Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/B10F5E8E557511EF9F54A83AC4F9AE02.roa
File: B10F5E8E557511EF9F54A83AC4F9AE02.roa (raw, json)
Hash identifier: fJXSNAQS8vlbmgMKEBlnbzHelAPUOsNvgV8P9k63F0Y=
Subject key identifier: 73:1F:6B:D4:36:3A:3A:A8:49:A0:3A:9C:22:AF:BB:19:9E:A5:B4:F1
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 04FB
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/B10F5E8E557511EF9F54A83AC4F9AE02.roa
Signing time: Tue 21 Jan 2025 09:32:06 +0000
ROA not before: Tue 21 Jan 2025 09:32:06 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 135918
IP address blocks: 157.66.100.0/23 maxlen: 23
157.66.218.0/23 maxlen: 23
160.22.122.0/23 maxlen: 23
160.25.232.0/23 maxlen: 23
160.191.48.0/23 maxlen: 23
160.191.50.0/23 maxlen: 23
160.191.236.0/23 maxlen: 23
160.250.130.0/23 maxlen: 23
160.250.134.0/23 maxlen: 23
160.250.136.0/23 maxlen: 23
160.250.246.0/23 maxlen: 23
161.248.146.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1275 (0x4fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Validity
Not Before: Jan 21 09:32:06 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=678f6995-6172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:88:81:61:f4:dd:9b:e8:f1:9c:a0:3c:9c:ae:
27:58:d3:ca:c2:8d:e3:25:ee:59:d2:67:f6:78:2c:
d8:5a:63:1b:96:50:c5:12:e8:f0:dc:92:e2:85:d3:
22:9e:cb:e8:39:cd:94:99:13:5d:87:f7:41:31:f4:
de:67:47:07:3f:2a:45:a6:6f:57:bb:62:03:1b:bf:
8a:7a:ab:7b:4c:2d:e1:93:df:d8:f9:7c:b0:4a:02:
db:e3:bc:79:20:24:dc:91:8e:76:04:08:22:1a:c7:
74:12:2d:ca:9d:5e:0c:85:26:8e:46:50:d5:2c:1e:
3c:89:99:ae:6a:b2:5b:87:60:a2:3d:17:6c:b4:54:
0e:8c:8f:88:11:0c:a4:b5:0c:e2:35:13:c5:90:0c:
6a:6e:31:79:cd:30:5f:7f:08:62:19:b8:2b:12:8c:
df:68:2a:47:01:3b:3a:d2:9e:a4:ef:ea:9a:78:a6:
d4:f5:df:60:b2:2b:9d:5d:c7:73:2d:e3:8e:c5:c5:
18:b7:9a:b0:d7:9c:4c:98:99:99:6e:73:cc:5c:40:
31:52:ee:01:65:34:71:c7:36:d6:55:a5:bc:55:2c:
07:59:ef:65:41:e0:2e:60:45:3f:ff:fe:ea:ea:f9:
d6:e3:b1:01:2a:4b:7f:f6:da:18:cc:25:88:a9:69:
ad:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:1F:6B:D4:36:3A:3A:A8:49:A0:3A:9C:22:AF:BB:19:9E:A5:B4:F1
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/B10F5E8E557511EF9F54A83AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.66.100.0/23
157.66.218.0/23
160.22.122.0/23
160.25.232.0/23
160.191.48.0/22
160.191.236.0/23
160.250.130.0/23
160.250.134.0-160.250.137.255
160.250.246.0/23
161.248.146.0/23
Signature Algorithm: sha256WithRSAEncryption
45:19:c4:b6:1d:53:6f:24:e0:3b:4d:76:e7:68:28:58:97:ba:
12:8c:5f:b9:84:09:64:06:d8:a6:bb:0c:8b:df:6c:89:01:98:
42:c2:75:59:cc:e3:0f:23:0a:15:d5:9c:67:99:2d:f7:5d:63:
34:7a:2f:dc:bf:4f:2c:bf:50:36:df:af:82:7e:f1:07:cc:78:
0d:1d:00:71:70:58:a3:44:b5:87:e5:74:14:6d:56:26:b9:e4:
20:7f:ab:d8:02:0f:8e:5e:3e:e0:75:f0:b4:c9:af:59:2d:51:
b0:a6:1d:d9:51:19:58:00:4b:f6:84:27:46:ca:04:9d:44:00:
d5:28:b3:5d:6d:b5:d7:d6:77:c4:01:1e:10:ee:84:a9:a9:80:
be:1c:eb:7e:7d:cc:3f:90:e0:01:d1:e0:78:fd:9c:09:82:21:
de:d0:aa:44:5c:07:76:df:ba:25:67:41:a3:5a:a2:26:8d:50:
2e:fc:72:de:d7:28:2b:6a:97:b0:9f:34:76:c0:e3:12:25:6d:
45:b5:0d:43:cd:15:15:0a:0b:c9:f0:9c:69:7d:90:1f:71:f5:
48:d1:6f:32:73:7e:dc:6f:6d:c1:ae:ac:6e:5b:6d:6e:b5:8a:
43:8f:63:41:ba:6d:d2:e2:96:af:f3:14:e3:7e:c2:19:d8:4a:
42:3f:36:ee
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgICBPswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjUwMTIxMDkzMjA2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhmNjk5NS02MTcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzIiBYfTdm+jxnKA8nK4nWNPKwo3jJe5Z0mf2eCzYWmMbllDFEujw3JLihdMi
nsvoOc2UmRNdh/dBMfTeZ0cHPypFpm9Xu2IDG7+Keqt7TC3hk9/Y+XywSgLb47x5
ICTckY52BAgiGsd0Ei3KnV4MhSaORlDVLB48iZmuarJbh2CiPRdstFQOjI+IEQyk
tQziNRPFkAxqbjF5zTBffwhiGbgrEozfaCpHATs60p6k7+qaeKbU9d9gsiudXcdz
LeOOxcUYt5qw15xMmJmZbnPMXEAxUu4BZTRxxzbWVaW8VSwHWe9lQeAuYEU///7q
6vnW47EBKkt/9toYzCWIqWmtAQIDAQABo4IC0zCCAs8wHQYDVR0OBBYEFHMfa9Q2
OjqoSaA6nCKvuxmepbTxMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvQjEwRjVFOEU1
NTc1MTFFRjlGNTRBODNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXQYIKwYBBQUHAQcBAf8E
TjBMMEoEAgABMEQDBAGdQmQDBAGdQtoDBAGgFnoDBAGgGegDBAKgvzADBAGgv+wD
BAGg+oIwDAMEAaD6hgMEAaD6iAMEAaD69gMEAaH4kjANBgkqhkiG9w0BAQsFAAOC
AQEARRnEth1TbyTgO01252goWJe6EoxfuYQJZAbYprsMi99siQGYQsJ1WczjDyMK
FdWcZ5kt911jNHov3L9PLL9QNt+vgn7xB8x4DR0AcXBYo0S1h+V0FG1WJrnkIH+r
2AIPjl4+4HXwtMmvWS1RsKYd2VEZWABL9oQnRsoEnUQA1SizXW2119Z3xAEeEO6E
qamAvhzrfn3MP5DgAdHgeP2cCYIh3tCqRFwHdt+6JWdBo1qiJo1QLvxy3tcoK2qX
sJ80dsDjEiVtRbUNQ80VFQoLyfCcaX2QH3H1SNFvMnN+3G9twa6sblttbrWKQ49j
Qbpt0uKWr/MU437CGdhKQj827g==
-----END CERTIFICATE-----
Generated at Tue Apr 29 07:19:19 2025 by rpki-client