Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/D2D33C94D97711EF8509CD86C4F9AE02.roa
File: D2D33C94D97711EF8509CD86C4F9AE02.roa (raw, json)
Hash identifier: yahe6qxy31w46mMDXaMR8kjsXcWyLsX5Se4nYV7SV1A=
Subject key identifier: B3:57:22:0C:E2:3C:DB:7C:18:EB:55:63:DC:FE:D5:F0:13:C2:BB:97
Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Certificate serial: 1C92
Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/D2D33C94D97711EF8509CD86C4F9AE02.roa
Signing time: Thu 23 Jan 2025 10:50:13 +0000
ROA not before: Thu 23 Jan 2025 10:50:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 153288
IP address blocks: 161.248.105.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7314 (0x1c92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 23 10:50:13 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67921ee5-73d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:66:f4:38:cf:07:79:c5:9f:7b:5a:4d:aa:d0:
80:84:cf:83:fa:ca:82:ab:40:37:0c:8a:8d:85:6a:
0f:83:a1:af:03:c7:5f:ce:ae:28:49:6e:45:40:43:
0f:1e:1d:be:ed:7f:bc:3c:20:ca:bf:01:94:10:3b:
04:69:18:6c:76:4b:d2:7a:b4:a9:4c:fd:a2:86:c3:
59:0a:86:95:e3:d9:34:8b:a2:64:25:c6:27:4e:32:
35:31:88:fb:45:79:fd:6b:86:77:01:3f:8a:c2:05:
72:b3:59:6c:5a:98:58:1d:17:ea:36:7f:5e:60:68:
b7:c9:da:2e:93:a4:5a:5e:f3:5c:66:c7:eb:a5:9f:
cb:c0:2a:01:84:6b:a4:ca:e5:27:b6:f5:0b:f7:16:
9b:56:fc:4c:c7:9a:45:0b:39:cd:f8:0a:b8:62:71:
2d:67:c2:40:53:b3:50:44:a9:82:d6:68:ea:8f:d4:
99:36:d6:2f:d5:4e:7d:f1:f4:8a:46:ed:61:24:36:
ab:2d:c5:7e:ef:36:2a:3e:50:ff:c4:d7:36:ae:2c:
82:b9:42:69:7d:18:ea:cf:96:c6:c3:48:0c:26:64:
f1:3f:30:f8:ae:17:94:27:ae:36:4f:3c:81:1e:d6:
36:07:62:b7:f8:c6:7a:26:77:28:37:8c:b7:dc:59:
e2:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:57:22:0C:E2:3C:DB:7C:18:EB:55:63:DC:FE:D5:F0:13:C2:BB:97
X509v3 Authority Key Identifier:
keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/D2D33C94D97711EF8509CD86C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.105.0/24
Signature Algorithm: sha256WithRSAEncryption
66:7f:aa:f4:ef:3b:9f:6b:83:48:04:49:62:a2:34:09:13:30:
be:45:e7:09:02:a4:24:0c:b4:06:a0:50:66:1b:a5:15:55:0e:
36:f9:2c:45:46:ef:82:89:34:10:f8:90:63:39:a1:46:ad:b5:
eb:dc:c8:20:37:f7:07:03:85:03:18:f4:95:30:94:74:70:e9:
f6:f9:68:a6:ff:3c:df:a3:66:23:be:60:9b:52:54:61:cc:44:
cd:3a:7b:1e:9f:e7:2c:e1:e5:42:70:b1:b4:b1:3f:a5:f8:01:
b4:bf:25:b7:67:85:3c:f3:f7:d9:46:93:85:93:fc:53:3d:c7:
97:da:75:28:37:91:b5:51:cd:e6:1f:81:21:34:05:e4:b9:34:
93:60:c9:51:2e:46:b7:ab:4f:81:6a:e1:51:30:60:4b:30:67:
55:94:2f:4e:a0:8a:d8:4a:df:4b:7a:8c:56:7d:a0:8f:94:7d:
70:2e:20:23:c2:ba:f0:1f:81:83:1c:29:d0:04:cd:ac:9e:39:
f9:ef:46:36:50:bc:45:a4:64:ff:f6:06:c4:6b:59:2b:e5:75:
a8:b0:06:02:04:b4:db:39:f4:d3:fe:62:9d:0c:1a:7b:37:64:
34:5e:e6:89:5b:74:4f:d1:5b:89:19:2a:5e:19:fa:04:50:8d:
60:dc:cc:7e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICHJIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF
QkU2OTczRjkwHhcNMjUwMTIzMTA1MDEzWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkyMWVlNS03M2QzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2Gb0OM8HecWfe1pNqtCAhM+D+sqCq0A3DIqNhWoPg6GvA8dfzq4oSW5FQEMP
Hh2+7X+8PCDKvwGUEDsEaRhsdkvSerSpTP2ihsNZCoaV49k0i6JkJcYnTjI1MYj7
RXn9a4Z3AT+KwgVys1lsWphYHRfqNn9eYGi3ydouk6RaXvNcZsfrpZ/LwCoBhGuk
yuUntvUL9xabVvxMx5pFCznN+Aq4YnEtZ8JAU7NQRKmC1mjqj9SZNtYv1U598fSK
Ru1hJDarLcV+7zYqPlD/xNc2riyCuUJpfRjqz5bGw0gMJmTxPzD4rheUJ642TzyB
HtY2B2K3+MZ6JncoN4y33FniQwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLNXIgzi
PNt8GOtVY9z+1fATwruXMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRDJEMzNDOTRE
OTc3MTFFRjg1MDlDRDg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACh+GkwDQYJKoZIhvcNAQELBQADggEBAGZ/qvTvO59rg0gE
SWKiNAkTML5F5wkCpCQMtAagUGYbpRVVDjb5LEVG74KJNBD4kGM5oUattevcyCA3
9wcDhQMY9JUwlHRw6fb5aKb/PN+jZiO+YJtSVGHMRM06ex6f5yzh5UJwsbSxP6X4
AbS/JbdnhTzz99lGk4WT/FM9x5fadSg3kbVRzeYfgSE0BeS5NJNgyVEuRrerT4Fq
4VEwYEswZ1WUL06githK30t6jFZ9oI+UfXAuICPCuvAfgYMcKdAEzayeOfnvRjZQ
vEWkZP/2BsRrWSvldaiwBgIEtNs59NP+Yp0MGns3ZDRe5olbdE/RW4kZKl4Z+gRQ
jWDczH4=
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:47:37 2025 by rpki-client