Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/7E1539DCE1F111EFB1B96B27C4F9AE02.roa
File: 7E1539DCE1F111EFB1B96B27C4F9AE02.roa (raw, json)
Hash identifier: rEMaOx8ceTuhjmATtx0lK0lN/RzjyffiUVf58Q4p/zY=
Subject key identifier: FB:45:9F:E9:72:D8:94:B9:BB:00:28:E4:E5:A4:D2:7A:B3:15:EF:4F
Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Certificate serial: 1CAA
Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/7E1539DCE1F111EFB1B96B27C4F9AE02.roa
Signing time: Mon 03 Feb 2025 05:41:19 +0000
ROA not before: Mon 03 Feb 2025 05:41:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 153255
IP address blocks: 160.250.100.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7338 (0x1caa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 3 05:41:19 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67a056ff-2bb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:aa:05:f1:93:70:59:7e:a4:a9:87:35:8e:17:
2d:49:e3:bc:aa:d9:92:d0:a8:2f:b8:7b:4f:9a:79:
54:83:ee:6e:1d:2b:be:36:9f:1c:17:b3:71:24:6b:
51:a7:bd:d7:6d:51:9a:f7:cd:0e:e4:86:99:1c:ea:
06:c6:b9:4e:79:f2:07:6e:ad:02:f1:50:46:ef:47:
3d:e2:f5:85:6f:15:32:bc:6e:d9:5a:fb:cb:93:15:
e0:45:a5:77:4f:87:15:02:4c:54:2f:a2:ac:5f:3b:
69:14:4c:6b:2e:93:f4:60:2f:81:1b:67:6f:4b:f1:
08:46:81:50:24:ec:cc:79:d3:15:c8:ab:45:34:86:
5e:bb:9a:8a:ca:c0:e3:e1:7f:00:8a:89:27:75:8d:
81:f7:aa:3a:93:41:0c:b9:4f:59:0f:b4:99:08:7f:
b2:19:2a:8f:f1:5f:27:2b:15:7d:41:2d:f9:c2:2c:
9e:80:00:f0:23:4a:a7:7d:c7:b3:31:b9:0a:4d:ac:
ea:17:7f:55:e8:a9:79:52:6a:05:60:74:ac:37:6a:
b2:e6:dc:e4:55:b0:47:2b:65:08:ea:2d:7c:28:8b:
94:ee:b3:ab:e8:fc:90:f9:02:fb:f3:df:28:d8:75:
d2:72:a2:c8:57:02:3a:6d:15:21:ea:d4:c8:53:32:
59:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:45:9F:E9:72:D8:94:B9:BB:00:28:E4:E5:A4:D2:7A:B3:15:EF:4F
X509v3 Authority Key Identifier:
keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/7E1539DCE1F111EFB1B96B27C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.250.100.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:88:ef:18:19:45:4a:93:53:34:4e:5b:df:7e:ed:e1:9b:e3:
1f:07:e9:ac:b5:ed:9d:2e:75:f7:52:78:e9:1f:64:54:21:16:
de:9c:a4:42:a3:36:e4:31:81:b0:62:3d:af:d4:43:8c:3d:a6:
94:cf:ad:ad:66:3e:54:a0:8f:a0:17:e7:b8:92:28:89:ac:f3:
53:3e:83:13:8b:79:f0:18:09:1f:1f:1e:0f:25:70:bb:e0:a6:
7d:64:fb:64:4e:61:0a:5d:b7:48:c3:5b:5e:3f:f7:5a:12:19:
75:92:e0:71:e7:6f:fb:13:95:99:38:a9:df:54:1e:d9:2c:29:
3d:f8:5a:29:66:2c:28:ad:63:c6:59:c0:6d:ca:a6:47:52:b1:
de:5e:b0:9c:fa:4c:a5:71:0c:03:b1:14:8d:3c:83:b6:54:d3:
8b:8b:6e:cd:97:84:07:1b:3d:02:56:6f:d1:92:7b:03:ee:d4:
85:ac:c7:38:a6:eb:b8:8a:12:db:41:a0:e8:c7:f0:c4:28:83:
76:7b:73:7c:0d:c9:da:70:e2:99:9f:d3:e2:24:55:72:40:9d:
c1:4a:62:a8:9f:14:0d:d0:f0:20:cf:78:c5:55:65:1b:ea:82:
e7:dc:06:86:28:39:38:a1:eb:13:9b:85:72:73:ea:42:7b:30:
24:77:93:d5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICHKowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF
QkU2OTczRjkwHhcNMjUwMjAzMDU0MTE5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EwNTZmZi0yYmIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq6oF8ZNwWX6kqYc1jhctSeO8qtmS0KgvuHtPmnlUg+5uHSu+Np8cF7NxJGtR
p73XbVGa980O5IaZHOoGxrlOefIHbq0C8VBG70c94vWFbxUyvG7ZWvvLkxXgRaV3
T4cVAkxUL6KsXztpFExrLpP0YC+BG2dvS/EIRoFQJOzMedMVyKtFNIZeu5qKysDj
4X8AiokndY2B96o6k0EMuU9ZD7SZCH+yGSqP8V8nKxV9QS35wiyegADwI0qnfcez
MbkKTazqF39V6Kl5UmoFYHSsN2qy5tzkVbBHK2UI6i18KIuU7rOr6PyQ+QL7898o
2HXScqLIVwI6bRUh6tTIUzJZYQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPtFn+ly
2JS5uwAo5OWk0nqzFe9PMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvN0UxNTM5RENF
MUYxMTFFRkIxQjk2QjI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGg+mQwDQYJKoZIhvcNAQELBQADggEBACyI7xgZRUqTUzRO
W99+7eGb4x8H6ay17Z0udfdSeOkfZFQhFt6cpEKjNuQxgbBiPa/UQ4w9ppTPra1m
PlSgj6AX57iSKIms81M+gxOLefAYCR8fHg8lcLvgpn1k+2ROYQpdt0jDW14/91oS
GXWS4HHnb/sTlZk4qd9UHtksKT34WilmLCitY8ZZwG3KpkdSsd5esJz6TKVxDAOx
FI08g7ZU04uLbs2XhAcbPQJWb9GSewPu1IWsxzim67iKEttBoOjH8MQog3Z7c3wN
ydpw4pmf0+IkVXJAncFKYqifFA3Q8CDPeMVVZRvqgufcBoYoOTih6xObhXJz6kJ7
MCR3k9U=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:19:38 2025 by rpki-client