Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/17EBC20AEED211EFBE1C2E6FC4F9AE02.roa
File: 17EBC20AEED211EFBE1C2E6FC4F9AE02.roa (raw, json)
Hash identifier: zPH03PGFKPUIu9NEkKQ98OjzbeNcbrly1xViNHW7ck8=
Subject key identifier: 8A:58:7D:86:7E:C0:07:8A:3A:C6:6F:7B:EF:E8:B3:F7:E3:C4:97:A1
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 052D
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/17EBC20AEED211EFBE1C2E6FC4F9AE02.roa
Signing time: Wed 19 Feb 2025 14:59:19 +0000
ROA not before: Wed 19 Feb 2025 14:59:19 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 153423
IP address blocks: 160.250.26.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1325 (0x52d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Feb 19 14:59:19 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67b5f1c6-abb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b4:2c:ca:08:3c:ef:18:22:aa:53:da:02:39:
e6:30:16:ee:66:bf:db:50:eb:94:01:05:4c:71:5b:
f2:2b:f6:d0:1d:6b:b5:8f:b5:30:82:c2:95:f9:f7:
e6:39:28:55:bd:76:d0:a4:27:81:dd:2c:0c:16:1d:
5a:8a:db:a0:d9:11:6c:1d:3b:fe:11:b5:f6:57:4e:
7b:0c:a4:bb:b3:da:26:d7:5f:21:0d:80:8b:05:b3:
5a:07:80:d5:a6:18:fc:22:f8:ab:4a:33:e0:12:0a:
2c:5f:6c:f9:4f:73:53:d1:63:ec:c0:80:47:e2:c0:
24:9d:c7:44:d7:38:b8:ce:b3:06:16:80:b2:34:26:
d0:23:e1:1b:86:1b:e9:a2:55:3b:fe:b9:50:37:49:
f4:35:6a:f7:93:ce:46:6c:4f:7d:27:6a:88:f1:7a:
e6:e7:cb:24:e9:71:0d:c7:09:f9:8a:93:84:6d:85:
16:2f:89:57:e7:09:b5:33:e5:ad:3c:9f:98:ea:fb:
02:98:b9:34:c3:3e:a2:e7:c6:cc:cc:0c:8d:6a:18:
60:d9:ee:50:c3:cd:e1:1a:21:9d:f9:79:3c:f2:c1:
f5:2f:19:7b:76:e8:15:c1:3a:5c:05:a1:2d:35:01:
00:ae:b2:30:22:69:36:5d:4e:8a:91:03:ba:91:7f:
e9:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:58:7D:86:7E:C0:07:8A:3A:C6:6F:7B:EF:E8:B3:F7:E3:C4:97:A1
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/17EBC20AEED211EFBE1C2E6FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.250.26.0/23
Signature Algorithm: sha256WithRSAEncryption
49:47:50:8d:6d:73:d8:6a:44:10:74:da:e6:bf:83:87:37:e2:
f2:1f:41:54:54:1f:ed:1d:a8:8b:eb:b7:f0:f8:a3:e6:36:e4:
c2:40:6a:88:36:88:7b:2d:98:86:cd:a3:17:5e:b4:c6:64:79:
32:17:a1:a5:55:93:8d:48:d1:aa:46:bf:df:04:36:85:34:2e:
2f:e5:02:33:b1:23:a4:57:16:c0:c1:2d:d5:a3:17:1c:73:d4:
84:6b:40:ec:f5:40:cf:68:ab:ff:68:33:2c:82:8e:1d:aa:33:
e2:df:78:25:0b:ef:f3:89:64:c6:4e:cc:88:e5:64:8c:e6:de:
f8:26:dc:b3:be:d6:ce:83:13:96:2a:f5:f4:86:25:19:f7:6d:
8e:60:82:0d:99:5d:62:7e:df:f8:a0:f9:85:f3:ac:1c:e3:53:
4a:2b:1a:e3:e9:78:09:51:d5:d2:34:af:2e:a5:16:6c:8f:e3:
c7:74:9a:b0:a1:45:38:2c:42:97:46:3a:7a:90:17:a9:78:89:
37:2e:b0:10:33:58:08:3f:06:84:d8:e6:a6:79:cc:82:fc:c7:
00:95:f1:ed:bd:3e:12:46:14:e4:1c:51:a2:e2:93:db:49:10:
68:13:12:1d:b8:07:8d:44:e9:c0:26:cc:14:28:92:fd:44:0c:
bc:4a:29:8d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBS0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjUwMjE5MTQ1OTE5WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I1ZjFjNi1hYmIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtrQsygg87xgiqlPaAjnmMBbuZr/bUOuUAQVMcVvyK/bQHWu1j7UwgsKV+ffm
OShVvXbQpCeB3SwMFh1aitug2RFsHTv+EbX2V057DKS7s9om118hDYCLBbNaB4DV
phj8IvirSjPgEgosX2z5T3NT0WPswIBH4sAkncdE1zi4zrMGFoCyNCbQI+Ebhhvp
olU7/rlQN0n0NWr3k85GbE99J2qI8Xrm58sk6XENxwn5ipOEbYUWL4lX5wm1M+Wt
PJ+Y6vsCmLk0wz6i58bMzAyNahhg2e5Qw83hGiGd+Xk88sH1Lxl7dugVwTpcBaEt
NQEArrIwImk2XU6KkQO6kX/p0QIDAQABo4IClTCCApEwHQYDVR0OBBYEFIpYfYZ+
wAeKOsZve+/os/fjxJehMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvMTdFQkMyMEFF
RUQyMTFFRkJFMUMyRTZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGg+howDQYJKoZIhvcNAQELBQADggEBAElHUI1tc9hqRBB0
2ua/g4c34vIfQVRUH+0dqIvrt/D4o+Y25MJAaog2iHstmIbNoxdetMZkeTIXoaVV
k41I0apGv98ENoU0Li/lAjOxI6RXFsDBLdWjFxxz1IRrQOz1QM9oq/9oMyyCjh2q
M+LfeCUL7/OJZMZOzIjlZIzm3vgm3LO+1s6DE5Yq9fSGJRn3bY5ggg2ZXWJ+3/ig
+YXzrBzjU0orGuPpeAlR1dI0ry6lFmyP48d0mrChRTgsQpdGOnqQF6l4iTcusBAz
WAg/BoTY5qZ5zIL8xwCV8e29PhJGFOQcUaLik9tJEGgTEh24B41E6cAmzBQokv1E
DLxKKY0=
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:32:13 2025 by rpki-client