Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/E59233C8C8D111EF8B3DC70FC4F9AE02.roa
File: E59233C8C8D111EF8B3DC70FC4F9AE02.roa (raw, json)
Hash identifier: 4PRGJpuZqcNR3a3ENGUH+RbCuiwgfoz3gAY4TgePgK4=
Subject key identifier: 0D:E6:36:8B:18:6F:0D:8D:3D:D7:19:02:B4:9E:18:5B:3D:C1:09:23
Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Certificate serial: 1C68
Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/E59233C8C8D111EF8B3DC70FC4F9AE02.roa
Signing time: Thu 02 Jan 2025 09:37:45 +0000
ROA not before: Thu 02 Jan 2025 09:37:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137488
IP address blocks: 161.248.74.0/24 maxlen: 24
161.248.75.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7272 (0x1c68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 2 09:37:45 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67765e69-6c90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:af:37:58:cb:f8:05:2f:05:c0:2f:0a:04:b9:
f2:a8:f3:5d:c6:48:70:6b:5e:f1:32:d3:7e:30:46:
79:c8:53:37:5a:c8:f0:13:7a:10:5e:29:5d:bf:e7:
b1:5e:75:b2:b3:00:23:86:7b:8d:3e:60:1e:ca:65:
6f:dc:d4:07:ae:d0:52:ce:6a:f2:ae:2c:43:bd:6b:
05:e3:db:f8:ab:91:c3:b4:57:91:a2:d9:ea:a0:41:
e7:7e:69:04:81:53:57:bf:c7:d5:89:bf:2d:3b:67:
a6:8c:af:4a:4d:71:64:4b:fa:b6:1a:f9:8e:ef:8c:
e9:75:63:d6:e0:79:9f:bb:6a:fa:f6:38:6d:6e:6e:
ec:e4:d6:7d:05:c2:be:0a:be:67:72:83:52:0e:97:
07:66:04:c4:c4:ca:ac:06:29:66:d0:8c:62:26:81:
07:bc:43:b2:d2:41:5e:6d:e0:42:3e:3e:66:7e:3a:
7c:57:2f:94:55:e0:1c:5e:7d:09:99:e4:2b:86:7d:
90:47:37:d0:9b:e5:ac:85:35:c0:46:de:db:4c:11:
be:02:50:11:0e:10:60:34:b5:f7:a2:80:46:34:75:
9c:4d:9c:1f:1b:44:02:8f:21:bf:ba:8d:f5:49:75:
1f:3e:69:07:7c:db:86:c1:af:5a:a4:73:89:1d:59:
ff:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:E6:36:8B:18:6F:0D:8D:3D:D7:19:02:B4:9E:18:5B:3D:C1:09:23
X509v3 Authority Key Identifier:
keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/E59233C8C8D111EF8B3DC70FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.74.0/23
Signature Algorithm: sha256WithRSAEncryption
bb:7c:61:a4:ae:6c:1a:bf:57:5e:72:87:b5:c0:5e:ca:52:c3:
51:1f:65:c5:35:9d:d3:c8:bb:e5:2b:6d:66:ce:f2:28:42:ab:
be:b6:30:7f:dd:f2:d5:54:b1:89:c9:ae:94:4a:da:1e:1e:31:
b9:26:50:80:01:2b:a8:8b:b9:07:1d:1d:99:f4:58:0f:67:b3:
72:a4:11:1d:6d:0e:c6:a4:cf:0a:6b:41:d5:81:1a:0c:80:18:
01:85:9b:39:d6:2d:30:b0:2c:15:7f:7c:4f:0c:7e:ae:54:bb:
b1:06:98:b6:5d:3c:7b:bf:69:c0:f7:1c:39:9c:b0:9b:bb:12:
2e:03:1c:ec:61:63:3d:9a:11:d2:14:ed:1f:cb:ac:53:30:99:
ff:be:fc:c7:e8:af:e1:29:a3:60:ca:5f:71:e1:65:07:83:36:
1b:ca:e9:03:53:6e:29:3a:92:44:30:cc:4d:0c:bb:4f:fc:e3:
0e:e4:c2:2a:33:bb:fb:c1:ad:8f:fb:24:4c:02:e5:e2:4c:5d:
36:f2:2c:e8:1a:54:97:ab:3f:05:eb:1e:dd:d9:46:f4:c3:09:
48:e5:1d:d2:67:45:de:b2:bc:3e:7e:7a:e4:b8:01:b2:ec:82:
1e:b7:59:4e:92:76:a0:2a:51:91:e6:c2:fe:8c:1c:fc:91:15:
57:d3:87:3f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICHGgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF
QkU2OTczRjkwHhcNMjUwMTAyMDkzNzQ1WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc2NWU2OS02YzkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs683WMv4BS8FwC8KBLnyqPNdxkhwa17xMtN+MEZ5yFM3WsjwE3oQXildv+ex
XnWyswAjhnuNPmAeymVv3NQHrtBSzmryrixDvWsF49v4q5HDtFeRotnqoEHnfmkE
gVNXv8fVib8tO2emjK9KTXFkS/q2GvmO74zpdWPW4Hmfu2r69jhtbm7s5NZ9BcK+
Cr5ncoNSDpcHZgTExMqsBilm0IxiJoEHvEOy0kFebeBCPj5mfjp8Vy+UVeAcXn0J
meQrhn2QRzfQm+WshTXARt7bTBG+AlARDhBgNLX3ooBGNHWcTZwfG0QCjyG/uo31
SXUfPmkHfNuGwa9apHOJHVn//QIDAQABo4IClTCCApEwHQYDVR0OBBYEFA3mNosY
bw2NPdcZArSeGFs9wQkjMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRTU5MjMzQzhD
OEQxMTFFRjhCM0RDNzBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGh+EowDQYJKoZIhvcNAQELBQADggEBALt8YaSubBq/V15y
h7XAXspSw1EfZcU1ndPIu+UrbWbO8ihCq762MH/d8tVUsYnJrpRK2h4eMbkmUIAB
K6iLuQcdHZn0WA9ns3KkER1tDsakzwprQdWBGgyAGAGFmznWLTCwLBV/fE8Mfq5U
u7EGmLZdPHu/acD3HDmcsJu7Ei4DHOxhYz2aEdIU7R/LrFMwmf++/Mfor+Epo2DK
X3HhZQeDNhvK6QNTbik6kkQwzE0Mu0/84w7kwiozu/vBrY/7JEwC5eJMXTbyLOga
VJerPwXrHt3ZRvTDCUjlHdJnRd6yvD5+euS4AbLsgh63WU6SdqAqUZHmwv6MHPyR
FVfThz8=
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:26:41 2025 by rpki-client