Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917530D/DD7E091CB64B11EE91463760C4F9AE02/A97CBD42A06611EFA888B57DC4F9AE02.roa
File: A97CBD42A06611EFA888B57DC4F9AE02.roa (raw, json)
Hash identifier: OkMxv7XekaJRzIADvdpn5P9SXPrJlEJXm6uXiRNfcN4=
Subject key identifier: 29:E7:F6:73:DE:28:38:74:FA:55:07:7C:09:93:71:62:4B:8F:F9:A5
Certificate issuer: /CN=A917530D/serialNumber=B3992F0D49BAF6A36FDA658E5B459469521E5B44
Certificate serial: B4
Authority key identifier: B3:99:2F:0D:49:BA:F6:A3:6F:DA:65:8E:5B:45:94:69:52:1E:5B:44
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/s5kvDUm69qNv2mWOW0WUaVIeW0Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917530D/DD7E091CB64B11EE91463760C4F9AE02/A97CBD42A06611EFA888B57DC4F9AE02.roa
Signing time: Mon 02 Dec 2024 00:38:50 +0000
ROA not before: Mon 02 Dec 2024 00:38:50 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 152333
IP address blocks: 157.10.226.0/23 maxlen: 23
157.10.226.0/24 maxlen: 24
157.10.227.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 180 (0xb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917530D/serialNumber=B3992F0D49BAF6A36FDA658E5B459469521E5B44
Validity
Not Before: Dec 2 00:38:50 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=674d019a-88d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:85:db:5e:10:d0:af:8a:fe:94:13:9b:a4:1d:
88:e8:24:51:16:0c:b1:ed:9e:ea:77:b3:d5:ce:25:
9a:ed:18:76:65:41:19:cf:1a:86:8b:32:e3:65:2d:
d3:fb:e4:33:f6:d5:aa:09:dc:5d:0c:12:4d:08:58:
c5:bb:53:6b:35:02:b4:9f:8d:67:f1:5d:8a:ae:6c:
51:7a:c7:1e:9c:3c:6c:3a:93:0b:99:69:dc:35:ad:
cf:f5:89:4c:e6:02:de:1f:bf:c4:6d:a7:f7:55:0d:
b0:10:2b:78:99:0a:bd:74:e9:c5:db:6a:22:32:31:
cf:69:c0:21:8c:56:10:37:54:0d:b8:a9:60:29:a7:
ee:66:e6:dc:83:b9:8e:49:06:b1:1d:8a:9c:23:fc:
35:14:88:ce:ef:56:54:27:66:b5:96:a8:d0:78:53:
86:7e:10:9d:c0:b8:9e:85:32:24:02:89:a6:10:c9:
0d:55:7c:b4:be:6c:eb:a1:69:88:eb:c5:0c:5f:fd:
8e:76:45:b7:e9:ac:b5:ff:01:68:8d:6e:9c:a2:cf:
c6:6a:68:ff:8f:96:a7:1c:e5:fa:e4:d8:00:88:70:
06:3e:2b:df:df:85:ef:ea:ee:82:fd:f6:c3:37:14:
ae:72:10:43:1c:f3:f6:b5:7e:62:1a:e2:0d:04:0d:
46:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:E7:F6:73:DE:28:38:74:FA:55:07:7C:09:93:71:62:4B:8F:F9:A5
X509v3 Authority Key Identifier:
keyid:B3:99:2F:0D:49:BA:F6:A3:6F:DA:65:8E:5B:45:94:69:52:1E:5B:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917530D/DD7E091CB64B11EE91463760C4F9AE02/s5kvDUm69qNv2mWOW0WUaVIeW0Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/s5kvDUm69qNv2mWOW0WUaVIeW0Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917530D/DD7E091CB64B11EE91463760C4F9AE02/A97CBD42A06611EFA888B57DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.226.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:aa:5a:41:22:f4:c5:dc:29:9e:0f:ff:f2:f3:9d:60:ee:58:
b4:9c:35:e0:a0:37:ef:c7:cc:7d:82:70:d6:eb:70:99:07:42:
ac:b2:58:6b:31:4d:52:2d:50:54:7d:27:d4:1e:e0:f3:fb:7c:
53:78:e3:87:97:b5:99:30:d6:10:a6:18:4e:74:38:46:bb:80:
68:60:e6:23:93:37:93:25:6a:4b:bc:14:e8:6c:21:83:5d:8c:
72:f3:67:d8:b5:8e:42:37:0b:bb:8a:86:a0:1f:f6:ba:ec:23:
ce:f9:53:bb:36:b3:28:b5:37:e2:17:03:e6:45:eb:41:fb:34:
e8:e7:46:1e:5e:a7:e0:bd:ee:76:89:1d:59:4e:86:bc:7b:39:
db:bd:83:ae:c4:fb:aa:88:3a:86:ed:50:16:1a:b1:bf:a1:83:
06:7a:b8:67:f8:a5:92:08:81:77:f0:d3:ad:a5:41:8c:25:07:
be:d9:cd:d8:84:14:d7:02:51:1f:1f:d3:30:ca:3f:4b:73:40:
fc:d3:cf:a2:3b:5b:0f:be:64:54:31:cf:fa:78:8b:51:62:63:
4c:7b:7b:4a:a2:8d:6c:a7:1f:0a:b6:db:f9:b4:b7:a5:b7:be:
a3:0c:d7:65:a5:44:1e:34:cb:35:60:45:fe:03:51:97:f7:78:
19:19:e2:12
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICALQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzUzMEQxMTAvBgNVBAUTKEIzOTkyRjBENDlCQUY2QTM2RkRBNjU4RTVCNDU5NDY5
NTIxRTVCNDQwHhcNMjQxMjAyMDAzODUwWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRkMDE5YS04OGQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvYXbXhDQr4r+lBObpB2I6CRRFgyx7Z7qd7PVziWa7Rh2ZUEZzxqGizLjZS3T
++Qz9tWqCdxdDBJNCFjFu1NrNQK0n41n8V2KrmxRescenDxsOpMLmWncNa3P9YlM
5gLeH7/Ebaf3VQ2wECt4mQq9dOnF22oiMjHPacAhjFYQN1QNuKlgKafuZubcg7mO
SQaxHYqcI/w1FIjO71ZUJ2a1lqjQeFOGfhCdwLiehTIkAommEMkNVXy0vmzroWmI
68UMX/2OdkW36ay1/wFojW6cos/Gamj/j5anHOX65NgAiHAGPivf34Xv6u6C/fbD
NxSuchBDHPP2tX5iGuINBA1G5QIDAQABo4IClTCCApEwHQYDVR0OBBYEFCnn9nPe
KDh0+lUHfAmTcWJLj/mlMB8GA1UdIwQYMBaAFLOZLw1Juvajb9pljltFlGlSHltE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTMwRC9ERDdFMDkxQ0I2
NEIxMUVFOTE0NjM3NjBDNEY5QUUwMi9zNWt2RFVtNjlxTnYybVdPVzBXVWFWSWVX
MFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3M1a3ZEVW02OXFOdjJtV09XMFdVYVZJZVcwUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzUzMEQvREQ3RTA5MUNCNjRCMTFFRTkxNDYzNzYwQzRGOUFFMDIvQTk3Q0JENDJB
MDY2MTFFRkE4ODhCNTdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGdCuIwDQYJKoZIhvcNAQELBQADggEBAJ2qWkEi9MXcKZ4P
//LznWDuWLScNeCgN+/HzH2CcNbrcJkHQqyyWGsxTVItUFR9J9Qe4PP7fFN444eX
tZkw1hCmGE50OEa7gGhg5iOTN5Mlaku8FOhsIYNdjHLzZ9i1jkI3C7uKhqAf9rrs
I875U7s2syi1N+IXA+ZF60H7NOjnRh5ep+C97naJHVlOhrx7Odu9g67E+6qIOobt
UBYasb+hgwZ6uGf4pZIIgXfw062lQYwlB77ZzdiEFNcCUR8f0zDKP0tzQPzTz6I7
Ww++ZFQxz/p4i1FiY0x7e0qijWynHwq22/m0t6W3vqMM12WlRB40yzVgRf4DUZf3
eBkZ4hI=
-----END CERTIFICATE-----
Generated at Sun Apr 27 19:13:50 2025 by rpki-client