Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/458AC21A684111EEA6632877C4F9AE02.roa
File: 458AC21A684111EEA6632877C4F9AE02.roa (raw, json)
Hash identifier: rQlxlSsLfUnZ/IhD06ff6PZ8dH3kW3qdosnvLtL69I4=
Subject key identifier: 73:0E:A6:5C:85:2E:B4:73:E7:E8:38:5D:0E:AD:32:58:39:0F:62:3C
Certificate issuer: /CN=A916557B/serialNumber=2853BDA1638C599A84C3095310E69BFD260AA978
Certificate serial: 0389
Authority key identifier: 28:53:BD:A1:63:8C:59:9A:84:C3:09:53:10:E6:9B:FD:26:0A:A9:78
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/458AC21A684111EEA6632877C4F9AE02.roa
Signing time: Thu 05 Dec 2024 01:15:08 +0000
ROA not before: Thu 05 Dec 2024 01:15:08 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 137547
IP address blocks: 150.129.218.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 905 (0x389)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916557B
Validity
Not Before: Dec 5 01:15:08 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6750fe9c-23f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8e:29:f9:83:6f:a8:32:f0:52:b0:4c:5a:d3:
08:0b:07:e8:78:18:91:32:49:e6:bf:27:98:0b:cd:
cf:71:d5:cf:64:37:cc:13:b1:13:64:48:89:b1:c7:
e2:d4:8a:cc:1e:f1:e1:58:09:59:d5:f3:9d:1d:4c:
2b:a6:91:8f:15:8e:9a:73:40:01:84:3a:f2:16:df:
f5:c2:e2:0e:75:a9:4f:98:27:e8:4f:8e:f6:a2:5d:
dd:f1:50:8c:f0:89:45:4d:45:1d:61:15:8d:f2:ea:
e6:b7:9b:08:48:cc:6b:2b:99:71:9b:19:ae:f5:de:
ef:85:0a:26:59:77:28:f9:71:ef:94:aa:8d:ec:8c:
56:b4:1e:ab:42:cb:cb:71:45:59:e5:dd:2b:6d:cd:
52:3e:b7:58:b6:ee:45:8a:eb:51:b8:52:67:0e:0f:
b8:54:d8:ef:7f:d2:1d:67:62:0a:88:ca:9d:44:9b:
44:b7:3f:39:2d:36:22:d5:db:8c:ca:d7:d9:d8:4a:
49:97:20:d2:06:86:c4:72:b5:03:a9:fe:23:54:c2:
49:58:b8:3b:06:a3:4b:14:d1:4e:65:06:da:6a:1c:
76:7d:1c:f1:13:b5:72:1e:48:8a:88:6a:09:d9:a3:
86:64:cd:4b:35:c9:3a:95:40:06:79:29:6e:21:05:
76:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:0E:A6:5C:85:2E:B4:73:E7:E8:38:5D:0E:AD:32:58:39:0F:62:3C
X509v3 Authority Key Identifier:
keyid:28:53:BD:A1:63:8C:59:9A:84:C3:09:53:10:E6:9B:FD:26:0A:A9:78
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/KFO9oWOMWZqEwwlTEOab_SYKqXg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/458AC21A684111EEA6632877C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
150.129.218.0/24
Signature Algorithm: sha256WithRSAEncryption
67:3e:dd:cb:fc:54:77:56:7f:ac:f6:61:9e:be:91:88:0a:71:
a7:a4:9b:9c:4e:5c:97:d3:b0:d1:93:53:3c:df:dd:2b:e7:34:
80:81:1f:72:8b:99:96:f0:41:1e:c8:62:ec:a7:23:e7:0c:94:
4a:68:6f:cc:3c:d7:67:3f:28:3c:3e:d5:2c:49:5e:67:b1:03:
c8:c6:88:eb:20:f4:e5:c8:26:d7:be:b5:b2:cf:ee:ce:bd:4d:
c3:6e:43:a3:6b:04:98:e2:49:55:af:fc:ee:3b:b2:93:be:a8:
c3:55:6f:8e:26:3a:14:4f:50:1f:de:ee:be:0f:ee:bd:83:d2:
c8:7d:99:1e:a2:f9:f8:a1:e2:74:92:c7:23:75:19:e3:c1:ba:
11:31:07:71:9d:16:21:98:a9:aa:19:69:91:33:1b:1d:56:22:
9d:c2:90:aa:90:62:42:b1:fb:9c:6f:fb:db:7c:00:4a:34:51:
51:50:41:39:d8:65:b7:c8:3e:83:5b:2f:5f:d5:b4:0a:6c:12:
35:48:bd:1f:73:db:7e:fe:a1:03:fa:ac:98:90:bb:f2:e3:e8:
fe:4d:9d:07:60:e2:b0:85:d2:b6:43:fc:b3:84:f4:c3:ef:72:
ab:65:1f:75:1e:68:d6:6f:b8:31:0f:f5:85:99:df:ef:6a:ad:
2b:e3:c7:69
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA4kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjU1N0IxMTAvBgNVBAUTKDI4NTNCREExNjM4QzU5OUE4NEMzMDk1MzEwRTY5QkZE
MjYwQUE5NzgwHhcNMjQxMjA1MDExNTA4WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUwZmU5Yy0yM2Y2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxo4p+YNvqDLwUrBMWtMICwfoeBiRMknmvyeYC83PcdXPZDfME7ETZEiJscfi
1IrMHvHhWAlZ1fOdHUwrppGPFY6ac0ABhDryFt/1wuIOdalPmCfoT472ol3d8VCM
8IlFTUUdYRWN8urmt5sISMxrK5lxmxmu9d7vhQomWXco+XHvlKqN7IxWtB6rQsvL
cUVZ5d0rbc1SPrdYtu5FiutRuFJnDg+4VNjvf9IdZ2IKiMqdRJtEtz85LTYi1duM
ytfZ2EpJlyDSBobEcrUDqf4jVMJJWLg7BqNLFNFOZQbaahx2fRzxE7VyHkiKiGoJ
2aOGZM1LNck6lUAGeSluIQV22QIDAQABo4IClTCCApEwHQYDVR0OBBYEFHMOplyF
LrRz5+g4XQ6tMlg5D2I8MB8GA1UdIwQYMBaAFChTvaFjjFmahMMJUxDmm/0mCql4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTU3Qi84REE3MjY0MEMx
RkExMUVDQjMwRUUyMUFDNEY5QUUwMi9LRk85b1dPTVdacUV3d2xURU9hYl9TWUtx
WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tGTzlvV09NV1pxRXd3bFRFT2FiX1NZS3FYZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjU1N0IvOERBNzI2NDBDMUZBMTFFQ0IzMEVFMjFBQzRGOUFFMDIvNDU4QUMyMUE2
ODQxMTFFRUE2NjMyODc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACWgdowDQYJKoZIhvcNAQELBQADggEBAGc+3cv8VHdWf6z2
YZ6+kYgKcaekm5xOXJfTsNGTUzzf3SvnNICBH3KLmZbwQR7IYuynI+cMlEpob8w8
12c/KDw+1SxJXmexA8jGiOsg9OXIJte+tbLP7s69TcNuQ6NrBJjiSVWv/O47spO+
qMNVb44mOhRPUB/e7r4P7r2D0sh9mR6i+fih4nSSxyN1GePBuhExB3GdFiGYqaoZ
aZEzGx1WIp3CkKqQYkKx+5xv+9t8AEo0UVFQQTnYZbfIPoNbL1/VtApsEjVIvR9z
237+oQP6rJiQu/Lj6P5NnQdg4rCF0rZD/LOE9MPvcqtlH3UeaNZvuDEP9YWZ3+9q
rSvjx2k=
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:53:50 2025 by rpki-client