Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8EDF/EA67A98C7C5711EDBF213767C4F9AE02/A6524550C4E411EEAFF83C50C4F9AE02.roa
File: A6524550C4E411EEAFF83C50C4F9AE02.roa (raw, json)
Hash identifier: d4lk9eKDk4hQ5jM/CM/7dtQ4pw21vQcp7xDVqjydE4E=
Subject key identifier: 41:05:35:5B:21:B0:27:62:B3:94:20:2F:91:9A:B4:B4:6B:10:CF:03
Certificate issuer: /CN=A91C8EDF/serialNumber=05D365500DA4B2C00189F3C6CA5950E0074C7C4A
Certificate serial: 0191
Authority key identifier: 05:D3:65:50:0D:A4:B2:C0:01:89:F3:C6:CA:59:50:E0:07:4C:7C:4A
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BdNlUA2kssABifPGyllQ4AdMfEo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C8EDF/EA67A98C7C5711EDBF213767C4F9AE02/A6524550C4E411EEAFF83C50C4F9AE02.roa
Signing time: Fri 13 Dec 2024 02:36:00 +0000
ROA not before: Fri 13 Dec 2024 02:36:00 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 396982
IP address blocks: 152.65.192.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 401 (0x191)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C8EDF/serialNumber=05D365500DA4B2C00189F3C6CA5950E0074C7C4A
Validity
Not Before: Dec 13 02:36:00 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=675b9d8f-1ea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c2:78:b9:f8:ae:89:d0:d9:07:d1:3c:12:90:
ef:f8:c6:26:60:a6:af:92:d2:76:fb:cd:90:68:25:
85:4b:dd:59:ae:c8:8c:7f:13:bf:a9:45:a1:d7:97:
08:95:94:70:e1:14:31:6c:41:06:14:c1:96:bd:bb:
d1:c5:f4:7d:ef:ff:23:dc:bc:2e:6c:4c:cb:62:dd:
b5:e2:7e:b4:d2:6d:e9:cb:46:2b:18:61:a3:32:37:
b3:4a:35:67:7b:24:c0:bc:18:db:f1:ce:bf:4e:11:
c5:9e:66:e0:d3:85:f1:45:ed:85:17:e5:62:ca:43:
e2:6b:5a:de:fa:c4:5c:21:90:6c:ab:9b:5b:23:a3:
1f:35:06:e1:8d:98:0b:07:25:87:05:c7:c7:15:9f:
88:52:f1:1e:7d:e0:2a:ae:13:b0:04:aa:e7:ff:98:
33:71:84:78:c3:be:fd:60:8a:f1:51:36:8a:4a:e6:
ce:9c:32:3a:d0:2e:28:40:3b:f3:e6:d2:30:8c:f6:
cb:5b:cd:2d:7e:3c:f0:61:4a:1b:55:3f:24:60:74:
fe:00:fd:bd:d9:05:c6:8b:a1:d2:a4:52:0c:5c:28:
6a:84:fe:06:f9:ac:4e:12:bd:0c:44:a1:fa:57:fa:
e7:01:13:b0:a3:d6:18:e7:0c:f0:ec:8a:7f:09:d1:
0f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:05:35:5B:21:B0:27:62:B3:94:20:2F:91:9A:B4:B4:6B:10:CF:03
X509v3 Authority Key Identifier:
keyid:05:D3:65:50:0D:A4:B2:C0:01:89:F3:C6:CA:59:50:E0:07:4C:7C:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C8EDF/EA67A98C7C5711EDBF213767C4F9AE02/BdNlUA2kssABifPGyllQ4AdMfEo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BdNlUA2kssABifPGyllQ4AdMfEo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8EDF/EA67A98C7C5711EDBF213767C4F9AE02/A6524550C4E411EEAFF83C50C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
152.65.192.0/18
Signature Algorithm: sha256WithRSAEncryption
30:e2:80:3c:6e:4c:31:aa:cb:3c:5b:03:b2:64:4a:2a:58:4f:
f9:9e:db:60:bb:4b:86:a9:b4:33:1d:1b:95:a1:3d:20:82:2d:
fa:3e:70:38:9d:f9:76:12:ca:14:c3:27:06:26:f7:64:94:e9:
17:76:d6:77:8b:5f:8c:89:ce:ca:13:0b:60:07:a3:86:a5:07:
f6:59:45:ac:11:70:49:0c:f6:8e:73:f8:74:a4:bb:a5:82:d0:
8a:b5:2e:24:b7:0d:8d:bb:c6:02:f4:48:de:c0:f3:cb:ad:26:
ef:f0:95:8b:cc:93:7f:3f:a2:39:2a:26:4e:34:85:70:4a:dc:
29:5f:de:a3:c3:ad:2e:61:40:a7:d0:12:87:f6:3e:ea:2c:6f:
bf:71:67:97:08:f4:6b:74:1b:10:94:0d:71:02:b4:19:fa:ef:
9c:5d:46:af:22:52:f5:60:1d:18:0f:2e:c9:76:36:dc:96:69:
4d:ba:0d:ad:65:01:4a:46:35:6e:92:73:a1:ba:3b:9a:7f:3a:
7d:3d:aa:b4:53:10:a4:a7:58:89:42:ce:11:89:e1:d6:f5:3a:
1c:f3:b7:03:ea:5f:3f:48:18:13:3b:61:f8:69:a0:b4:0a:06:
7b:9c:4b:d3:5d:f1:56:05:0e:16:f0:36:c6:a5:ad:94:bb:90:
19:71:2a:8c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAZEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzhFREYxMTAvBgNVBAUTKDA1RDM2NTUwMERBNEIyQzAwMTg5RjNDNkNBNTk1MEUw
MDc0QzdDNEEwHhcNMjQxMjEzMDIzNjAwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzViOWQ4Zi0xZWE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArcJ4ufiuidDZB9E8EpDv+MYmYKavktJ2+82QaCWFS91ZrsiMfxO/qUWh15cI
lZRw4RQxbEEGFMGWvbvRxfR97/8j3LwubEzLYt214n600m3py0YrGGGjMjezSjVn
eyTAvBjb8c6/ThHFnmbg04XxRe2FF+ViykPia1re+sRcIZBsq5tbI6MfNQbhjZgL
ByWHBcfHFZ+IUvEefeAqrhOwBKrn/5gzcYR4w779YIrxUTaKSubOnDI60C4oQDvz
5tIwjPbLW80tfjzwYUobVT8kYHT+AP292QXGi6HSpFIMXChqhP4G+axOEr0MRKH6
V/rnAROwo9YY5wzw7Ip/CdEP8QIDAQABo4IClTCCApEwHQYDVR0OBBYEFEEFNVsh
sCdis5QgL5GatLRrEM8DMB8GA1UdIwQYMBaAFAXTZVANpLLAAYnzxspZUOAHTHxK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOEVERi9FQTY3QTk4QzdD
NTcxMUVEQkYyMTM3NjdDNEY5QUUwMi9CZE5sVUEya3NzQUJpZlBHeWxsUTRBZE1m
RW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0JkTmxVQTJrc3NBQmlmUEd5bGxRNEFkTWZFby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzhFREYvRUE2N0E5OEM3QzU3MTFFREJGMjEzNzY3QzRGOUFFMDIvQTY1MjQ1NTBD
NEU0MTFFRUFGRjgzQzUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAaYQcAwDQYJKoZIhvcNAQELBQADggEBADDigDxuTDGqyzxb
A7JkSipYT/me22C7S4aptDMdG5WhPSCCLfo+cDid+XYSyhTDJwYm92SU6Rd21neL
X4yJzsoTC2AHo4alB/ZZRawRcEkM9o5z+HSku6WC0Iq1LiS3DY27xgL0SN7A88ut
Ju/wlYvMk38/ojkqJk40hXBK3Clf3qPDrS5hQKfQEof2Puosb79xZ5cI9Gt0GxCU
DXECtBn675xdRq8iUvVgHRgPLsl2NtyWaU26Da1lAUpGNW6Sc6G6O5p/On09qrRT
EKSnWIlCzhGJ4db1OhzztwPqXz9IGBM7YfhpoLQKBnucS9Nd8VYFDhbwNsalrZS7
kBlxKow=
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:16:22 2025 by rpki-client