Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/F7FBF3C0AE2B11EFA17C3E70C4F9AE02.roa
File: F7FBF3C0AE2B11EFA17C3E70C4F9AE02.roa (raw, json)
Hash identifier: X7Zk+7iTynW+Uv7/cXJarZ6zHZN0VtP0R34uRoh6TE8=
Subject key identifier: 71:FD:93:5B:B0:8C:CF:72:08:BF:69:97:90:23:87:71:63:1B:DE:33
Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Certificate serial: 1C08
Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/F7FBF3C0AE2B11EFA17C3E70C4F9AE02.roa
Signing time: Fri 29 Nov 2024 08:28:54 +0000
ROA not before: Fri 29 Nov 2024 08:28:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 150093
IP address blocks: 160.22.235.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7176 (0x1c08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Nov 29 08:28:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67497b46-5fe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c0:b6:b5:06:2f:16:d5:e5:47:d0:fb:05:ad:
7f:9a:42:9c:f5:4f:53:68:06:81:b2:7a:1f:d9:b8:
18:81:0a:52:22:fc:37:2b:95:90:01:ba:53:e8:0a:
a3:b4:ab:be:9e:f7:e3:6b:9f:34:b8:d3:c3:9d:01:
f7:a9:2c:15:2e:fb:cc:db:b9:5f:bf:b9:65:94:29:
60:0d:13:b4:fd:32:01:05:c2:6e:38:ec:b3:e7:20:
aa:83:01:23:f7:e3:a7:d5:e6:8c:97:2b:04:3e:b3:
4b:4b:e1:da:c2:91:f6:b2:aa:67:5d:d0:b7:d6:85:
4b:ed:27:4b:a9:1a:15:1d:db:cb:82:76:d4:16:d8:
ff:20:73:aa:35:2f:5a:d0:b5:5d:7a:6f:c6:b9:dd:
1e:f9:fe:14:bd:c8:17:7a:c8:09:4a:e8:7b:57:85:
0e:a0:1b:83:a3:67:9b:67:3f:9c:73:7d:a5:e5:7d:
6d:09:66:72:20:ef:95:2f:a8:29:86:b6:b8:b7:54:
7c:62:d9:57:7e:7c:c3:d5:42:26:6b:1f:34:0f:9b:
31:db:40:a0:9a:da:c4:91:23:43:d0:ca:64:09:f3:
c4:f9:f9:82:4c:36:d0:a3:69:a4:87:a4:08:d2:44:
4c:a0:c6:fc:3c:15:c1:ff:24:b2:c2:5c:76:62:57:
d2:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:FD:93:5B:B0:8C:CF:72:08:BF:69:97:90:23:87:71:63:1B:DE:33
X509v3 Authority Key Identifier:
keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/F7FBF3C0AE2B11EFA17C3E70C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.22.235.0/24
Signature Algorithm: sha256WithRSAEncryption
16:56:52:91:24:82:22:8e:df:29:7e:a0:ff:76:df:6e:9a:40:
83:84:0b:4d:36:cf:5f:54:b2:ed:dc:68:03:c4:ae:cb:e1:91:
f6:e5:b0:22:46:dd:54:16:c9:e3:f9:1d:ab:17:ce:04:8f:d0:
8e:46:d7:72:35:1b:26:97:65:20:a1:8c:fd:0e:7b:f4:e3:52:
49:ac:b8:1b:be:78:a4:fd:61:59:cd:06:bb:8a:d5:97:74:8b:
29:20:80:9e:cc:8a:db:ee:34:02:2f:9c:17:e5:2a:12:e3:4a:
5a:29:9a:6f:a7:36:5b:4d:c1:d4:e1:14:24:a8:82:aa:7a:11:
b5:c5:f9:73:49:68:69:b4:8a:68:f5:f6:6f:2b:41:80:6d:b2:
cb:14:61:b4:f3:3f:5a:07:fe:09:b6:62:55:06:55:96:a2:ee:
13:64:a6:f9:b5:4e:52:77:91:15:f3:80:d4:d5:0a:5f:16:72:
af:02:88:a6:f8:1a:a8:41:78:6c:58:26:a7:b7:d4:4f:47:5c:
fc:aa:84:80:0f:76:87:14:1e:d9:04:bf:d0:4b:1a:51:93:c1:
cc:65:0a:f7:08:64:fa:36:01:10:9b:11:b3:a3:d0:2e:2b:95:
6a:ac:d7:c1:25:5b:79:d7:11:4d:86:24:8b:bb:52:e6:bc:2d:
b1:52:9a:22
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICHAgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF
QkU2OTczRjkwHhcNMjQxMTI5MDgyODU0WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ5N2I0Ni01ZmU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv8C2tQYvFtXlR9D7Ba1/mkKc9U9TaAaBsnof2bgYgQpSIvw3K5WQAbpT6Aqj
tKu+nvfja580uNPDnQH3qSwVLvvM27lfv7lllClgDRO0/TIBBcJuOOyz5yCqgwEj
9+On1eaMlysEPrNLS+HawpH2sqpnXdC31oVL7SdLqRoVHdvLgnbUFtj/IHOqNS9a
0LVdem/Gud0e+f4UvcgXesgJSuh7V4UOoBuDo2ebZz+cc32l5X1tCWZyIO+VL6gp
hra4t1R8YtlXfnzD1UImax80D5sx20CgmtrEkSND0MpkCfPE+fmCTDbQo2mkh6QI
0kRMoMb8PBXB/ySywlx2YlfS5wIDAQABo4IClTCCApEwHQYDVR0OBBYEFHH9k1uw
jM9yCL9pl5Ajh3FjG94zMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRjdGQkYzQzBB
RTJCMTFFRkExN0MzRTcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACgFuswDQYJKoZIhvcNAQELBQADggEBABZWUpEkgiKO3yl+
oP92326aQIOEC002z19Usu3caAPErsvhkfblsCJG3VQWyeP5HasXzgSP0I5G13I1
GyaXZSChjP0Oe/TjUkmsuBu+eKT9YVnNBruK1Zd0iykggJ7MitvuNAIvnBflKhLj
Slopmm+nNltNwdThFCSogqp6EbXF+XNJaGm0imj19m8rQYBtsssUYbTzP1oH/gm2
YlUGVZai7hNkpvm1TlJ3kRXzgNTVCl8Wcq8CiKb4GqhBeGxYJqe31E9HXPyqhIAP
docUHtkEv9BLGlGTwcxlCvcIZPo2ARCbEbOj0C4rlWqs18ElW3nXEU2GJIu7Uua8
LbFSmiI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:48:33 2025 by rpki-client