Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913120A/DAF81C4486F911EFB096510CC4F9AE02/BC8ECC20F38811EF8AB19939C4F9AE02.roa
File: BC8ECC20F38811EF8AB19939C4F9AE02.roa (raw, json)
Hash identifier: mbFfYSX+BdjEnhF4lUo27j9bjQ0kInCW9ZTNXOQrp2Q=
Subject key identifier: 58:59:5B:46:05:7D:5E:6E:D6:FA:6E:5F:58:F6:EE:83:1E:D4:BB:C0
Certificate issuer: /CN=A913120A/serialNumber=6C2C7C14289E6BB5B7275B1AA6BFDFA0227B9086
Certificate serial: 64
Authority key identifier: 6C:2C:7C:14:28:9E:6B:B5:B7:27:5B:1A:A6:BF:DF:A0:22:7B:90:86
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/bCx8FCiea7W3J1sapr_foCJ7kIY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913120A/DAF81C4486F911EFB096510CC4F9AE02/BC8ECC20F38811EF8AB19939C4F9AE02.roa
Signing time: Tue 25 Feb 2025 14:56:48 +0000
ROA not before: Tue 25 Feb 2025 14:56:48 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 152176
IP address blocks: 160.187.238.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100 (0x64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913120A
Validity
Not Before: Feb 25 14:56:48 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67bdda2f-426d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:bb:75:ac:20:94:bf:0f:8a:ae:22:61:d6:5a:
30:44:87:ac:c8:59:83:9d:9f:82:44:0d:91:6b:ad:
eb:dc:51:20:95:74:4d:e0:ea:dd:e3:7b:22:cf:9e:
b6:2e:48:9c:d9:13:d1:ca:8f:03:90:c3:47:cc:5c:
bd:8d:d2:27:52:c6:76:c5:bb:39:a3:5b:c1:08:02:
1b:90:c0:ba:82:04:97:10:65:37:de:26:e1:ea:9e:
cb:41:06:32:5a:1c:5d:08:12:ba:00:e9:5e:27:af:
64:1b:b6:85:ee:69:3c:d1:ac:54:de:71:17:dd:1d:
ff:82:67:72:9d:22:1c:86:ab:ca:c1:98:c1:4d:a6:
52:aa:c4:ad:b2:9f:74:c0:8c:46:b6:ee:3c:eb:4b:
c0:86:ff:a6:0b:56:59:b4:0b:40:e5:6a:3c:55:3f:
43:23:0b:30:4c:40:a8:ca:cc:85:bc:89:24:65:82:
56:2b:3e:2f:85:d3:0d:bc:f4:35:9a:9e:41:59:60:
73:f7:84:3e:3b:7d:9c:e8:3e:a1:0d:10:43:32:e7:
d8:cd:77:5a:a9:64:ea:3b:fc:a5:2f:17:2c:16:db:
0d:cc:b7:cf:25:04:75:3b:87:bc:e5:4a:a0:73:24:
2a:72:4f:5d:78:59:9c:e7:7b:c2:dc:99:81:be:7a:
7e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:59:5B:46:05:7D:5E:6E:D6:FA:6E:5F:58:F6:EE:83:1E:D4:BB:C0
X509v3 Authority Key Identifier:
keyid:6C:2C:7C:14:28:9E:6B:B5:B7:27:5B:1A:A6:BF:DF:A0:22:7B:90:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913120A/DAF81C4486F911EFB096510CC4F9AE02/bCx8FCiea7W3J1sapr_foCJ7kIY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/bCx8FCiea7W3J1sapr_foCJ7kIY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913120A/DAF81C4486F911EFB096510CC4F9AE02/BC8ECC20F38811EF8AB19939C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.187.238.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:06:8f:58:e6:50:2d:85:70:bd:7e:71:0e:c1:04:b8:9f:41:
ce:1a:92:c9:6a:8b:ab:e8:1e:bb:12:5b:ad:af:b1:dc:f8:85:
91:17:33:3a:95:09:1b:8b:ce:7b:a0:be:8f:4a:9d:10:e1:fc:
43:a4:a4:ee:c0:17:53:c0:c1:20:80:19:a0:22:8f:b9:86:3b:
4c:41:50:5b:c7:76:13:0f:21:dd:d6:6a:12:9b:af:f8:60:4c:
0d:58:84:34:a9:13:29:d5:bb:d7:7f:e1:75:68:8d:b5:49:c2:
74:0f:63:d0:0d:da:8a:ba:1d:db:8f:d7:e9:91:4e:74:4b:6d:
dc:79:20:84:fd:cc:da:04:73:1b:11:fb:ac:18:06:af:78:f8:
97:02:a6:55:ad:03:f5:f1:d5:52:c8:d8:a1:d6:63:c6:d9:7d:
29:3c:36:a5:1b:bf:73:a5:87:03:23:27:38:b4:53:d7:6f:45:
ae:84:44:c7:50:c0:f3:40:b9:35:96:a6:58:1c:c5:db:65:ea:
00:1a:6a:15:f0:44:53:fa:7f:95:c3:74:40:40:e1:41:58:0c:
a4:ee:e2:0e:49:21:0d:1d:2a:8b:79:ec:60:21:2c:5d:bc:eb:
a8:1a:11:8f:04:62:27:c1:ba:2b:25:c4:5b:34:37:10:c9:17:
91:8a:df:a6
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBZDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
MTIwQTExMC8GA1UEBRMoNkMyQzdDMTQyODlFNkJCNUI3Mjc1QjFBQTZCRkRGQTAy
MjdCOTA4NjAeFw0yNTAyMjUxNDU2NDhaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YmRkYTJmLTQyNmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQClu3WsIJS/D4quImHWWjBEh6zIWYOdn4JEDZFrrevcUSCVdE3g6t3jeyLPnrYu
SJzZE9HKjwOQw0fMXL2N0idSxnbFuzmjW8EIAhuQwLqCBJcQZTfeJuHqnstBBjJa
HF0IEroA6V4nr2QbtoXuaTzRrFTecRfdHf+CZ3KdIhyGq8rBmMFNplKqxK2yn3TA
jEa27jzrS8CG/6YLVlm0C0DlajxVP0MjCzBMQKjKzIW8iSRlglYrPi+F0w289DWa
nkFZYHP3hD47fZzoPqENEEMy59jNd1qpZOo7/KUvFywW2w3Mt88lBHU7h7zlSqBz
JCpyT114WZzne8LcmYG+en77AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUWFlbRgV9
Xm7W+m5fWPbugx7Uu8AwHwYDVR0jBBgwFoAUbCx8FCiea7W3J1sapr/foCJ7kIYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMxMjBBL0RBRjgxQzQ0ODZG
OTExRUZCMDk2NTEwQ0M0RjlBRTAyL2JDeDhGQ2llYTdXM0oxc2Fwcl9mb0NKN2tJ
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvYkN4OEZDaWVhN1czSjFzYXByX2ZvQ0o3a0lZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
MTIwQS9EQUY4MUM0NDg2RjkxMUVGQjA5NjUxMENDNEY5QUUwMi9CQzhFQ0MyMEYz
ODgxMUVGOEFCMTk5MzlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKC77jANBgkqhkiG9w0BAQsFAAOCAQEALQaPWOZQLYVwvX5x
DsEEuJ9BzhqSyWqLq+geuxJbra+x3PiFkRczOpUJG4vOe6C+j0qdEOH8Q6Sk7sAX
U8DBIIAZoCKPuYY7TEFQW8d2Ew8h3dZqEpuv+GBMDViENKkTKdW713/hdWiNtUnC
dA9j0A3airod24/X6ZFOdEtt3HkghP3M2gRzGxH7rBgGr3j4lwKmVa0D9fHVUsjY
odZjxtl9KTw2pRu/c6WHAyMnOLRT129FroREx1DA80C5NZamWBzF22XqABpqFfBE
U/p/lcN0QEDhQVgMpO7iDkkhDR0qi3nsYCEsXbzrqBoRjwRiJ8G6KyXEWzQ3EMkX
kYrfpg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:42:33 2025 by rpki-client