Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1691/482BA1729D2411E7861A226BC4F9AE02/AE21A9C6818911EA81577016C4F9AE02.roa
File: AE21A9C6818911EA81577016C4F9AE02.roa (raw, json)
Hash identifier: 7SxWILLdTrzJpYEt8Y/6XTCMP3sdZqZUyA4GDfqu88g=
Subject key identifier: F0:7C:16:A3:FC:23:98:E0:22:16:26:03:9F:EE:44:A0:C2:FC:B2:1B
Certificate issuer: /CN=A91D1691/serialNumber=D1479EF60341E39ECA172E4376443A471975CBEF
Certificate serial: 17F5
Authority key identifier: D1:47:9E:F6:03:41:E3:9E:CA:17:2E:43:76:44:3A:47:19:75:CB:EF
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0Uee9gNB457KFy5DdkQ6Rxl1y-8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D1691/482BA1729D2411E7861A226BC4F9AE02/AE21A9C6818911EA81577016C4F9AE02.roa
Signing time: Fri 02 Aug 2024 16:32:59 +0000
ROA not before: Fri 02 Aug 2024 16:32:59 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 45352
IP address blocks: 162.253.16.0/22 maxlen: 22
162.253.16.0/24 maxlen: 24
162.253.17.0/24 maxlen: 24
162.253.18.0/24 maxlen: 24
162.253.19.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6133 (0x17f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D1691/serialNumber=D1479EF60341E39ECA172E4376443A471975CBEF
Validity
Not Before: Aug 2 16:32:59 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66ad0a3b-3702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:41:91:8e:43:c9:3a:76:01:29:3c:95:f7:a8:
38:98:35:ab:b1:2a:c3:68:58:4c:17:dd:83:f6:5f:
96:1b:78:df:61:20:ed:5d:fc:86:d1:e0:ea:1e:01:
b9:ff:4f:da:8e:c4:8a:4c:3e:22:5e:36:61:63:8c:
49:f5:c5:50:cc:3a:8e:bc:b5:41:45:09:2d:0f:ac:
4d:b0:3f:d6:05:c4:43:f1:fc:4d:27:c0:9e:de:05:
84:9f:32:9c:a4:e3:c5:9c:2d:e7:e9:7c:fb:73:3c:
61:0a:47:58:f6:ce:f8:e1:e5:8f:b0:5e:6c:5d:ae:
05:d0:5e:6a:03:ca:af:c9:d1:7c:a0:27:e3:21:23:
7d:64:83:7e:d5:df:af:08:b7:f0:93:b2:4a:50:d8:
03:a4:f4:c2:c0:d9:53:f1:56:42:ca:0f:ec:60:d9:
5b:b5:02:d5:59:ab:56:f1:87:22:2d:54:5b:cc:17:
1d:f8:41:47:8d:40:7e:5a:c1:a1:39:7b:e0:95:6a:
1b:39:35:4d:1f:2c:75:b1:63:75:67:8e:07:7b:fd:
74:8b:15:71:9e:f6:7d:9e:c8:e2:bf:2a:08:15:9a:
2b:71:bb:1c:13:47:b7:b3:85:3b:7a:45:72:5f:3c:
b7:55:9a:dc:cf:5c:46:e3:c6:36:93:1e:10:14:47:
16:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:7C:16:A3:FC:23:98:E0:22:16:26:03:9F:EE:44:A0:C2:FC:B2:1B
X509v3 Authority Key Identifier:
keyid:D1:47:9E:F6:03:41:E3:9E:CA:17:2E:43:76:44:3A:47:19:75:CB:EF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D1691/482BA1729D2411E7861A226BC4F9AE02/0Uee9gNB457KFy5DdkQ6Rxl1y-8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0Uee9gNB457KFy5DdkQ6Rxl1y-8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1691/482BA1729D2411E7861A226BC4F9AE02/AE21A9C6818911EA81577016C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
162.253.16.0/22
Signature Algorithm: sha256WithRSAEncryption
75:1a:4b:77:e1:87:ea:96:84:37:4f:c9:ae:31:05:7e:84:7a:
5d:df:13:cd:f3:93:a5:c1:72:13:2c:84:ff:73:9b:c1:00:2e:
15:65:f7:b5:24:b3:49:8f:9c:17:e1:03:a8:89:dd:c1:59:a7:
a4:5b:9c:a5:c4:fa:3c:76:b5:45:22:29:8e:c8:37:4e:cf:dc:
48:97:65:2d:7d:c8:43:3e:4a:71:fb:06:bd:b0:ec:3d:ce:cc:
73:75:6a:81:d6:58:9e:c9:3e:f9:32:5c:3b:e8:d3:a9:f5:01:
c0:ad:01:88:f3:ac:9d:ef:3f:86:cd:ea:6c:20:c2:f9:3f:80:
c7:36:e7:2a:2c:bf:35:9a:db:bd:cd:9f:aa:60:22:cb:d9:a0:
41:a3:75:f4:ed:5b:98:10:7f:73:f8:54:24:b0:6e:be:09:72:
52:53:0a:61:c7:08:8f:2e:0b:c4:8d:27:b8:3b:6e:c6:8c:c4:
69:95:a3:6e:27:49:db:e9:e7:ab:1e:d9:5e:09:fc:71:7c:3b:
c4:5b:1a:14:b9:84:ef:57:e2:71:66:4c:3e:5b:84:5b:b4:0f:
39:9a:3b:2e:7c:5b:c6:ee:1d:e0:2f:87:02:3a:1c:ba:83:a7:
35:78:56:80:a1:08:58:c7:1c:82:11:64:42:33:80:06:10:b3:
10:29:77:d6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICF/UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE2OTExMTAvBgNVBAUTKEQxNDc5RUY2MDM0MUUzOUVDQTE3MkU0Mzc2NDQzQTQ3
MTk3NUNCRUYwHhcNMjQwODAyMTYzMjU5WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFkMGEzYi0zNzAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu0GRjkPJOnYBKTyV96g4mDWrsSrDaFhMF92D9l+WG3jfYSDtXfyG0eDqHgG5
/0/ajsSKTD4iXjZhY4xJ9cVQzDqOvLVBRQktD6xNsD/WBcRD8fxNJ8Ce3gWEnzKc
pOPFnC3n6Xz7czxhCkdY9s744eWPsF5sXa4F0F5qA8qvydF8oCfjISN9ZIN+1d+v
CLfwk7JKUNgDpPTCwNlT8VZCyg/sYNlbtQLVWatW8YciLVRbzBcd+EFHjUB+WsGh
OXvglWobOTVNHyx1sWN1Z44He/10ixVxnvZ9nsjivyoIFZorcbscE0e3s4U7ekVy
Xzy3VZrcz1xG48Y2kx4QFEcWFQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPB8FqP8
I5jgIhYmA5/uRKDC/LIbMB8GA1UdIwQYMBaAFNFHnvYDQeOeyhcuQ3ZEOkcZdcvv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTY5MS80ODJCQTE3MjlE
MjQxMUU3ODYxQTIyNkJDNEY5QUUwMi8wVWVlOWdOQjQ1N0tGeTVEZGtRNlJ4bDF5
LTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzBVZWU5Z05CNDU3S0Z5NURka1E2UnhsMXktOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE2OTEvNDgyQkExNzI5RDI0MTFFNzg2MUEyMjZCQzRGOUFFMDIvQUUyMUE5QzY4
MTg5MTFFQTgxNTc3MDE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAKi/RAwDQYJKoZIhvcNAQELBQADggEBAHUaS3fhh+qWhDdP
ya4xBX6Eel3fE83zk6XBchMshP9zm8EALhVl97Uks0mPnBfhA6iJ3cFZp6RbnKXE
+jx2tUUiKY7IN07P3EiXZS19yEM+SnH7Br2w7D3OzHN1aoHWWJ7JPvkyXDvo06n1
AcCtAYjzrJ3vP4bN6mwgwvk/gMc25yosvzWa273Nn6pgIsvZoEGjdfTtW5gQf3P4
VCSwbr4JclJTCmHHCI8uC8SNJ7g7bsaMxGmVo24nSdvp56se2V4J/HF8O8RbGhS5
hO9X4nFmTD5bhFu0DzmaOy58W8buHeAvhwI6HLqDpzV4VoChCFjHHIIRZEIzgAYQ
sxApd9Y=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:34:22 2025 by rpki-client