Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/485A85D8E22111EFB2FDE221C4F9AE02.roa
File: 485A85D8E22111EFB2FDE221C4F9AE02.roa (raw, json)
Hash identifier: /bWko5abKXIp9C/hKbz2HmMmIV0wip1z336aF4B1n7Y=
Subject key identifier: 65:6C:E3:40:A9:63:97:74:A8:1F:39:DA:7E:88:0B:D6:13:44:51:12
Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Certificate serial: 1CAC
Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/485A85D8E22111EFB2FDE221C4F9AE02.roa
Signing time: Mon 03 Feb 2025 11:23:25 +0000
ROA not before: Mon 03 Feb 2025 11:23:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 153254
IP address blocks: 160.191.72.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7340 (0x1cac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 3 11:23:25 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67a0a72d-9841
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:60:f1:03:26:94:4f:6e:90:d5:e8:b9:f7:f0:
81:28:94:7c:1b:59:74:19:67:14:e9:90:62:33:13:
7d:25:41:b7:77:9c:41:57:1a:08:b0:f8:ef:b4:df:
59:16:ad:97:41:2b:41:5c:2c:4e:00:29:c1:0b:a2:
70:98:55:57:b2:83:fd:96:fb:da:3d:aa:a3:52:24:
a8:c3:3f:ee:c4:1a:9d:84:7a:e7:44:fa:8f:3a:e7:
5c:02:c5:65:43:57:04:5f:63:a1:af:f7:74:95:b0:
45:a5:49:5e:5d:8a:6b:01:4a:e7:39:a0:a3:6d:6e:
f2:59:79:4a:c1:c9:ac:fd:d6:b3:d3:31:45:20:a7:
cf:bb:30:71:34:02:d7:de:be:c3:20:a5:a5:6c:92:
53:56:60:59:80:1c:bd:fa:2a:9a:20:5f:a1:72:4f:
9d:38:be:4b:d1:24:25:d6:c5:1a:27:e1:cb:fa:44:
ab:e2:a5:c6:de:88:b3:0b:11:9d:aa:82:f1:96:d3:
71:3d:1f:4c:23:35:a9:9b:63:95:6b:23:cd:00:58:
a9:c7:c4:c6:d1:a5:47:35:e8:de:2a:c5:5e:de:5c:
27:53:39:33:64:3a:16:77:c9:0a:ca:fa:6a:06:44:
79:bd:f6:c8:81:34:94:af:78:21:26:e6:ae:de:cb:
d0:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:6C:E3:40:A9:63:97:74:A8:1F:39:DA:7E:88:0B:D6:13:44:51:12
X509v3 Authority Key Identifier:
keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/485A85D8E22111EFB2FDE221C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.191.72.0/23
Signature Algorithm: sha256WithRSAEncryption
81:ec:9a:26:c5:f1:75:7e:30:02:99:8e:2b:f6:8a:c8:42:d3:
fc:65:ac:89:fe:b0:e4:2c:08:29:57:f3:f6:d7:11:68:aa:19:
ec:ed:14:c8:0f:4d:7e:37:0c:f6:0b:12:76:51:1d:ed:8c:ec:
a3:3b:22:b2:8e:a5:50:d1:8e:c3:5e:3e:a3:c5:47:ad:cf:d9:
7a:ad:5d:c9:25:2e:d3:d7:56:69:52:12:a9:50:d4:e8:06:01:
2e:86:78:12:83:68:fd:bb:85:06:90:69:eb:e6:13:87:82:46:
45:06:ff:90:0a:19:ac:55:75:ec:39:64:3c:6a:3f:dd:4c:a0:
55:cd:d1:13:10:c4:b8:6b:a9:bd:e2:01:dc:58:47:77:32:87:
71:78:63:a6:a1:a8:6a:81:18:9a:d7:a0:b5:71:b6:25:0d:9d:
e1:e3:ea:64:39:a4:47:07:f7:24:bf:89:10:08:6a:73:47:5b:
de:a2:03:59:60:c5:8b:1e:3a:ba:72:7e:57:dd:80:9e:42:0d:
8c:e9:ce:61:71:57:3e:44:7f:e3:b4:da:6c:6a:7a:9d:71:7c:
7e:10:79:a8:b5:29:d7:ff:66:4d:2f:07:6a:82:bf:fa:9f:82:
c4:01:de:69:94:49:b3:f5:4c:53:de:bf:dd:45:ba:c3:28:1b:
b3:e1:1e:eb
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICHKwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF
QkU2OTczRjkwHhcNMjUwMjAzMTEyMzI1WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EwYTcyZC05ODQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2mDxAyaUT26Q1ei59/CBKJR8G1l0GWcU6ZBiMxN9JUG3d5xBVxoIsPjvtN9Z
Fq2XQStBXCxOACnBC6JwmFVXsoP9lvvaPaqjUiSowz/uxBqdhHrnRPqPOudcAsVl
Q1cEX2Ohr/d0lbBFpUleXYprAUrnOaCjbW7yWXlKwcms/daz0zFFIKfPuzBxNALX
3r7DIKWlbJJTVmBZgBy9+iqaIF+hck+dOL5L0SQl1sUaJ+HL+kSr4qXG3oizCxGd
qoLxltNxPR9MIzWpm2OVayPNAFipx8TG0aVHNejeKsVe3lwnUzkzZDoWd8kKyvpq
BkR5vfbIgTSUr3ghJuau3svQEQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGVs40Cp
Y5d0qB852n6IC9YTRFESMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNDg1QTg1RDhF
MjIxMTFFRkIyRkRFMjIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGgv0gwDQYJKoZIhvcNAQELBQADggEBAIHsmibF8XV+MAKZ
jiv2ishC0/xlrIn+sOQsCClX8/bXEWiqGeztFMgPTX43DPYLEnZRHe2M7KM7IrKO
pVDRjsNePqPFR63P2XqtXcklLtPXVmlSEqlQ1OgGAS6GeBKDaP27hQaQaevmE4eC
RkUG/5AKGaxVdew5ZDxqP91MoFXN0RMQxLhrqb3iAdxYR3cyh3F4Y6ahqGqBGJrX
oLVxtiUNneHj6mQ5pEcH9yS/iRAIanNHW96iA1lgxYseOrpyflfdgJ5CDYzpzmFx
Vz5Ef+O02mxqep1xfH4Qeai1Kdf/Zk0vB2qCv/qfgsQB3mmUSbP1TFPev91FusMo
G7PhHus=
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:02:21 2025 by rpki-client