Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9134B4A/E26499A22F8911EFA3D04A6BC4F9AE02/7D7BEE5430B111EF94A59A7AC4F9AE02.roa
File: 7D7BEE5430B111EF94A59A7AC4F9AE02.roa (raw, json)
Hash identifier: PzU82YDFay2uIpqKuxtTYHgzCTvvbkMDaIVpOt+tYeU=
Subject key identifier: 9F:6E:F4:E7:0E:3C:61:A1:E5:7C:75:FC:0E:2B:36:20:E5:08:94:E3
Certificate issuer: /CN=A9134B4A/serialNumber=3C3587DC3AF2E937ECDB65A83892759A41C8850B
Certificate serial: 91
Authority key identifier: 3C:35:87:DC:3A:F2:E9:37:EC:DB:65:A8:38:92:75:9A:41:C8:85:0B
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PDWH3Dry6Tfs22WoOJJ1mkHIhQs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9134B4A/E26499A22F8911EFA3D04A6BC4F9AE02/7D7BEE5430B111EF94A59A7AC4F9AE02.roa
Signing time: Mon 24 Mar 2025 05:11:18 +0000
ROA not before: Mon 24 Mar 2025 05:11:18 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 63150
IP address blocks: 160.22.142.0/24 maxlen: 24
160.22.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145 (0x91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9134B4A
Validity
Not Before: Mar 24 05:11:18 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67e0e976-fbe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:3f:81:3a:d9:34:c5:ed:36:77:27:61:34:79:
db:1f:25:bc:c4:c6:d3:53:3e:eb:7f:95:60:59:c4:
13:bd:5c:f8:61:e8:9c:68:87:79:2d:a5:d0:ab:dc:
37:17:00:e9:12:f1:33:36:44:75:36:af:4c:5d:68:
da:f1:9a:ed:b7:d7:42:96:a5:f3:04:fa:ac:04:a7:
19:8a:50:f5:b8:f6:01:40:b0:d8:5f:2f:4a:29:1a:
f6:96:6f:69:a0:1c:8a:a2:81:3d:c3:d7:ec:24:79:
56:26:1f:f2:44:27:1c:1b:ab:8c:08:f9:d9:58:de:
18:83:09:53:41:78:c3:38:bf:58:8d:6f:a4:67:51:
5e:7e:ea:f7:5c:d8:59:15:7a:2c:41:a6:01:15:71:
0f:01:77:79:23:a9:5d:69:76:e6:52:de:5c:f7:a3:
af:ee:7a:a7:93:67:07:1b:85:7e:c2:c2:27:ef:5c:
e4:eb:fb:47:b8:e8:af:a1:78:9c:a5:d5:47:ad:28:
c8:42:57:0a:70:39:d2:44:5c:e4:36:37:38:38:1b:
7f:19:67:5c:54:db:e2:ab:32:4a:93:fc:93:c9:a6:
8f:f3:2a:29:2f:30:02:1e:67:ee:c4:1e:b1:a1:80:
b1:19:d5:b7:6d:82:60:df:53:e5:75:81:47:61:35:
0b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:6E:F4:E7:0E:3C:61:A1:E5:7C:75:FC:0E:2B:36:20:E5:08:94:E3
X509v3 Authority Key Identifier:
keyid:3C:35:87:DC:3A:F2:E9:37:EC:DB:65:A8:38:92:75:9A:41:C8:85:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9134B4A/E26499A22F8911EFA3D04A6BC4F9AE02/PDWH3Dry6Tfs22WoOJJ1mkHIhQs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PDWH3Dry6Tfs22WoOJJ1mkHIhQs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9134B4A/E26499A22F8911EFA3D04A6BC4F9AE02/7D7BEE5430B111EF94A59A7AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.22.142.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:61:54:b7:bf:c2:f0:c2:66:da:00:a4:ce:ed:0d:48:00:1d:
5f:02:71:4a:a4:fc:eb:3e:08:24:4b:0b:dd:1d:40:f9:e9:ca:
25:09:0b:34:33:3a:0a:74:24:79:e2:05:83:81:70:0d:57:5c:
dc:53:d0:4a:a4:6e:8e:ae:17:4c:38:2f:b8:83:f4:e7:f1:33:
21:cb:a4:33:14:40:9d:d0:48:e7:4c:11:eb:41:ea:c3:dd:76:
71:c3:58:37:cb:92:ef:aa:31:94:4b:71:68:b5:35:e8:c1:c2:
48:58:2e:93:40:90:28:f7:f1:b0:ae:b3:ed:cf:0f:09:0a:4f:
45:6a:0b:03:32:48:ad:f3:45:96:ef:45:54:4b:9f:dc:57:24:
65:44:be:93:0f:03:e8:cb:25:ba:aa:ac:68:49:5c:a5:3d:d1:
30:28:9f:15:1b:e5:cc:b8:c9:26:5a:c5:6f:f5:e2:9f:ec:00:
37:cd:b7:14:4d:57:cb:1c:d1:65:02:f0:e9:95:c0:af:de:1a:
87:ef:a8:cb:18:2e:e7:73:01:a3:77:61:15:8f:6f:a3:72:3d:
78:7a:7c:8c:43:6b:a2:7b:4a:f3:49:03:a9:0c:eb:d1:58:57:
68:61:01:ad:cd:48:2f:0c:15:f8:89:b2:ca:35:1a:56:ef:84:
7e:34:0f:a8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAJEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzRCNEExMTAvBgNVBAUTKDNDMzU4N0RDM0FGMkU5MzdFQ0RCNjVBODM4OTI3NTlB
NDFDODg1MEIwHhcNMjUwMzI0MDUxMTE4WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2UwZTk3Ni1mYmUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0j+BOtk0xe02dydhNHnbHyW8xMbTUz7rf5VgWcQTvVz4YeicaId5LaXQq9w3
FwDpEvEzNkR1Nq9MXWja8Zrtt9dClqXzBPqsBKcZilD1uPYBQLDYXy9KKRr2lm9p
oByKooE9w9fsJHlWJh/yRCccG6uMCPnZWN4YgwlTQXjDOL9YjW+kZ1Fefur3XNhZ
FXosQaYBFXEPAXd5I6ldaXbmUt5c96Ov7nqnk2cHG4V+wsIn71zk6/tHuOivoXic
pdVHrSjIQlcKcDnSRFzkNjc4OBt/GWdcVNviqzJKk/yTyaaP8yopLzACHmfuxB6x
oYCxGdW3bYJg31PldYFHYTULwQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJ9u9OcO
PGGh5Xx1/A4rNiDlCJTjMB8GA1UdIwQYMBaAFDw1h9w68uk37NtlqDiSdZpByIUL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNEI0QS9FMjY0OTlBMjJG
ODkxMUVGQTNEMDRBNkJDNEY5QUUwMi9QRFdIM0RyeTZUZnMyMldvT0pKMW1rSElo
UXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1BEV0gzRHJ5NlRmczIyV29PSkoxbWtISWhRcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzRCNEEvRTI2NDk5QTIyRjg5MTFFRkEzRDA0QTZCQzRGOUFFMDIvN0Q3QkVFNTQz
MEIxMTFFRjk0QTU5QTdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGgFo4wDQYJKoZIhvcNAQELBQADggEBAFxhVLe/wvDCZtoA
pM7tDUgAHV8CcUqk/Os+CCRLC90dQPnpyiUJCzQzOgp0JHniBYOBcA1XXNxT0Eqk
bo6uF0w4L7iD9OfxMyHLpDMUQJ3QSOdMEetB6sPddnHDWDfLku+qMZRLcWi1NejB
wkhYLpNAkCj38bCus+3PDwkKT0VqCwMySK3zRZbvRVRLn9xXJGVEvpMPA+jLJbqq
rGhJXKU90TAonxUb5cy4ySZaxW/14p/sADfNtxRNV8sc0WUC8OmVwK/eGofvqMsY
LudzAaN3YRWPb6NyPXh6fIxDa6J7SvNJA6kM69FYV2hhAa3NSC8MFfiJsso1Glbv
hH40D6g=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:17:44 2025 by rpki-client