Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/61CC010AE4BA11EE8037FD6DC4F9AE02.roa
File: 61CC010AE4BA11EE8037FD6DC4F9AE02.roa (raw, json)
Hash identifier: 1Lnaosa/OY0RTGhcXjsPmYkBR63tS7Qpn/EZaqAxnaM=
Subject key identifier: 72:AD:8C:FF:69:4B:B2:E0:43:4E:EE:AC:2C:6F:3C:7E:AB:B9:B3:3F
Certificate issuer: /CN=A91F2B47/serialNumber=17D5FE323EBFD9A8D344E77B73799A8E75624352
Certificate serial: 0169
Authority key identifier: 17:D5:FE:32:3E:BF:D9:A8:D3:44:E7:7B:73:79:9A:8E:75:62:43:52
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/F9X-Mj6_2ajTROd7c3majnViQ1I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/61CC010AE4BA11EE8037FD6DC4F9AE02.roa
Signing time: Sun 17 Mar 2024 23:59:25 +0000
ROA not before: Sun 17 Mar 2024 23:59:25 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 140217
IP address blocks: 166.120.192.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 361 (0x169)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F2B47/serialNumber=17D5FE323EBFD9A8D344E77B73799A8E75624352
Validity
Not Before: Mar 17 23:59:25 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65f783dd-5125
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:cb:d3:3f:bd:7e:85:3e:96:56:4d:44:24:b9:
59:95:2a:d3:f2:82:be:ab:38:33:c6:39:4a:7c:41:
04:86:ff:16:8e:77:ba:70:8a:47:9d:5b:14:84:5a:
0f:f0:7d:98:6a:e3:07:25:44:f5:b8:61:cd:57:36:
2f:66:12:38:ff:c8:53:4f:e9:bb:80:53:5d:90:f3:
78:46:46:ef:e5:f7:e4:9d:bf:0b:73:51:09:c1:9a:
9b:55:00:1c:0e:34:31:a8:a7:cd:7a:23:64:9b:09:
80:3c:71:48:dc:f5:3b:eb:4b:c6:4d:76:5c:43:34:
21:fa:bc:83:e1:62:ca:32:a7:18:df:64:8d:bf:dc:
fd:8c:79:c6:53:b8:5a:ce:0a:61:dd:5d:79:70:6d:
dc:99:11:49:83:3c:36:00:61:22:e4:ed:e6:1d:8b:
aa:93:ac:be:b9:59:df:f8:a0:2a:32:eb:fe:ca:73:
0f:7a:e8:ae:6b:1a:7c:d3:a0:8b:43:cc:71:67:fb:
cd:e6:e4:2b:cd:f5:10:e8:25:ac:0a:28:54:2e:70:
d6:1c:82:88:03:f8:3d:f6:13:d2:e4:b2:61:f1:7a:
6e:96:de:fa:2e:22:f0:8e:50:69:02:0b:93:66:7e:
85:97:5c:e0:e4:d6:1f:0d:23:8b:28:95:13:3f:f5:
c8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:AD:8C:FF:69:4B:B2:E0:43:4E:EE:AC:2C:6F:3C:7E:AB:B9:B3:3F
X509v3 Authority Key Identifier:
keyid:17:D5:FE:32:3E:BF:D9:A8:D3:44:E7:7B:73:79:9A:8E:75:62:43:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/F9X-Mj6_2ajTROd7c3majnViQ1I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/F9X-Mj6_2ajTROd7c3majnViQ1I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/61CC010AE4BA11EE8037FD6DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
166.120.192.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:cb:bf:4d:f6:87:7c:b4:21:a6:8d:ed:b4:fd:11:0d:b1:46:
94:c1:08:cc:0f:a6:03:e8:d9:9d:b5:df:45:33:0f:16:71:94:
a8:b2:41:ed:82:5e:be:f9:63:0e:4a:97:96:87:7e:41:43:0e:
9f:b4:0d:d7:07:19:9e:f8:f8:d2:37:76:2c:70:ba:ef:2a:2f:
77:a7:64:f0:cb:60:ae:1f:ff:c6:33:f3:2c:9a:1c:04:c9:da:
e9:a4:b5:5f:90:d8:b1:f7:55:4d:f4:71:3a:f2:78:f6:a3:aa:
b3:7c:f5:a3:74:e0:76:6f:30:6c:0f:03:93:b6:4a:ae:1c:7b:
f0:72:e3:8d:a9:ec:53:5e:12:8a:73:8d:31:3c:15:bb:d0:8a:
96:07:8b:b4:cd:1a:a8:2a:ea:f9:6e:45:d1:6c:d6:8a:bd:31:
48:00:16:63:57:71:07:e4:75:44:13:16:69:21:2d:ca:81:7d:
d2:a4:20:d1:83:80:2c:de:c0:9e:3a:a5:6d:3f:3a:c6:71:db:
87:d6:b8:13:82:f9:4e:7a:4b:84:9a:e0:df:1a:2d:64:9f:ac:
b1:d7:4d:37:6d:7b:21:3d:57:f2:23:2e:0a:98:fe:ee:4a:1b:
cc:09:72:c7:ab:86:b1:fc:1c:be:8f:ba:12:11:ea:db:07:7b:
5a:06:86:38
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAWkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjJCNDcxMTAvBgNVBAUTKDE3RDVGRTMyM0VCRkQ5QThEMzQ0RTc3QjczNzk5QThF
NzU2MjQzNTIwHhcNMjQwMzE3MjM1OTI1WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWY3ODNkZC01MTI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA28vTP71+hT6WVk1EJLlZlSrT8oK+qzgzxjlKfEEEhv8Wjne6cIpHnVsUhFoP
8H2YauMHJUT1uGHNVzYvZhI4/8hTT+m7gFNdkPN4Rkbv5ffknb8Lc1EJwZqbVQAc
DjQxqKfNeiNkmwmAPHFI3PU760vGTXZcQzQh+ryD4WLKMqcY32SNv9z9jHnGU7ha
zgph3V15cG3cmRFJgzw2AGEi5O3mHYuqk6y+uVnf+KAqMuv+ynMPeuiuaxp806CL
Q8xxZ/vN5uQrzfUQ6CWsCihULnDWHIKIA/g99hPS5LJh8Xpult76LiLwjlBpAguT
Zn6Fl1zg5NYfDSOLKJUTP/XIeQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHKtjP9p
S7LgQ07urCxvPH6rubM/MB8GA1UdIwQYMBaAFBfV/jI+v9mo00Tne3N5mo51YkNS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMkI0Ny9FODhFOUM3RTMz
QUYxMUVEQjYxMDc0MzRDNEY5QUUwMi9GOVgtTWo2XzJhalRST2Q3YzNtYWpuVmlR
MUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0Y5WC1NajZfMmFqVFJPZDdjM21ham5WaVExSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjJCNDcvRTg4RTlDN0UzM0FGMTFFREI2MTA3NDM0QzRGOUFFMDIvNjFDQzAxMEFF
NEJBMTFFRTgwMzdGRDZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAKmeMAwDQYJKoZIhvcNAQELBQADggEBAJ/Lv032h3y0IaaN
7bT9EQ2xRpTBCMwPpgPo2Z2130UzDxZxlKiyQe2CXr75Yw5Kl5aHfkFDDp+0DdcH
GZ74+NI3dixwuu8qL3enZPDLYK4f/8Yz8yyaHATJ2umktV+Q2LH3VU30cTryePaj
qrN89aN04HZvMGwPA5O2Sq4ce/By442p7FNeEopzjTE8FbvQipYHi7TNGqgq6vlu
RdFs1oq9MUgAFmNXcQfkdUQTFmkhLcqBfdKkINGDgCzewJ46pW0/OsZx24fWuBOC
+U56S4Sa4N8aLWSfrLHXTTdteyE9V/IjLgqY/u5KG8wJcserhrH8HL6PuhIR6tsH
e1oGhjg=
-----END CERTIFICATE-----
Generated at Tue Apr 29 07:01:59 2025 by rpki-client