Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91348DF/E6BF830CC1DD11ECB97B9C7FC4F9AE02/9F8BF452C1E711EC97315146C4F9AE02.roa
File: 9F8BF452C1E711EC97315146C4F9AE02.roa (raw, json)
Hash identifier: k6JWZEcqAHK7iXIk5qcPFOjxidKP93iseKIRI4Du2jw=
Subject key identifier: 9E:DA:EE:A6:28:42:75:2B:A6:77:9D:74:BD:7D:09:19:92:25:D5:7E
Certificate issuer: /CN=A91348DF/serialNumber=10946AF911B655462C1A5EF01D684688E19687D3
Certificate serial: 0283
Authority key identifier: 10:94:6A:F9:11:B6:55:46:2C:1A:5E:F0:1D:68:46:88:E1:96:87:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EJRq-RG2VUYsGl7wHWhGiOGWh9M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91348DF/E6BF830CC1DD11ECB97B9C7FC4F9AE02/9F8BF452C1E711EC97315146C4F9AE02.roa
Signing time: Mon 03 Jun 2024 04:31:51 +0000
ROA not before: Mon 03 Jun 2024 04:31:51 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 58507
IP address blocks: 157.211.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 643 (0x283)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91348DF
Validity
Not Before: Jun 3 04:31:51 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=665d4737-9d38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:64:40:59:ee:ec:44:67:06:d0:8a:87:32:5b:
a7:7f:ac:92:9e:fd:79:74:bb:ef:46:ed:82:08:7d:
b8:e2:0f:ae:ce:c7:24:51:ac:3e:4d:11:ac:a4:9f:
1b:f6:bb:2d:d5:05:7e:55:5b:69:4c:6b:b4:1f:b8:
56:af:51:29:a0:83:7a:82:ba:8f:e3:c0:0f:19:29:
7d:76:0b:1b:67:63:c4:cc:90:54:2a:bf:f0:50:fc:
3f:63:38:6c:27:e5:2b:56:be:87:cd:ca:8a:81:9c:
b7:ee:83:12:3f:81:3b:d4:3c:5d:1e:0c:7d:32:cc:
b0:21:2e:8a:a5:9a:ab:42:56:da:fd:ee:35:ba:6d:
78:41:ee:7e:18:84:3b:56:d3:32:fd:2d:51:6f:6a:
a4:a9:ae:c6:5c:20:30:11:7f:23:49:73:7f:c2:91:
19:d7:27:e9:5f:96:65:e1:6c:8f:4c:92:0f:01:ec:
fb:c5:ba:47:d2:65:23:24:00:24:87:e5:61:a1:80:
28:58:36:2f:af:1e:c7:3a:a2:51:e3:af:99:9b:cd:
a0:f4:12:56:77:e0:e1:bc:c9:d0:77:81:ed:2a:2c:
d8:48:ce:18:91:23:7d:13:d4:b7:04:28:bd:b8:54:
f0:4c:5d:4b:fd:32:3e:67:2b:12:83:cf:e7:62:3a:
41:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:DA:EE:A6:28:42:75:2B:A6:77:9D:74:BD:7D:09:19:92:25:D5:7E
X509v3 Authority Key Identifier:
keyid:10:94:6A:F9:11:B6:55:46:2C:1A:5E:F0:1D:68:46:88:E1:96:87:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91348DF/E6BF830CC1DD11ECB97B9C7FC4F9AE02/EJRq-RG2VUYsGl7wHWhGiOGWh9M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EJRq-RG2VUYsGl7wHWhGiOGWh9M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91348DF/E6BF830CC1DD11ECB97B9C7FC4F9AE02/9F8BF452C1E711EC97315146C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.211.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a5:b2:b2:dc:90:64:bb:01:10:81:c1:c1:63:c0:d4:6f:e1:c4:
4a:73:16:3a:0d:db:09:00:e3:4a:48:42:5a:57:0f:4f:ec:7b:
6c:18:53:80:ae:fb:0d:50:6f:04:4a:0a:ff:52:4d:2e:12:2c:
6e:bc:42:c6:ec:f1:0f:f2:75:47:79:f1:3a:2f:36:5c:a2:da:
b8:fb:0b:b5:5a:01:a8:e9:b1:d7:8c:d4:2f:b1:82:6b:c9:e3:
45:fa:2c:78:b3:bb:e9:53:3e:ea:57:cd:23:d4:21:bb:ef:23:
76:8f:ee:5d:c0:2a:f8:0c:5f:8f:ca:e7:eb:dd:2b:22:6f:fe:
f2:ac:eb:37:ab:e1:51:bf:b8:d3:2b:8a:c0:94:88:b2:8e:00:
66:62:3a:56:1d:1a:90:c9:29:ff:d0:f0:23:7d:4a:51:fa:4d:
e0:e1:8a:20:9b:d1:f4:d6:c3:a2:93:83:f8:0e:1c:76:27:24:
c4:6b:bd:35:22:6a:cb:dd:f4:91:2d:1e:ee:77:30:bd:1f:55:
6c:8f:53:73:f6:96:2e:22:e1:2f:41:64:7d:d2:97:e1:99:9f:
2b:86:c4:cd:63:7f:56:d8:63:19:36:bc:10:2f:2b:77:43:4a:
7c:24:3f:f2:3a:4e:5c:ec:66:e2:34:4d:31:90:c7:c3:77:36:
95:fa:1c:ed
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICAoMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzQ4REYxMTAvBgNVBAUTKDEwOTQ2QUY5MTFCNjU1NDYyQzFBNUVGMDFENjg0Njg4
RTE5Njg3RDMwHhcNMjQwNjAzMDQzMTUxWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjVkNDczNy05ZDM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv2RAWe7sRGcG0IqHMlunf6ySnv15dLvvRu2CCH244g+uzsckUaw+TRGspJ8b
9rst1QV+VVtpTGu0H7hWr1EpoIN6grqP48APGSl9dgsbZ2PEzJBUKr/wUPw/Yzhs
J+UrVr6HzcqKgZy37oMSP4E71DxdHgx9MsywIS6KpZqrQlba/e41um14Qe5+GIQ7
VtMy/S1Rb2qkqa7GXCAwEX8jSXN/wpEZ1yfpX5Zl4WyPTJIPAez7xbpH0mUjJAAk
h+VhoYAoWDYvrx7HOqJR46+Zm82g9BJWd+DhvMnQd4HtKizYSM4YkSN9E9S3BCi9
uFTwTF1L/TI+ZysSg8/nYjpBxwIDAQABo4IClDCCApAwHQYDVR0OBBYEFJ7a7qYo
QnUrpneddL19CRmSJdV+MB8GA1UdIwQYMBaAFBCUavkRtlVGLBpe8B1oRojhlofT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDhERi9FNkJGODMwQ0Mx
REQxMUVDQjk3QjlDN0ZDNEY5QUUwMi9FSlJxLVJHMlZVWXNHbDd3SFdoR2lPR1do
OU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0VKUnEtUkcyVlVZc0dsN3dIV2hHaU9HV2g5TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzQ4REYvRTZCRjgzMENDMUREMTFFQ0I5N0I5QzdGQzRGOUFFMDIvOUY4QkY0NTJD
MUU3MTFFQzk3MzE1MTQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwCd0zANBgkqhkiG9w0BAQsFAAOCAQEApbKy3JBkuwEQgcHB
Y8DUb+HESnMWOg3bCQDjSkhCWlcPT+x7bBhTgK77DVBvBEoK/1JNLhIsbrxCxuzx
D/J1R3nxOi82XKLauPsLtVoBqOmx14zUL7GCa8njRfoseLO76VM+6lfNI9Qhu+8j
do/uXcAq+Axfj8rn690rIm/+8qzrN6vhUb+40yuKwJSIso4AZmI6Vh0akMkp/9Dw
I31KUfpN4OGKIJvR9NbDopOD+A4cdickxGu9NSJqy930kS0e7ncwvR9VbI9Tc/aW
LiLhL0FkfdKX4ZmfK4bEzWN/VthjGTa8EC8rd0NKfCQ/8jpOXOxm4jRNMZDHw3c2
lfoc7Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:39:51 2025 by rpki-client