Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/7BA39106F58A11EFA9C8FE1EC4F9AE02.roa
File: 7BA39106F58A11EFA9C8FE1EC4F9AE02.roa (raw, json)
Hash identifier: H7gxJ5YRoBk8TId28gANy+EaHR2i86Xj2hVR5kEsI0k=
Subject key identifier: 3D:AE:90:E8:25:34:F1:54:64:F4:AE:B1:80:A3:F2:7F:C0:23:8B:D9
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 0590
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/7BA39106F58A11EFA9C8FE1EC4F9AE02.roa
Signing time: Fri 21 Mar 2025 07:40:46 +0000
ROA not before: Fri 21 Mar 2025 07:40:46 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 152935
IP address blocks: 160.250.166.0/23 maxlen: 23
161.248.98.0/23 maxlen: 23
161.248.210.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1424 (0x590)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Mar 21 07:40:46 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67dd17fd-3256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:27:6a:ba:f0:4c:fc:ad:fd:4f:5d:b3:84:61:
3c:79:a0:8a:30:aa:6b:07:6c:71:7d:77:0a:a3:d0:
06:ae:b6:e1:94:c6:21:6c:5b:78:6a:0c:d7:7b:8f:
6c:a7:12:ea:a2:88:93:8a:96:a6:41:b8:63:7e:19:
f7:0c:46:5f:93:16:88:db:b3:11:76:a3:5b:a2:c2:
4c:2d:f8:e3:89:b8:f5:22:03:72:78:2d:20:17:af:
b0:85:85:c2:f3:d3:76:6a:01:45:1a:55:14:af:a1:
78:7c:2d:2a:46:be:a8:c4:4c:d6:29:47:5c:c6:2d:
32:f5:c8:5f:5c:ab:35:28:5b:e3:ef:6a:44:ab:9c:
2d:63:63:94:fd:59:b9:a4:00:14:9e:e9:b0:2c:43:
89:fa:39:f3:d6:19:5f:ef:f9:b3:01:a7:d2:62:24:
65:a9:8d:be:db:ab:d3:ea:5e:64:c8:29:a6:24:15:
54:06:54:dc:17:a2:2f:35:0d:d0:bb:6c:c3:b2:89:
c5:2e:f5:7a:40:41:25:79:54:83:4d:6a:e8:a5:33:
bf:22:14:bf:96:10:31:3e:b8:d2:76:95:81:4c:a4:
e8:10:64:bd:5d:19:63:64:86:7c:5d:5d:b2:c6:bf:
5d:4c:6e:14:50:ee:27:36:e1:a1:d4:4c:8c:0a:c4:
df:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:AE:90:E8:25:34:F1:54:64:F4:AE:B1:80:A3:F2:7F:C0:23:8B:D9
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/7BA39106F58A11EFA9C8FE1EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.250.166.0/23
161.248.98.0/23
161.248.210.0/23
Signature Algorithm: sha256WithRSAEncryption
80:d6:47:13:4d:5b:07:b3:ff:09:f2:cb:96:fa:95:84:64:4f:
bd:8b:b8:cb:5a:44:55:c2:3f:80:ea:97:41:5b:fa:7b:4d:e7:
70:28:2f:53:b0:44:8f:83:4a:29:5c:7f:2e:46:33:5e:e7:76:
7f:97:c8:78:3d:be:de:f1:6c:57:02:b1:56:b5:4f:3f:8c:f7:
e5:10:79:bc:c5:a1:03:65:cc:9d:41:1f:4a:12:06:c2:22:de:
c8:c2:8b:1c:e5:59:e0:9e:e6:31:58:10:f7:38:70:71:08:c5:
f2:ad:f8:80:64:ee:48:a7:5c:ca:39:a1:d0:ac:62:55:c6:d8:
90:af:31:aa:ee:4a:08:fc:8b:a4:8c:c6:5a:15:2d:7e:8d:7d:
88:e2:3d:56:fc:ee:0e:48:05:37:ac:3f:72:53:79:f6:5d:11:
18:dc:a4:1e:45:9c:77:71:1d:72:18:e5:1e:90:ff:c8:1d:9e:
8f:22:64:2e:dd:00:33:96:f0:a4:24:e7:4f:41:93:2e:2e:aa:
3f:b5:06:17:f8:c3:e4:00:e0:db:85:e8:7c:cb:a4:ad:93:6e:
7d:6f:20:0f:01:05:19:94:5e:33:b5:11:dc:ec:03:32:c9:2b:
67:ee:53:01:36:b6:64:b0:0b:7b:62:2d:98:0b:a9:92:2d:0a:
8b:68:56:60
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBZAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjUwMzIxMDc0MDQ2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RkMTdmZC0zMjU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsSdquvBM/K39T12zhGE8eaCKMKprB2xxfXcKo9AGrrbhlMYhbFt4agzXe49s
pxLqooiTipamQbhjfhn3DEZfkxaI27MRdqNbosJMLfjjibj1IgNyeC0gF6+whYXC
89N2agFFGlUUr6F4fC0qRr6oxEzWKUdcxi0y9chfXKs1KFvj72pEq5wtY2OU/Vm5
pAAUnumwLEOJ+jnz1hlf7/mzAafSYiRlqY2+26vT6l5kyCmmJBVUBlTcF6IvNQ3Q
u2zDsonFLvV6QEEleVSDTWropTO/IhS/lhAxPrjSdpWBTKToEGS9XRljZIZ8XV2y
xr9dTG4UUO4nNuGh1EyMCsTfKwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFD2ukOgl
NPFUZPSusYCj8n/AI4vZMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvN0JBMzkxMDZG
NThBMTFFRkE5QzhGRTFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAGg+qYDBAGh+GIDBAGh+NIwDQYJKoZIhvcNAQELBQADggEB
AIDWRxNNWwez/wnyy5b6lYRkT72LuMtaRFXCP4Dql0Fb+ntN53AoL1OwRI+DSilc
fy5GM17ndn+XyHg9vt7xbFcCsVa1Tz+M9+UQebzFoQNlzJ1BH0oSBsIi3sjCixzl
WeCe5jFYEPc4cHEIxfKt+IBk7kinXMo5odCsYlXG2JCvMaruSgj8i6SMxloVLX6N
fYjiPVb87g5IBTesP3JTefZdERjcpB5FnHdxHXIY5R6Q/8gdno8iZC7dADOW8KQk
509Bky4uqj+1Bhf4w+QA4NuF6HzLpK2Tbn1vIA8BBRmUXjO1EdzsAzLJK2fuUwE2
tmSwC3tiLZgLqZItCotoVmA=
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:51:32 2025 by rpki-client