Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE5A6/AAB33E4C5B3F11EE8F1D3D6EC4F9AE02/64120230B2C211EFA43BF057C4F9AE02.roa
File: 64120230B2C211EFA43BF057C4F9AE02.roa (raw, json)
Hash identifier: SBq6U2fKZQoYlgN406N7QsixzZWHu2G7waxuF+whPro=
Subject key identifier: 3D:42:55:73:88:70:96:15:88:E5:8C:22:8B:A1:96:20:D5:99:74:52
Certificate issuer: /CN=A91CE5A6/serialNumber=62DDC285DA8B3E209EB00EAA3671845DAA6CF286
Certificate serial: E6
Authority key identifier: 62:DD:C2:85:DA:8B:3E:20:9E:B0:0E:AA:36:71:84:5D:AA:6C:F2:86
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Yt3ChdqLPiCesA6qNnGEXaps8oY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CE5A6/AAB33E4C5B3F11EE8F1D3D6EC4F9AE02/64120230B2C211EFA43BF057C4F9AE02.roa
Signing time: Thu 05 Dec 2024 05:53:22 +0000
ROA not before: Thu 05 Dec 2024 05:53:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1851
IP address blocks: 129.127.0.0/16 maxlen: 16
192.43.227.0/24 maxlen: 24
192.43.228.0/24 maxlen: 24
192.160.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 230 (0xe6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CE5A6/serialNumber=62DDC285DA8B3E209EB00EAA3671845DAA6CF286
Validity
Not Before: Dec 5 05:53:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67513fd2-a261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e0:08:10:ee:de:3f:f8:e5:58:89:38:0a:87:
c5:5f:d0:0e:b2:ca:bb:df:6a:02:a1:fd:26:82:2d:
1f:d4:c8:79:23:b5:c4:9d:6c:7e:24:45:6b:72:76:
51:8d:37:0f:c4:1c:a2:59:ee:98:2f:19:43:4b:78:
f4:68:8a:b7:09:06:16:91:9b:f9:27:94:8b:93:da:
6e:15:c1:1e:a9:1f:6f:52:8c:57:d8:3e:af:4a:8a:
7d:a5:92:6f:b5:71:d2:9e:eb:c3:20:66:27:d1:ae:
1c:6e:b0:b7:9a:2f:25:ca:4b:dd:69:de:b3:1d:e5:
f9:bb:b6:2f:87:71:32:04:bb:c7:f0:68:fa:22:49:
bb:38:2f:32:dc:a5:7d:af:08:b8:35:1c:51:2d:1b:
2d:e5:f9:99:54:a5:fa:1c:27:19:16:b3:8a:54:12:
93:83:23:a2:4d:85:47:6e:05:19:9c:ab:47:9a:7c:
1f:72:64:12:46:9e:fc:dd:01:ab:d1:d4:ff:0a:03:
0a:ac:af:2c:f5:db:63:ad:67:49:13:b2:75:59:90:
3a:94:8d:ef:e3:6f:02:28:65:74:17:f2:05:fa:74:
0c:44:30:57:ab:93:b4:62:ab:22:0d:7a:d6:14:b0:
cd:90:54:a8:ff:e8:fb:a3:a0:d4:4f:95:2b:fa:c1:
22:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:42:55:73:88:70:96:15:88:E5:8C:22:8B:A1:96:20:D5:99:74:52
X509v3 Authority Key Identifier:
keyid:62:DD:C2:85:DA:8B:3E:20:9E:B0:0E:AA:36:71:84:5D:AA:6C:F2:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CE5A6/AAB33E4C5B3F11EE8F1D3D6EC4F9AE02/Yt3ChdqLPiCesA6qNnGEXaps8oY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Yt3ChdqLPiCesA6qNnGEXaps8oY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE5A6/AAB33E4C5B3F11EE8F1D3D6EC4F9AE02/64120230B2C211EFA43BF057C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.127.0.0/16
192.43.227.0-192.43.228.255
192.160.71.0/24
Signature Algorithm: sha256WithRSAEncryption
36:05:50:42:59:b2:55:e2:19:ba:35:41:29:33:4f:df:6b:9c:
53:b9:df:df:21:d4:71:71:3b:93:f5:7d:7a:32:3c:09:cf:ed:
66:87:15:2a:f8:fe:35:dd:3d:af:e1:0e:54:c1:f9:e2:e9:1d:
40:2e:b6:62:2e:3f:75:0e:de:08:af:6d:9e:d9:b6:dd:6c:9a:
fa:af:21:1f:61:2f:39:7f:24:c4:0d:7b:6f:58:41:a7:e4:90:
81:8a:36:71:45:13:2a:58:74:7e:f5:b4:29:77:b2:62:0e:47:
34:95:7f:d8:1c:fc:a4:88:f6:37:d1:43:39:22:fc:3a:80:53:
2a:fe:dc:24:b8:96:9c:49:d1:b7:95:22:23:ac:3a:00:95:d3:
61:65:f1:53:cb:aa:27:64:b5:41:b7:21:6a:25:bc:29:45:b1:
e1:8b:5e:aa:7f:36:4c:16:4f:53:eb:8a:89:a9:42:56:12:07:
c7:27:9b:9c:1d:b1:1e:04:7a:0a:4e:1d:f8:6b:53:8f:fa:f8:
f0:69:cc:26:f7:83:8e:3d:1c:87:0b:6e:f5:f2:c1:17:3d:99:
9f:fd:65:f9:57:0e:e2:f7:8c:d1:23:ca:dc:1a:1e:77:10:b5:
11:39:bf:25:c6:b9:c2:25:7f:8e:50:b5:a9:cb:b1:07:87:93:
dd:61:9c:ce
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAOYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0U1QTYxMTAvBgNVBAUTKDYyRERDMjg1REE4QjNFMjA5RUIwMEVBQTM2NzE4NDVE
QUE2Q0YyODYwHhcNMjQxMjA1MDU1MzIyWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUxM2ZkMi1hMjYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAweAIEO7eP/jlWIk4CofFX9AOssq732oCof0mgi0f1Mh5I7XEnWx+JEVrcnZR
jTcPxByiWe6YLxlDS3j0aIq3CQYWkZv5J5SLk9puFcEeqR9vUoxX2D6vSop9pZJv
tXHSnuvDIGYn0a4cbrC3mi8lykvdad6zHeX5u7Yvh3EyBLvH8Gj6Ikm7OC8y3KV9
rwi4NRxRLRst5fmZVKX6HCcZFrOKVBKTgyOiTYVHbgUZnKtHmnwfcmQSRp783QGr
0dT/CgMKrK8s9dtjrWdJE7J1WZA6lI3v428CKGV0F/IF+nQMRDBXq5O0YqsiDXrW
FLDNkFSo/+j7o6DUT5Ur+sEigwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD1CVXOI
cJYViOWMIouhliDVmXRSMB8GA1UdIwQYMBaAFGLdwoXaiz4gnrAOqjZxhF2qbPKG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTVBNi9BQUIzM0U0QzVC
M0YxMUVFOEYxRDNENkVDNEY5QUUwMi9ZdDNDaGRxTFBpQ2VzQTZxTm5HRVhhcHM4
b1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1l0M0NoZHFMUGlDZXNBNnFObkdFWGFwczhvWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0U1QTYvQUFCMzNFNEM1QjNGMTFFRThGMUQzRDZFQzRGOUFFMDIvNjQxMjAyMzBC
MkMyMTFFRkE0M0JGMDU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMgYIKwYBBQUHAQcBAf8E
IzAhMB8EAgABMBkDAwCBfzAMAwQAwCvjAwQAwCvkAwQAwKBHMA0GCSqGSIb3DQEB
CwUAA4IBAQA2BVBCWbJV4hm6NUEpM0/fa5xTud/fIdRxcTuT9X16MjwJz+1mhxUq
+P413T2v4Q5Uwfni6R1ALrZiLj91Dt4Ir22e2bbdbJr6ryEfYS85fyTEDXtvWEGn
5JCBijZxRRMqWHR+9bQpd7JiDkc0lX/YHPykiPY30UM5Ivw6gFMq/twkuJacSdG3
lSIjrDoAldNhZfFTy6onZLVBtyFqJbwpRbHhi16qfzZMFk9T64qJqUJWEgfHJ5uc
HbEeBHoKTh34a1OP+vjwacwm94OOPRyHC2718sEXPZmf/WX5Vw7i94zRI8rcGh53
ELUROb8lxrnCJX+OULWpy7EHh5PdYZzO
-----END CERTIFICATE-----
Generated at Mon Apr 28 23:47:07 2025 by rpki-client