Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915825D/DD71D568A44611EF8D58A624C4F9AE02/109B1A6AC14F11EFAE8F4B0BC4F9AE02.roa
File: 109B1A6AC14F11EFAE8F4B0BC4F9AE02.roa (raw, json)
Hash identifier: O3Uz+KpRm5MoctoGRC1duD1BwfL9FN3BK/XdRP8CSp4=
Subject key identifier: D4:DF:28:54:7C:BB:9E:A1:04:BB:42:2C:F0:41:79:2D:5A:87:8B:41
Certificate issuer: /CN=A915825D/serialNumber=4CA02EC111874AE0E7D0555A25FF3302F912EB8C
Certificate serial: 18
Authority key identifier: 4C:A0:2E:C1:11:87:4A:E0:E7:D0:55:5A:25:FF:33:02:F9:12:EB:8C
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TKAuwRGHSuDn0FVaJf8zAvkS64w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915825D/DD71D568A44611EF8D58A624C4F9AE02/109B1A6AC14F11EFAE8F4B0BC4F9AE02.roa
Signing time: Mon 23 Dec 2024 16:58:00 +0000
ROA not before: Mon 23 Dec 2024 16:58:00 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 136396
IP address blocks: 160.191.163.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24 (0x18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915825D/serialNumber=4CA02EC111874AE0E7D0555A25FF3302F912EB8C
Validity
Not Before: Dec 23 16:58:00 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67699697-910e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:48:f2:8c:77:b0:50:f2:69:fb:ad:70:9f:66:
30:4d:d7:95:8e:cd:19:8e:e0:a2:6d:a0:f5:75:aa:
ba:1a:70:2c:ee:16:26:f0:d6:c4:20:c1:8f:a7:a0:
d9:a5:8f:c8:50:a9:47:62:b5:15:38:00:b3:24:6e:
93:87:26:e7:95:ca:54:e7:23:2a:03:8c:8b:a9:9d:
b9:cd:7d:e0:1f:9b:26:68:a3:41:0a:fe:f0:f9:a7:
55:d1:d2:c5:a0:0e:23:a4:26:14:01:74:cb:4f:33:
b4:fe:68:af:59:e5:b4:c2:f6:65:14:34:86:90:7d:
e6:9e:43:a6:b0:27:51:e8:9e:20:fd:24:30:b8:09:
bf:8b:01:c0:20:ed:06:57:b9:5d:c5:88:dd:f1:e0:
93:e7:16:63:f0:3e:42:b5:72:bf:c0:cf:25:dc:24:
8a:26:49:d2:52:a8:72:59:79:37:5e:dc:3f:88:db:
ed:8e:e0:d2:dc:a7:6c:44:e1:18:ad:a5:35:4c:17:
8c:da:e5:c1:ca:61:2c:a9:f0:28:78:97:10:36:91:
63:3d:e9:0c:58:b0:18:fd:a4:c4:13:5a:0b:19:0f:
86:32:b9:72:b6:c0:07:a0:92:99:3e:c7:c1:d4:b3:
ea:35:cd:b4:31:50:87:4f:7e:98:59:99:b1:ee:85:
64:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:DF:28:54:7C:BB:9E:A1:04:BB:42:2C:F0:41:79:2D:5A:87:8B:41
X509v3 Authority Key Identifier:
keyid:4C:A0:2E:C1:11:87:4A:E0:E7:D0:55:5A:25:FF:33:02:F9:12:EB:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915825D/DD71D568A44611EF8D58A624C4F9AE02/TKAuwRGHSuDn0FVaJf8zAvkS64w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TKAuwRGHSuDn0FVaJf8zAvkS64w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915825D/DD71D568A44611EF8D58A624C4F9AE02/109B1A6AC14F11EFAE8F4B0BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.191.163.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:99:34:93:e1:b3:55:9b:4d:73:86:9c:a2:5f:36:4d:2a:aa:
a6:ad:81:9a:9c:a9:81:ec:98:b7:6b:e8:7b:fc:58:06:3c:21:
9d:4f:d9:f1:6f:45:8f:1b:cd:90:02:fd:ec:d6:73:9e:e0:f3:
b9:b8:54:1b:58:9e:59:51:bd:bf:05:c6:a2:52:2e:9e:bf:ab:
2f:f5:5a:8a:41:41:b1:c5:e9:e5:fc:74:49:30:6d:59:0f:cc:
ec:6f:d9:18:83:a1:cd:8b:14:33:86:23:69:34:72:c7:5d:8e:
70:60:ee:13:4e:0f:13:cf:cd:24:d5:5e:23:0e:e2:ef:dd:d1:
c4:56:1b:c3:46:19:06:fa:c9:d7:a3:c0:91:4b:85:91:31:8f:
f8:45:4c:10:e5:d4:ca:42:27:85:13:73:dd:08:fe:e9:05:61:
cd:56:e7:c3:eb:fc:73:ee:97:45:96:8f:0b:c6:ea:ea:20:ff:
8e:4b:6d:1e:77:57:89:21:fa:06:f0:79:13:ec:7a:aa:f7:64:
e4:50:d9:4d:f3:8d:de:fe:3e:9d:e2:03:06:3a:6a:af:11:72:
eb:09:4f:88:48:f9:a1:d3:a8:38:92:45:e3:25:26:2e:cb:aa:
9d:50:50:0e:11:d9:74:c9:1c:93:9f:56:67:51:e3:cb:2c:cc:
dd:6f:af:0b
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBGDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
ODI1RDExMC8GA1UEBRMoNENBMDJFQzExMTg3NEFFMEU3RDA1NTVBMjVGRjMzMDJG
OTEyRUI4QzAeFw0yNDEyMjMxNjU4MDBaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3Njk5Njk3LTkxMGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCxSPKMd7BQ8mn7rXCfZjBN15WOzRmO4KJtoPV1qroacCzuFibw1sQgwY+noNml
j8hQqUditRU4ALMkbpOHJueVylTnIyoDjIupnbnNfeAfmyZoo0EK/vD5p1XR0sWg
DiOkJhQBdMtPM7T+aK9Z5bTC9mUUNIaQfeaeQ6awJ1HoniD9JDC4Cb+LAcAg7QZX
uV3FiN3x4JPnFmPwPkK1cr/AzyXcJIomSdJSqHJZeTde3D+I2+2O4NLcp2xE4Rit
pTVMF4za5cHKYSyp8Ch4lxA2kWM96QxYsBj9pMQTWgsZD4YyuXK2wAegkpk+x8HU
s+o1zbQxUIdPfphZmbHuhWSvAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU1N8oVHy7
nqEEu0Is8EF5LVqHi0EwHwYDVR0jBBgwFoAUTKAuwRGHSuDn0FVaJf8zAvkS64ww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU4MjVEL0RENzFENTY4QTQ0
NjExRUY4RDU4QTYyNEM0RjlBRTAyL1RLQXV3UkdIU3VEbjBGVmFKZjh6QXZrUzY0
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvVEtBdXdSR0hTdURuMEZWYUpmOHpBdmtTNjR3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
ODI1RC9ERDcxRDU2OEE0NDYxMUVGOEQ1OEE2MjRDNEY5QUUwMi8xMDlCMUE2QUMx
NEYxMUVGQUU4RjRCMEJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKC/ozANBgkqhkiG9w0BAQsFAAOCAQEAapk0k+GzVZtNc4ac
ol82TSqqpq2BmpypgeyYt2voe/xYBjwhnU/Z8W9FjxvNkAL97NZznuDzubhUG1ie
WVG9vwXGolIunr+rL/VaikFBscXp5fx0STBtWQ/M7G/ZGIOhzYsUM4YjaTRyx12O
cGDuE04PE8/NJNVeIw7i793RxFYbw0YZBvrJ16PAkUuFkTGP+EVMEOXUykInhRNz
3Qj+6QVhzVbnw+v8c+6XRZaPC8bq6iD/jkttHndXiSH6BvB5E+x6qvdk5FDZTfON
3v4+neIDBjpqrxFy6wlPiEj5odOoOJJF4yUmLsuqnVBQDhHZdMkck59WZ1HjyyzM
3W+vCw==
-----END CERTIFICATE-----
Generated at Sun Apr 27 19:21:05 2025 by rpki-client