Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91388E0/4CBB1B32B85211EE8ACAA96AC4F9AE02/1F5F5920B85F11EE9B53995FC4F9AE02.roa
File: 1F5F5920B85F11EE9B53995FC4F9AE02.roa (raw, json)
Hash identifier: c6SlXvh5jnzbFaQ7XL8WHzhEyzH6pjJKr/W4VmAYxxo=
Subject key identifier: 89:17:E1:7F:FF:C7:6F:DA:88:24:E4:79:31:EC:8F:ED:CA:40:16:DE
Certificate issuer: /CN=A91388E0/serialNumber=25242E131997835BFC9B180405C797C6289447E7
Certificate serial: CA
Authority key identifier: 25:24:2E:13:19:97:83:5B:FC:9B:18:04:05:C7:97:C6:28:94:47:E7
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JSQuExmXg1v8mxgEBceXxiiUR-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91388E0/4CBB1B32B85211EE8ACAA96AC4F9AE02/1F5F5920B85F11EE9B53995FC4F9AE02.roa
Signing time: Fri 31 Jan 2025 05:19:01 +0000
ROA not before: Fri 31 Jan 2025 05:19:01 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 152336
IP address blocks: 157.10.244.0/23 maxlen: 23
157.10.244.0/24 maxlen: 24
157.10.245.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 202 (0xca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91388E0
Validity
Not Before: Jan 31 05:19:01 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679c5d45-b21f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4c:dd:60:bf:e7:94:3e:45:24:18:50:f9:29:
60:4e:78:07:1b:18:54:cc:b8:fe:94:41:91:2d:fa:
9f:dd:8f:42:2f:5e:96:f0:4e:e2:7e:d3:bf:56:a6:
f3:7a:77:58:71:62:cd:c7:54:5c:9d:c8:17:07:d0:
62:fb:c3:46:58:dd:5a:9e:4d:a3:9f:b9:eb:fc:9e:
b1:77:d9:53:44:1d:32:1f:17:25:76:44:19:d8:51:
1a:d9:66:0f:26:6e:d1:1d:53:e4:cc:c0:4a:9d:f8:
b5:39:a3:86:27:a6:4e:19:c5:6d:52:a1:6a:82:33:
03:9d:67:eb:ab:6f:4f:f9:59:8d:9a:b9:0a:7d:81:
48:6e:19:1e:7a:3f:07:20:7f:02:39:ae:80:6e:e5:
e7:88:c6:04:cd:b8:37:8a:72:21:df:c7:96:ea:ea:
0e:0d:73:8e:44:83:24:4f:02:33:5a:c6:e7:8c:0b:
e6:86:9f:2f:09:04:37:25:a5:e7:ca:ef:d8:4d:26:
74:6a:ca:ff:19:5a:7d:c8:69:cd:e1:f1:5e:e4:91:
7e:a9:a6:c4:aa:0d:f3:79:ce:18:69:ec:98:ac:7e:
95:09:32:26:02:9d:29:5b:0f:c0:46:5a:75:21:b1:
5a:75:d5:23:b5:09:29:f0:fd:a5:1d:ff:e3:08:7c:
e7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:17:E1:7F:FF:C7:6F:DA:88:24:E4:79:31:EC:8F:ED:CA:40:16:DE
X509v3 Authority Key Identifier:
keyid:25:24:2E:13:19:97:83:5B:FC:9B:18:04:05:C7:97:C6:28:94:47:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91388E0/4CBB1B32B85211EE8ACAA96AC4F9AE02/JSQuExmXg1v8mxgEBceXxiiUR-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JSQuExmXg1v8mxgEBceXxiiUR-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91388E0/4CBB1B32B85211EE8ACAA96AC4F9AE02/1F5F5920B85F11EE9B53995FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.244.0/23
Signature Algorithm: sha256WithRSAEncryption
19:a6:06:a7:d5:ac:78:10:c7:04:5f:25:ea:64:9e:2a:3a:70:
63:ed:35:6c:c9:99:75:84:4b:0e:7d:d5:fd:b3:b0:b8:41:81:
c6:76:0f:8e:56:31:a2:53:fd:8f:94:d5:d4:8b:6c:d5:27:3d:
e5:f0:8e:de:52:10:79:d4:87:74:fb:21:b9:55:cd:cc:52:d6:
2d:fa:fc:11:bc:a6:69:c1:fa:a2:61:67:20:a7:e1:61:8f:83:
e3:61:ac:b4:15:0e:c9:f9:82:82:52:db:8c:e1:37:1d:1e:f1:
ab:ea:6e:3c:61:c2:23:64:82:85:81:67:83:58:12:ac:98:c4:
c1:3b:05:14:23:a3:c5:cc:88:32:eb:76:09:a6:c5:c8:98:53:
2a:fd:52:b3:2c:d5:36:34:51:38:2b:90:67:51:44:dd:ba:71:
3e:4a:9b:2c:11:c9:8e:8f:95:ac:f4:3a:ce:94:6e:13:92:6a:
fa:73:21:ee:2f:11:cb:61:d1:44:4d:4a:6a:d2:a2:3c:93:9d:
5f:0a:af:3b:7c:6d:ff:55:a4:7e:33:74:06:4a:90:68:48:93:
48:c4:c3:3b:07:71:16:91:75:d6:83:6c:6f:c6:2e:ee:5e:88:
0e:81:f8:e3:b5:cc:6a:87:4c:2d:4f:59:29:b9:04:4d:aa:a1:
b0:95:ee:71
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mzg4RTAxMTAvBgNVBAUTKDI1MjQyRTEzMTk5NzgzNUJGQzlCMTgwNDA1Qzc5N0M2
Mjg5NDQ3RTcwHhcNMjUwMTMxMDUxOTAxWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzljNWQ0NS1iMjFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq0zdYL/nlD5FJBhQ+SlgTngHGxhUzLj+lEGRLfqf3Y9CL16W8E7iftO/Vqbz
endYcWLNx1RcncgXB9Bi+8NGWN1ank2jn7nr/J6xd9lTRB0yHxcldkQZ2FEa2WYP
Jm7RHVPkzMBKnfi1OaOGJ6ZOGcVtUqFqgjMDnWfrq29P+VmNmrkKfYFIbhkeej8H
IH8COa6AbuXniMYEzbg3inIh38eW6uoODXOORIMkTwIzWsbnjAvmhp8vCQQ3JaXn
yu/YTSZ0asr/GVp9yGnN4fFe5JF+qabEqg3zec4YaeyYrH6VCTImAp0pWw/ARlp1
IbFaddUjtQkp8P2lHf/jCHznwwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIkX4X//
x2/aiCTkeTHsj+3KQBbeMB8GA1UdIwQYMBaAFCUkLhMZl4Nb/JsYBAXHl8YolEfn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzODhFMC80Q0JCMUIzMkI4
NTIxMUVFOEFDQUE5NkFDNEY5QUUwMi9KU1F1RXhtWGcxdjhteGdFQmNlWHhpaVVS
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0pTUXVFeG1YZzF2OG14Z0VCY2VYeGlpVVItYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mzg4RTAvNENCQjFCMzJCODUyMTFFRThBQ0FBOTZBQzRGOUFFMDIvMUY1RjU5MjBC
ODVGMTFFRTlCNTM5OTVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGdCvQwDQYJKoZIhvcNAQELBQADggEBABmmBqfVrHgQxwRf
Jepknio6cGPtNWzJmXWESw591f2zsLhBgcZ2D45WMaJT/Y+U1dSLbNUnPeXwjt5S
EHnUh3T7IblVzcxS1i36/BG8pmnB+qJhZyCn4WGPg+NhrLQVDsn5goJS24zhNx0e
8avqbjxhwiNkgoWBZ4NYEqyYxME7BRQjo8XMiDLrdgmmxciYUyr9UrMs1TY0UTgr
kGdRRN26cT5KmywRyY6Plaz0Os6UbhOSavpzIe4vEcth0URNSmrSojyTnV8Krzt8
bf9VpH4zdAZKkGhIk0jEwzsHcRaRddaDbG/GLu5eiA6B+OO1zGqHTC1PWSm5BE2q
obCV7nE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:08:54 2025 by rpki-client