Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917C909/FF7C5FDCC0DB11EF9E871844C4F9AE02/853312D2C0DD11EFB5F0D24AC4F9AE02.roa
File: 853312D2C0DD11EFB5F0D24AC4F9AE02.roa (raw, json)
Hash identifier: FGrsxVel52tLC2c3tTf2jw58e+atsnyXCQDnNztZqg4=
Subject key identifier: 9C:45:35:C0:F5:9F:E7:BE:10:7E:EC:B7:57:56:17:8D:1C:86:29:32
Certificate issuer: /CN=A917C909/serialNumber=59F9D48DD916909783E31771D8AD7ECB30DC3BA2
Certificate serial: 02
Authority key identifier: 59:F9:D4:8D:D9:16:90:97:83:E3:17:71:D8:AD:7E:CB:30:DC:3B:A2
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/WfnUjdkWkJeD4xdx2K1-yzDcO6I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917C909/FF7C5FDCC0DB11EF9E871844C4F9AE02/853312D2C0DD11EFB5F0D24AC4F9AE02.roa
Signing time: Mon 23 Dec 2024 03:25:13 +0000
ROA not before: Mon 23 Dec 2024 03:25:13 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 133458
IP address blocks: 161.248.2.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917C909/serialNumber=59F9D48DD916909783E31771D8AD7ECB30DC3BA2
Validity
Not Before: Dec 23 03:25:13 2024 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6768d818-c757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bb:57:a1:1e:bf:98:08:0a:89:55:28:07:2c:
02:ee:e4:af:c8:1d:ee:90:f7:90:00:1a:f5:e9:83:
bc:cf:62:c7:88:6c:26:dd:d1:b7:29:d7:f6:2a:bc:
1f:83:6f:29:e4:95:e3:b8:47:f7:54:97:14:24:c1:
74:3f:d9:3d:ce:93:17:83:be:b6:bd:14:56:0c:46:
1d:04:53:ac:e7:50:8c:6b:84:63:cd:5d:5c:6c:e7:
22:75:80:ee:79:08:1e:aa:cf:2a:f5:eb:b3:5d:f5:
bd:75:94:1a:a6:09:65:33:c2:4d:4e:31:54:3d:2e:
c7:d7:4a:83:24:60:ec:32:06:2f:88:c4:b2:6e:d6:
6b:4c:f7:aa:c6:47:8d:b5:df:c9:f5:cb:3e:96:74:
8f:5e:72:f2:d7:7b:8a:16:3d:32:cd:71:5f:9b:d3:
99:32:48:b7:fa:b0:97:70:4b:69:e8:15:0e:61:fd:
4c:dc:ac:16:8a:45:df:0d:74:f1:56:90:bf:0c:e1:
26:21:d8:29:e1:98:c6:5b:f0:ee:a3:15:79:33:76:
1b:58:a8:b6:54:72:8b:6a:d2:e7:a7:8d:6e:99:66:
4e:d0:7e:0d:14:e0:d9:bc:34:93:04:f4:f1:27:92:
f7:0e:aa:1d:49:00:ea:72:11:75:90:5f:12:ce:f2:
c2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:45:35:C0:F5:9F:E7:BE:10:7E:EC:B7:57:56:17:8D:1C:86:29:32
X509v3 Authority Key Identifier:
keyid:59:F9:D4:8D:D9:16:90:97:83:E3:17:71:D8:AD:7E:CB:30:DC:3B:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917C909/FF7C5FDCC0DB11EF9E871844C4F9AE02/WfnUjdkWkJeD4xdx2K1-yzDcO6I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/WfnUjdkWkJeD4xdx2K1-yzDcO6I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C909/FF7C5FDCC0DB11EF9E871844C4F9AE02/853312D2C0DD11EFB5F0D24AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.2.0/23
Signature Algorithm: sha256WithRSAEncryption
07:69:6f:fc:1f:b2:15:af:ac:7b:49:ac:2c:0d:4f:86:ab:97:
fe:ec:b4:67:46:bd:c2:51:75:b2:32:46:b7:c5:78:ff:c1:6a:
1a:5c:26:f3:54:77:22:97:57:d3:6e:b8:b6:12:2d:41:5a:53:
3b:dd:fd:cf:85:c0:a4:68:3d:35:df:8c:50:5f:22:9c:b4:cb:
1f:a7:b2:cd:20:bb:63:7d:48:d3:fe:e8:bb:c7:0d:e6:29:97:
1d:73:15:62:aa:75:c9:59:df:3f:03:b5:31:83:f0:d4:7b:60:
8e:41:10:e4:ef:66:55:19:74:2e:ac:32:da:9e:3d:f4:1b:51:
12:0f:7a:61:ea:12:63:49:a3:b0:51:e8:f0:3c:f1:d0:ee:96:
02:5e:6c:0b:9b:3d:89:a8:e2:b6:47:32:b0:a0:65:e2:11:e4:
a1:9a:43:2c:3b:f6:fd:d0:36:eb:e7:b6:ef:8e:6d:f0:ed:84:
fb:15:60:ee:b4:6f:6b:7a:0d:63:d1:ee:eb:e8:07:38:ee:b4:
a1:f1:39:99:3d:fa:2c:7e:04:04:80:7a:a0:3a:72:4b:07:e5:
a7:ad:2d:23:5f:27:8a:d5:b6:2f:65:dc:67:5d:94:13:b2:94:
bc:07:fc:fd:c9:bc:89:88:c4:0d:0f:9c:36:d0:19:a9:1d:ab:
63:5c:55:cf
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
QzkwOTExMC8GA1UEBRMoNTlGOUQ0OEREOTE2OTA5NzgzRTMxNzcxRDhBRDdFQ0Iz
MERDM0JBMjAeFw0yNDEyMjMwMzI1MTNaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NjhkODE4LWM3NTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC4u1ehHr+YCAqJVSgHLALu5K/IHe6Q95AAGvXpg7zPYseIbCbd0bcp1/YqvB+D
bynkleO4R/dUlxQkwXQ/2T3OkxeDvra9FFYMRh0EU6znUIxrhGPNXVxs5yJ1gO55
CB6qzyr167Nd9b11lBqmCWUzwk1OMVQ9LsfXSoMkYOwyBi+IxLJu1mtM96rGR421
38n1yz6WdI9ecvLXe4oWPTLNcV+b05kySLf6sJdwS2noFQ5h/UzcrBaKRd8NdPFW
kL8M4SYh2CnhmMZb8O6jFXkzdhtYqLZUcotq0uenjW6ZZk7Qfg0U4Nm8NJME9PEn
kvcOqh1JAOpyEXWQXxLO8sK7AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUnEU1wPWf
574Qfuy3V1YXjRyGKTIwHwYDVR0jBBgwFoAUWfnUjdkWkJeD4xdx2K1+yzDcO6Iw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdDOTA5L0ZGN0M1RkRDQzBE
QjExRUY5RTg3MTg0NEM0RjlBRTAyL1dmblVqZGtXa0plRDR4ZHgySzEteXpEY082
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvV2ZuVWpka1drSmVENHhkeDJLMS15ekRjTzZJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
QzkwOS9GRjdDNUZEQ0MwREIxMUVGOUU4NzE4NDRDNEY5QUUwMi84NTMzMTJEMkMw
REQxMUVGQjVGMEQyNEFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaH4AjANBgkqhkiG9w0BAQsFAAOCAQEAB2lv/B+yFa+se0ms
LA1PhquX/uy0Z0a9wlF1sjJGt8V4/8FqGlwm81R3IpdX0264thItQVpTO939z4XA
pGg9Nd+MUF8inLTLH6eyzSC7Y31I0/7ou8cN5imXHXMVYqp1yVnfPwO1MYPw1Htg
jkEQ5O9mVRl0Lqwy2p499BtREg96YeoSY0mjsFHo8Dzx0O6WAl5sC5s9iajitkcy
sKBl4hHkoZpDLDv2/dA26+e2745t8O2E+xVg7rRva3oNY9Hu6+gHOO60ofE5mT36
LH4EBIB6oDpySwflp60tI18nitW2L2XcZ12UE7KUvAf8/cm8iYjEDQ+cNtAZqR2r
Y1xVzw==
-----END CERTIFICATE-----
Generated at Mon Apr 28 02:18:42 2025 by rpki-client