Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F67BB/BDFBF1860E3E11E9836F4014C4F9AE02/23A0D39C0F1D11E991F4271EC4F9AE02.roa
File: 23A0D39C0F1D11E991F4271EC4F9AE02.roa (raw, json)
Hash identifier: LI5814/1mo8RhGHDIyDmTnyAaT8jPK8eiZW8nnVoECM=
Subject key identifier: 78:74:09:C7:F5:61:8B:3B:2B:6F:38:D1:50:F1:D3:C4:71:8C:B0:AE
Certificate issuer: /CN=A91F67BB/serialNumber=CC592176D88C423F8859B518B6AD334FFF767409
Certificate serial: 10EF
Authority key identifier: CC:59:21:76:D8:8C:42:3F:88:59:B5:18:B6:AD:33:4F:FF:76:74:09
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/zFkhdtiMQj-IWbUYtq0zT_92dAk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F67BB/BDFBF1860E3E11E9836F4014C4F9AE02/23A0D39C0F1D11E991F4271EC4F9AE02.roa
Signing time: Tue 10 Dec 2024 17:45:26 +0000
ROA not before: Tue 10 Dec 2024 17:45:26 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 132132
IP address blocks: 66.96.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4335 (0x10ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F67BB/serialNumber=CC592176D88C423F8859B518B6AD334FFF767409
Validity
Not Before: Dec 10 17:45:26 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67587e36-d18b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:af:7a:a0:4b:96:2e:69:3f:11:0e:70:3b:48:
07:d7:22:ab:ef:1b:be:c0:e2:03:bd:74:8c:c5:03:
07:1c:ac:17:cf:be:b0:73:60:94:e0:59:7b:97:c2:
95:41:8d:2b:49:22:d6:6d:f5:ea:a3:2d:38:9d:94:
70:0e:db:a4:94:f7:11:04:29:af:59:f1:be:46:a4:
de:30:f5:9b:48:16:32:f5:f9:24:b0:86:03:22:bc:
20:ce:a5:88:b5:98:49:d0:2a:d9:0d:f3:eb:54:c3:
d6:95:67:e5:6d:0f:9b:f4:32:59:14:0f:77:85:57:
d8:a3:06:6b:9c:45:01:d4:93:c9:0b:24:83:bd:f3:
00:ff:b4:3a:7d:8c:2e:22:cd:80:e4:94:9b:85:80:
a9:96:5e:b2:af:86:96:00:c7:2c:95:88:09:38:a5:
a5:80:ee:bb:94:f0:75:51:90:f5:d8:92:1c:a0:d6:
1f:40:86:08:44:62:28:b6:8d:95:d6:4c:18:ee:a1:
85:f7:ee:b2:b9:94:a7:26:45:98:05:65:bf:2d:13:
36:98:7f:ec:78:e4:17:eb:3c:d2:56:a3:10:45:38:
67:df:0e:e0:48:92:a6:51:c4:49:c9:ef:1d:e4:a4:
c9:48:4a:17:de:51:d2:62:d4:de:2c:4b:a2:50:93:
8e:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:74:09:C7:F5:61:8B:3B:2B:6F:38:D1:50:F1:D3:C4:71:8C:B0:AE
X509v3 Authority Key Identifier:
keyid:CC:59:21:76:D8:8C:42:3F:88:59:B5:18:B6:AD:33:4F:FF:76:74:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F67BB/BDFBF1860E3E11E9836F4014C4F9AE02/zFkhdtiMQj-IWbUYtq0zT_92dAk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/zFkhdtiMQj-IWbUYtq0zT_92dAk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F67BB/BDFBF1860E3E11E9836F4014C4F9AE02/23A0D39C0F1D11E991F4271EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
66.96.222.0/24
Signature Algorithm: sha256WithRSAEncryption
08:78:f3:32:6f:d9:25:48:29:b5:1b:ce:51:35:68:cb:02:66:
26:ab:07:04:36:14:43:b6:1c:81:28:7b:31:8f:8b:eb:5f:51:
bb:8b:54:c1:64:56:43:b4:e8:c1:e8:66:d7:5d:9e:41:49:73:
a5:12:04:d6:1e:f1:4e:3a:89:53:22:4a:5a:47:62:d9:57:22:
41:a8:9a:e5:0d:ab:1d:5b:f4:2e:bf:4f:32:0e:2e:c4:17:da:
18:78:32:d4:84:d5:c6:e9:2f:68:89:e1:e6:ac:6c:6a:25:d0:
9c:3a:cd:15:4b:ed:0b:b6:ee:af:a9:16:0b:9d:96:00:f5:ad:
46:03:ed:7a:c5:22:54:38:47:d2:60:29:65:db:61:96:2b:c7:
c5:f2:5e:84:43:63:6a:46:0d:03:49:f6:fa:48:62:6f:71:05:
f4:e4:3e:26:3c:c2:4d:f4:c6:72:18:f8:d4:95:d7:4d:29:1a:
75:8d:cc:e5:8d:a3:fa:26:d4:3f:81:42:8c:6b:9e:d7:84:7e:
24:6d:2c:d2:e5:61:cd:9c:a5:92:c5:b2:25:dd:3b:f2:1f:5b:
89:c7:cf:08:2b:26:79:03:95:1e:02:c8:7a:dd:44:06:3d:b2:
5e:86:5a:76:9e:5c:ff:d7:1e:d6:11:62:39:a1:8d:d0:b2:69:
d7:dd:35:bb
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICEO8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY3QkIxMTAvBgNVBAUTKENDNTkyMTc2RDg4QzQyM0Y4ODU5QjUxOEI2QUQzMzRG
RkY3Njc0MDkwHhcNMjQxMjEwMTc0NTI2WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU4N2UzNi1kMThiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApK96oEuWLmk/EQ5wO0gH1yKr7xu+wOIDvXSMxQMHHKwXz76wc2CU4Fl7l8KV
QY0rSSLWbfXqoy04nZRwDtuklPcRBCmvWfG+RqTeMPWbSBYy9fkksIYDIrwgzqWI
tZhJ0CrZDfPrVMPWlWflbQ+b9DJZFA93hVfYowZrnEUB1JPJCySDvfMA/7Q6fYwu
Is2A5JSbhYCpll6yr4aWAMcslYgJOKWlgO67lPB1UZD12JIcoNYfQIYIRGIoto2V
1kwY7qGF9+6yuZSnJkWYBWW/LRM2mH/seOQX6zzSVqMQRThn3w7gSJKmUcRJye8d
5KTJSEoX3lHSYtTeLEuiUJOOlwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHh0Ccf1
YYs7K2840VDx08RxjLCuMB8GA1UdIwQYMBaAFMxZIXbYjEI/iFm1GLatM0//dnQJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjdCQi9CREZCRjE4NjBF
M0UxMUU5ODM2RjQwMTRDNEY5QUUwMi96RmtoZHRpTVFqLUlXYlVZdHEwelRfOTJk
QWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3pGa2hkdGlNUWotSVdiVVl0cTB6VF85MmRBay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY3QkIvQkRGQkYxODYwRTNFMTFFOTgzNkY0MDE0QzRGOUFFMDIvMjNBMEQzOUMw
RjFEMTFFOTkxRjQyNzFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABCYN4wDQYJKoZIhvcNAQELBQADggEBAAh48zJv2SVIKbUb
zlE1aMsCZiarBwQ2FEO2HIEoezGPi+tfUbuLVMFkVkO06MHoZtddnkFJc6USBNYe
8U46iVMiSlpHYtlXIkGomuUNqx1b9C6/TzIOLsQX2hh4MtSE1cbpL2iJ4easbGol
0Jw6zRVL7Qu27q+pFgudlgD1rUYD7XrFIlQ4R9JgKWXbYZYrx8XyXoRDY2pGDQNJ
9vpIYm9xBfTkPiY8wk30xnIY+NSV100pGnWNzOWNo/om1D+BQoxrnteEfiRtLNLl
Yc2cpZLFsiXdO/IfW4nHzwgrJnkDlR4CyHrdRAY9sl6GWnaeXP/XHtYRYjmhjdCy
adfdNbs=
-----END CERTIFICATE-----
Generated at Sat Apr 26 10:17:16 2025 by rpki-client