Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/40EFF7D4E3A611EFA9FD4D76C4F9AE02.roa
File: 40EFF7D4E3A611EFA9FD4D76C4F9AE02.roa (raw, json)
Hash identifier: RHmgaFWMN/dvAw+JCD08g80NeKO2E8L2CHBI539zgaM=
Subject key identifier: C4:B7:0D:48:09:25:95:F7:A7:56:96:54:06:6C:56:D7:77:42:C2:A1
Certificate issuer: /CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Certificate serial: 346E
Authority key identifier: BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/40EFF7D4E3A611EFA9FD4D76C4F9AE02.roa
Signing time: Wed 05 Feb 2025 09:47:47 +0000
ROA not before: Wed 05 Feb 2025 09:47:47 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 6762
IP address blocks: 122.8.68.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13422 (0x346e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915370F
Validity
Not Before: Feb 5 09:47:47 2025 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=67a333c2-43c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:2d:24:7c:84:3b:8b:2a:47:7c:9d:45:56:c4:
b3:39:e9:b7:cb:44:99:9a:fd:d3:d1:26:81:8d:20:
bc:d3:cf:1b:4e:3f:5a:af:75:f7:8e:55:28:79:9f:
b9:c5:a2:4c:24:8a:06:b2:30:ce:b6:10:f6:6a:8b:
d7:3e:92:3e:58:e9:19:de:17:0f:0b:c4:22:ca:77:
b9:ba:d4:08:a9:bb:d6:48:3a:34:25:bb:f3:44:33:
c4:2e:f8:07:7a:db:5f:75:a1:f9:c6:01:ff:46:f8:
cd:41:12:79:fe:2a:0c:28:e1:63:3c:e6:02:33:8a:
a0:ad:0e:3b:b3:ea:41:08:04:5a:b5:e2:28:06:ce:
3b:20:b5:c7:38:24:53:70:8b:d9:4d:75:e8:ec:cc:
ad:35:f7:b4:2f:8d:2e:af:1e:0b:bb:b0:3d:f0:b3:
d2:22:49:09:f2:28:5f:69:af:be:1c:24:0d:f1:77:
90:c6:02:46:67:95:d1:ca:3c:dc:5a:da:f9:aa:3f:
65:10:68:1f:04:eb:a5:fa:c5:b5:da:48:2a:89:90:
1e:b6:dd:9c:ed:09:b5:ed:ca:6d:6d:fa:27:2b:bd:
e5:c8:d0:98:02:19:4e:58:c5:9c:3e:c8:ee:0c:4b:
07:84:c5:02:5f:b5:23:18:9f:9c:29:2a:e3:09:a4:
a9:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:B7:0D:48:09:25:95:F7:A7:56:96:54:06:6C:56:D7:77:42:C2:A1
X509v3 Authority Key Identifier:
keyid:BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/u1uBVrA35dIiY-rH9qEcBS_fYz8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/40EFF7D4E3A611EFA9FD4D76C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.8.68.0/22
Signature Algorithm: sha256WithRSAEncryption
10:0d:86:bf:9c:ce:51:14:d1:f9:23:77:eb:1e:ae:d5:5a:f8:
36:ab:b6:a4:c4:b0:e6:c6:27:84:0f:fc:99:3b:db:fc:6a:e4:
4d:d5:4d:a8:b5:c3:70:48:11:f0:aa:30:79:c3:ca:d4:70:58:
fb:fb:8f:6c:e8:b6:c9:d4:38:9d:8c:89:9a:7e:11:c8:cf:4f:
38:2e:8b:5f:23:63:6c:ae:c3:6f:b5:9a:02:af:7a:55:9e:54:
93:e1:c0:19:fa:f6:9a:3c:3f:b6:e0:d6:7a:f4:c0:3a:b8:30:
c1:fc:47:a9:9e:1d:02:20:db:aa:08:09:72:b6:3e:4d:01:60:
ce:00:c1:0e:05:2f:03:46:74:07:a9:ab:63:65:ce:81:75:71:
f3:f2:2d:73:05:0d:6f:8a:7f:99:4f:f9:49:c5:a1:2b:e3:6a:
0a:c7:5c:e0:de:1d:e5:30:ba:b9:b9:a6:01:27:bb:ec:66:40:
b5:e1:aa:98:97:63:99:2d:af:84:54:c0:99:ce:db:c5:69:b7:
b2:f5:04:c9:d0:d4:56:37:65:a3:1b:c9:ed:d2:d9:91:4e:04:
ea:16:a5:e7:be:5f:63:36:2d:ce:bf:91:be:93:4a:32:8c:4e:
f6:df:e4:bc:08:fc:d0:55:c4:ac:ce:98:fe:c3:f7:cc:54:2d:
ed:0a:8b:f2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNG4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM3MEYxMTAvBgNVBAUTKEJCNUI4MTU2QjAzN0U1RDIyMjYzRUFDN0Y2QTExQzA1
MkZERjYzM0YwHhcNMjUwMjA1MDk0NzQ3WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EzMzNjMi00M2M3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzS0kfIQ7iypHfJ1FVsSzOem3y0SZmv3T0SaBjSC8088bTj9ar3X3jlUoeZ+5
xaJMJIoGsjDOthD2aovXPpI+WOkZ3hcPC8Qiyne5utQIqbvWSDo0JbvzRDPELvgH
ettfdaH5xgH/RvjNQRJ5/ioMKOFjPOYCM4qgrQ47s+pBCARateIoBs47ILXHOCRT
cIvZTXXo7MytNfe0L40urx4Lu7A98LPSIkkJ8ihfaa++HCQN8XeQxgJGZ5XRyjzc
Wtr5qj9lEGgfBOul+sW12kgqiZAett2c7Qm17cptbfonK73lyNCYAhlOWMWcPsju
DEsHhMUCX7UjGJ+cKSrjCaSptQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMS3DUgJ
JZX3p1aWVAZsVtd3QsKhMB8GA1UdIwQYMBaAFLtbgVawN+XSImPqx/ahHAUv32M/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzcwRi83MzQ2RThBMjYw
NDkxMUUyQTMwNzU3OEQyOTc5QkIyMC91MXVCVnJBMzVkSWlZLXJIOXFFY0JTX2ZZ
ejguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3UxdUJWckEzNWRJaVktckg5cUVjQlNfZll6OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM3MEYvNzM0NkU4QTI2MDQ5MTFFMkEzMDc1NzhEMjk3OUJCMjAvNDBFRkY3RDRF
M0E2MTFFRkE5RkQ0RDc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJ6CEQwDQYJKoZIhvcNAQELBQADggEBABANhr+czlEU0fkj
d+sertVa+DartqTEsObGJ4QP/Jk72/xq5E3VTai1w3BIEfCqMHnDytRwWPv7j2zo
tsnUOJ2MiZp+EcjPTzgui18jY2yuw2+1mgKvelWeVJPhwBn69po8P7bg1nr0wDq4
MMH8R6meHQIg26oICXK2Pk0BYM4AwQ4FLwNGdAepq2NlzoF1cfPyLXMFDW+Kf5lP
+UnFoSvjagrHXODeHeUwurm5pgEnu+xmQLXhqpiXY5ktr4RUwJnO28Vpt7L1BMnQ
1FY3ZaMbye3S2ZFOBOoWpee+X2M2Lc6/kb6TSjKMTvbf5LwI/NBVxKzOmP7D98xU
Le0Ki/I=
-----END CERTIFICATE-----
Generated at Fri Apr 11 02:56:21 2025 by rpki-client