Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9153490/8F52488ED05411EEAF799F16C4F9AE02/0F0A0C72EBB411EE9D86095BC4F9AE02.roa
File: 0F0A0C72EBB411EE9D86095BC4F9AE02.roa (raw, json)
Hash identifier: g+h2X039YfWFdq3nneNF8fX2UZhaS8/1cDtSjJwB84Q=
Subject key identifier: 4B:7F:DD:07:F4:6A:3B:B0:6D:6A:FD:89:2B:F9:53:65:1F:EB:E7:8D
Certificate issuer: /CN=A9153490/serialNumber=47F50C958BF9CF545C601ADEB04F8A05E101D9A5
Certificate serial: D4
Authority key identifier: 47:F5:0C:95:8B:F9:CF:54:5C:60:1A:DE:B0:4F:8A:05:E1:01:D9:A5
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R_UMlYv5z1RcYBresE-KBeEB2aU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9153490/8F52488ED05411EEAF799F16C4F9AE02/0F0A0C72EBB411EE9D86095BC4F9AE02.roa
Signing time: Thu 27 Mar 2025 05:11:34 +0000
ROA not before: Thu 27 Mar 2025 05:11:34 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 139623
IP address blocks: 157.15.218.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 212 (0xd4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9153490
Validity
Not Before: Mar 27 05:11:34 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e4de05-4edb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8a:aa:ef:64:68:5c:64:e0:a1:04:8a:79:e0:
8e:b4:62:d4:fb:c1:4b:e0:65:9d:22:45:2f:08:24:
77:2b:64:ee:3e:ea:35:9b:83:86:fa:a0:87:e4:45:
0e:b5:ec:df:ca:15:a6:53:d8:66:17:60:f1:f0:6f:
6a:f4:0d:00:7e:16:fe:0f:48:60:5f:cf:79:1f:f6:
c5:11:75:81:e4:e5:31:c7:ba:c8:6a:fd:72:02:c2:
46:88:6f:cf:d0:5d:3c:22:ef:7d:22:a1:31:36:a6:
4f:a1:8f:f0:0e:fb:bd:9d:14:61:01:f7:34:3a:5e:
12:5b:9d:49:7f:f8:6f:08:59:fe:02:d8:69:b7:39:
01:8b:9a:70:a7:3c:56:53:9e:6e:07:b3:98:14:4b:
74:dd:e9:19:3d:26:21:7e:84:b0:28:f7:24:ec:8c:
59:b2:05:b4:ac:a5:15:23:6e:0d:06:5e:61:9d:e6:
8c:27:93:72:c5:57:a3:db:07:2a:dd:67:ac:c9:68:
56:88:cf:dc:89:25:7a:49:5d:59:b3:1f:49:85:e7:
02:de:0a:8b:00:a4:7c:ff:d0:3b:0a:38:9b:85:9b:
81:03:31:6b:87:02:e9:71:5d:b1:8b:e7:c7:af:e2:
d3:24:e4:1e:d0:06:ce:d6:ab:da:42:04:4c:e6:54:
6a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:7F:DD:07:F4:6A:3B:B0:6D:6A:FD:89:2B:F9:53:65:1F:EB:E7:8D
X509v3 Authority Key Identifier:
keyid:47:F5:0C:95:8B:F9:CF:54:5C:60:1A:DE:B0:4F:8A:05:E1:01:D9:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9153490/8F52488ED05411EEAF799F16C4F9AE02/R_UMlYv5z1RcYBresE-KBeEB2aU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R_UMlYv5z1RcYBresE-KBeEB2aU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153490/8F52488ED05411EEAF799F16C4F9AE02/0F0A0C72EBB411EE9D86095BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.218.0/23
Signature Algorithm: sha256WithRSAEncryption
35:a9:0a:66:56:47:6f:29:8a:11:46:ed:c8:d5:48:cc:15:f9:
4c:25:d0:e7:af:d4:59:ab:2f:72:52:14:2b:12:ae:1d:e8:b1:
e4:ba:54:98:51:bc:c0:83:ef:8f:4e:90:4f:b5:29:62:1c:e1:
06:53:31:db:c1:fc:d1:bd:6f:57:08:95:52:d0:ac:1f:e3:53:
d8:6d:5e:e5:c2:29:75:b6:75:8d:56:1f:c6:4f:53:5a:20:1b:
9e:1e:28:96:d4:4b:a9:9a:0b:7d:e6:1d:e8:cf:16:49:b6:92:
7a:d8:c5:35:f1:90:06:4f:03:e2:1d:96:c3:82:1c:d5:74:69:
12:2f:64:d7:68:3e:84:be:a5:51:ba:1c:42:4d:0a:b1:81:5e:
6c:3c:f5:32:40:df:5c:ba:8c:46:c2:a5:8f:bb:49:8f:2c:ff:
99:09:c2:56:ef:8a:c6:d6:cc:ca:b9:0a:73:b5:84:df:d5:97:
32:3d:3d:16:2c:ff:d0:16:cd:24:14:a1:88:a9:55:5c:3c:78:
52:a4:64:5a:52:8a:5d:e4:91:7e:a4:65:8e:17:47:71:da:ec:
4f:e3:63:a0:8a:2d:c3:e7:20:c4:51:82:5f:35:3f:00:d0:59:
f5:6b:df:cc:ce:d8:73:c1:7d:71:64:41:8c:a8:d7:6f:40:ae:
54:5d:db:d5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICANQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM0OTAxMTAvBgNVBAUTKDQ3RjUwQzk1OEJGOUNGNTQ1QzYwMUFERUIwNEY4QTA1
RTEwMUQ5QTUwHhcNMjUwMzI3MDUxMTM0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U0ZGUwNS00ZWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoIqq72RoXGTgoQSKeeCOtGLU+8FL4GWdIkUvCCR3K2TuPuo1m4OG+qCH5EUO
tezfyhWmU9hmF2Dx8G9q9A0Afhb+D0hgX895H/bFEXWB5OUxx7rIav1yAsJGiG/P
0F08Iu99IqExNqZPoY/wDvu9nRRhAfc0Ol4SW51Jf/hvCFn+AthptzkBi5pwpzxW
U55uB7OYFEt03ekZPSYhfoSwKPck7IxZsgW0rKUVI24NBl5hneaMJ5NyxVej2wcq
3WesyWhWiM/ciSV6SV1Zsx9JhecC3gqLAKR8/9A7CjibhZuBAzFrhwLpcV2xi+fH
r+LTJOQe0AbO1qvaQgRM5lRqWwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEt/3Qf0
ajuwbWr9iSv5U2Uf6+eNMB8GA1UdIwQYMBaAFEf1DJWL+c9UXGAa3rBPigXhAdml
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzQ5MC84RjUyNDg4RUQw
NTQxMUVFQUY3OTlGMTZDNEY5QUUwMi9SX1VNbFl2NXoxUmNZQnJlc0UtS0JlRUIy
YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1JfVU1sWXY1ejFSY1lCcmVzRS1LQmVFQjJhVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM0OTAvOEY1MjQ4OEVEMDU0MTFFRUFGNzk5RjE2QzRGOUFFMDIvMEYwQTBDNzJF
QkI0MTFFRTlEODYwOTVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGdD9owDQYJKoZIhvcNAQELBQADggEBADWpCmZWR28pihFG
7cjVSMwV+Uwl0Oev1FmrL3JSFCsSrh3oseS6VJhRvMCD749OkE+1KWIc4QZTMdvB
/NG9b1cIlVLQrB/jU9htXuXCKXW2dY1WH8ZPU1ogG54eKJbUS6maC33mHejPFkm2
knrYxTXxkAZPA+IdlsOCHNV0aRIvZNdoPoS+pVG6HEJNCrGBXmw89TJA31y6jEbC
pY+7SY8s/5kJwlbvisbWzMq5CnO1hN/VlzI9PRYs/9AWzSQUoYipVVw8eFKkZFpS
il3kkX6kZY4XR3Ha7E/jY6CKLcPnIMRRgl81PwDQWfVr38zO2HPBfXFkQYyo129A
rlRd29U=
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:25:52 2025 by rpki-client