Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/BD3F9B2CB9F511EEA9136568C4F9AE02.roa
File: BD3F9B2CB9F511EEA9136568C4F9AE02.roa (raw, json)
Hash identifier: n7WPU0mJDN9BwPQ1LP+ttCIpcTFphW/51Bb80EMGWr0=
Subject key identifier: F1:37:F0:43:B0:A5:33:76:ED:23:21:F4:21:A6:8F:4B:18:E9:C3:6A
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 045D
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/BD3F9B2CB9F511EEA9136568C4F9AE02.roa
Signing time: Tue 03 Dec 2024 03:10:06 +0000
ROA not before: Tue 03 Dec 2024 03:10:06 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 140815
IP address blocks: 157.10.170.0/23 maxlen: 24
157.10.196.0/23 maxlen: 24
157.10.202.0/23 maxlen: 24
157.20.224.0/23 maxlen: 24
157.66.162.0/23 maxlen: 24
157.66.194.0/23 maxlen: 24
157.66.196.0/23 maxlen: 24
160.22.158.0/23 maxlen: 24
160.25.82.0/23 maxlen: 24
160.25.84.0/23 maxlen: 24
160.25.206.0/23 maxlen: 24
160.30.48.0/23 maxlen: 24
160.191.34.0/23 maxlen: 24
160.191.112.0/23 maxlen: 24
160.250.62.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1117 (0x45d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Dec 3 03:10:06 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=674e768e-8808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:81:a3:36:8f:7a:cd:fa:24:77:6e:29:15:d7:
5e:38:15:2f:36:d4:0c:16:1e:48:30:7f:c9:9d:ab:
65:c8:67:bb:18:b8:2d:b2:67:29:b7:4c:87:9d:be:
d4:46:e2:3b:a3:8a:08:d4:36:8f:c4:18:54:f4:db:
11:14:1b:25:6c:36:4c:ff:f3:58:63:ae:04:c0:38:
93:0d:c0:03:cc:12:52:80:24:80:c2:fd:1c:82:f1:
7c:4e:85:f4:f2:4b:2d:3c:0d:2b:eb:2c:01:cd:e0:
c5:91:2b:3e:c9:ca:04:e5:c5:15:3e:61:44:66:70:
d1:1c:18:d7:ff:d7:ab:b2:83:7f:4b:5c:b5:9a:45:
a4:ed:2a:2d:db:ee:f1:d9:67:20:2e:32:94:13:66:
c1:7c:d3:9a:c8:f2:12:06:8d:83:43:9e:95:39:2e:
83:72:f8:bf:82:7d:08:c4:0b:80:a2:0d:06:56:05:
d5:87:85:cd:5a:10:f2:d7:13:2c:b8:02:a3:9c:25:
c8:6e:71:61:60:4a:68:86:c9:28:78:ad:a9:11:e7:
e6:b8:df:5b:9c:64:46:31:c5:58:92:e1:39:5a:49:
32:3d:3c:2d:6d:51:91:c5:f8:61:e5:95:c4:83:b5:
bd:e4:f1:97:00:aa:cb:16:34:eb:37:e6:c8:85:e6:
ab:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:37:F0:43:B0:A5:33:76:ED:23:21:F4:21:A6:8F:4B:18:E9:C3:6A
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/BD3F9B2CB9F511EEA9136568C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.170.0/23
157.10.196.0/23
157.10.202.0/23
157.20.224.0/23
157.66.162.0/23
157.66.194.0-157.66.197.255
160.22.158.0/23
160.25.82.0-160.25.85.255
160.25.206.0/23
160.30.48.0/23
160.191.34.0/23
160.191.112.0/23
160.250.62.0/23
Signature Algorithm: sha256WithRSAEncryption
40:5a:4a:2f:99:a1:cb:0f:8d:8f:06:d3:32:7c:df:00:6d:c9:
7b:15:3a:c2:62:28:70:28:28:46:cf:6f:2e:d5:83:bf:66:f6:
63:49:69:18:b4:97:a1:87:6d:80:dc:81:33:6c:fb:8b:3b:a2:
01:41:f8:1d:29:ee:c8:4f:57:d3:d1:ec:cb:90:4c:07:1a:10:
15:4d:59:84:b5:a6:a2:7d:8d:cc:47:a8:e0:c1:c7:a9:af:78:
68:93:08:81:45:68:05:47:51:8a:54:54:f5:b3:e1:b4:a3:35:
e5:9f:77:d6:c2:40:f9:c2:2a:59:fe:34:9d:e6:a1:6b:20:df:
80:9d:eb:61:5d:4d:d4:83:0c:91:f2:18:b9:5d:33:af:48:65:
fd:40:ce:0b:90:ec:6e:41:51:62:2b:01:7f:ef:5a:e9:cd:69:
e6:35:d5:3e:34:96:9f:5e:6a:a6:08:30:ed:53:84:da:8b:bb:
4f:da:bb:44:c0:63:67:e2:e8:c1:14:67:3d:2d:2d:7f:ec:76:
e0:22:56:d8:3c:9d:ff:32:a9:c8:9e:49:df:6d:cb:d9:cf:cb:
4f:bb:ce:32:c2:ba:81:1c:d2:24:96:59:52:47:c0:4d:44:cb:
ba:af:83:b6:04:5f:7e:ed:d7:56:22:ca:cc:fe:fc:2f:1f:3f:
eb:e8:bd:ab
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgICBF0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjQxMjAzMDMxMDA2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRlNzY4ZS04ODA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9YGjNo96zfokd24pFddeOBUvNtQMFh5IMH/JnatlyGe7GLgtsmcpt0yHnb7U
RuI7o4oI1DaPxBhU9NsRFBslbDZM//NYY64EwDiTDcADzBJSgCSAwv0cgvF8ToX0
8kstPA0r6ywBzeDFkSs+ycoE5cUVPmFEZnDRHBjX/9ersoN/S1y1mkWk7Sot2+7x
2WcgLjKUE2bBfNOayPISBo2DQ56VOS6Dcvi/gn0IxAuAog0GVgXVh4XNWhDy1xMs
uAKjnCXIbnFhYEpohskoeK2pEefmuN9bnGRGMcVYkuE5WkkyPTwtbVGRxfhh5ZXE
g7W95PGXAKrLFjTrN+bIhearMwIDAQABo4IC7TCCAukwHQYDVR0OBBYEFPE38EOw
pTN27SMh9CGmj0sY6cNqMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvQkQzRjlCMkNC
OUY1MTFFRUE5MTM2NTY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdwYIKwYBBQUHAQcBAf8E
aDBmMGQEAgABMF4DBAGdCqoDBAGdCsQDBAGdCsoDBAGdFOADBAGdQqIwDAMEAZ1C
wgMEAZ1CxAMEAaAWnjAMAwQBoBlSAwQBoBlUAwQBoBnOAwQBoB4wAwQBoL8iAwQB
oL9wAwQBoPo+MA0GCSqGSIb3DQEBCwUAA4IBAQBAWkovmaHLD42PBtMyfN8Abcl7
FTrCYihwKChGz28u1YO/ZvZjSWkYtJehh22A3IEzbPuLO6IBQfgdKe7IT1fT0ezL
kEwHGhAVTVmEtaaifY3MR6jgwcepr3hokwiBRWgFR1GKVFT1s+G0ozXln3fWwkD5
wipZ/jSd5qFrIN+AnethXU3UgwyR8hi5XTOvSGX9QM4LkOxuQVFiKwF/71rpzWnm
NdU+NJafXmqmCDDtU4Tai7tP2rtEwGNn4ujBFGc9LS1/7HbgIlbYPJ3/MqnInknf
bcvZz8tPu84ywrqBHNIklllSR8BNRMu6r4O2BF9+7ddWIsrM/vwvHz/r6L2r
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:42:21 2025 by rpki-client