Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/6236FEC6C2BB11EFB6DDD916C4F9AE02.roa
File: 6236FEC6C2BB11EFB6DDD916C4F9AE02.roa (raw, json)
Hash identifier: cEzOEfD+jfaFKDml9cZhpWdtNC4dltZ/TOVD0D9PBzo=
Subject key identifier: AC:24:99:37:29:26:37:91:1D:2E:11:56:A4:1A:B0:79:82:63:9C:B1
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 04B7
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/6236FEC6C2BB11EFB6DDD916C4F9AE02.roa
Signing time: Wed 25 Dec 2024 12:25:53 +0000
ROA not before: Wed 25 Dec 2024 12:25:53 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 152935
IP address blocks: 160.250.166.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1207 (0x4b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Validity
Not Before: Dec 25 12:25:53 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=676bf9d1-fe46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e4:04:dd:90:6e:49:56:93:39:37:eb:39:1c:
62:fb:88:33:a7:9c:31:6f:7e:7a:5d:aa:1b:a5:47:
34:cf:b5:42:bd:69:68:d4:63:3f:32:00:dd:29:e8:
97:48:91:91:c3:80:80:33:17:b8:fa:d0:6f:f1:5d:
98:9d:fe:c8:f7:df:3c:51:82:6e:c1:f3:87:c7:1e:
93:b1:32:95:79:da:64:e4:f8:20:6d:9e:fd:ee:3f:
31:72:e1:97:b8:b7:8b:ec:6c:c1:50:d5:36:cc:d6:
1e:f2:a0:a2:f5:f1:0b:4d:3a:47:05:c6:a1:d9:53:
06:b2:07:44:40:4d:9b:0d:e0:2a:67:d1:e0:bb:8a:
9d:09:4d:69:03:4f:28:52:34:11:20:7f:73:27:10:
05:68:fb:13:ac:18:0d:7a:cb:72:98:59:ec:e5:e6:
49:61:d9:f1:cc:9b:9e:b3:53:30:1e:39:19:ae:b5:
b3:ee:e1:a8:b7:bd:a6:c8:30:04:be:bc:7e:4a:78:
e5:2d:31:0e:7a:6a:e9:9b:77:c4:8d:1b:fb:5a:d1:
4e:6e:7d:c4:f9:34:11:24:7f:3e:18:ce:1e:0f:70:
47:aa:be:cc:01:10:f0:09:83:11:a0:e8:a7:f1:ec:
17:1c:b8:ee:68:03:f1:1a:8c:43:4c:b5:59:50:ea:
fc:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:24:99:37:29:26:37:91:1D:2E:11:56:A4:1A:B0:79:82:63:9C:B1
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/6236FEC6C2BB11EFB6DDD916C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.250.166.0/23
Signature Algorithm: sha256WithRSAEncryption
aa:78:4c:8c:aa:19:68:f1:40:39:33:5f:95:e4:86:12:7b:fc:
5e:4d:f9:34:0d:88:7f:51:6a:d4:97:ff:da:c4:5b:f3:5f:aa:
51:53:13:32:6f:46:9e:a3:9b:0b:c1:26:fd:33:1b:cc:69:9b:
20:76:9c:ae:6a:17:16:2d:21:7a:c9:12:57:52:42:c9:ad:50:
3a:96:fc:d0:47:77:c6:94:a1:a4:08:66:80:f1:50:a7:5d:ce:
76:4f:be:8e:24:f4:01:d6:49:25:da:63:eb:fc:cd:28:58:4a:
fe:7f:76:50:dd:42:66:6c:6c:55:92:1f:dc:ff:2c:0d:35:df:
ce:bd:b3:b0:d7:af:4c:92:23:65:17:a3:59:57:be:a4:d9:52:
85:52:68:b8:78:93:ea:7b:33:04:01:cc:bb:be:d9:64:c5:d3:
1c:87:49:64:18:38:37:82:4b:ed:df:33:e4:4d:43:89:27:45:
38:2c:f1:b1:cb:17:a9:17:ca:66:4f:c6:08:15:d9:a9:ac:60:
bd:40:0d:11:14:c5:e4:0e:3f:27:f3:5b:4d:49:a7:72:51:24:
e3:21:a4:ee:09:a3:bb:cc:39:a2:10:65:3f:e3:5a:4c:10:1c:
a9:eb:fd:96:9e:7f:a0:d5:a0:17:2d:1b:ea:44:ec:97:c1:41:
e7:3c:50:85
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBLcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjQxMjI1MTIyNTUzWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZiZjlkMS1mZTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2OQE3ZBuSVaTOTfrORxi+4gzp5wxb356XaobpUc0z7VCvWlo1GM/MgDdKeiX
SJGRw4CAMxe4+tBv8V2Ynf7I9988UYJuwfOHxx6TsTKVedpk5PggbZ797j8xcuGX
uLeL7GzBUNU2zNYe8qCi9fELTTpHBcah2VMGsgdEQE2bDeAqZ9Hgu4qdCU1pA08o
UjQRIH9zJxAFaPsTrBgNestymFns5eZJYdnxzJues1MwHjkZrrWz7uGot72myDAE
vrx+SnjlLTEOemrpm3fEjRv7WtFObn3E+TQRJH8+GM4eD3BHqr7MARDwCYMRoOin
8ewXHLjuaAPxGoxDTLVZUOr8qQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKwkmTcp
JjeRHS4RVqQasHmCY5yxMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvNjIzNkZFQzZD
MkJCMTFFRkI2REREOTE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGg+qYwDQYJKoZIhvcNAQELBQADggEBAKp4TIyqGWjxQDkz
X5XkhhJ7/F5N+TQNiH9RatSX/9rEW/NfqlFTEzJvRp6jmwvBJv0zG8xpmyB2nK5q
FxYtIXrJEldSQsmtUDqW/NBHd8aUoaQIZoDxUKddznZPvo4k9AHWSSXaY+v8zShY
Sv5/dlDdQmZsbFWSH9z/LA013869s7DXr0ySI2UXo1lXvqTZUoVSaLh4k+p7MwQB
zLu+2WTF0xyHSWQYODeCS+3fM+RNQ4knRTgs8bHLF6kXymZPxggV2amsYL1ADREU
xeQOPyfzW01Jp3JRJOMhpO4Jo7vMOaIQZT/jWkwQHKnr/Zaef6DVoBctG+pE7JfB
Qec8UIU=
-----END CERTIFICATE-----
Generated at Sun Apr 27 15:40:36 2025 by rpki-client