Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/F0735DB6BE1911EF97C33A5BC4F9AE02.roa
File: F0735DB6BE1911EF97C33A5BC4F9AE02.roa (raw, json)
Hash identifier: 7fH4jDzuXiQUtO35vNz0UstqFhjV74Qr4uHx3Xvktes=
Subject key identifier: 16:2D:68:A8:C4:A7:74:63:50:5D:E5:58:4E:56:B5:7B:60:4E:EF:BE
Certificate issuer: /CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Certificate serial: 35D5
Authority key identifier: E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/F0735DB6BE1911EF97C33A5BC4F9AE02.roa
Signing time: Thu 19 Dec 2024 15:00:09 +0000
ROA not before: Thu 19 Dec 2024 15:00:09 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 834
IP address blocks: 175.29.17.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13781 (0x35d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91510AD
Validity
Not Before: Dec 19 15:00:09 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=676434f9-8a1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a9:b4:69:f2:be:3f:24:36:45:a4:67:86:07:
fe:38:7e:a8:b1:28:9f:56:06:fa:71:d7:1e:0d:73:
27:8e:c0:c6:45:71:82:e1:36:4b:39:52:1f:70:f7:
eb:bc:5d:01:5f:1b:74:ab:fc:3d:a8:72:e0:10:32:
d9:dc:b1:11:d2:2e:a2:64:8c:2a:a1:93:3c:aa:91:
cd:11:cf:6d:34:a3:2c:93:03:bf:5f:ec:41:a5:7b:
a5:73:70:3e:bf:93:51:a7:b2:53:af:74:c4:ea:d6:
b8:d2:5b:8c:eb:b5:01:e7:c6:9a:8e:fd:03:d7:83:
91:c6:95:25:20:58:f0:fa:b4:9a:cc:cd:1d:2a:57:
a3:20:f3:49:97:71:eb:4c:ef:e2:de:80:85:1f:79:
7e:d9:73:40:14:29:7d:b2:e4:88:bd:be:64:50:48:
26:c8:1e:ee:04:62:40:9c:5e:4b:fd:f0:e1:27:41:
b8:28:bf:d5:19:89:b6:03:2d:0f:55:01:43:42:bf:
7c:31:7d:fd:85:79:35:05:eb:f7:29:a9:1c:d3:e7:
b1:c7:50:46:3a:2a:32:83:dd:41:c5:3a:fe:64:56:
77:0d:b9:12:05:59:b0:07:5f:5f:d9:1e:98:15:14:
3d:44:42:36:00:c1:c4:aa:fe:5d:3f:27:dd:09:ba:
33:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:2D:68:A8:C4:A7:74:63:50:5D:E5:58:4E:56:B5:7B:60:4E:EF:BE
X509v3 Authority Key Identifier:
keyid:E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/F0735DB6BE1911EF97C33A5BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
175.29.17.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:95:c8:23:70:88:50:02:95:e6:fe:4e:c1:40:62:bf:5f:1f:
c6:70:9a:e1:29:51:ed:d7:e4:fb:85:5f:52:e8:96:3d:ce:90:
ba:35:0a:9b:f2:b2:de:58:ae:14:8a:83:a1:72:7d:7d:72:95:
7c:33:52:e6:4a:d6:92:28:da:39:10:d9:4c:70:d9:a8:6c:80:
a9:d3:c3:54:3e:59:3d:ab:06:84:a6:11:a9:0e:ec:35:94:3f:
05:9b:12:46:6f:b2:d3:95:b0:e8:fa:6d:ac:b4:02:aa:9d:2c:
f7:ad:2a:6a:4f:e1:f6:51:aa:d7:a6:78:2d:88:86:34:cf:1d:
c8:80:38:60:b3:40:70:51:07:10:0f:15:9c:13:1a:97:9f:01:
4e:33:3d:42:e4:80:b8:1a:bd:a2:16:55:2b:18:07:e8:c5:d6:
f8:bc:67:f0:0b:ea:3b:11:8c:96:b8:e8:b5:f8:3a:b5:2f:d1:
c5:23:cb:3c:22:d7:a6:ee:07:eb:e4:d9:20:28:51:c1:e7:92:
a0:1d:47:a8:cd:eb:27:fa:d1:cc:23:91:0e:59:d3:34:f0:e7:
c2:55:30:26:1c:a9:ae:3f:72:3e:c4:bb:6d:ef:56:5d:28:94:
7d:94:9c:92:e4:ae:14:2a:77:45:55:f3:78:f8:49:58:d4:e3:
1b:fa:59:d6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNdUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0Nzk3QUU5REJE
RUIwOTIyNTcwHhcNMjQxMjE5MTUwMDA5WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY0MzRmOS04YTFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs6m0afK+PyQ2RaRnhgf+OH6osSifVgb6cdceDXMnjsDGRXGC4TZLOVIfcPfr
vF0BXxt0q/w9qHLgEDLZ3LER0i6iZIwqoZM8qpHNEc9tNKMskwO/X+xBpXulc3A+
v5NRp7JTr3TE6ta40luM67UB58aajv0D14ORxpUlIFjw+rSazM0dKlejIPNJl3Hr
TO/i3oCFH3l+2XNAFCl9suSIvb5kUEgmyB7uBGJAnF5L/fDhJ0G4KL/VGYm2Ay0P
VQFDQr98MX39hXk1Bev3Kakc0+exx1BGOioyg91BxTr+ZFZ3DbkSBVmwB19f2R6Y
FRQ9REI2AMHEqv5dPyfdCbozkQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBYtaKjE
p3RjUF3lWE5WtXtgTu++MB8GA1UdIwQYMBaAFOHmkIoW7IE9qgvWR5eunb3rCSJX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTBBRC84QjVFNzVGRTFE
ODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhic2dUMnFDOVpIbDY2ZHZlc0pJ
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRlYVFpaGJzZ1QycUM5WkhsNjZkdmVzSklsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTEwQUQvOEI1RTc1RkUxRDg3MTFFMjg0QjM4M0RGMDhCMDJDRDIvRjA3MzVEQjZC
RTE5MTFFRjk3QzMzQTVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACvHREwDQYJKoZIhvcNAQELBQADggEBAJqVyCNwiFACleb+
TsFAYr9fH8ZwmuEpUe3X5PuFX1Lolj3OkLo1Cpvyst5YrhSKg6FyfX1ylXwzUuZK
1pIo2jkQ2Uxw2ahsgKnTw1Q+WT2rBoSmEakO7DWUPwWbEkZvstOVsOj6bay0Aqqd
LPetKmpP4fZRqtemeC2IhjTPHciAOGCzQHBRBxAPFZwTGpefAU4zPULkgLgavaIW
VSsYB+jF1vi8Z/AL6jsRjJa46LX4OrUv0cUjyzwi16buB+vk2SAoUcHnkqAdR6jN
6yf60cwjkQ5Z0zTw58JVMCYcqa4/cj7Eu23vVl0olH2UnJLkrhQqd0VV83j4SVjU
4xv6WdY=
-----END CERTIFICATE-----
Generated at Thu Apr 10 11:18:09 2025 by rpki-client