF213767C4F9AE02/BdNlUA2kssABifPGyllQ4AdMfEo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BdNlUA2kssABifPGyllQ4AdMfEo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8EDF/EA67A98C7C5711EDBF213767C4F9AE02/C44A1D987E0511EDBA2BAF7FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
152.65.192.0/18
199.247.160.0/20
207.66.112.0/21
Signature Algorithm: sha256WithRSAEncryption
74:90:50:35:bc:5c:e8:80:82:2e:fe:f2:23:9f:9e:62:d0:c7:
d7:6f:5e:2a:fd:76:40:1a:60:ba:6f:2f:97:4e:53:5a:66:d2:
39:53:2d:ec:cb:d1:a7:2c:c6:ff:85:02:5e:26:2b:d1:93:9e:
46:1c:4f:d0:3e:67:18:ff:a9:b4:05:c0:ed:8e:08:28:f3:cd:
95:34:48:0d:fc:ea:57:ed:c3:ee:dd:c5:1e:48:fb:33:07:78:
0a:2f:de:72:02:fd:6e:8d:de:f2:3a:4a:e9:59:08:16:dc:be:
aa:44:ec:71:e9:9c:9f:35:2a:1a:cb:57:46:6b:72:ce:e5:20:
4b:bd:d8:6f:e1:2a:c8:65:a8:09:66:d0:b2:06:a2:ac:13:7a:
ee:05:fe:84:ac:0d:00:ba:ed:d8:2a:c4:ae:8a:f5:32:69:29:
78:20:08:bd:bf:c8:eb:ef:ac:5f:6e:76:27:87:6b:76:ea:b3:
0d:a2:8b:74:93:e6:12:a7:47:39:6a:a7:44:1b:00:f3:9c:2b:
24:cf:3c:c3:23:61:2f:ab:82:25:c1:df:e0:7f:70:82:9b:91:
36:07:c5:c2:fd:d4:7b:34:88:e2:99:88:2a:98:60:2d:6f:4b:
8c:0f:89:1b:a8:fe:45:85:2c:95:a7:b4:37:4d:b0:fb:b3:06:
f7:3c:a2:6b
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAZIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzhFREYxMTAvBgNVBAUTKDA1RDM2NTUwMERBNEIyQzAwMTg5RjNDNkNBNTk1MEUw
MDc0QzdDNEEwHhcNMjQxMjEzMDIzNjAwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzViOWQ5MC1mN2U2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw/MTqVnUXk5qwBzKg08j43rMHXFMFpa5b9lkj9ryAUa1ygYiPLmTqkX/zHTQ
O1Ghp0XOOyV3256EUBaVoJ3rk3cppzoJe/O6X6+GovxIGgtcov81cC464Fj/xlWF
+1J2mcVNeYemjwLKEXcH7VX/OHxP9BJ4juEQNilY6EPF+AtjtautBLDePTSPvjp1
8XMsWvx9bWz3n83gubv8E0wDmmEA7H9QarHtn9gt8z+EFEUb6CKzorhWJ+qWPvuN
D6bHjlN5X3m1LMXREME2shJN/iJ0tpj+ji1hjTBoaiJyoUXZHUgQ4++LwY+Pi64u
7VPmbivKSUPeKhZKhtQe6zvOqQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFGJ7El13
EJy0hLI706OZnTlyt6AUMB8GA1UdIwQYMBaAFAXTZVANpLLAAYnzxspZUOAHTHxK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOEVERi9FQTY3QTk4QzdD
NTcxMUVEQkYyMTM3NjdDNEY5QUUwMi9CZE5sVUEya3NzQUJpZlBHeWxsUTRBZE1m
RW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0JkTmxVQTJrc3NBQmlmUEd5bGxRNEFkTWZFby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzhFREYvRUE2N0E5OEM3QzU3MTFFREJGMjEzNzY3QzRGOUFFMDIvQzQ0QTFEOTg3
RTA1MTFFREJBMkJBRjdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAaYQcADBATH96ADBAPPQnAwDQYJKoZIhvcNAQELBQADggEB
AHSQUDW8XOiAgi7+8iOfnmLQx9dvXir9dkAaYLpvL5dOU1pm0jlTLezL0acsxv+F
Al4mK9GTnkYcT9A+Zxj/qbQFwO2OCCjzzZU0SA386lftw+7dxR5I+zMHeAov3nIC
/W6N3vI6SulZCBbcvqpE7HHpnJ81KhrLV0Zrcs7lIEu92G/hKshlqAlm0LIGoqwT
eu4F/oSsDQC67dgqxK6K9TJpKXggCL2/yOvvrF9udieHa3bqsw2ii3ST5hKnRzlq
p0QbAPOcKyTPPMMjYS+rgiXB3+B/cIKbkTYHxcL91Hs0iOKZiCqYYC1vS4wPiRuo
/kWFLJWntDdNsPuzBvc8oms=
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:48:19 2025 by rpki-client