Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912B12A/B1D4A59CAE3D11EF96B76C6AC4F9AE02/221824CCAE5811EFAFE7FF84C4F9AE02.roa
File: 221824CCAE5811EFAFE7FF84C4F9AE02.roa (raw, json)
Hash identifier: p9REZI6XDPrAeJqnqc1B0MeTxDYU3c56F2tmQCgzmOQ=
Subject key identifier: D1:BB:CA:07:9F:54:EB:45:9E:BE:74:F8:7F:A4:E0:7F:59:65:39:98
Certificate issuer: /CN=A912B12A/serialNumber=2722C5ABBEE63B76B9DA966C78D73A6657D244EB
Certificate serial: 05
Authority key identifier: 27:22:C5:AB:BE:E6:3B:76:B9:DA:96:6C:78:D7:3A:66:57:D2:44:EB
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JyLFq77mO3a52pZseNc6ZlfSROs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912B12A/B1D4A59CAE3D11EF96B76C6AC4F9AE02/221824CCAE5811EFAFE7FF84C4F9AE02.roa
Signing time: Fri 29 Nov 2024 13:45:02 +0000
ROA not before: Fri 29 Nov 2024 13:45:02 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 137047
IP address blocks: 160.250.114.0/24 maxlen: 24
160.250.115.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912B12A
Validity
Not Before: Nov 29 13:45:02 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6749c55e-5edf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b7:19:05:a1:f1:82:7b:b6:1b:ed:bb:1e:15:
50:54:9a:97:7c:6b:f2:e9:e9:90:18:9c:c8:5e:a9:
bf:8e:5a:1a:cd:43:46:72:4c:7c:1d:79:b8:1d:40:
2e:ba:e5:70:48:7a:4d:22:d2:b3:8c:da:3c:f1:15:
a9:ca:e3:b9:33:bd:5b:97:c2:d5:bc:72:d3:65:bf:
0f:2c:05:62:2e:fd:8d:85:e9:da:4b:38:63:dd:fe:
87:52:2a:77:c5:e5:ee:73:68:fd:42:0d:ba:90:9b:
d0:f5:2b:7d:5f:c0:36:b9:62:6a:b4:ec:a2:6e:47:
af:ba:0c:50:75:00:25:b5:6d:b6:60:9b:60:fb:f2:
cf:12:2f:f7:cb:ea:d4:ed:58:4b:83:56:cd:a4:51:
f6:dc:3a:32:f2:ac:40:27:31:ad:57:af:a2:1b:e6:
9d:06:ae:d4:bc:9a:fd:56:ac:82:99:49:25:6c:cb:
16:49:71:bd:d9:a7:7e:e4:5a:1c:fe:43:a0:2f:a9:
db:59:49:c3:4d:ed:99:35:0c:bc:97:08:e6:74:4f:
f6:6a:02:b2:e8:1a:6d:c4:14:1a:45:02:b4:0c:29:
c4:6c:a1:e3:e1:3a:47:d1:09:a3:bd:71:14:69:6e:
2f:46:1e:78:99:0a:40:79:21:8c:04:a4:cb:58:92:
59:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:BB:CA:07:9F:54:EB:45:9E:BE:74:F8:7F:A4:E0:7F:59:65:39:98
X509v3 Authority Key Identifier:
keyid:27:22:C5:AB:BE:E6:3B:76:B9:DA:96:6C:78:D7:3A:66:57:D2:44:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912B12A/B1D4A59CAE3D11EF96B76C6AC4F9AE02/JyLFq77mO3a52pZseNc6ZlfSROs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JyLFq77mO3a52pZseNc6ZlfSROs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912B12A/B1D4A59CAE3D11EF96B76C6AC4F9AE02/221824CCAE5811EFAFE7FF84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.250.114.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:c4:44:9f:57:5e:d0:de:ed:8c:85:6f:fb:94:01:dd:60:86:
2a:3f:d3:29:b8:b6:9a:7c:f0:5a:3c:13:76:bc:f1:a2:fa:71:
19:e2:59:ec:2d:df:0b:31:b1:f3:2a:39:29:52:48:b8:f4:5b:
a5:4f:e8:ce:70:7f:37:8f:19:b0:62:1c:e3:ab:2c:17:55:6e:
6f:b0:55:b5:c8:57:d7:0c:f1:89:7a:23:68:2a:4a:4c:05:80:
4f:c8:e2:f8:72:57:ce:05:53:92:e1:5e:15:d5:f6:ea:0c:38:
95:d6:21:49:04:a1:98:40:56:51:0c:6c:9d:74:9e:f1:a3:73:
67:f3:64:39:b7:ef:17:4d:27:f9:5e:12:cd:53:e6:18:e4:e3:
49:9e:7b:fd:b4:92:08:48:40:5a:a1:06:3c:93:57:51:aa:f5:
5b:2b:15:4e:44:f4:18:14:19:d3:87:54:37:4b:87:17:23:a4:
4a:12:5b:1d:58:15:44:e9:91:69:34:c9:8d:c2:f3:6c:41:a5:
b7:91:be:f1:f4:ab:8f:9f:bf:55:a5:81:f2:b9:e1:ef:ba:20:
29:ad:06:ae:23:c8:77:09:22:f1:10:fd:52:95:8f:bf:5f:01:
09:81:83:10:3a:dc:da:0f:46:7a:1c:f3:06:cd:f1:48:ab:2d:
e6:2a:b3:36
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
QjEyQTExMC8GA1UEBRMoMjcyMkM1QUJCRUU2M0I3NkI5REE5NjZDNzhENzNBNjY1
N0QyNDRFQjAeFw0yNDExMjkxMzQ1MDJaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NDljNTVlLTVlZGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCwtxkFofGCe7Yb7bseFVBUmpd8a/Lp6ZAYnMheqb+OWhrNQ0ZyTHwdebgdQC66
5XBIek0i0rOM2jzxFanK47kzvVuXwtW8ctNlvw8sBWIu/Y2F6dpLOGPd/odSKnfF
5e5zaP1CDbqQm9D1K31fwDa5Ymq07KJuR6+6DFB1ACW1bbZgm2D78s8SL/fL6tTt
WEuDVs2kUfbcOjLyrEAnMa1Xr6Ib5p0GrtS8mv1WrIKZSSVsyxZJcb3Zp37kWhz+
Q6AvqdtZScNN7Zk1DLyXCOZ0T/ZqArLoGm3EFBpFArQMKcRsoePhOkfRCaO9cRRp
bi9GHniZCkB5IYwEpMtYklkpAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU0bvKB59U
60WevnT4f6Tgf1llOZgwHwYDVR0jBBgwFoAUJyLFq77mO3a52pZseNc6ZlfSROsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJCMTJBL0IxRDRBNTlDQUUz
RDExRUY5NkI3NkM2QUM0RjlBRTAyL0p5TEZxNzdtTzNhNTJwWnNlTmM2WmxmU1JP
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvSnlMRnE3N21PM2E1MnBac2VOYzZabGZTUk9zLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
QjEyQS9CMUQ0QTU5Q0FFM0QxMUVGOTZCNzZDNkFDNEY5QUUwMi8yMjE4MjRDQ0FF
NTgxMUVGQUZFN0ZGODRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaD6cjANBgkqhkiG9w0BAQsFAAOCAQEAGsREn1de0N7tjIVv
+5QB3WCGKj/TKbi2mnzwWjwTdrzxovpxGeJZ7C3fCzGx8yo5KVJIuPRbpU/oznB/
N48ZsGIc46ssF1Vub7BVtchX1wzxiXojaCpKTAWAT8ji+HJXzgVTkuFeFdX26gw4
ldYhSQShmEBWUQxsnXSe8aNzZ/NkObfvF00n+V4SzVPmGOTjSZ57/bSSCEhAWqEG
PJNXUar1WysVTkT0GBQZ04dUN0uHFyOkShJbHVgVROmRaTTJjcLzbEGlt5G+8fSr
j5+/VaWB8rnh77ogKa0GriPIdwki8RD9UpWPv18BCYGDEDrc2g9GehzzBs3xSKst
5iqzNg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:00:07 2025 by rpki-client