Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/E1D81CF402E611EFB31F717BC4F9AE02.roa
File: E1D81CF402E611EFB31F717BC4F9AE02.roa (raw, json)
Hash identifier: GbkdFuvw4j/Qwho5DmVzt29dr0Sdn0y9Un5e6MyXhnU=
Subject key identifier: 1B:26:95:48:CB:BD:C1:2C:9D:E7:2C:36:FD:14:70:4F:8E:9B:AA:F4
Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Certificate serial: 19DB
Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/E1D81CF402E611EFB31F717BC4F9AE02.roa
Signing time: Thu 30 May 2024 15:52:16 +0000
ROA not before: Thu 30 May 2024 15:52:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 132323
IP address blocks: 157.10.60.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6619 (0x19db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 15:52:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a0b0-72ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c8:81:42:3a:33:46:3a:a7:b7:d2:cf:40:77:
bf:dd:d7:cf:fc:eb:9f:75:82:95:fd:ea:95:8e:95:
6d:fa:f9:e9:75:be:d7:4a:ff:2f:72:59:eb:33:96:
16:22:30:a1:bc:b7:99:22:e6:0b:4d:53:5a:41:73:
12:f8:4a:4a:c7:9e:b5:38:8b:1b:2e:94:18:0a:1f:
ed:c4:6b:83:7f:03:11:93:7a:ff:a8:54:28:db:70:
e7:ed:91:70:70:b0:f8:c4:cf:df:3a:17:80:eb:09:
32:70:b6:e2:85:eb:3a:bb:71:fe:78:22:a7:e6:42:
f5:10:eb:96:71:5e:86:b0:34:e4:49:4e:96:5a:42:
6d:f0:1e:52:99:5f:27:ff:b2:d6:20:28:d7:4e:5a:
50:ff:78:a8:5d:02:68:52:df:69:02:dd:86:6d:7c:
da:48:99:71:2b:af:99:3a:33:ae:8b:1f:53:41:8e:
76:6d:f2:c9:55:8e:75:f9:d9:69:46:3d:eb:07:e7:
c8:78:fe:be:0a:68:98:ba:8f:bc:da:6b:a6:a1:5c:
0d:e9:b2:33:8d:24:e9:91:bc:b0:54:53:ec:4c:96:
71:25:41:13:b9:e7:2b:29:d3:f5:b6:d1:39:17:55:
d6:cf:99:d2:17:f4:1d:4b:75:c8:5f:11:bf:68:ca:
20:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:26:95:48:CB:BD:C1:2C:9D:E7:2C:36:FD:14:70:4F:8E:9B:AA:F4
X509v3 Authority Key Identifier:
keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/E1D81CF402E611EFB31F717BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.60.0/23
Signature Algorithm: sha256WithRSAEncryption
35:2c:c4:04:7d:f8:00:35:78:9b:88:59:c4:dc:ef:fd:aa:99:
b7:53:4f:6e:9a:8d:79:51:0b:99:4c:20:72:5f:5f:1c:48:84:
9c:3d:80:8d:cc:43:f5:a7:96:a8:16:0c:5c:73:25:f5:a1:13:
97:53:8b:1e:21:92:cd:15:1d:31:bd:32:a2:c9:71:37:20:8d:
cf:7c:2e:d2:88:cc:4b:66:f0:a7:ea:29:b4:16:e0:10:f3:70:
03:34:ed:cc:58:c1:55:df:65:06:d8:52:d8:f0:6c:13:f8:e3:
31:63:70:5c:cd:64:47:4d:cb:7f:f7:06:2d:3d:4b:16:7c:72:
a2:05:88:ba:9e:b3:ba:bc:1a:3a:cb:c0:fb:3c:e9:a1:df:e3:
e1:ea:b3:4c:b7:9d:fb:67:77:32:53:4c:e5:9d:a7:89:76:db:
39:58:09:e7:cd:3c:e7:8d:c0:59:a4:5f:a2:ec:db:2f:96:6f:
14:d8:3c:70:40:56:38:92:01:70:c1:52:cd:3c:96:7e:d6:3b:
18:42:00:3e:aa:ea:21:55:f7:76:fb:d4:2f:20:2e:09:13:e1:
23:11:31:ec:b3:23:ec:4b:a3:f0:da:c1:ad:c9:7e:87:2d:53:
60:3f:76:d7:75:a1:dc:8b:bd:48:3e:f2:48:7f:ea:47:fe:24:
ed:a5:e5:b2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGdswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF
QkU2OTczRjkwHhcNMjQwNTMwMTU1MjE2WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjU4YTBiMC03MmFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy8iBQjozRjqnt9LPQHe/3dfP/OufdYKV/eqVjpVt+vnpdb7XSv8vclnrM5YW
IjChvLeZIuYLTVNaQXMS+EpKx561OIsbLpQYCh/txGuDfwMRk3r/qFQo23Dn7ZFw
cLD4xM/fOheA6wkycLbihes6u3H+eCKn5kL1EOuWcV6GsDTkSU6WWkJt8B5SmV8n
/7LWICjXTlpQ/3ioXQJoUt9pAt2GbXzaSJlxK6+ZOjOuix9TQY52bfLJVY51+dlp
Rj3rB+fIeP6+CmiYuo+82mumoVwN6bIzjSTpkbywVFPsTJZxJUETuecrKdP1ttE5
F1XWz5nSF/QdS3XIXxG/aMogZwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBsmlUjL
vcEsnecsNv0UcE+Om6r0MB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRTFEODFDRjQw
MkU2MTFFRkIzMUY3MTdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGdCjwwDQYJKoZIhvcNAQELBQADggEBADUsxAR9+AA1eJuI
WcTc7/2qmbdTT26ajXlRC5lMIHJfXxxIhJw9gI3MQ/WnlqgWDFxzJfWhE5dTix4h
ks0VHTG9MqLJcTcgjc98LtKIzEtm8KfqKbQW4BDzcAM07cxYwVXfZQbYUtjwbBP4
4zFjcFzNZEdNy3/3Bi09SxZ8cqIFiLqes7q8GjrLwPs86aHf4+Hqs0y3nftndzJT
TOWdp4l22zlYCefNPOeNwFmkX6Ls2y+WbxTYPHBAVjiSAXDBUs08ln7WOxhCAD6q
6iFV93b71C8gLgkT4SMRMeyzI+xLo/Dawa3JfoctU2A/dtd1odyLvUg+8kh/6kf+
JO2l5bI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:06:55 2025 by rpki-client