Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F08A5/D1503136C91B11EF887D6F2CC4F9AE02/4A4E595AC91C11EFB0DEB92DC4F9AE02.roa
File: 4A4E595AC91C11EFB0DEB92DC4F9AE02.roa (raw, json)
Hash identifier: thPY8I6rg3ajft74b6fKFrTIf+bwe+rluLyw0+xxZxY=
Subject key identifier: 19:34:B6:51:4E:DF:51:E4:2B:5A:F4:F3:FE:F6:F2:6B:3F:98:A0:AC
Certificate issuer: /CN=A91F08A5/serialNumber=85E8EE9A8D30528599062D08CB9CB9D513DF6BD7
Certificate serial: 07
Authority key identifier: 85:E8:EE:9A:8D:30:52:85:99:06:2D:08:CB:9C:B9:D5:13:DF:6B:D7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hejumo0wUoWZBi0Iy5y51RPfa9c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F08A5/D1503136C91B11EF887D6F2CC4F9AE02/4A4E595AC91C11EFB0DEB92DC4F9AE02.roa
Signing time: Sat 04 Jan 2025 13:23:52 +0000
ROA not before: Sat 04 Jan 2025 13:23:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 152678
IP address blocks: 119.160.214.0/24 maxlen: 24
119.160.215.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F08A5/serialNumber=85E8EE9A8D30528599062D08CB9CB9D513DF6BD7
Validity
Not Before: Jan 4 13:23:52 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67793668-c8ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:23:a7:fc:a5:9c:c1:1c:2f:e3:0b:67:e7:04:
06:0d:01:1f:68:a9:dd:8a:7f:b0:b5:6f:f6:f9:3f:
2a:0e:ea:6d:c3:1b:73:28:55:24:90:4e:40:6a:5c:
1a:2b:7c:2d:d4:a4:c0:c1:17:1f:d5:d3:2c:84:df:
b2:4b:6d:79:92:4c:dc:97:ff:a3:b3:eb:ed:8d:18:
7d:42:fa:2c:16:12:e8:88:e9:f8:83:04:68:61:bf:
89:9b:5a:29:95:4d:0e:2d:4c:cc:d3:cd:9b:db:1d:
25:f8:24:ee:1b:bb:6c:1f:b3:ec:de:1c:58:6a:05:
8b:06:85:21:d3:42:70:f5:1b:7b:b8:f7:e7:a0:90:
c7:09:08:b5:7f:44:c2:c6:41:5e:48:ce:ba:e7:d9:
a8:ee:36:10:1d:3a:81:1a:48:22:d2:21:bd:8c:0e:
65:ee:78:67:ab:23:96:62:92:40:f1:8a:7a:68:91:
a6:0a:d7:ed:20:e1:15:a9:98:8b:68:20:4f:e8:d7:
9e:24:fc:89:9d:f9:78:23:71:72:df:0a:24:2c:2c:
34:67:5e:3d:49:95:61:5f:80:0e:ca:6f:db:84:f4:
09:8f:fe:7e:ae:15:19:1f:55:43:06:8e:05:98:c8:
9a:a9:d8:bc:db:f6:82:58:09:4b:65:cb:2e:06:31:
a7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:34:B6:51:4E:DF:51:E4:2B:5A:F4:F3:FE:F6:F2:6B:3F:98:A0:AC
X509v3 Authority Key Identifier:
keyid:85:E8:EE:9A:8D:30:52:85:99:06:2D:08:CB:9C:B9:D5:13:DF:6B:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F08A5/D1503136C91B11EF887D6F2CC4F9AE02/hejumo0wUoWZBi0Iy5y51RPfa9c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hejumo0wUoWZBi0Iy5y51RPfa9c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F08A5/D1503136C91B11EF887D6F2CC4F9AE02/4A4E595AC91C11EFB0DEB92DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
119.160.214.0/23
Signature Algorithm: sha256WithRSAEncryption
30:82:05:b3:e5:73:ee:8d:d1:6a:20:6c:bd:bd:a3:2e:dd:26:
04:68:be:09:20:97:bf:3e:43:b8:58:a2:a5:c8:25:45:c1:2c:
2c:99:ea:de:22:c8:78:d3:a7:b6:ce:78:0c:ef:95:a7:3b:f4:
b5:45:51:da:ff:1f:ac:9e:c4:cc:35:ed:62:91:d1:e1:2a:e7:
be:0f:95:39:99:88:8c:43:42:4a:67:f0:3b:07:ed:fe:6b:6b:
62:3f:2a:a6:fd:b0:af:8f:c5:3b:4f:24:6b:39:0c:c6:27:bf:
9e:aa:e1:b6:83:36:36:d3:77:72:5f:6d:c6:5b:c0:6a:16:46:
a8:3a:65:82:f3:7a:ec:2a:28:d9:9f:1a:c2:fc:95:da:bd:0b:
95:19:9f:3b:b4:5b:fe:6c:2a:5b:82:89:9f:5f:fa:c4:7b:14:
46:bc:38:5a:bf:33:63:7d:06:e9:d7:6f:31:9c:7e:de:ee:0f:
ef:6f:14:ed:b0:a6:8e:6f:3d:0f:5f:49:d6:e5:db:75:7d:c8:
b4:f7:0d:3b:fb:b0:3b:b8:ef:a9:fc:d2:7b:cb:e8:a6:26:82:
8a:4b:25:d0:f9:8c:d1:e9:fa:d6:57:3e:a0:cf:45:dc:44:69:
03:f6:87:77:d9:7e:a7:e0:67:96:68:1e:96:fc:8e:b6:a3:b5:
4d:50:d0:2e
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
MDhBNTExMC8GA1UEBRMoODVFOEVFOUE4RDMwNTI4NTk5MDYyRDA4Q0I5Q0I5RDUx
M0RGNkJENzAeFw0yNTAxMDQxMzIzNTJaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NzkzNjY4LWM4YWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6I6f8pZzBHC/jC2fnBAYNAR9oqd2Kf7C1b/b5PyoO6m3DG3MoVSSQTkBqXBor
fC3UpMDBFx/V0yyE37JLbXmSTNyX/6Oz6+2NGH1C+iwWEuiI6fiDBGhhv4mbWimV
TQ4tTMzTzZvbHSX4JO4bu2wfs+zeHFhqBYsGhSHTQnD1G3u49+egkMcJCLV/RMLG
QV5Izrrn2ajuNhAdOoEaSCLSIb2MDmXueGerI5ZikkDxinpokaYK1+0g4RWpmIto
IE/o154k/Imd+XgjcXLfCiQsLDRnXj1JlWFfgA7Kb9uE9AmP/n6uFRkfVUMGjgWY
yJqp2Lzb9oJYCUtlyy4GMaf9AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUGTS2UU7f
UeQrWvTz/vbyaz+YoKwwHwYDVR0jBBgwFoAUhejumo0wUoWZBi0Iy5y51RPfa9cw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYwOEE1L0QxNTAzMTM2Qzkx
QjExRUY4ODdENkYyQ0M0RjlBRTAyL2hlanVtbzB3VW9XWkJpMEl5NXk1MVJQZmE5
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaGVqdW1vMHdVb1daQmkwSXk1eTUxUlBmYTljLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
MDhBNS9EMTUwMzEzNkM5MUIxMUVGODg3RDZGMkNDNEY5QUUwMi80QTRFNTk1QUM5
MUMxMUVGQjBERUI5MkRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAXeg1jANBgkqhkiG9w0BAQsFAAOCAQEAMIIFs+Vz7o3RaiBs
vb2jLt0mBGi+CSCXvz5DuFiipcglRcEsLJnq3iLIeNOnts54DO+Vpzv0tUVR2v8f
rJ7EzDXtYpHR4Srnvg+VOZmIjENCSmfwOwft/mtrYj8qpv2wr4/FO08kazkMxie/
nqrhtoM2NtN3cl9txlvAahZGqDplgvN67Coo2Z8awvyV2r0LlRmfO7Rb/mwqW4KJ
n1/6xHsURrw4Wr8zY30G6ddvMZx+3u4P728U7bCmjm89D19J1uXbdX3ItPcNO/uw
O7jvqfzSe8vopiaCiksl0PmM0en61lc+oM9F3ERpA/aHd9l+p+BnlmgelvyOtqO1
TVDQLg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:03:42 2025 by rpki-client