Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6A70F6986C1611EE9E183B1EC4F9AE02.roa
File: 6A70F6986C1611EE9E183B1EC4F9AE02.roa (raw, json)
Hash identifier: 9SMqjIoB+OwaWi193rnZRF67+4QrgkbK7bIurVo7JWk=
Subject key identifier: 2A:6C:49:42:F4:0B:C9:3F:53:E6:E7:63:19:A6:7D:90:19:61:62:EE
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8936
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6A70F6986C1611EE9E183B1EC4F9AE02.roa
Signing time: Thu 30 May 2024 15:57:52 +0000
ROA not before: Thu 30 May 2024 15:57:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133962
IP address blocks: 157.119.208.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35126 (0x8936)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 30 15:57:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a200-cf70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:58:5b:95:16:2e:a7:d4:39:94:18:a8:98:87:
ea:3c:55:27:41:f8:02:63:f9:db:95:9a:95:82:e9:
0a:62:1b:06:5c:71:0f:3f:6a:f6:c9:ff:d9:34:76:
c4:97:9b:2f:e0:f6:6b:1f:75:4d:8a:be:09:3c:e2:
d2:2f:56:18:f1:db:e4:fb:0b:5c:76:f6:b1:f0:2c:
c1:bc:f2:77:44:be:c1:e2:cd:38:ce:01:18:97:6d:
55:a3:a4:4b:8d:f9:4b:94:ec:0d:69:06:6f:7d:a4:
49:9e:5d:ba:94:05:b6:6b:59:f3:3e:f6:df:95:0a:
df:96:cb:21:dc:82:7a:99:75:18:e7:e7:ab:8d:2d:
df:d8:f7:90:96:e9:a5:04:01:ef:db:2f:c8:1c:b7:
83:f3:8d:27:d1:dd:f7:b8:70:e7:3c:a5:9c:f7:7f:
77:53:8a:1a:42:91:0b:07:54:8d:4d:12:7c:f6:b1:
dd:f6:e8:60:e2:da:12:e9:74:ae:19:bc:55:cd:47:
f8:8e:e7:d5:a9:61:9e:7c:d4:dc:36:98:f8:2f:b8:
fe:f8:d8:ef:f8:ea:82:36:a4:ff:f3:71:b1:fb:d4:
4c:5a:f0:f2:63:d6:9c:be:2b:76:8b:60:2b:ab:d1:
8d:bd:ed:c2:ba:aa:84:01:50:ad:21:bd:0d:6e:64:
6e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:6C:49:42:F4:0B:C9:3F:53:E6:E7:63:19:A6:7D:90:19:61:62:EE
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6A70F6986C1611EE9E183B1EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.119.208.0/22
Signature Algorithm: sha256WithRSAEncryption
01:3b:d3:b8:26:a2:b4:c4:ff:d2:a9:ce:09:e4:1f:52:ee:c9:
0b:ed:d7:49:8e:7a:9a:f9:32:1d:43:04:59:79:27:3c:08:d5:
e4:7a:04:e8:83:94:fd:34:7d:d3:08:0c:4c:04:50:1a:a4:54:
72:03:81:bc:8e:cd:f2:98:63:10:9f:3c:62:af:9a:25:a6:c6:
a9:72:44:78:4c:a2:c9:28:d0:aa:27:77:c2:b8:28:17:12:39:
a3:bd:e5:ab:7c:ad:8f:28:8e:bb:63:d7:16:08:41:5e:c1:fb:
3c:87:f9:8c:2f:aa:ec:96:e3:1c:ea:c7:50:7c:3b:fe:85:f5:
9e:ab:eb:ff:85:e7:fe:36:af:ef:f6:17:85:ec:5c:a7:e8:cf:
76:92:e7:cc:cb:4d:59:da:8e:a4:8f:3d:46:54:31:04:c2:6a:
1d:8b:cf:dd:ca:d7:48:73:26:b2:7e:98:64:31:dc:15:1d:6c:
e5:e3:96:ca:a2:06:33:39:4b:22:1d:eb:70:30:b9:2a:6c:db:
26:e7:c9:0c:29:76:12:48:4e:62:76:a9:ca:3e:19:a5:cb:04:
d7:f6:8c:7a:d9:80:60:26:ec:22:05:fa:f6:cd:4a:3f:0c:e4:
b4:d1:8f:02:44:c5:90:57:cc:4b:93:b1:68:9a:20:5b:5a:b6:
16:43:be:23
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIDAIk2MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE1NTc1MloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGEyMDAtY2Y3MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFYW5UWLqfUOZQYqJiH6jxVJ0H4AmP525WalYLpCmIbBlxxDz9q9sn/2TR2
xJebL+D2ax91TYq+CTzi0i9WGPHb5PsLXHb2sfAswbzyd0S+weLNOM4BGJdtVaOk
S435S5TsDWkGb32kSZ5dupQFtmtZ8z7235UK35bLIdyCepl1GOfnq40t39j3kJbp
pQQB79svyBy3g/ONJ9Hd97hw5zylnPd/d1OKGkKRCwdUjU0SfPax3fboYOLaEul0
rhm8Vc1H+I7n1alhnnzU3DaY+C+4/vjY7/jqgjak//NxsfvUTFrw8mPWnL4rdotg
K6vRjb3twrqqhAFQrSG9DW5kbh0CAwEAAaOCApUwggKRMB0GA1UdDgQWBBQqbElC
9AvJP1Pm52MZpn2QGWFi7jAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzZBNzBGNjk4
NkMxNjExRUU5RTE4M0IxRUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQCnXfQMA0GCSqGSIb3DQEBCwUAA4IBAQABO9O4JqK0xP/S
qc4J5B9S7skL7ddJjnqa+TIdQwRZeSc8CNXkegTog5T9NH3TCAxMBFAapFRyA4G8
js3ymGMQnzxir5olpsapckR4TKLJKNCqJ3fCuCgXEjmjveWrfK2PKI67Y9cWCEFe
wfs8h/mML6rsluMc6sdQfDv+hfWeq+v/hef+Nq/v9heF7Fyn6M92kufMy01Z2o6k
jz1GVDEEwmodi8/dytdIcyayfphkMdwVHWzl45bKogYzOUsiHetwMLkqbNsm58kM
KXYSSE5idqnKPhmlywTX9ox62YBgJuwiBfr2zUo/DOS00Y8CRMWQV8xLk7FomiBb
WrYWQ74j
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:51:15 2025 by rpki-client