Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/CE76D260A87511EF9905FE0AC4F9AE02.roa
File: CE76D260A87511EF9905FE0AC4F9AE02.roa (raw, json)
Hash identifier: tGEoFkiXMLumjcPasdz8HDEODb7x2c52WKCkbtcgdNk=
Subject key identifier: 0B:1C:5A:DD:58:72:71:8C:59:26:FD:8A:FD:8C:CD:EA:6B:49:5F:0D
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 054B
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/CE76D260A87511EF9905FE0AC4F9AE02.roa
Signing time: Fri 28 Feb 2025 04:16:05 +0000
ROA not before: Fri 28 Feb 2025 04:16:05 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 150820
IP address blocks: 157.15.38.0/23 maxlen: 23
157.20.62.0/23 maxlen: 23
157.66.252.0/23 maxlen: 23
160.22.172.0/23 maxlen: 23
160.22.174.0/23 maxlen: 23
160.30.190.0/23 maxlen: 23
160.187.120.0/23 maxlen: 23
160.191.176.0/23 maxlen: 23
160.191.240.0/23 maxlen: 23
160.250.46.0/23 maxlen: 23
161.248.208.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1355 (0x54b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Feb 28 04:16:05 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67c13885-b290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:12:07:be:1c:f6:7d:7d:4b:d1:e0:03:20:02:
e9:bf:26:41:5d:72:06:ff:e8:30:3d:e5:13:bb:2b:
17:c0:11:34:2b:40:f1:b4:c6:ed:31:20:3e:ff:d7:
5e:bc:97:91:c5:b6:11:0b:5f:1f:86:b7:25:8f:33:
b7:d3:5c:fa:61:c2:85:a8:dd:7e:b9:17:3f:8a:4b:
63:97:ac:d1:23:f7:c4:15:47:3d:30:6b:73:2c:8c:
e4:f0:57:7c:c2:05:d6:63:98:2a:98:59:37:d3:2b:
0b:5f:44:0a:4a:c1:a3:c5:07:fb:28:c4:b7:5c:28:
c4:e8:89:fd:ef:4f:8e:20:61:20:c8:89:69:27:00:
d8:a0:90:7a:c1:42:98:84:c1:d7:6d:2d:49:82:29:
a2:a5:cf:bd:e8:fa:cc:90:0b:2f:6f:34:17:64:94:
16:60:34:aa:98:62:6d:83:be:8a:b7:ba:50:f4:71:
de:59:d3:6b:dd:f1:92:e2:5c:55:20:5f:db:e3:7b:
ad:56:10:87:9a:4b:b2:61:03:09:e3:41:85:85:44:
c2:98:08:00:24:f2:bb:41:96:28:e2:79:fc:99:08:
33:ba:ee:e4:5f:9b:2c:64:7a:fa:46:e1:64:5f:44:
84:e4:c7:e7:81:02:41:9b:7c:fb:94:5b:98:fa:53:
d8:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:1C:5A:DD:58:72:71:8C:59:26:FD:8A:FD:8C:CD:EA:6B:49:5F:0D
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/CE76D260A87511EF9905FE0AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.38.0/23
157.20.62.0/23
157.66.252.0/23
160.22.172.0/22
160.30.190.0/23
160.187.120.0/23
160.191.176.0/23
160.191.240.0/23
160.250.46.0/23
161.248.208.0/23
Signature Algorithm: sha256WithRSAEncryption
48:de:20:1b:fa:8a:be:ce:10:e1:45:7f:57:3c:11:6a:ff:9a:
0a:1c:5d:a7:e4:40:75:26:ab:4e:3c:8f:80:3b:43:5c:d2:54:
da:d4:e5:4a:ca:c9:46:03:cd:80:ad:28:43:ba:ae:33:f6:7d:
77:0a:72:e1:cc:58:7c:85:dc:8e:82:b2:3c:8d:e2:cf:a5:bb:
40:52:10:fc:93:d3:63:fb:7d:e5:89:68:be:66:8b:74:64:fd:
06:43:5e:f4:d5:1f:8b:40:34:2f:c7:ca:6b:d8:70:85:4c:b3:
9a:3f:2c:5b:36:48:5d:20:e1:ec:21:0b:f5:1f:58:bd:a8:7b:
4f:a7:0e:43:06:23:57:50:e1:38:26:aa:43:dc:a9:a5:b0:86:
58:d6:d1:53:0b:fd:ed:ad:a4:2a:d8:6a:8e:69:f2:e1:7c:07:
36:27:a5:df:8a:b2:dc:78:72:fc:4e:54:0d:84:0b:1a:c8:00:
40:db:c0:60:ca:c1:ee:9a:af:b5:58:55:7f:84:c5:6f:ec:85:
4b:d1:b6:58:8a:2c:96:3f:15:6c:03:90:83:4a:b1:d3:0b:36:
d2:4e:85:7c:72:a8:28:a4:c9:60:c2:33:39:60:f6:09:27:a5:
5f:1f:34:fc:12:47:4f:97:7c:81:71:ef:50:cd:97:bf:e6:7f:
70:94:0c:94
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgICBUswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjUwMjI4MDQxNjA1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MxMzg4NS1iMjkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyxIHvhz2fX1L0eADIALpvyZBXXIG/+gwPeUTuysXwBE0K0DxtMbtMSA+/9de
vJeRxbYRC18fhrcljzO301z6YcKFqN1+uRc/iktjl6zRI/fEFUc9MGtzLIzk8Fd8
wgXWY5gqmFk30ysLX0QKSsGjxQf7KMS3XCjE6In970+OIGEgyIlpJwDYoJB6wUKY
hMHXbS1Jgimipc+96PrMkAsvbzQXZJQWYDSqmGJtg76Kt7pQ9HHeWdNr3fGS4lxV
IF/b43utVhCHmkuyYQMJ40GFhUTCmAgAJPK7QZYo4nn8mQgzuu7kX5ssZHr6RuFk
X0SE5MfngQJBm3z7lFuY+lPYrQIDAQABo4ICyzCCAscwHQYDVR0OBBYEFAscWt1Y
cnGMWSb9iv2MzeprSV8NMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvQ0U3NkQyNjBB
ODc1MTFFRjk5MDVGRTBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E
RjBEMEIEAgABMDwDBAGdDyYDBAGdFD4DBAGdQvwDBAKgFqwDBAGgHr4DBAGgu3gD
BAGgv7ADBAGgv/ADBAGg+i4DBAGh+NAwDQYJKoZIhvcNAQELBQADggEBAEjeIBv6
ir7OEOFFf1c8EWr/mgocXafkQHUmq048j4A7Q1zSVNrU5UrKyUYDzYCtKEO6rjP2
fXcKcuHMWHyF3I6CsjyN4s+lu0BSEPyT02P7feWJaL5mi3Rk/QZDXvTVH4tANC/H
ymvYcIVMs5o/LFs2SF0g4ewhC/UfWL2oe0+nDkMGI1dQ4TgmqkPcqaWwhljW0VML
/e2tpCrYao5p8uF8BzYnpd+Kstx4cvxOVA2ECxrIAEDbwGDKwe6ar7VYVX+ExW/s
hUvRtliKLJY/FWwDkINKsdMLNtJOhXxyqCikyWDCMzlg9gknpV8fNPwSR0+XfIFx
71DNl7/mf3CUDJQ=
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:32:15 2025 by rpki-client