Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91764E1/6231A02EC67D11EE87027B3AC4F9AE02/0C708FB4C67E11EE87B34958C4F9AE02.roa
File: 0C708FB4C67E11EE87B34958C4F9AE02.roa (raw, json)
Hash identifier: Emtdf6B32dUyriQRU+z92VLtRvSD7HNe+9gqK+EmXtg=
Subject key identifier: D3:59:9E:6B:BA:A6:7A:7A:98:06:E7:46:BA:C0:16:B8:63:45:D9:36
Certificate issuer: /CN=A91764E1/serialNumber=70E88557B0C082C9B06ECF59B8F28A7703A63801
Certificate serial: C6
Authority key identifier: 70:E8:85:57:B0:C0:82:C9:B0:6E:CF:59:B8:F2:8A:77:03:A6:38:01
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cOiFV7DAgsmwbs9ZuPKKdwOmOAE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91764E1/6231A02EC67D11EE87027B3AC4F9AE02/0C708FB4C67E11EE87B34958C4F9AE02.roa
Signing time: Tue 25 Feb 2025 07:08:43 +0000
ROA not before: Tue 25 Feb 2025 07:08:43 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 152456
IP address blocks: 157.15.136.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 198 (0xc6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91764E1
Validity
Not Before: Feb 25 07:08:43 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67bd6c7b-3498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:70:74:76:0f:6e:83:a2:da:f2:d0:a4:e5:05:
25:3d:ec:99:c2:70:6b:55:4d:d5:ca:9c:9d:63:8f:
ac:b3:8d:7c:aa:0f:02:96:be:e5:34:c7:ea:1c:3a:
fa:13:b7:e6:8c:1e:10:60:64:5b:11:69:da:24:0f:
3d:cb:7d:50:f3:fb:01:ad:c4:23:50:fb:b6:a4:3b:
59:8b:b6:c3:02:99:36:de:7e:c4:f0:6c:6f:e3:09:
a8:7a:e5:8c:2e:1f:5e:a1:65:b3:0c:3d:11:8b:47:
fb:53:32:da:2d:9b:98:97:7c:dc:ff:7e:4b:89:2f:
29:63:1a:bc:9f:14:0c:0c:40:d4:2b:71:7f:04:62:
ad:d5:97:3d:28:97:cb:de:ba:cb:b2:46:d3:e2:0e:
01:83:06:1a:8f:4d:c0:fe:cb:de:2b:f2:fb:07:cf:
6c:32:e6:f9:2e:3c:ca:7b:63:ae:06:c5:ea:03:2e:
15:95:28:90:03:14:b8:d7:51:47:0a:37:88:01:d0:
6e:fb:7f:a3:9f:11:4f:7a:56:28:04:fd:d0:e5:b5:
6d:31:6c:ae:7d:27:32:26:1a:21:df:0c:89:26:6b:
f4:b5:48:fd:34:95:a0:23:c7:dc:8e:4f:41:d4:89:
3a:7a:68:14:9d:63:f7:a2:1c:3a:0e:61:08:2a:b3:
c7:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:59:9E:6B:BA:A6:7A:7A:98:06:E7:46:BA:C0:16:B8:63:45:D9:36
X509v3 Authority Key Identifier:
keyid:70:E8:85:57:B0:C0:82:C9:B0:6E:CF:59:B8:F2:8A:77:03:A6:38:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91764E1/6231A02EC67D11EE87027B3AC4F9AE02/cOiFV7DAgsmwbs9ZuPKKdwOmOAE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cOiFV7DAgsmwbs9ZuPKKdwOmOAE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91764E1/6231A02EC67D11EE87027B3AC4F9AE02/0C708FB4C67E11EE87B34958C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.136.0/23
Signature Algorithm: sha256WithRSAEncryption
cc:17:ed:41:9b:0d:30:4f:73:a9:b0:83:66:5f:c5:25:1f:6d:
c2:f1:68:bf:df:7b:1a:df:86:d1:c7:e5:ea:87:f8:fa:99:a0:
c3:dc:f2:4e:78:d9:65:33:80:e3:d7:48:32:2b:66:85:6f:5c:
d9:56:dd:1a:66:ce:86:f0:8c:08:9b:72:f2:b1:9f:7f:5b:81:
a0:75:82:35:78:7f:e6:c8:72:48:75:fb:3e:c3:d8:5b:a9:1d:
d5:4b:13:b5:1d:1c:ad:1e:f3:8c:72:33:7c:b8:8f:1f:6a:66:
a0:69:3a:a9:8e:fa:9c:dd:30:8d:e3:d7:43:33:6c:66:3c:53:
6c:29:2b:16:6a:d3:c2:4f:2b:0e:15:36:40:2f:06:50:22:ba:
c8:c4:52:09:62:17:56:70:b3:50:4e:ec:a5:6f:30:02:af:8f:
16:f9:32:81:de:57:d2:61:6a:30:94:a0:c9:61:84:54:2c:de:
1d:45:e5:3f:92:6e:64:aa:b0:5f:87:71:70:ad:15:8c:99:f9:
27:a5:ad:2e:0e:b1:f1:cd:c0:7f:95:9a:2c:a4:e5:38:e9:60:
b0:1f:a6:bc:ba:c5:68:25:d6:cc:a6:b7:9f:cf:71:ef:97:4d:
e7:3e:c3:6b:21:5d:94:42:0f:16:e2:67:3d:ec:ff:fb:1c:4e:
5a:a2:46:cd
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzY0RTExMTAvBgNVBAUTKDcwRTg4NTU3QjBDMDgyQzlCMDZFQ0Y1OUI4RjI4QTc3
MDNBNjM4MDEwHhcNMjUwMjI1MDcwODQzWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2JkNmM3Yi0zNDk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA13B0dg9ug6La8tCk5QUlPeyZwnBrVU3VypydY4+ss418qg8Clr7lNMfqHDr6
E7fmjB4QYGRbEWnaJA89y31Q8/sBrcQjUPu2pDtZi7bDApk23n7E8Gxv4wmoeuWM
Lh9eoWWzDD0Ri0f7UzLaLZuYl3zc/35LiS8pYxq8nxQMDEDUK3F/BGKt1Zc9KJfL
3rrLskbT4g4BgwYaj03A/sveK/L7B89sMub5LjzKe2OuBsXqAy4VlSiQAxS411FH
CjeIAdBu+3+jnxFPelYoBP3Q5bVtMWyufScyJhoh3wyJJmv0tUj9NJWgI8fcjk9B
1Ik6emgUnWP3ohw6DmEIKrPHuwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNNZnmu6
pnp6mAbnRrrAFrhjRdk2MB8GA1UdIwQYMBaAFHDohVewwILJsG7PWbjyincDpjgB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NjRFMS82MjMxQTAyRUM2
N0QxMUVFODcwMjdCM0FDNEY5QUUwMi9jT2lGVjdEQWdzbXdiczladVBLS2R3T21P
QUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2NPaUZWN0RBZ3Ntd2JzOVp1UEtLZHdPbU9BRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzY0RTEvNjIzMUEwMkVDNjdEMTFFRTg3MDI3QjNBQzRGOUFFMDIvMEM3MDhGQjRD
NjdFMTFFRTg3QjM0OTU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGdD4gwDQYJKoZIhvcNAQELBQADggEBAMwX7UGbDTBPc6mw
g2ZfxSUfbcLxaL/fexrfhtHH5eqH+PqZoMPc8k542WUzgOPXSDIrZoVvXNlW3Rpm
zobwjAibcvKxn39bgaB1gjV4f+bIckh1+z7D2FupHdVLE7UdHK0e84xyM3y4jx9q
ZqBpOqmO+pzdMI3j10MzbGY8U2wpKxZq08JPKw4VNkAvBlAiusjEUgliF1Zws1BO
7KVvMAKvjxb5MoHeV9JhajCUoMlhhFQs3h1F5T+SbmSqsF+HcXCtFYyZ+SelrS4O
sfHNwH+Vmiyk5TjpYLAfpry6xWgl1symt5/Pce+XTec+w2shXZRCDxbiZz3s//sc
TlqiRs0=
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:00:47 2025 by rpki-client