Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/EED3285ADDB011EE9A15F138C4F9AE02.roa
File: EED3285ADDB011EE9A15F138C4F9AE02.roa (raw, json)
Hash identifier: glVqgYmU5VTUmGyBrCyuQ/Dz7kV5YVD+GrKYUN6x+qQ=
Subject key identifier: 10:AD:45:FB:DA:26:CD:C1:3E:3B:BC:45:1C:FC:44:B2:CF:80:35:69
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 04D1
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/EED3285ADDB011EE9A15F138C4F9AE02.roa
Signing time: Mon 06 Jan 2025 09:45:21 +0000
ROA not before: Mon 06 Jan 2025 09:45:21 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 135983
IP address blocks: 157.15.86.0/23 maxlen: 23
157.66.80.0/23 maxlen: 24
160.187.240.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1233 (0x4d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Jan 6 09:45:21 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=677ba631-e088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:12:f9:f5:d6:f4:af:b7:ee:f0:6b:e4:5e:a7:
67:9f:5c:fc:76:75:e2:dd:34:ca:e4:c6:0a:c6:ed:
d8:a1:9f:af:5f:4c:45:df:a2:e2:5a:c8:4e:9f:b8:
33:2d:1c:be:6e:69:16:bf:c1:ab:e4:73:a9:1d:bd:
6f:4c:23:bd:60:ba:5b:f3:be:70:18:5b:1b:2a:88:
ab:de:56:cf:d1:69:b5:2f:18:28:ff:8b:a5:09:ca:
d9:21:e2:3a:ff:7c:aa:bd:16:40:e7:94:d8:33:85:
21:e0:f6:68:bc:4c:9c:69:c7:cf:c4:5f:98:35:1a:
6c:5e:a6:e5:17:0e:f1:0e:54:db:40:65:98:04:97:
77:84:a7:24:1a:e6:93:6e:56:97:3e:7e:0c:c6:25:
48:39:3f:36:8c:cc:0e:6d:7e:23:7a:95:bc:57:02:
41:ee:9d:5f:3f:55:7f:fa:7b:cd:95:b2:bf:9b:ab:
e5:a3:c2:21:f1:7b:02:8a:49:29:9b:3c:27:8e:dc:
06:e1:99:9e:0c:25:8d:de:19:ff:c1:ac:ee:45:08:
75:f1:5e:27:a0:d2:8c:14:f2:3b:52:29:46:4d:8c:
7f:60:c0:d8:0f:86:96:11:36:c9:9f:49:79:6e:13:
ea:96:38:9d:18:09:b6:e9:58:3e:00:a3:48:5f:2d:
be:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:AD:45:FB:DA:26:CD:C1:3E:3B:BC:45:1C:FC:44:B2:CF:80:35:69
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/EED3285ADDB011EE9A15F138C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.86.0/23
157.66.80.0/23
160.187.240.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:38:c6:df:4d:aa:cc:23:e6:d3:a6:5d:5a:24:8b:0d:24:ed:
dc:79:21:41:6f:61:50:b5:b8:0b:22:7e:fd:33:6b:f1:b5:9a:
a6:36:f8:06:5f:0c:b7:a3:3f:79:9c:61:10:f4:2f:d1:fe:05:
fb:0a:8b:15:45:aa:e3:77:5b:4f:c1:b8:6f:66:dd:49:38:65:
54:a2:b9:a1:a4:25:dc:dd:c8:08:c3:0a:42:d6:5d:b2:99:b4:
15:c5:75:d0:5f:14:d0:6e:af:84:83:ce:e1:6c:2f:8f:d7:a5:
33:3f:9f:5f:eb:40:02:61:90:ea:25:5c:d5:44:87:fc:3a:17:
de:da:f3:c1:31:81:03:ca:0c:dd:36:2d:cf:0b:07:2e:8a:f3:
2e:48:ee:19:6c:d6:ee:12:06:00:d5:d1:ad:f2:b6:29:d7:18:
3b:c5:9d:10:3c:b8:13:d7:60:6c:f6:c6:fc:d9:04:30:7a:9d:
95:d2:a3:5f:c1:99:0d:5b:52:d1:a1:14:42:d9:4c:05:6c:af:
8f:ff:a7:5e:7c:7a:5a:87:0e:3c:35:e8:12:53:fe:18:22:4c:
17:49:d0:ad:fe:f7:86:b0:8b:f6:b6:54:05:a2:39:ac:48:77:
1a:7d:0b:90:69:a9:b1:3f:f5:c4:31:51:ad:69:7b:67:59:fe:
1d:e2:43:1b
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBNEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjUwMTA2MDk0NTIxWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdiYTYzMS1lMDg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuRL59db0r7fu8GvkXqdnn1z8dnXi3TTK5MYKxu3YoZ+vX0xF36LiWshOn7gz
LRy+bmkWv8Gr5HOpHb1vTCO9YLpb875wGFsbKoir3lbP0Wm1Lxgo/4ulCcrZIeI6
/3yqvRZA55TYM4Uh4PZovEycacfPxF+YNRpsXqblFw7xDlTbQGWYBJd3hKckGuaT
blaXPn4MxiVIOT82jMwObX4jepW8VwJB7p1fP1V/+nvNlbK/m6vlo8Ih8XsCikkp
mzwnjtwG4ZmeDCWN3hn/wazuRQh18V4noNKMFPI7UilGTYx/YMDYD4aWETbJn0l5
bhPqljidGAm26Vg+AKNIXy2+EwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFBCtRfva
Js3BPju8RRz8RLLPgDVpMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvRUVEMzI4NUFE
REIwMTFFRTlBMTVGMTM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAGdD1YDBAGdQlADBAGgu/AwDQYJKoZIhvcNAQELBQADggEB
AI44xt9Nqswj5tOmXVokiw0k7dx5IUFvYVC1uAsifv0za/G1mqY2+AZfDLejP3mc
YRD0L9H+BfsKixVFquN3W0/BuG9m3Uk4ZVSiuaGkJdzdyAjDCkLWXbKZtBXFddBf
FNBur4SDzuFsL4/XpTM/n1/rQAJhkOolXNVEh/w6F97a88ExgQPKDN02Lc8LBy6K
8y5I7hls1u4SBgDV0a3ytinXGDvFnRA8uBPXYGz2xvzZBDB6nZXSo1/BmQ1bUtGh
FELZTAVsr4//p158elqHDjw16BJT/hgiTBdJ0K3+94awi/a2VAWiOaxIdxp9C5Bp
qbE/9cQxUa1pe2dZ/h3iQxs=
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:43:27 2025 by rpki-client