Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8A2B6B620AEE11F0B76AA736C4F9AE02.roa
File: 8A2B6B620AEE11F0B76AA736C4F9AE02.roa (raw, json)
Hash identifier: xMqyXf/LKrcnjGgY1+w4sLQ+INIGeU0Ek9mo2HPHAn8=
Subject key identifier: B1:80:57:09:E9:BF:C4:31:E0:50:96:7B:72:7A:B7:B3:1E:F6:19:A7
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: ACF9
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8A2B6B620AEE11F0B76AA736C4F9AE02.roa
Signing time: Thu 27 Mar 2025 09:33:28 +0000
ROA not before: Thu 27 Mar 2025 09:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 153714
IP address blocks: 163.223.154.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44281 (0xacf9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 27 09:33:28 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67e51b68-4fde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:24:60:84:8f:8b:c7:68:aa:7e:57:36:34:00:
5b:e0:9a:93:62:e0:be:16:e1:4c:b9:79:e1:7f:9b:
5b:e3:f9:5c:c4:99:1c:72:ad:81:ba:88:a1:f0:57:
14:0b:d2:bb:5a:96:fd:62:2a:eb:f9:33:2e:8c:3f:
2f:59:c7:04:27:62:d3:d5:a1:ce:a8:93:3a:86:48:
63:52:e2:bc:8f:71:28:9c:dc:04:22:99:98:f5:d5:
8f:cf:8a:47:e2:3d:60:b3:97:6b:d7:23:b7:19:e9:
b1:fb:42:57:40:cb:b0:e1:c2:6a:20:af:7c:67:14:
94:cf:dd:ea:75:1d:cf:cb:c1:f8:d8:51:ca:d9:3b:
2a:45:cd:4f:72:1c:b5:3f:f5:5a:a5:77:a0:46:82:
35:70:d2:64:55:60:c0:f4:49:27:dd:f5:8d:e9:3d:
43:3c:73:5e:c0:b5:ac:f0:2d:f0:15:99:54:80:42:
c1:4a:40:52:1f:c7:53:b9:40:44:68:4f:27:cd:ee:
cc:02:32:6e:31:41:6c:75:29:41:5b:32:f4:1c:9c:
9e:c6:a1:6b:4f:51:53:84:5a:f5:d7:08:43:3d:9f:
cf:53:18:4e:79:44:ad:4a:a3:9c:0a:06:75:5f:e2:
c8:81:a6:33:6d:f1:fb:62:a1:c8:b0:00:96:2d:1c:
9d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:80:57:09:E9:BF:C4:31:E0:50:96:7B:72:7A:B7:B3:1E:F6:19:A7
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8A2B6B620AEE11F0B76AA736C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.223.154.0/23
Signature Algorithm: sha256WithRSAEncryption
33:d9:7f:12:70:bd:b9:a0:17:8d:75:49:2a:9e:33:04:c7:dc:
ed:80:71:b9:c3:61:5f:a0:c6:1e:c8:c8:0f:1d:b6:80:c1:d5:
7e:8a:d3:10:57:95:ca:d4:30:33:d1:62:ba:49:8f:fb:5c:44:
df:13:e8:9b:22:62:e4:1c:22:a1:98:34:28:18:e5:8d:26:4f:
e3:58:41:06:b5:d6:ec:de:fa:91:93:4b:f7:a0:ea:09:15:ce:
56:fc:56:da:1e:a0:0b:89:0c:d3:b1:1f:2a:aa:8f:15:1f:e2:
07:43:4d:bd:a4:a2:3d:3f:b2:84:9f:df:03:e1:d9:84:20:67:
39:99:1e:fa:12:a9:58:da:a3:c7:3b:c1:1a:0a:f1:95:1e:75:
a9:e4:44:44:5a:13:3b:c0:a6:7f:10:89:02:99:74:f8:d9:59:
d6:5f:b7:6f:33:34:39:18:82:e2:4a:41:fb:48:3d:25:a6:6e:
58:2f:d5:ba:1b:88:d3:ea:9b:d0:5c:14:62:e1:68:32:8b:10:
8d:0d:40:14:87:b1:e4:48:26:28:76:dd:5e:ec:e5:4f:e6:1b:
42:47:b8:ec:3b:aa:b3:86:e8:9b:29:50:35:49:b0:62:65:4d:
8b:57:6e:a1:ae:fb:19:e2:70:4e:d7:41:73:2a:ab:b3:f3:16:
11:d0:54:f7
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIDAKz5MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDMyNzA5MzMyOFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdlNTFiNjgtNGZkZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMkkYISPi8doqn5XNjQAW+Cak2LgvhbhTLl54X+bW+P5XMSZHHKtgbqIofBX
FAvSu1qW/WIq6/kzLow/L1nHBCdi09WhzqiTOoZIY1LivI9xKJzcBCKZmPXVj8+K
R+I9YLOXa9cjtxnpsftCV0DLsOHCaiCvfGcUlM/d6nUdz8vB+NhRytk7KkXNT3Ic
tT/1WqV3oEaCNXDSZFVgwPRJJ931jek9QzxzXsC1rPAt8BWZVIBCwUpAUh/HU7lA
RGhPJ83uzAIybjFBbHUpQVsy9Bycnsaha09RU4Ra9dcIQz2fz1MYTnlErUqjnAoG
dV/iyIGmM23x+2KhyLAAli0cnfsCAwEAAaOCApUwggKRMB0GA1UdDgQWBBSxgFcJ
6b/EMeBQlntyerezHvYZpzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzhBMkI2QjYy
MEFFRTExRjBCNzZBQTczNkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQBo9+aMA0GCSqGSIb3DQEBCwUAA4IBAQAz2X8ScL25oBeN
dUkqnjMEx9ztgHG5w2FfoMYeyMgPHbaAwdV+itMQV5XK1DAz0WK6SY/7XETfE+ib
ImLkHCKhmDQoGOWNJk/jWEEGtdbs3vqRk0v3oOoJFc5W/FbaHqALiQzTsR8qqo8V
H+IHQ029pKI9P7KEn98D4dmEIGc5mR76EqlY2qPHO8EaCvGVHnWp5EREWhM7wKZ/
EIkCmXT42VnWX7dvMzQ5GILiSkH7SD0lpm5YL9W6G4jT6pvQXBRi4WgyixCNDUAU
h7HkSCYodt1e7OVP5htCR7jsO6qzhuibKVA1SbBiZU2LV26hrvsZ4nBO10FzKquz
8xYR0FT3
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:23:28 2025 by rpki-client