Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/AD20058AA15311EDB7EEA166C4F9AE02.roa
File: AD20058AA15311EDB7EEA166C4F9AE02.roa (raw, json)
Hash identifier: pU+0ul6cimph3kXco3+ztGCMmqH9Grv+RMc0dWShHhE=
Subject key identifier: 00:B1:D7:A9:FF:61:C9:4E:B9:E3:90:49:4C:A8:99:E4:52:03:0F:A1
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 3598
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/AD20058AA15311EDB7EEA166C4F9AE02.roa
Signing time: Wed 18 Dec 2024 14:40:36 +0000
ROA not before: Wed 18 Dec 2024 14:40:36 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 146998
IP address blocks: 121.46.65.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13720 (0x3598)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Validity
Not Before: Dec 18 14:40:36 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6762dee4-bae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:7c:72:b8:be:32:77:9f:2f:1d:b3:28:94:ed:
c3:e3:bd:7d:f3:a7:a1:d2:b1:9b:02:7c:c1:97:a9:
c3:b3:27:a0:2e:ad:e3:d0:eb:2b:7f:0c:d3:ad:7d:
ab:a2:99:9a:40:9f:cc:b9:05:d5:9f:c2:cb:39:a2:
dd:c2:aa:65:a1:3a:b2:be:f0:c0:a6:ae:2f:f7:91:
ea:60:2c:d3:b7:7b:08:83:e1:bc:fe:02:4f:c8:44:
e1:74:36:1d:f6:5e:10:95:ad:d8:27:21:f2:0d:0c:
31:04:b1:f7:f7:33:2e:68:37:f0:6a:e3:fb:c6:f6:
39:3c:3a:d9:29:66:ff:75:07:40:90:33:21:9a:96:
3e:23:7a:d1:0a:15:c6:20:26:52:85:95:c0:28:01:
bb:8e:83:8b:38:b1:7d:85:87:df:c0:23:e8:25:d9:
c0:d8:fc:d1:f5:55:c4:5b:54:48:ef:1c:22:1f:4c:
67:ab:43:6f:a3:c5:d2:cc:52:a4:ca:61:0f:a2:10:
2f:18:34:d2:45:30:ca:47:98:d4:9a:8c:c4:f9:9f:
bc:16:aa:28:39:b6:f4:2e:36:cc:41:5e:8d:27:4c:
a4:d5:11:83:7b:34:55:27:58:a5:01:08:35:1f:7a:
2b:65:ef:d2:dd:f1:43:e2:63:48:ea:c9:4c:80:d1:
de:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:B1:D7:A9:FF:61:C9:4E:B9:E3:90:49:4C:A8:99:E4:52:03:0F:A1
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/AD20058AA15311EDB7EEA166C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
121.46.65.0/24
Signature Algorithm: sha256WithRSAEncryption
26:05:fa:b3:f1:7b:c2:4c:01:96:7c:09:e7:7a:dc:20:6b:1b:
c3:b9:75:34:32:9b:46:01:d4:8d:27:2d:e2:1b:b7:0f:0d:ae:
04:c1:09:6f:9b:17:7d:8a:89:21:ae:4c:90:ce:7c:86:6e:24:
da:a2:4f:7a:8c:27:4b:1c:71:71:b6:38:24:ff:2b:95:66:e3:
ce:00:e9:47:4b:22:90:39:bf:a5:6e:ca:27:a4:ec:9b:31:78:
b0:53:54:0e:c5:c0:74:14:f6:44:c7:36:7e:d4:03:99:48:33:
dc:7c:0e:64:ee:61:87:fe:51:51:6f:e8:49:16:df:88:c4:a2:
60:02:95:d0:4c:9a:44:be:30:72:fb:63:f9:c2:19:14:40:f3:
4b:75:97:f3:b0:df:45:a6:5b:28:b7:40:d7:b8:8d:f0:1f:6f:
b9:66:31:d8:af:50:47:54:91:e6:5c:4f:bd:00:a4:d8:c1:15:
7a:fb:d6:5c:52:68:67:0a:8d:57:94:e6:bb:9b:1a:09:24:14:
36:a4:c3:cd:2e:ca:34:18:6d:1d:6b:65:4c:67:88:b3:6a:da:
bd:3e:08:39:e1:17:41:21:33:c8:cc:3f:3d:61:b5:eb:75:62:
0f:49:9f:19:4d:71:98:4b:6f:74:cd:ed:e1:64:67:bf:6b:3f:
68:7e:7e:c2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNZgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjQxMjE4MTQ0MDM2WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYyZGVlNC1iYWUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+nxyuL4yd58vHbMolO3D471986eh0rGbAnzBl6nDsyegLq3j0OsrfwzTrX2r
opmaQJ/MuQXVn8LLOaLdwqploTqyvvDApq4v95HqYCzTt3sIg+G8/gJPyEThdDYd
9l4Qla3YJyHyDQwxBLH39zMuaDfwauP7xvY5PDrZKWb/dQdAkDMhmpY+I3rRChXG
ICZShZXAKAG7joOLOLF9hYffwCPoJdnA2PzR9VXEW1RI7xwiH0xnq0Nvo8XSzFKk
ymEPohAvGDTSRTDKR5jUmozE+Z+8FqooObb0LjbMQV6NJ0yk1RGDezRVJ1ilAQg1
H3orZe/S3fFD4mNI6slMgNHegQIDAQABo4IClTCCApEwHQYDVR0OBBYEFACx16n/
YclOueOQSUyomeRSAw+hMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvQUQyMDA1OEFB
MTUzMTFFREI3RUVBMTY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB5LkEwDQYJKoZIhvcNAQELBQADggEBACYF+rPxe8JMAZZ8
Ced63CBrG8O5dTQym0YB1I0nLeIbtw8NrgTBCW+bF32KiSGuTJDOfIZuJNqiT3qM
J0sccXG2OCT/K5Vm484A6UdLIpA5v6Vuyiek7JsxeLBTVA7FwHQU9kTHNn7UA5lI
M9x8DmTuYYf+UVFv6EkW34jEomACldBMmkS+MHL7Y/nCGRRA80t1l/Ow30WmWyi3
QNe4jfAfb7lmMdivUEdUkeZcT70ApNjBFXr71lxSaGcKjVeU5rubGgkkFDakw80u
yjQYbR1rZUxniLNq2r0+CDnhF0EhM8jMPz1htet1Yg9JnxlNcZhLb3TN7eFkZ79r
P2h+fsI=
-----END CERTIFICATE-----
Generated at Sat Apr 26 03:17:40 2025 by rpki-client