Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9176BDB/657E0F34D64B11ECAB20E36BC4F9AE02/7704C7B0D65111EC8F5E2576C4F9AE02.roa
File: 7704C7B0D65111EC8F5E2576C4F9AE02.roa (raw, json)
Hash identifier: tyU81tqa4w/chmwWDtJ/kbfsyW9fGaL62+VlH2ZbK30=
Subject key identifier: D2:34:C6:04:36:B0:9C:B7:DC:D9:F6:FB:71:AB:3F:04:19:D7:2B:E0
Certificate issuer: /CN=A9176BDB/serialNumber=1D61ACB0C672CB4D40ED3E94D3C09B20C74525AE
Certificate serial: 02AA
Authority key identifier: 1D:61:AC:B0:C6:72:CB:4D:40:ED:3E:94:D3:C0:9B:20:C7:45:25:AE
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HWGssMZyy01A7T6U08CbIMdFJa4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9176BDB/657E0F34D64B11ECAB20E36BC4F9AE02/7704C7B0D65111EC8F5E2576C4F9AE02.roa
Signing time: Sat 23 Nov 2024 01:24:15 +0000
ROA not before: Sat 23 Nov 2024 01:24:15 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 4768
IP address blocks: 167.179.196.0/24 maxlen: 24
167.179.197.0/24 maxlen: 24
167.179.198.0/24 maxlen: 24
167.179.208.0/24 maxlen: 24
167.179.209.0/24 maxlen: 24
167.179.210.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 682 (0x2aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9176BDB
Validity
Not Before: Nov 23 01:24:15 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67412ebe-e83e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:22:79:7f:c1:5c:f7:fb:69:f3:a9:6b:a4:0d:
02:71:ad:71:32:c8:ef:aa:9c:3e:6f:93:ce:58:33:
48:61:e4:c2:34:1b:72:c2:84:a1:2e:73:ca:64:73:
ad:4c:a1:ad:6c:80:b2:71:b5:15:bb:67:bb:29:9b:
f4:a1:c8:70:01:20:82:d3:aa:53:26:31:0b:5c:7a:
f8:ac:b1:fa:82:2b:8d:b5:3f:9a:d3:db:82:33:a8:
12:49:3d:24:75:61:cf:ea:c7:ee:2e:50:ef:02:e4:
dc:08:29:ee:d3:03:b1:94:cd:6b:ec:7d:8f:1b:f1:
08:58:e5:5e:76:fd:85:80:48:46:37:43:ea:19:27:
d5:64:9f:76:73:16:ce:1f:62:e9:a7:e1:f1:29:8f:
e6:aa:74:ec:d9:0e:a8:d9:e9:cd:d9:a9:3e:ab:a1:
37:23:c2:1e:7a:1a:cc:53:74:8e:d4:04:80:e8:aa:
f7:34:2f:88:56:98:57:a6:74:e1:26:4a:d2:d1:9c:
5c:1d:9f:75:64:17:6f:bd:cc:6e:5c:3f:1a:ed:7c:
4c:ef:42:df:ae:de:4a:dc:38:58:cf:39:ad:8c:09:
12:ac:84:b1:e9:69:b1:10:fa:35:1c:5d:10:95:3d:
2d:ef:be:c2:0a:fb:46:1b:12:a4:49:b6:15:44:ad:
4f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:34:C6:04:36:B0:9C:B7:DC:D9:F6:FB:71:AB:3F:04:19:D7:2B:E0
X509v3 Authority Key Identifier:
keyid:1D:61:AC:B0:C6:72:CB:4D:40:ED:3E:94:D3:C0:9B:20:C7:45:25:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9176BDB/657E0F34D64B11ECAB20E36BC4F9AE02/HWGssMZyy01A7T6U08CbIMdFJa4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HWGssMZyy01A7T6U08CbIMdFJa4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9176BDB/657E0F34D64B11ECAB20E36BC4F9AE02/7704C7B0D65111EC8F5E2576C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
167.179.196.0-167.179.198.255
167.179.208.0-167.179.210.255
Signature Algorithm: sha256WithRSAEncryption
70:43:06:20:26:b5:da:b0:d2:57:d5:96:53:b3:38:2e:58:d4:
d9:8e:55:f5:0f:dc:1d:b9:dc:c2:fc:d2:90:ff:d9:0f:c7:e0:
db:d2:c1:cd:1a:ef:70:57:4b:86:f6:e2:5b:ac:4f:af:30:23:
f4:c3:3b:f4:0f:25:a0:42:21:37:34:c7:bd:e6:a9:27:a5:36:
58:e8:ca:72:cb:cb:44:08:b9:a7:c8:9b:4b:a1:45:d3:c6:8e:
86:52:8c:cd:20:89:57:b7:3f:ad:f3:a5:d6:1b:86:de:e4:c7:
f1:15:3e:e0:7f:be:e2:31:aa:f7:ec:f6:83:86:4c:2c:17:58:
f8:34:e1:20:7f:b6:83:8f:0c:ce:6b:fa:5c:a5:9e:a7:57:25:
c5:92:1f:61:4a:78:24:23:91:1b:05:c0:e9:88:c3:6a:4a:d0:
f2:cb:7d:b5:b6:86:b1:b3:dc:47:04:39:a6:6f:11:d8:a4:b2:
45:db:87:d5:20:35:d3:0e:e3:0c:d4:f0:a8:38:d2:17:21:4e:
04:d2:90:5a:e5:db:37:d3:f6:19:bd:e2:55:6b:a7:27:fd:8b:
da:97:ed:0b:52:cb:cf:b2:d5:49:95:f7:07:60:16:75:69:ca:
51:f1:81:97:72:58:f0:85:97:bc:75:bd:87:20:f4:e8:ba:47:
a8:7e:6e:ac
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICAqowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzZCREIxMTAvBgNVBAUTKDFENjFBQ0IwQzY3MkNCNEQ0MEVEM0U5NEQzQzA5QjIw
Qzc0NTI1QUUwHhcNMjQxMTIzMDEyNDE1WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQxMmViZS1lODNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqSJ5f8Fc9/tp86lrpA0Cca1xMsjvqpw+b5POWDNIYeTCNBtywoShLnPKZHOt
TKGtbICycbUVu2e7KZv0ochwASCC06pTJjELXHr4rLH6giuNtT+a09uCM6gSST0k
dWHP6sfuLlDvAuTcCCnu0wOxlM1r7H2PG/EIWOVedv2FgEhGN0PqGSfVZJ92cxbO
H2Lpp+HxKY/mqnTs2Q6o2enN2ak+q6E3I8IeehrMU3SO1ASA6Kr3NC+IVphXpnTh
JkrS0ZxcHZ91ZBdvvcxuXD8a7XxM70Lfrt5K3DhYzzmtjAkSrISx6WmxEPo1HF0Q
lT0t777CCvtGGxKkSbYVRK1P5wIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFNI0xgQ2
sJy33Nn2+3GrPwQZ1yvgMB8GA1UdIwQYMBaAFB1hrLDGcstNQO0+lNPAmyDHRSWu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NkJEQi82NTdFMEYzNEQ2
NEIxMUVDQUIyMEUzNkJDNEY5QUUwMi9IV0dzc01aeXkwMUE3VDZVMDhDYklNZEZK
YTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0hXR3NzTVp5eTAxQTdUNlUwOENiSU1kRkphNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzZCREIvNjU3RTBGMzRENjRCMTFFQ0FCMjBFMzZCQzRGOUFFMDIvNzcwNEM3QjBE
NjUxMTFFQzhGNUUyNTc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMCIEAgABMBwwDAMEAqezxAMEAKezxjAMAwQEp7PQAwQAp7PSMA0GCSqGSIb3
DQEBCwUAA4IBAQBwQwYgJrXasNJX1ZZTszguWNTZjlX1D9wdudzC/NKQ/9kPx+Db
0sHNGu9wV0uG9uJbrE+vMCP0wzv0DyWgQiE3NMe95qknpTZY6Mpyy8tECLmnyJtL
oUXTxo6GUozNIIlXtz+t86XWG4be5MfxFT7gf77iMar37PaDhkwsF1j4NOEgf7aD
jwzOa/pcpZ6nVyXFkh9hSngkI5EbBcDpiMNqStDyy321toaxs9xHBDmmbxHYpLJF
24fVIDXTDuMM1PCoONIXIU4E0pBa5ds30/YZveJVa6cn/Yval+0LUsvPstVJlfcH
YBZ1acpR8YGXcljwhZe8db2HIPToukeofm6s
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:05:10 2025 by rpki-client