Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/72BAF108B39811EFBBCEC71AC4F9AE02.roa
File: 72BAF108B39811EFBBCEC71AC4F9AE02.roa (raw, json)
Hash identifier: UAjST7Qpm1aFNDJqEnCGjuYfh+z236K5L8ZjMGZFVAo=
Subject key identifier: C4:E1:BE:3F:39:39:BD:D2:DC:05:DC:48:A4:9E:C1:A0:59:BB:40:29
Certificate issuer: /CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Certificate serial: 35C8
Authority key identifier: E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/72BAF108B39811EFBBCEC71AC4F9AE02.roa
Signing time: Fri 06 Dec 2024 06:08:01 +0000
ROA not before: Fri 06 Dec 2024 06:08:01 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 137897
IP address blocks: 175.29.22.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13768 (0x35c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91510AD
Validity
Not Before: Dec 6 06:08:01 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=675294c1-e90a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c9:9e:67:a3:ff:c9:31:fc:63:1c:26:f4:02:
79:3f:1f:9a:0a:f5:a2:1f:04:e4:62:17:30:bd:b0:
ff:48:f9:a1:9e:36:b2:a8:cc:b1:8f:36:b3:8a:9e:
9b:98:a8:f8:a8:e8:72:ed:15:f7:c3:14:c0:3d:5a:
1c:fc:e6:0e:fa:3a:88:62:7e:7f:00:8c:c2:63:a8:
42:0f:4d:cd:35:f7:76:56:b2:3d:1f:97:7f:bc:97:
d2:41:31:db:c3:70:ea:a3:b0:dd:51:e3:44:a7:85:
64:09:5d:6f:3d:81:02:1d:50:eb:00:02:0e:d9:67:
ff:37:a5:a9:7b:36:32:11:c0:28:d8:7b:d9:99:06:
c9:10:69:97:c1:e6:74:f5:06:d2:bc:95:11:54:79:
d3:00:ea:2f:a4:c3:fd:91:a0:b1:6d:51:fc:7f:88:
d4:81:31:e2:06:8c:48:d6:5b:9e:3c:79:48:00:a5:
9c:22:a9:7b:93:07:21:f6:bd:9c:18:00:eb:0d:dd:
b5:fc:7c:b7:40:33:fe:51:33:25:3d:4f:97:ad:e9:
05:14:b3:02:6b:dc:c0:11:0e:4b:ec:15:00:f1:fe:
ba:38:99:cf:0f:44:99:e3:85:3f:de:c0:a4:d7:fb:
a6:87:b1:fa:0d:c9:7b:ea:17:58:a1:60:a5:20:b7:
48:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E1:BE:3F:39:39:BD:D2:DC:05:DC:48:A4:9E:C1:A0:59:BB:40:29
X509v3 Authority Key Identifier:
keyid:E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/72BAF108B39811EFBBCEC71AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
175.29.22.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:44:c0:f1:cc:c8:71:86:8b:2d:44:08:77:c3:89:21:9a:1f:
65:d7:68:15:5c:a4:92:17:36:d0:bc:0e:6f:bf:e6:54:af:18:
0b:be:f9:ff:63:d4:d4:f7:ce:cb:bf:6d:cd:bf:e7:29:20:18:
50:be:93:d5:62:fb:ee:34:c5:c8:4c:2b:99:19:70:f5:30:d8:
d9:08:50:f8:b6:33:df:d4:2c:74:08:7c:6f:46:bc:9a:33:5a:
c5:ab:25:cc:f6:06:a5:d8:9e:35:4f:a5:54:1a:3a:0f:c5:93:
c9:9b:a7:7b:d3:86:1d:b6:51:14:e9:f1:6d:92:40:f8:81:79:
f9:d9:fe:a0:60:44:c5:0f:06:ca:54:e0:46:48:d4:78:76:ba:
aa:f7:c6:98:1d:8e:68:4a:16:19:78:a9:53:3f:af:cb:de:30:
ba:31:5f:32:44:b4:97:3c:46:cc:24:45:00:d8:c1:6c:32:ae:
a6:a6:70:24:72:10:77:b2:ec:fa:94:35:4c:44:43:22:9b:39:
19:07:3f:97:a7:ba:3b:f0:99:eb:2b:55:04:c3:9a:ff:80:95:
c3:7e:af:50:3a:1a:00:29:41:00:ee:f0:e2:b4:75:e5:fe:63:
43:81:03:95:0a:50:d1:36:05:38:59:d1:03:29:1a:b4:4f:d4:
52:d2:95:c3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNcgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0Nzk3QUU5REJE
RUIwOTIyNTcwHhcNMjQxMjA2MDYwODAxWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUyOTRjMS1lOTBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAycmeZ6P/yTH8Yxwm9AJ5Px+aCvWiHwTkYhcwvbD/SPmhnjayqMyxjzazip6b
mKj4qOhy7RX3wxTAPVoc/OYO+jqIYn5/AIzCY6hCD03NNfd2VrI9H5d/vJfSQTHb
w3Dqo7DdUeNEp4VkCV1vPYECHVDrAAIO2Wf/N6WpezYyEcAo2HvZmQbJEGmXweZ0
9QbSvJURVHnTAOovpMP9kaCxbVH8f4jUgTHiBoxI1luePHlIAKWcIql7kwch9r2c
GADrDd21/Hy3QDP+UTMlPU+XrekFFLMCa9zAEQ5L7BUA8f66OJnPD0SZ44U/3sCk
1/umh7H6Dcl76hdYoWClILdIfwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMThvj85
Ob3S3AXcSKSewaBZu0ApMB8GA1UdIwQYMBaAFOHmkIoW7IE9qgvWR5eunb3rCSJX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTBBRC84QjVFNzVGRTFE
ODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhic2dUMnFDOVpIbDY2ZHZlc0pJ
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRlYVFpaGJzZ1QycUM5WkhsNjZkdmVzSklsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTEwQUQvOEI1RTc1RkUxRDg3MTFFMjg0QjM4M0RGMDhCMDJDRDIvNzJCQUYxMDhC
Mzk4MTFFRkJCQ0VDNzFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGvHRYwDQYJKoZIhvcNAQELBQADggEBAA9EwPHMyHGGiy1E
CHfDiSGaH2XXaBVcpJIXNtC8Dm+/5lSvGAu++f9j1NT3zsu/bc2/5ykgGFC+k9Vi
++40xchMK5kZcPUw2NkIUPi2M9/ULHQIfG9GvJozWsWrJcz2BqXYnjVPpVQaOg/F
k8mbp3vThh22URTp8W2SQPiBefnZ/qBgRMUPBspU4EZI1Hh2uqr3xpgdjmhKFhl4
qVM/r8veMLoxXzJEtJc8RswkRQDYwWwyrqamcCRyEHey7PqUNUxEQyKbORkHP5en
ujvwmesrVQTDmv+AlcN+r1A6GgApQQDu8OK0deX+Y0OBA5UKUNE2BThZ0QMpGrRP
1FLSlcM=
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:47:52 2025 by rpki-client