Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918E6B7/AE7D4D4E46AC11E996088348C4F9AE02/5EC43E1A213C11EE9DC66056C4F9AE02.roa
File: 5EC43E1A213C11EE9DC66056C4F9AE02.roa (raw, json)
Hash identifier: +BIl0WRLfLsKpfnz3iZ4Rc3b06FaqG+le22fYJBc22s=
Subject key identifier: A9:58:78:0E:A2:CA:08:F9:DD:75:D5:26:2A:7D:B6:8B:47:A6:A7:7A
Certificate issuer: /CN=A918E6B7/serialNumber=BE725484B8CD0D1D8D77ED87CCCEFADF793F4708
Certificate serial: 0F7D
Authority key identifier: BE:72:54:84:B8:CD:0D:1D:8D:77:ED:87:CC:CE:FA:DF:79:3F:47:08
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vnJUhLjNDR2Nd-2HzM7633k_Rwg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918E6B7/AE7D4D4E46AC11E996088348C4F9AE02/5EC43E1A213C11EE9DC66056C4F9AE02.roa
Signing time: Thu 02 May 2024 18:36:44 +0000
ROA not before: Thu 02 May 2024 18:36:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2764
IP address blocks: 147.76.28.0/24 maxlen: 24
147.76.52.0/24 maxlen: 24
147.76.53.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3965 (0xf7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918E6B7/serialNumber=BE725484B8CD0D1D8D77ED87CCCEFADF793F4708
Validity
Not Before: May 2 18:36:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6633dd3c-d47f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b8:cb:f3:57:7b:40:d8:37:0a:26:b1:2b:04:
6a:2a:e6:39:b8:0f:fa:f7:91:69:f2:cf:43:77:b3:
a0:79:52:35:16:ea:22:fd:c5:a8:98:7b:55:6e:a1:
a7:0c:1d:4e:5d:45:86:c2:79:01:f6:53:e9:57:03:
b4:60:32:7b:ea:f3:51:89:f0:78:ea:1e:c1:9f:6b:
ad:30:17:f2:62:42:ac:19:fb:5e:d6:c3:42:1d:a9:
de:64:3a:0b:29:e2:13:2c:e5:cf:37:85:a3:5a:1a:
a9:d4:26:d5:ea:4c:54:0b:18:52:24:ce:5d:99:72:
8d:d9:97:d0:01:88:90:9a:bd:11:1f:6a:9e:6e:3b:
a8:ae:06:6a:36:fc:9e:fd:90:48:46:53:4b:cf:3e:
bf:be:01:4f:ae:a7:9f:68:7e:47:21:ab:78:65:90:
a6:49:d7:da:23:35:a0:6c:66:eb:11:e0:fc:12:b7:
da:f7:de:e3:78:08:5e:17:a3:ea:8e:a5:d2:d6:29:
0a:d3:bc:7f:9a:ac:fc:db:75:30:92:59:1a:0c:83:
22:c8:bc:b7:4b:83:48:41:2b:01:f3:c3:1c:67:87:
fc:e3:f2:b1:67:66:25:08:a3:d7:df:8f:cc:02:d4:
4a:ae:a7:41:8d:c6:7b:fe:61:21:26:31:eb:29:c9:
81:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:58:78:0E:A2:CA:08:F9:DD:75:D5:26:2A:7D:B6:8B:47:A6:A7:7A
X509v3 Authority Key Identifier:
keyid:BE:72:54:84:B8:CD:0D:1D:8D:77:ED:87:CC:CE:FA:DF:79:3F:47:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918E6B7/AE7D4D4E46AC11E996088348C4F9AE02/vnJUhLjNDR2Nd-2HzM7633k_Rwg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vnJUhLjNDR2Nd-2HzM7633k_Rwg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E6B7/AE7D4D4E46AC11E996088348C4F9AE02/5EC43E1A213C11EE9DC66056C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
147.76.28.0/24
147.76.52.0/23
Signature Algorithm: sha256WithRSAEncryption
80:d2:c8:35:c2:c0:0a:a8:f6:b4:f5:da:b5:7f:6b:65:4b:a6:
15:64:64:d7:6e:47:9b:c5:4a:fa:16:6a:9e:31:d0:1f:57:97:
b9:a6:45:1c:0d:c9:fb:58:79:d5:e7:4c:75:4d:a1:68:c9:81:
af:e3:00:16:2a:16:4a:3e:e0:ff:52:fa:8f:5f:94:d1:8a:df:
ad:86:5c:44:7d:32:d5:e9:91:43:e1:0b:6c:9d:a5:65:63:59:
ed:8c:63:93:1a:3c:cd:7b:80:ef:1b:7f:9e:79:97:dc:8d:1f:
03:3d:b2:ad:d4:03:78:0d:3a:36:fb:16:6d:ec:e2:88:e5:61:
7c:e8:0f:e4:4e:fe:bc:95:e8:df:44:ce:28:d7:51:a6:20:03:
73:26:49:16:d3:53:ab:d6:85:c5:10:48:61:39:dc:7b:14:2c:
8a:e9:76:33:c5:c2:ba:ef:a8:c5:15:6a:ed:2f:89:f0:d6:a6:
1b:54:c6:50:ac:35:9c:0d:3a:5d:fa:d9:74:ea:3e:7a:ba:cb:
15:bd:52:86:d1:20:91:54:aa:d7:c6:d7:8a:3b:2f:91:32:2d:
2f:25:f8:c3:cd:60:cc:77:07:b1:19:ed:56:39:09:bc:49:c3:
19:68:ab:a3:58:3b:9b:b1:ce:b1:93:eb:83:c6:1c:d6:9c:9a:
b6:38:e6:ba
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICD30wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEU2QjcxMTAvBgNVBAUTKEJFNzI1NDg0QjhDRDBEMUQ4RDc3RUQ4N0NDQ0VGQURG
NzkzRjQ3MDgwHhcNMjQwNTAyMTgzNjQ0WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMzZGQzYy1kNDdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwbjL81d7QNg3CiaxKwRqKuY5uA/695Fp8s9Dd7OgeVI1Fuoi/cWomHtVbqGn
DB1OXUWGwnkB9lPpVwO0YDJ76vNRifB46h7Bn2utMBfyYkKsGfte1sNCHaneZDoL
KeITLOXPN4WjWhqp1CbV6kxUCxhSJM5dmXKN2ZfQAYiQmr0RH2qebjuorgZqNvye
/ZBIRlNLzz6/vgFPrqefaH5HIat4ZZCmSdfaIzWgbGbrEeD8Erfa997jeAheF6Pq
jqXS1ikK07x/mqz823UwklkaDIMiyLy3S4NIQSsB88McZ4f84/KxZ2YlCKPX34/M
AtRKrqdBjcZ7/mEhJjHrKcmBqQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKlYeA6i
ygj53XXVJip9totHpqd6MB8GA1UdIwQYMBaAFL5yVIS4zQ0djXfth8zO+t95P0cI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RTZCNy9BRTdENEQ0RTQ2
QUMxMUU5OTYwODgzNDhDNEY5QUUwMi92bkpVaExqTkRSMk5kLTJIek03NjMza19S
d2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3ZuSlVoTGpORFIyTmQtMkh6TTc2MzNrX1J3Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEU2QjcvQUU3RDRENEU0NkFDMTFFOTk2MDg4MzQ4QzRGOUFFMDIvNUVDNDNFMUEy
MTNDMTFFRTlEQzY2MDU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBACTTBwDBAGTTDQwDQYJKoZIhvcNAQELBQADggEBAIDSyDXC
wAqo9rT12rV/a2VLphVkZNduR5vFSvoWap4x0B9Xl7mmRRwNyftYedXnTHVNoWjJ
ga/jABYqFko+4P9S+o9flNGK362GXER9MtXpkUPhC2ydpWVjWe2MY5MaPM17gO8b
f555l9yNHwM9sq3UA3gNOjb7Fm3s4ojlYXzoD+RO/ryV6N9EzijXUaYgA3MmSRbT
U6vWhcUQSGE53HsULIrpdjPFwrrvqMUVau0vifDWphtUxlCsNZwNOl362XTqPnq6
yxW9UobRIJFUqtfG14o7L5EyLS8l+MPNYMx3B7EZ7VY5CbxJwxloq6NYO5uxzrGT
64PGHNacmrY45ro=
-----END CERTIFICATE-----
Generated at Sun Apr 27 18:13:03 2025 by rpki-client