Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/4C97B130C1E611EF905CE060C4F9AE02.roa
File: 4C97B130C1E611EF905CE060C4F9AE02.roa (raw, json)
Hash identifier: 5noUtVbYD5zNXgu6oXk8DmuWMhokEJU7/eymR+bpG70=
Subject key identifier: 46:43:73:1D:E6:15:57:3A:6C:63:F8:E8:98:C4:0E:9F:73:6E:0D:EB
Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Certificate serial: 1C51
Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/4C97B130C1E611EF905CE060C4F9AE02.roa
Signing time: Fri 27 Dec 2024 07:17:15 +0000
ROA not before: Fri 27 Dec 2024 07:17:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 153289
IP address blocks: 157.10.93.0/24 maxlen: 24
161.248.38.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7249 (0x1c51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Dec 27 07:17:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=676e547b-7fed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c9:86:bc:c5:5b:ff:57:d0:58:e5:bc:ca:fb:
70:a1:bc:0e:bc:b0:20:22:a3:3a:b7:24:f0:ef:8f:
32:23:b3:1b:96:3a:f5:7b:1e:72:96:4e:48:34:ca:
11:e6:8f:51:7e:14:27:58:7c:c0:37:d0:51:05:4c:
90:1c:82:15:e2:e8:4a:bb:55:34:eb:94:77:fa:4d:
9b:ae:40:a2:68:57:0a:a2:46:f2:50:43:f9:53:15:
1e:77:9b:77:4c:95:28:b0:d5:1c:16:c2:4e:f0:36:
ba:f3:0c:1e:b5:3b:f7:36:9e:5e:9f:bf:5e:91:76:
94:f6:56:70:13:7c:26:ec:97:9b:9c:eb:ba:ea:4d:
05:8f:11:60:8f:b9:3c:64:eb:32:05:02:0d:d6:04:
53:df:47:3c:c4:df:b6:bd:76:2e:c3:77:0c:ad:e2:
a4:c6:ce:c0:d8:53:db:c8:07:e5:69:06:4f:7e:06:
ac:04:16:79:0b:d9:a0:2e:fe:be:1a:95:d7:62:bf:
c0:f0:36:18:9c:a7:fd:d4:bf:3f:8a:02:0f:57:97:
d3:a6:99:01:8c:e1:d0:5d:b4:51:75:17:41:88:a3:
2b:1f:43:05:47:e2:32:c0:8f:12:37:20:af:e0:59:
53:0e:db:3b:26:27:34:0c:a1:61:75:04:3f:3d:68:
46:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:43:73:1D:E6:15:57:3A:6C:63:F8:E8:98:C4:0E:9F:73:6E:0D:EB
X509v3 Authority Key Identifier:
keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/4C97B130C1E611EF905CE060C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.93.0/24
161.248.38.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:0b:a4:6b:80:b3:82:9e:19:a9:66:18:c2:c2:15:5f:d1:4e:
dc:f1:a6:af:e7:0e:3c:b1:41:c4:e1:8c:64:9b:90:fb:fc:1a:
3b:ec:6f:61:ad:0e:ef:0d:ba:c2:f4:70:b3:e8:e3:db:54:0a:
4f:10:03:75:56:71:3e:22:2b:a5:cc:38:03:69:e0:06:48:99:
e3:1d:48:3e:89:5a:fd:98:3d:de:43:c5:3a:49:9b:0d:c7:a1:
c6:db:1a:f5:8f:16:55:6c:22:d3:58:5f:5e:67:93:e9:4d:7f:
65:7c:12:0a:a0:91:73:f2:0a:3b:65:fe:9c:ac:aa:33:35:eb:
3d:84:52:84:34:44:d3:85:36:75:dc:57:9d:f5:8a:58:79:b0:
dd:6f:cd:d0:77:bb:31:32:dd:43:8e:31:18:89:9d:7d:50:f3:
c5:ab:02:1f:f8:d4:7c:82:6d:14:e6:c8:b2:ef:c7:49:1f:05:
85:e0:dd:a8:74:de:e5:95:7f:13:30:b1:16:2c:00:4a:ed:7a:
63:39:67:af:a9:e1:a5:b3:e1:c5:50:70:f3:a2:8a:62:e8:6e:
04:47:08:d8:9b:06:f7:33:23:d1:53:53:c6:99:3e:1b:59:13:
6a:a6:5c:6e:f6:32:a3:28:89:6f:c8:4c:13:5a:eb:19:26:dc:
42:47:df:2d
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICHFEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF
QkU2OTczRjkwHhcNMjQxMjI3MDcxNzE1WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZlNTQ3Yi03ZmVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAocmGvMVb/1fQWOW8yvtwobwOvLAgIqM6tyTw748yI7Mbljr1ex5ylk5INMoR
5o9RfhQnWHzAN9BRBUyQHIIV4uhKu1U065R3+k2brkCiaFcKokbyUEP5UxUed5t3
TJUosNUcFsJO8Da68wwetTv3Np5en79ekXaU9lZwE3wm7JebnOu66k0FjxFgj7k8
ZOsyBQIN1gRT30c8xN+2vXYuw3cMreKkxs7A2FPbyAflaQZPfgasBBZ5C9mgLv6+
GpXXYr/A8DYYnKf91L8/igIPV5fTppkBjOHQXbRRdRdBiKMrH0MFR+IywI8SNyCv
4FlTDts7Jic0DKFhdQQ/PWhGQQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFEZDcx3m
FVc6bGP46JjEDp9zbg3rMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNEM5N0IxMzBD
MUU2MTFFRjkwNUNFMDYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBACdCl0DBAGh+CYwDQYJKoZIhvcNAQELBQADggEBALULpGuA
s4KeGalmGMLCFV/RTtzxpq/nDjyxQcThjGSbkPv8Gjvsb2GtDu8NusL0cLPo49tU
Ck8QA3VWcT4iK6XMOANp4AZImeMdSD6JWv2YPd5DxTpJmw3HocbbGvWPFlVsItNY
X15nk+lNf2V8EgqgkXPyCjtl/pysqjM16z2EUoQ0RNOFNnXcV531ilh5sN1vzdB3
uzEy3UOOMRiJnX1Q88WrAh/41HyCbRTmyLLvx0kfBYXg3ah03uWVfxMwsRYsAErt
emM5Z6+p4aWz4cVQcPOiimLobgRHCNibBvczI9FTU8aZPhtZE2qmXG72MqMoiW/I
TBNa6xkm3EJH3y0=
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:03:58 2025 by rpki-client