Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91288D9/F83E3FCEADBC11EFB302983EC4F9AE02/8D431594FFDF11EF8DF72930C4F9AE02.roa
File: 8D431594FFDF11EF8DF72930C4F9AE02.roa (raw, json)
Hash identifier: m/ts4+3+KZRfhNwqXbAAZsLEK7jXSiR3RbLIiPT9ph8=
Subject key identifier: 89:35:F2:38:F5:41:0F:B2:7E:53:2C:7C:73:AC:22:A6:43:85:09:21
Certificate issuer: /CN=A91288D9/serialNumber=A64BE44ACB00E4BDAE4491B0FA0CD7099D2C727C
Certificate serial: 37
Authority key identifier: A6:4B:E4:4A:CB:00:E4:BD:AE:44:91:B0:FA:0C:D7:09:9D:2C:72:7C
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pkvkSssA5L2uRJGw-gzXCZ0scnw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91288D9/F83E3FCEADBC11EFB302983EC4F9AE02/8D431594FFDF11EF8DF72930C4F9AE02.roa
Signing time: Thu 13 Mar 2025 07:48:28 +0000
ROA not before: Thu 13 Mar 2025 07:48:28 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 58935
IP address blocks: 160.250.89.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55 (0x37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91288D9
Validity
Not Before: Mar 13 07:48:28 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67d28dcc-0813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a0:98:10:01:b2:f1:36:f0:04:15:66:54:65:
11:05:78:0a:84:a1:35:60:b5:67:a8:1a:af:7d:cd:
81:14:c7:a2:4d:63:e2:a9:8f:c5:0c:87:64:85:8e:
1f:d8:79:31:87:1d:5f:7e:d1:8d:56:d6:5d:78:76:
5b:5a:e2:72:00:cb:2a:e3:11:56:da:1c:b4:af:89:
31:6f:dc:65:1e:83:d8:04:4d:3f:0b:98:1a:6e:c2:
67:a3:26:98:59:26:b5:8b:d9:af:74:12:2c:a2:f8:
f7:54:3e:74:d2:e0:ba:5d:c5:e3:d0:bc:1a:b6:01:
3c:0e:62:ea:1e:5f:4d:31:ce:5e:17:5d:ac:5c:db:
be:f0:65:ac:85:1c:da:35:0f:96:1d:7a:d6:37:a6:
d9:3b:3d:25:90:fb:f1:e0:c4:8f:a6:e3:30:d8:6a:
ad:51:d0:0c:05:3d:07:12:4b:c0:93:61:06:87:ad:
c5:15:a6:c8:7b:a3:ea:68:01:20:2c:6a:fe:06:cd:
92:7e:d5:03:25:54:66:ef:c4:5f:1a:f6:47:40:dc:
74:99:a0:72:89:da:07:66:dc:d5:db:af:99:c8:c4:
56:7d:46:67:07:42:93:24:de:ed:7a:6b:54:23:95:
ba:96:65:e6:d6:cd:18:36:64:de:67:bb:60:34:df:
e1:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:35:F2:38:F5:41:0F:B2:7E:53:2C:7C:73:AC:22:A6:43:85:09:21
X509v3 Authority Key Identifier:
keyid:A6:4B:E4:4A:CB:00:E4:BD:AE:44:91:B0:FA:0C:D7:09:9D:2C:72:7C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91288D9/F83E3FCEADBC11EFB302983EC4F9AE02/pkvkSssA5L2uRJGw-gzXCZ0scnw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pkvkSssA5L2uRJGw-gzXCZ0scnw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91288D9/F83E3FCEADBC11EFB302983EC4F9AE02/8D431594FFDF11EF8DF72930C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.250.89.0/24
Signature Algorithm: sha256WithRSAEncryption
68:15:db:f2:a2:3e:34:44:51:11:6e:39:80:f9:52:3a:ab:c9:
d7:f0:14:99:ec:68:e3:31:71:d8:a2:14:e1:f9:e8:c8:69:a9:
1b:4d:8a:d6:c8:f1:2f:03:5d:85:8d:c1:cf:8a:a9:dc:09:e1:
37:18:3e:c4:58:09:86:37:6e:4c:79:99:38:4a:19:85:77:56:
a1:1c:9c:49:67:1d:12:79:21:c2:31:6f:82:91:15:2b:cf:4e:
f6:4e:a3:1e:1c:d3:f7:01:ef:0f:c8:bf:5c:5e:7e:60:59:ad:
d9:d3:c8:49:c7:a4:05:9a:94:f1:e3:9a:82:6c:83:57:c1:76:
da:3c:e1:c6:c7:22:7a:4f:5a:b3:ff:54:8b:b9:73:da:2a:0a:
57:5c:5a:32:23:bc:f1:ba:69:dc:4d:a8:56:d5:13:3d:8e:a1:
b9:6a:26:c0:7a:f3:f7:4d:25:af:d3:2a:03:bd:38:cb:1b:9a:
30:04:7e:ca:89:a3:3e:11:d2:e7:41:76:71:29:1c:ad:67:fc:
2c:2f:12:6a:4a:5c:ab:1e:17:5e:d0:a5:c1:a5:62:1c:c9:04:
43:bf:d1:0f:3e:07:6e:c9:e3:4a:2d:80:19:68:df:0c:c9:47:
2f:fb:e6:8f:56:90:40:88:a7:64:c9:c1:30:d9:67:8e:4b:b7:
12:76:a6:fb
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBNzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
ODhEOTExMC8GA1UEBRMoQTY0QkU0NEFDQjAwRTRCREFFNDQ5MUIwRkEwQ0Q3MDk5
RDJDNzI3QzAeFw0yNTAzMTMwNzQ4MjhaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ZDI4ZGNjLTA4MTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCioJgQAbLxNvAEFWZUZREFeAqEoTVgtWeoGq99zYEUx6JNY+Kpj8UMh2SFjh/Y
eTGHHV9+0Y1W1l14dlta4nIAyyrjEVbaHLSviTFv3GUeg9gETT8LmBpuwmejJphZ
JrWL2a90Eiyi+PdUPnTS4LpdxePQvBq2ATwOYuoeX00xzl4XXaxc277wZayFHNo1
D5YdetY3ptk7PSWQ+/HgxI+m4zDYaq1R0AwFPQcSS8CTYQaHrcUVpsh7o+poASAs
av4GzZJ+1QMlVGbvxF8a9kdA3HSZoHKJ2gdm3NXbr5nIxFZ9RmcHQpMk3u16a1Qj
lbqWZebWzRg2ZN5nu2A03+HJAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUiTXyOPVB
D7J+Uyx8c6wipkOFCSEwHwYDVR0jBBgwFoAUpkvkSssA5L2uRJGw+gzXCZ0scnww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI4OEQ5L0Y4M0UzRkNFQURC
QzExRUZCMzAyOTgzRUM0RjlBRTAyL3BrdmtTc3NBNUwydVJKR3ctZ3pYQ1owc2Nu
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvcGt2a1Nzc0E1TDJ1UkpHdy1nelhDWjBzY253LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
ODhEOS9GODNFM0ZDRUFEQkMxMUVGQjMwMjk4M0VDNEY5QUUwMi84RDQzMTU5NEZG
REYxMUVGOERGNzI5MzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKD6WTANBgkqhkiG9w0BAQsFAAOCAQEAaBXb8qI+NERREW45
gPlSOqvJ1/AUmexo4zFx2KIU4fnoyGmpG02K1sjxLwNdhY3Bz4qp3AnhNxg+xFgJ
hjduTHmZOEoZhXdWoRycSWcdEnkhwjFvgpEVK89O9k6jHhzT9wHvD8i/XF5+YFmt
2dPIScekBZqU8eOagmyDV8F22jzhxsciek9as/9Ui7lz2ioKV1xaMiO88bpp3E2o
VtUTPY6huWomwHrz900lr9MqA704yxuaMAR+yomjPhHS50F2cSkcrWf8LC8Sakpc
qx4XXtClwaViHMkEQ7/RDz4HbsnjSi2AGWjfDMlHL/vmj1aQQIinZMnBMNlnjku3
Enam+w==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:21:42 2025 by rpki-client