Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916B30C/915CBA26B05E11EE97C78B75C4F9AE02/610EBED6B06911EEA7F1DA31C4F9AE02.roa
File: 610EBED6B06911EEA7F1DA31C4F9AE02.roa (raw, json)
Hash identifier: Dv0HIWx3/yRbUEaDwhnfPRjSuoO2Y3gJY1XiMwy7l8Y=
Subject key identifier: 5D:88:15:DD:C1:CD:FA:EA:7F:48:18:EF:D4:A4:02:7A:DA:DA:A3:75
Certificate issuer: /CN=A916B30C/serialNumber=BF08E8E0B2A676DCAEC49D519BFEC76546C2167E
Certificate serial: E5
Authority key identifier: BF:08:E8:E0:B2:A6:76:DC:AE:C4:9D:51:9B:FE:C7:65:46:C2:16:7E
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vwjo4LKmdtyuxJ1Rm_7HZUbCFn4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916B30C/915CBA26B05E11EE97C78B75C4F9AE02/610EBED6B06911EEA7F1DA31C4F9AE02.roa
Signing time: Fri 21 Mar 2025 04:40:26 +0000
ROA not before: Fri 21 Mar 2025 04:40:26 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 152323
IP address blocks: 157.10.166.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 229 (0xe5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916B30C
Validity
Not Before: Mar 21 04:40:26 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67dcedb9-0e69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:89:43:10:b0:d4:fa:5d:8d:69:c5:74:02:57:
a3:97:56:c3:32:a2:1e:f6:b8:8a:58:6b:d2:62:77:
4f:2b:75:94:6f:64:ed:e9:90:c4:7b:ce:e0:41:cf:
fc:96:da:39:af:dd:d5:e5:45:08:29:97:01:bf:8c:
c3:14:87:c6:2c:c9:d4:96:7c:9c:2f:4f:ad:aa:46:
a8:83:5a:1b:e3:6a:df:53:82:8a:d4:d6:7b:00:27:
62:0b:ee:86:1c:5d:dd:f5:64:8d:ea:bb:c3:da:b7:
d3:6e:50:b2:45:78:0e:b6:15:17:ed:8e:91:60:6b:
50:f3:cc:30:d0:b9:a0:f6:f5:af:47:02:42:c5:0c:
82:46:15:6f:6c:7c:a9:f6:a8:a1:86:60:8d:1c:62:
86:bb:1f:2e:a7:a1:8a:da:cc:4e:02:6c:a7:b7:33:
9d:91:f2:e7:98:50:77:d2:b4:3c:60:33:c3:38:b6:
03:08:38:9f:de:c8:af:c3:27:05:7c:fb:7c:ea:e8:
a5:80:df:f9:e9:a7:ad:d1:31:f3:69:c9:49:50:1f:
73:f3:6c:86:11:6d:97:d4:7b:ef:53:82:22:06:5e:
2c:ae:b4:b4:16:2e:96:b4:3c:51:05:1b:4c:06:60:
65:35:6d:2f:b9:fb:6f:7f:2d:2b:8c:84:16:74:cc:
f0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:88:15:DD:C1:CD:FA:EA:7F:48:18:EF:D4:A4:02:7A:DA:DA:A3:75
X509v3 Authority Key Identifier:
keyid:BF:08:E8:E0:B2:A6:76:DC:AE:C4:9D:51:9B:FE:C7:65:46:C2:16:7E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916B30C/915CBA26B05E11EE97C78B75C4F9AE02/vwjo4LKmdtyuxJ1Rm_7HZUbCFn4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vwjo4LKmdtyuxJ1Rm_7HZUbCFn4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B30C/915CBA26B05E11EE97C78B75C4F9AE02/610EBED6B06911EEA7F1DA31C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.166.0/23
Signature Algorithm: sha256WithRSAEncryption
30:a5:29:6c:ed:13:92:17:c4:0c:8e:32:a5:59:ce:a4:64:9d:
1d:82:60:e3:f4:5b:cf:3a:8f:ba:55:cb:b9:50:d0:a3:ba:e2:
1b:99:03:ea:39:46:8b:0d:b8:2c:28:51:64:be:46:2e:a3:9e:
8b:2b:9d:ad:5a:79:3d:23:7b:a5:f4:80:25:e4:9f:67:25:fc:
93:7f:21:94:79:9f:2f:e1:45:54:b4:eb:c9:c7:6e:40:31:eb:
29:53:5d:cb:ff:97:42:0d:a1:62:11:46:10:68:2f:99:18:1e:
ca:db:87:59:c7:4b:12:38:9e:0e:68:76:2d:94:54:db:fd:15:
c2:73:2b:21:16:30:7f:bb:ef:64:9a:59:2a:69:8e:b1:fd:fe:
12:a4:60:14:30:10:55:49:e5:d0:ed:0d:ab:a2:8c:1c:5d:45:
41:43:aa:7e:73:81:c1:4a:91:9c:a7:30:84:8a:20:8a:c3:90:
ad:d8:64:fb:fc:a5:32:99:38:50:75:15:0b:8f:47:31:11:1f:
14:b9:61:ed:31:f1:d1:a7:76:60:b5:0f:7a:ae:8a:44:bf:78:
01:59:cd:e9:b5:ee:d3:d5:28:0f:d6:77:a6:22:e6:bf:07:1c:
7d:75:17:40:ad:18:db:e6:67:ce:e9:95:0d:ed:a3:78:17:7f:
ea:d6:1e:6b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAOUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkIzMEMxMTAvBgNVBAUTKEJGMDhFOEUwQjJBNjc2RENBRUM0OUQ1MTlCRkVDNzY1
NDZDMjE2N0UwHhcNMjUwMzIxMDQ0MDI2WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RjZWRiOS0wZTY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4YlDELDU+l2NacV0Alejl1bDMqIe9riKWGvSYndPK3WUb2Tt6ZDEe87gQc/8
lto5r93V5UUIKZcBv4zDFIfGLMnUlnycL0+tqkaog1ob42rfU4KK1NZ7ACdiC+6G
HF3d9WSN6rvD2rfTblCyRXgOthUX7Y6RYGtQ88ww0Lmg9vWvRwJCxQyCRhVvbHyp
9qihhmCNHGKGux8up6GK2sxOAmyntzOdkfLnmFB30rQ8YDPDOLYDCDif3sivwycF
fPt86uilgN/56aet0THzaclJUB9z82yGEW2X1HvvU4IiBl4srrS0Fi6WtDxRBRtM
BmBlNW0vuftvfy0rjIQWdMzwYQIDAQABo4IClTCCApEwHQYDVR0OBBYEFF2IFd3B
zfrqf0gY79SkAnra2qN1MB8GA1UdIwQYMBaAFL8I6OCypnbcrsSdUZv+x2VGwhZ+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QjMwQy85MTVDQkEyNkIw
NUUxMUVFOTdDNzhCNzVDNEY5QUUwMi92d2pvNExLbWR0eXV4SjFSbV83SFpVYkNG
bjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3Z3am80TEttZHR5dXhKMVJtXzdIWlViQ0ZuNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkIzMEMvOTE1Q0JBMjZCMDVFMTFFRTk3Qzc4Qjc1QzRGOUFFMDIvNjEwRUJFRDZC
MDY5MTFFRUE3RjFEQTMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGdCqYwDQYJKoZIhvcNAQELBQADggEBADClKWztE5IXxAyO
MqVZzqRknR2CYOP0W886j7pVy7lQ0KO64huZA+o5RosNuCwoUWS+Ri6jnosrna1a
eT0je6X0gCXkn2cl/JN/IZR5ny/hRVS068nHbkAx6ylTXcv/l0INoWIRRhBoL5kY
Hsrbh1nHSxI4ng5odi2UVNv9FcJzKyEWMH+772SaWSppjrH9/hKkYBQwEFVJ5dDt
DauijBxdRUFDqn5zgcFKkZynMISKIIrDkK3YZPv8pTKZOFB1FQuPRzERHxS5Ye0x
8dGndmC1D3quikS/eAFZzem17tPVKA/Wd6Yi5r8HHH11F0CtGNvmZ87plQ3to3gX
f+rWHms=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:25:23 2025 by rpki-client