Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915F89C/01B069F6CEBB11E99B1F7D3EC4F9AE02/266ABA161E5811EF89038F3BC4F9AE02.roa
File: 266ABA161E5811EF89038F3BC4F9AE02.roa (raw, json)
Hash identifier: p/azHtFptIXURVSRFgPxqoeDhngoYTd2NG88s2QFFzY=
Subject key identifier: 3F:96:F9:31:FD:16:60:2F:65:A3:B6:09:41:DB:94:56:4E:C6:C2:87
Certificate issuer: /CN=A915F89C/serialNumber=466F112442C5D02E60F24699193AE215195B3BA9
Certificate serial: 0D03
Authority key identifier: 46:6F:11:24:42:C5:D0:2E:60:F2:46:99:19:3A:E2:15:19:5B:3B:A9
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/Rm8RJELF0C5g8kaZGTriFRlbO6k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915F89C/01B069F6CEBB11E99B1F7D3EC4F9AE02/266ABA161E5811EF89038F3BC4F9AE02.roa
Signing time: Tue 20 Aug 2024 14:30:34 +0000
ROA not before: Tue 20 Aug 2024 14:30:34 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 3758
IP address blocks: 151.192.0.0/18 maxlen: 24
151.192.64.0/18 maxlen: 24
151.192.128.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3331 (0xd03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915F89C
Validity
Not Before: Aug 20 14:30:34 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66c4a88a-9b15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:22:5f:19:0d:9e:76:4b:1f:3e:16:5f:6f:f6:
02:a6:3f:8a:3b:cd:b2:42:02:2c:5c:64:a4:7e:32:
d5:9f:fb:8c:4e:6d:a9:e2:66:18:05:95:29:7f:92:
af:0d:01:6b:46:7b:e5:22:56:06:92:55:66:da:27:
f5:0a:de:05:3a:73:03:e9:62:8f:3b:dc:9d:91:fe:
e4:87:dc:59:2d:64:c5:2c:c6:76:56:16:8a:d7:a3:
b8:1a:57:da:85:3d:70:60:f3:19:99:ce:72:87:32:
4b:89:99:3b:a2:b8:2f:41:48:50:0b:67:83:f3:9c:
04:24:22:3f:1f:52:d0:e0:e5:2f:96:b7:96:0b:fa:
a3:d6:3a:16:68:b7:2f:3a:6f:4c:37:7e:e2:4c:39:
f4:11:3a:10:e9:67:7d:f7:c9:b5:61:56:2f:e6:6b:
c1:e5:06:67:97:0e:47:43:ae:12:cb:09:42:32:a5:
31:6f:1e:71:5b:7b:9e:d7:02:9b:de:f7:74:41:48:
a6:4d:c5:af:b0:6e:4d:62:bc:97:36:1c:94:4b:1f:
2f:1f:f0:5c:b6:0c:83:08:df:7f:46:d3:34:67:0d:
c7:58:8a:cd:9f:6e:d1:22:a5:3a:f4:93:ab:04:c7:
b2:09:77:a8:08:b0:2f:d0:c3:de:ef:4f:ad:aa:d9:
a1:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:96:F9:31:FD:16:60:2F:65:A3:B6:09:41:DB:94:56:4E:C6:C2:87
X509v3 Authority Key Identifier:
keyid:46:6F:11:24:42:C5:D0:2E:60:F2:46:99:19:3A:E2:15:19:5B:3B:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915F89C/01B069F6CEBB11E99B1F7D3EC4F9AE02/Rm8RJELF0C5g8kaZGTriFRlbO6k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/Rm8RJELF0C5g8kaZGTriFRlbO6k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915F89C/01B069F6CEBB11E99B1F7D3EC4F9AE02/266ABA161E5811EF89038F3BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
151.192.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6f:91:e6:c4:5f:11:fb:d1:74:74:46:c9:37:2c:c2:b0:86:a6:
39:15:62:a9:e7:25:b4:9d:cd:7b:04:dd:4f:78:f3:6a:0d:ea:
35:df:09:fa:f4:55:b2:2b:63:57:84:9b:ce:c9:db:9d:20:98:
05:57:bd:22:b4:fd:d6:1f:d7:85:a3:08:c3:2d:54:f2:57:59:
ed:c5:84:7c:35:0b:1c:52:89:50:96:b4:ec:16:a4:13:2f:d0:
46:ec:23:9d:27:5b:cb:56:81:99:85:88:9f:5b:87:3e:2d:86:
ae:59:b3:d9:96:da:c8:e6:2b:75:59:36:87:e9:92:48:16:e3:
00:a8:df:6f:01:3c:fe:44:fb:35:2a:28:64:65:a7:c0:7e:fc:
a8:be:d6:d2:25:c3:fa:76:f9:40:71:39:51:95:5a:ed:72:03:
6d:a4:97:44:d9:88:8d:bd:7c:da:f6:6d:e2:74:93:16:e1:89:
96:b5:44:d8:f9:1c:90:e7:39:f9:d1:84:a1:1a:99:13:bd:ad:
78:6a:ba:2b:8e:23:f0:8b:19:0f:e3:5d:ea:88:13:eb:b9:09:
7a:3a:d8:21:c1:78:3d:b3:d7:b9:4c:cd:28:78:fa:3c:ad:58:
b7:d9:a9:da:bf:d8:1d:e5:2e:4c:34:e6:ea:f4:fc:d8:62:9e:
bc:29:a4:27
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICDQMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUY4OUMxMTAvBgNVBAUTKDQ2NkYxMTI0NDJDNUQwMkU2MEYyNDY5OTE5M0FFMjE1
MTk1QjNCQTkwHhcNMjQwODIwMTQzMDM0WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM0YTg4YS05YjE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuiJfGQ2edksfPhZfb/YCpj+KO82yQgIsXGSkfjLVn/uMTm2p4mYYBZUpf5Kv
DQFrRnvlIlYGklVm2if1Ct4FOnMD6WKPO9ydkf7kh9xZLWTFLMZ2VhaK16O4Glfa
hT1wYPMZmc5yhzJLiZk7orgvQUhQC2eD85wEJCI/H1LQ4OUvlreWC/qj1joWaLcv
Om9MN37iTDn0EToQ6Wd998m1YVYv5mvB5QZnlw5HQ64SywlCMqUxbx5xW3ue1wKb
3vd0QUimTcWvsG5NYryXNhyUSx8vH/BctgyDCN9/RtM0Zw3HWIrNn27RIqU69JOr
BMeyCXeoCLAv0MPe70+tqtmhmQIDAQABo4IClDCCApAwHQYDVR0OBBYEFD+W+TH9
FmAvZaO2CUHblFZOxsKHMB8GA1UdIwQYMBaAFEZvESRCxdAuYPJGmRk64hUZWzup
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Rjg5Qy8wMUIwNjlGNkNF
QkIxMUU5OUIxRjdEM0VDNEY5QUUwMi9SbThSSkVMRjBDNWc4a2FaR1RyaUZSbGJP
NmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL1JtOFJKRUxGMEM1ZzhrYVpHVHJpRlJsYk82ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUY4OUMvMDFCMDY5RjZDRUJCMTFFOTlCMUY3RDNFQzRGOUFFMDIvMjY2QUJBMTYx
RTU4MTFFRjg5MDM4RjNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwCXwDANBgkqhkiG9w0BAQsFAAOCAQEAb5HmxF8R+9F0dEbJ
NyzCsIamORViqecltJ3NewTdT3jzag3qNd8J+vRVsitjV4SbzsnbnSCYBVe9IrT9
1h/XhaMIwy1U8ldZ7cWEfDULHFKJUJa07BakEy/QRuwjnSdby1aBmYWIn1uHPi2G
rlmz2ZbayOYrdVk2h+mSSBbjAKjfbwE8/kT7NSooZGWnwH78qL7W0iXD+nb5QHE5
UZVa7XIDbaSXRNmIjb182vZt4nSTFuGJlrVE2PkckOc5+dGEoRqZE72teGq6K44j
8IsZD+Nd6ogT67kJejrYIcF4PbPXuUzNKHj6PK1Yt9mp2r/YHeUuTDTm6vT82GKe
vCmkJw==
-----END CERTIFICATE-----
Generated at Fri Apr 11 16:29:19 2025 by rpki-client