Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/F9722F8255C411E9A0FEF781C4F9AE02.roa
File: F9722F8255C411E9A0FEF781C4F9AE02.roa (raw, json)
Hash identifier: nfiFkODG1xjacp8mfFgKJc4eVMHIn3FYy0Wk8I7UVHY=
Subject key identifier: 88:59:C6:67:55:B1:AF:B6:9B:5D:34:ED:F0:B5:D3:71:DF:75:29:72
Certificate issuer: /CN=A91EF19E/serialNumber=9E1F19A7E18D8BCED23EF2EDAB19E85438E7F08A
Certificate serial: 29A7
Authority key identifier: 9E:1F:19:A7:E1:8D:8B:CE:D2:3E:F2:ED:AB:19:E8:54:38:E7:F0:8A
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nh8Zp-GNi87SPvLtqxnoVDjn8Io.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/F9722F8255C411E9A0FEF781C4F9AE02.roa
Signing time: Tue 17 Dec 2024 22:05:40 +0000
ROA not before: Tue 17 Dec 2024 22:05:40 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 7575
IP address blocks: 138.44.0.0/16 maxlen: 24
160.250.178.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10663 (0x29a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EF19E/serialNumber=9E1F19A7E18D8BCED23EF2EDAB19E85438E7F08A
Validity
Not Before: Dec 17 22:05:40 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6761f5b3-fafe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:46:78:1c:4f:cc:dc:ae:28:6a:d8:e6:60:5e:
0a:ef:e0:b1:a8:2a:86:e0:90:8a:92:9a:77:16:a9:
b8:31:d4:81:f8:2f:ca:34:96:9e:74:e6:0d:37:e3:
7c:f7:81:c0:95:88:0b:36:d8:d5:6f:44:1e:bd:04:
bb:ee:6e:f7:b2:99:6f:5d:77:7c:04:36:59:6e:3b:
67:3c:7e:23:04:fd:c2:26:a7:d2:84:89:bb:18:ab:
69:ba:3e:2e:fe:78:51:64:47:c6:50:a1:07:b3:5a:
6c:91:c3:38:02:a1:7d:13:7d:27:ce:43:6b:88:cc:
31:b4:38:e8:4c:b9:37:a5:37:94:1f:5a:fd:be:51:
02:6e:3d:83:28:3e:22:d0:4e:12:79:21:d9:32:02:
d4:a6:fb:2f:57:e6:ef:57:9c:33:19:a1:7d:54:15:
3d:d2:e7:9c:1b:ca:b2:b1:55:fe:66:5f:51:5d:d0:
50:1a:d7:57:78:97:89:e1:fb:7c:d0:23:2b:0e:b3:
7c:09:31:ca:42:bd:e7:58:8d:c6:0d:53:38:69:e6:
56:6b:f0:fa:bb:69:ff:bb:5a:39:9e:28:4b:bf:31:
d3:21:fb:36:42:b3:c3:36:46:a5:a0:2c:84:50:02:
df:60:a9:27:22:7f:a2:31:81:37:fb:8c:9f:08:89:
f9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:59:C6:67:55:B1:AF:B6:9B:5D:34:ED:F0:B5:D3:71:DF:75:29:72
X509v3 Authority Key Identifier:
keyid:9E:1F:19:A7:E1:8D:8B:CE:D2:3E:F2:ED:AB:19:E8:54:38:E7:F0:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nh8Zp-GNi87SPvLtqxnoVDjn8Io.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/F9722F8255C411E9A0FEF781C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
138.44.0.0/16
160.250.178.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:ea:03:2b:30:63:ba:96:c9:fe:b4:f0:f4:d1:a9:af:45:03:
e0:56:80:54:2f:b4:8b:6f:31:dd:4e:83:d3:be:33:76:fd:1f:
94:52:06:7a:bd:67:af:31:d2:1c:31:74:c2:81:5e:27:78:69:
a1:95:e5:5f:e6:c3:98:96:38:a7:fc:de:95:87:ec:5e:59:88:
c9:b7:0e:10:4d:97:83:a8:b4:db:28:86:8a:95:c0:eb:c0:0c:
68:65:6f:cd:3f:24:f1:26:f6:5b:1c:c9:8d:51:f6:d8:8d:23:
be:57:06:92:e1:6b:3a:f4:15:b0:f1:88:ac:c9:26:a8:12:56:
47:31:ce:da:4e:d4:12:58:4e:0b:c9:ba:86:c2:0a:af:3a:f2:
89:cc:50:af:bb:0f:ea:c2:95:b9:4c:95:43:ff:2b:d9:04:ff:
b8:1f:1d:27:f8:a3:76:83:12:a4:af:33:c4:e2:23:f3:0a:b0:
d1:08:d9:8a:68:b1:f7:d8:da:e7:9d:b8:e2:8d:70:f4:1b:ac:
fe:62:79:a4:94:0f:7e:d1:d9:27:8f:06:d5:92:af:cf:a5:dd:
c7:2b:55:0b:27:9b:ae:06:39:56:75:57:2f:fe:df:ec:ca:3d:
01:0a:1c:5f:7a:3c:0f:a0:f1:7a:d3:61:d6:a0:b2:de:78:ee:
6a:bf:0f:04
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgICKacwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUYxOUUxMTAvBgNVBAUTKDlFMUYxOUE3RTE4RDhCQ0VEMjNFRjJFREFCMTlFODU0
MzhFN0YwOEEwHhcNMjQxMjE3MjIwNTQwWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYxZjViMy1mYWZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqkZ4HE/M3K4oatjmYF4K7+CxqCqG4JCKkpp3Fqm4MdSB+C/KNJaedOYNN+N8
94HAlYgLNtjVb0QevQS77m73splvXXd8BDZZbjtnPH4jBP3CJqfShIm7GKtpuj4u
/nhRZEfGUKEHs1pskcM4AqF9E30nzkNriMwxtDjoTLk3pTeUH1r9vlECbj2DKD4i
0E4SeSHZMgLUpvsvV+bvV5wzGaF9VBU90uecG8qysVX+Zl9RXdBQGtdXeJeJ4ft8
0CMrDrN8CTHKQr3nWI3GDVM4aeZWa/D6u2n/u1o5nihLvzHTIfs2QrPDNkaloCyE
UALfYKknIn+iMYE3+4yfCIn51QIDAQABo4ICmjCCApYwHQYDVR0OBBYEFIhZxmdV
sa+2m1007fC103HfdSlyMB8GA1UdIwQYMBaAFJ4fGafhjYvO0j7y7asZ6FQ45/CK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjE5RS9BOTNFOTkzRTM0
MEQxMUU0OUVDOTgxNjNDNEY5QUUwMi9uaDhacC1HTmk4N1NQdkx0cXhub1ZEam44
SW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL25oOFpwLUdOaTg3U1B2THRxeG5vVkRqbjhJby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUYxOUUvQTkzRTk5M0UzNDBEMTFFNDlFQzk4MTYzQzRGOUFFMDIvRjk3MjJGODI1
NUM0MTFFOUEwRkVGNzgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJAYIKwYBBQUHAQcBAf8E
FTATMBEEAgABMAsDAwCKLAMEAaD6sjANBgkqhkiG9w0BAQsFAAOCAQEAmuoDKzBj
upbJ/rTw9NGpr0UD4FaAVC+0i28x3U6D074zdv0flFIGer1nrzHSHDF0woFeJ3hp
oZXlX+bDmJY4p/zelYfsXlmIybcOEE2Xg6i02yiGipXA68AMaGVvzT8k8Sb2WxzJ
jVH22I0jvlcGkuFrOvQVsPGIrMkmqBJWRzHO2k7UElhOC8m6hsIKrzryicxQr7sP
6sKVuUyVQ/8r2QT/uB8dJ/ijdoMSpK8zxOIj8wqw0QjZimix99ja55244o1w9Bus
/mJ5pJQPftHZJ48G1ZKvz6XdxytVCyebrgY5VnVXL/7f7Mo9AQocX3o8D6DxetNh
1qCy3njuar8PBA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 10:17:21 2025 by rpki-client