Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914781A/4EEC5B7EA6B411E8B43A1467C4F9AE02/5BE6FE3ED7A311EF9D214C13C4F9AE02.roa
File: 5BE6FE3ED7A311EF9D214C13C4F9AE02.roa (raw, json)
Hash identifier: wgWYzuty+GM3VsiaayvTIFlkcVAcGiHHxoMLNBjrqzc=
Subject key identifier: FD:13:63:AA:A5:3E:4E:2F:2D:25:30:DA:24:43:C4:7D:CB:28:E3:76
Certificate issuer: /CN=A914781A/serialNumber=59314703092845FCBD0BFBAEEF87D83FC66ED1D7
Certificate serial: 1345
Authority key identifier: 59:31:47:03:09:28:45:FC:BD:0B:FB:AE:EF:87:D8:3F:C6:6E:D1:D7
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/WTFHAwkoRfy9C_uu74fYP8Zu0dc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914781A/4EEC5B7EA6B411E8B43A1467C4F9AE02/5BE6FE3ED7A311EF9D214C13C4F9AE02.roa
Signing time: Tue 04 Mar 2025 15:30:52 +0000
ROA not before: Tue 04 Mar 2025 15:30:52 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 45758
IP address blocks: 167.179.250.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4933 (0x1345)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914781A
Validity
Not Before: Mar 4 15:30:52 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67c71cab-23f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:61:84:b6:c1:2c:30:90:a7:27:c5:82:cf:a7:
ec:74:08:10:cc:7a:9b:d7:41:be:0d:e7:eb:28:a8:
52:a3:85:8f:e3:a5:89:56:fe:66:1a:2e:e1:ca:f2:
49:34:7b:4b:76:a2:3c:9d:e7:11:cc:df:be:18:78:
ae:13:61:40:49:65:b7:6e:b7:5f:41:f7:0e:9f:ea:
6d:72:fe:ac:f5:86:11:e5:59:8c:31:52:a1:dd:2a:
fe:d0:1d:f2:7b:95:e3:62:4b:5f:59:36:ce:06:4a:
3e:38:71:a5:35:dd:96:32:df:21:56:01:0e:f9:76:
d2:4c:b7:cb:c5:8a:3e:b6:5b:73:fd:4c:cd:c2:1c:
2c:65:0b:2f:f1:97:b5:62:31:73:bb:8e:bc:a1:28:
3b:94:9f:87:5d:e4:8a:5b:f7:d9:bd:3a:fb:d7:14:
e6:d3:d6:3a:93:be:1c:6a:79:9a:0a:96:34:15:c8:
59:4c:e8:ff:11:96:a8:12:63:b2:32:67:a3:35:14:
7d:62:fe:68:63:89:85:98:81:be:66:0c:cc:c9:62:
e0:58:35:08:9d:ef:f2:17:eb:ed:85:a6:a5:22:58:
0c:26:0b:de:3a:79:54:d4:d7:2b:6b:f8:21:6d:df:
58:7a:5b:4a:07:76:a1:30:d9:1e:1a:72:7d:27:c7:
02:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:13:63:AA:A5:3E:4E:2F:2D:25:30:DA:24:43:C4:7D:CB:28:E3:76
X509v3 Authority Key Identifier:
keyid:59:31:47:03:09:28:45:FC:BD:0B:FB:AE:EF:87:D8:3F:C6:6E:D1:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914781A/4EEC5B7EA6B411E8B43A1467C4F9AE02/WTFHAwkoRfy9C_uu74fYP8Zu0dc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/WTFHAwkoRfy9C_uu74fYP8Zu0dc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914781A/4EEC5B7EA6B411E8B43A1467C4F9AE02/5BE6FE3ED7A311EF9D214C13C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
167.179.250.0/24
Signature Algorithm: sha256WithRSAEncryption
07:01:cf:03:a4:62:e0:b3:e0:ac:73:22:a3:12:d8:f7:ad:b2:
bc:eb:8d:54:09:10:1e:1e:5d:5a:04:85:3b:d8:b2:a8:3a:36:
64:88:41:a7:bf:aa:b0:23:8a:22:f4:48:43:97:dc:c4:2e:55:
5d:68:5b:2a:a2:db:4d:2f:db:e4:98:4d:e4:4f:3a:96:bb:9b:
ae:a9:2b:e6:f4:2f:34:eb:e5:2a:a9:25:c2:38:d9:a9:dc:4e:
3b:44:49:57:87:88:03:f7:cb:4d:95:78:7f:4c:d8:ca:14:fe:
93:10:f7:1f:82:bb:e1:a7:71:e8:69:7c:e3:77:ed:bd:02:ba:
79:60:e5:c4:36:41:ad:c3:56:fd:31:bf:1e:c0:7c:bd:7f:7d:
73:7b:7b:fa:9e:82:41:2a:c0:56:50:5e:da:0b:f6:98:b9:ef:
b0:ee:69:62:5b:b4:25:68:ed:27:ad:38:00:1b:45:29:86:d6:
38:6e:f9:30:2c:14:f3:8d:86:aa:d6:d4:7c:fa:6c:f6:ba:60:
d2:07:44:2b:6e:a3:d4:a1:49:2c:4d:c6:9d:a4:42:f4:ac:61:
72:47:1e:ec:cc:73:9a:fc:80:31:0e:2d:5d:22:f5:6f:f0:48:
99:04:b2:18:30:14:4a:c0:10:97:49:fb:ba:f3:34:a1:df:ea:
0c:8d:20:47
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICE0UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDc4MUExMTAvBgNVBAUTKDU5MzE0NzAzMDkyODQ1RkNCRDBCRkJBRUVGODdEODNG
QzY2RUQxRDcwHhcNMjUwMzA0MTUzMDUyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M3MWNhYi0yM2Y1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtGGEtsEsMJCnJ8WCz6fsdAgQzHqb10G+DefrKKhSo4WP46WJVv5mGi7hyvJJ
NHtLdqI8necRzN++GHiuE2FASWW3brdfQfcOn+ptcv6s9YYR5VmMMVKh3Sr+0B3y
e5XjYktfWTbOBko+OHGlNd2WMt8hVgEO+XbSTLfLxYo+tltz/UzNwhwsZQsv8Ze1
YjFzu468oSg7lJ+HXeSKW/fZvTr71xTm09Y6k74canmaCpY0FchZTOj/EZaoEmOy
MmejNRR9Yv5oY4mFmIG+ZgzMyWLgWDUIne/yF+vthaalIlgMJgveOnlU1Ncra/gh
bd9YeltKB3ahMNkeGnJ9J8cCaQIDAQABo4IClTCCApEwHQYDVR0OBBYEFP0TY6ql
Pk4vLSUw2iRDxH3LKON2MB8GA1UdIwQYMBaAFFkxRwMJKEX8vQv7ru+H2D/GbtHX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzgxQS80RUVDNUI3RUE2
QjQxMUU4QjQzQTE0NjdDNEY5QUUwMi9XVEZIQXdrb1JmeTlDX3V1NzRmWVA4WnUw
ZGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1dURkhBd2tvUmZ5OUNfdXU3NGZZUDhadTBkYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDc4MUEvNEVFQzVCN0VBNkI0MTFFOEI0M0ExNDY3QzRGOUFFMDIvNUJFNkZFM0VE
N0EzMTFFRjlEMjE0QzEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACns/owDQYJKoZIhvcNAQELBQADggEBAAcBzwOkYuCz4Kxz
IqMS2PetsrzrjVQJEB4eXVoEhTvYsqg6NmSIQae/qrAjiiL0SEOX3MQuVV1oWyqi
200v2+SYTeRPOpa7m66pK+b0LzTr5SqpJcI42ancTjtESVeHiAP3y02VeH9M2MoU
/pMQ9x+Cu+GncehpfON37b0Cunlg5cQ2Qa3DVv0xvx7AfL1/fXN7e/qegkEqwFZQ
XtoL9pi577DuaWJbtCVo7SetOAAbRSmG1jhu+TAsFPONhqrW1Hz6bPa6YNIHRCtu
o9ShSSxNxp2kQvSsYXJHHuzMc5r8gDEOLV0i9W/wSJkEshgwFErAEJdJ+7rzNKHf
6gyNIEc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:01:04 2025 by rpki-client