Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9155725/801BCAA6083A11F09FF1D074C4F9AE02/7621BEA0084611F08BEB2E2DC4F9AE02.roa
File: 7621BEA0084611F08BEB2E2DC4F9AE02.roa (raw, json)
Hash identifier: aySEvRngppKs/Lyekhtc0uzM27zK/l0cRA6UmOeIzlU=
Subject key identifier: 74:EE:5F:70:25:9F:42:52:17:19:D0:3E:13:A0:21:73:53:F5:89:8E
Certificate issuer: /CN=A9155725/serialNumber=B87FAD654EC4217C6500D0F06B19BE319D3DADF7
Certificate serial: 05
Authority key identifier: B8:7F:AD:65:4E:C4:21:7C:65:00:D0:F0:6B:19:BE:31:9D:3D:AD:F7
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/uH-tZU7EIXxlANDwaxm-MZ09rfc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9155725/801BCAA6083A11F09FF1D074C4F9AE02/7621BEA0084611F08BEB2E2DC4F9AE02.roa
Signing time: Mon 24 Mar 2025 00:25:17 +0000
ROA not before: Mon 24 Mar 2025 00:25:17 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 16509
IP address blocks: 86.54.202.0/24 maxlen: 24
86.54.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9155725
Validity
Not Before: Mar 24 00:25:17 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e0a66d-589a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:e8:2b:20:a1:76:06:d7:93:75:c9:08:c4:cd:
40:6c:28:ab:e3:a9:80:e7:b6:ab:da:c8:73:75:4f:
0a:34:d1:8c:2a:25:89:c4:d5:d6:de:49:49:73:41:
d0:f2:ed:6a:b5:bf:2f:be:99:1c:58:09:a4:e8:0c:
5d:95:bb:11:ed:55:0f:b7:b7:98:03:fc:cf:3e:38:
1d:4b:31:fa:98:80:95:b5:41:13:b4:c2:af:4f:b3:
2f:0b:a2:aa:a4:7f:68:a3:30:10:18:4f:83:56:87:
82:6e:6c:e7:6e:d4:7d:03:c8:d1:1d:7d:c7:75:df:
17:12:b3:9c:8b:ff:08:fd:03:2d:32:33:6d:69:48:
21:a4:7f:26:b8:40:ba:a9:ef:f5:76:dd:8c:a0:29:
02:79:61:5e:14:1c:fa:61:c3:25:dc:94:7c:ba:0a:
af:b5:e9:9a:4b:2c:6b:84:e8:04:38:d0:a0:5b:08:
32:04:fb:7b:00:70:45:77:58:d3:b8:96:d0:07:b7:
ec:33:55:e1:4b:a2:26:08:db:ef:84:3a:f1:23:75:
01:bc:ba:1b:4e:b8:cc:16:3c:44:c0:8e:88:11:81:
6d:d4:4c:5c:1d:ad:c0:4d:29:27:16:3d:75:0c:db:
a5:47:83:9f:c6:b4:9d:dc:88:6c:21:29:a0:05:e5:
73:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:EE:5F:70:25:9F:42:52:17:19:D0:3E:13:A0:21:73:53:F5:89:8E
X509v3 Authority Key Identifier:
keyid:B8:7F:AD:65:4E:C4:21:7C:65:00:D0:F0:6B:19:BE:31:9D:3D:AD:F7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9155725/801BCAA6083A11F09FF1D074C4F9AE02/uH-tZU7EIXxlANDwaxm-MZ09rfc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/uH-tZU7EIXxlANDwaxm-MZ09rfc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155725/801BCAA6083A11F09FF1D074C4F9AE02/7621BEA0084611F08BEB2E2DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
86.54.202.0/23
Signature Algorithm: sha256WithRSAEncryption
23:6d:7f:b6:71:9b:f5:46:11:0d:21:c8:54:f5:85:0d:e5:ca:
71:ec:5a:2e:56:12:ae:f0:ea:0d:a7:a2:43:d2:7c:16:34:13:
d3:a9:d3:9d:ed:9c:ae:9c:d3:e6:05:cb:2a:84:51:c4:c9:08:
d7:25:02:f2:a0:fb:09:7c:7a:78:e8:bc:d5:a5:18:09:f5:c1:
b8:02:98:bb:a3:dd:60:af:93:18:a9:06:28:3b:7f:f6:80:66:
d9:52:ec:c5:cf:33:01:77:05:42:dc:dc:97:04:a3:28:ea:59:
be:a8:a7:c5:1b:7b:d8:1c:bb:2f:15:71:37:d2:30:69:12:c4:
24:09:cf:0c:36:cf:b1:ac:a1:18:03:ad:03:00:62:7a:8e:8b:
81:63:59:54:5a:a4:30:0d:13:34:3b:f8:76:f3:38:ae:68:d6:
03:23:f3:e5:1e:9e:b6:23:f9:66:f9:a7:d9:1e:67:ec:c5:54:
60:b4:13:fd:39:9b:7b:8d:ec:af:d5:30:e6:5d:11:ac:45:d7:
95:5a:3c:00:f5:94:ae:cf:a8:21:2c:5a:d6:2e:d6:f2:68:7d:
ef:f7:21:77:23:33:74:8b:81:28:12:6e:3b:b6:4a:b3:35:bc:
a1:1f:70:e8:9b:51:d4:13:f1:29:68:33:45:79:ff:5a:ab:62:
66:f1:26:d2
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
NTcyNTExMC8GA1UEBRMoQjg3RkFENjU0RUM0MjE3QzY1MDBEMEYwNkIxOUJFMzE5
RDNEQURGNzAeFw0yNTAzMjQwMDI1MTdaFw0yNjA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ZTBhNjZkLTU4OWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDq6CsgoXYG15N1yQjEzUBsKKvjqYDntqvayHN1Two00YwqJYnE1dbeSUlzQdDy
7Wq1vy++mRxYCaToDF2VuxHtVQ+3t5gD/M8+OB1LMfqYgJW1QRO0wq9Psy8Loqqk
f2ijMBAYT4NWh4JubOdu1H0DyNEdfcd13xcSs5yL/wj9Ay0yM21pSCGkfya4QLqp
7/V23YygKQJ5YV4UHPphwyXclHy6Cq+16ZpLLGuE6AQ40KBbCDIE+3sAcEV3WNO4
ltAHt+wzVeFLoiYI2++EOvEjdQG8uhtOuMwWPETAjogRgW3UTFwdrcBNKScWPXUM
26VHg5/GtJ3ciGwhKaAF5XNRAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUdO5fcCWf
QlIXGdA+E6Ahc1P1iY4wHwYDVR0jBBgwFoAUuH+tZU7EIXxlANDwaxm+MZ09rfcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU1NzI1LzgwMUJDQUE2MDgz
QTExRjA5RkYxRDA3NEM0RjlBRTAyL3VILXRaVTdFSVh4bEFORHdheG0tTVowOXJm
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2MTFFMkEzRjI3RjdDNzJG
RDFGRjIvdUgtdFpVN0VJWHhsQU5Ed2F4bS1NWjA5cmZjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
NTcyNS84MDFCQ0FBNjA4M0ExMUYwOUZGMUQwNzRDNEY5QUUwMi83NjIxQkVBMDA4
NDYxMUYwOEJFQjJFMkRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAVY2yjANBgkqhkiG9w0BAQsFAAOCAQEAI21/tnGb9UYRDSHI
VPWFDeXKcexaLlYSrvDqDaeiQ9J8FjQT06nTne2crpzT5gXLKoRRxMkI1yUC8qD7
CXx6eOi81aUYCfXBuAKYu6PdYK+TGKkGKDt/9oBm2VLsxc8zAXcFQtzclwSjKOpZ
vqinxRt72By7LxVxN9IwaRLEJAnPDDbPsayhGAOtAwBieo6LgWNZVFqkMA0TNDv4
dvM4rmjWAyPz5R6etiP5Zvmn2R5n7MVUYLQT/Tmbe43sr9Uw5l0RrEXXlVo8APWU
rs+oISxa1i7W8mh97/chdyMzdIuBKBJuO7ZKszW8oR9w6JtR1BPxKWgzRXn/Wqti
ZvEm0g==
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:52:53 2025 by rpki-client