Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/88D9D8BA2E0411EF87801679C4F9AE02.roa
File: 88D9D8BA2E0411EF87801679C4F9AE02.roa (raw, json)
Hash identifier: XhWhTaUTIT60m3nl7+QgY4+Oq0UzvLBPkserScqVppg=
Subject key identifier: C3:2D:70:B4:D1:20:C6:AA:6F:B1:10:42:42:AD:3D:75:71:C7:FF:53
Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Certificate serial: 1A5B
Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/88D9D8BA2E0411EF87801679C4F9AE02.roa
Signing time: Wed 19 Jun 2024 06:24:08 +0000
ROA not before: Wed 19 Jun 2024 06:24:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 152572
IP address blocks: 157.66.178.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6747 (0x1a5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Validity
Not Before: Jun 19 06:24:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66727988-b7c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c1:52:40:f4:2e:7b:0a:70:04:c1:a9:72:60:
ba:c2:72:9e:1e:fc:ec:8d:60:78:79:e2:55:3a:0d:
b3:9e:8a:ac:10:28:7b:d0:8b:19:7d:90:36:ca:2b:
e7:9f:f4:55:e3:d9:8c:62:4c:3d:14:20:90:1d:37:
28:28:d1:0e:82:9a:fc:75:25:55:08:ec:15:e8:5c:
c8:4a:8c:a6:99:c0:f3:79:a9:e1:67:08:f5:02:63:
cc:d9:c8:25:ff:5a:39:71:3d:e0:19:b5:74:e4:b9:
f7:1b:e6:43:fa:40:ee:a8:93:99:09:fa:75:c4:bc:
07:11:fa:34:8b:5d:18:6e:97:f8:32:31:7e:b0:97:
4c:93:8a:ed:6b:99:bc:94:5c:35:fc:f0:75:ba:bb:
d8:8a:74:f1:81:80:0b:ce:de:7f:ab:31:1d:b2:30:
cf:b8:5f:32:33:bb:a2:b0:b3:3f:7d:2d:96:9a:b1:
52:e7:16:8c:47:5f:aa:98:0a:ed:a6:86:bb:cf:db:
35:10:d8:8a:9e:31:40:d1:07:b0:6b:cb:6e:f9:4d:
71:e1:7f:94:44:a4:33:11:4b:af:4e:e9:8b:92:f6:
aa:e0:8c:1c:34:69:a6:fe:6d:24:a9:c3:a2:89:e2:
fa:39:8b:2b:c1:54:e2:e9:4e:f3:6b:1a:20:9c:fc:
6b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:2D:70:B4:D1:20:C6:AA:6F:B1:10:42:42:AD:3D:75:71:C7:FF:53
X509v3 Authority Key Identifier:
keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/88D9D8BA2E0411EF87801679C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.66.178.0/23
Signature Algorithm: sha256WithRSAEncryption
99:1b:2e:83:85:d5:6d:ed:16:cb:42:14:2a:ba:cc:06:77:bb:
3d:b6:3b:bd:2a:bd:8f:0b:3a:34:97:e8:64:d0:62:ff:ae:a6:
0b:42:a1:d4:b2:c3:1b:c4:06:13:2a:38:71:7b:cc:ad:0c:a2:
d4:0b:cf:6e:19:92:b3:09:55:1d:6e:50:8a:fd:d0:2e:5a:31:
e8:2e:23:18:b3:c2:e9:0e:22:69:08:67:6a:fa:07:ff:a2:88:
ce:8f:dd:60:2e:f1:28:bf:9d:b7:1c:20:77:3a:ec:52:7f:df:
02:bd:58:98:4b:05:41:c9:b9:26:95:2c:c5:32:da:58:23:1d:
24:c8:6a:c0:a5:6b:f7:c2:3b:45:2e:28:54:a1:c8:d8:78:eb:
43:2b:b3:01:fc:7c:4e:04:1a:a0:0b:b2:09:31:3d:bf:c3:0c:
64:43:98:f9:47:7e:3c:de:cb:ac:7f:9d:8c:b6:42:c9:9d:24:
c0:9f:c9:b6:d4:33:04:76:af:23:41:94:42:5e:4d:05:9b:7e:
30:dc:4b:81:1b:74:22:91:98:75:5d:5c:2f:4d:33:3b:e4:be:
87:b6:ab:fb:31:ea:b5:99:66:49:34:46:78:d0:72:14:00:f4:
a7:cd:4d:56:f3:ed:dc:4d:5b:62:ee:82:ec:32:35:10:ba:cf:
d6:71:f1:a6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGlswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF
QkU2OTczRjkwHhcNMjQwNjE5MDYyNDA4WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjcyNzk4OC1iN2MyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu8FSQPQuewpwBMGpcmC6wnKeHvzsjWB4eeJVOg2znoqsECh70IsZfZA2yivn
n/RV49mMYkw9FCCQHTcoKNEOgpr8dSVVCOwV6FzISoymmcDzeanhZwj1AmPM2cgl
/1o5cT3gGbV05Ln3G+ZD+kDuqJOZCfp1xLwHEfo0i10Ybpf4MjF+sJdMk4rta5m8
lFw1/PB1urvYinTxgYALzt5/qzEdsjDPuF8yM7uisLM/fS2WmrFS5xaMR1+qmArt
poa7z9s1ENiKnjFA0Qewa8tu+U1x4X+URKQzEUuvTumLkvaq4IwcNGmm/m0kqcOi
ieL6OYsrwVTi6U7zaxognPxrfwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMMtcLTR
IMaqb7EQQkKtPXVxx/9TMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvODhEOUQ4QkEy
RTA0MTFFRjg3ODAxNjc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGdQrIwDQYJKoZIhvcNAQELBQADggEBAJkbLoOF1W3tFstC
FCq6zAZ3uz22O70qvY8LOjSX6GTQYv+upgtCodSywxvEBhMqOHF7zK0MotQLz24Z
krMJVR1uUIr90C5aMeguIxizwukOImkIZ2r6B/+iiM6P3WAu8Si/nbccIHc67FJ/
3wK9WJhLBUHJuSaVLMUy2lgjHSTIasCla/fCO0UuKFShyNh460MrswH8fE4EGqAL
sgkxPb/DDGRDmPlHfjzey6x/nYy2QsmdJMCfybbUMwR2ryNBlEJeTQWbfjDcS4Eb
dCKRmHVdXC9NMzvkvoe2q/sx6rWZZkk0RnjQchQA9KfNTVbz7dxNW2LuguwyNRC6
z9Zx8aY=
-----END CERTIFICATE-----
Generated at Tue Apr 29 17:08:12 2025 by rpki-client