Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4B33/1ACE7D04221E11EF9344A309C4F9AE02/80741B04221F11EF92A42E1AC4F9AE02.roa
File: 80741B04221F11EF92A42E1AC4F9AE02.roa (raw, json)
Hash identifier: tCXmsiS2pZhfyBR2w7/CD7l4+Sf7uzGB1XazUIv4/b4=
Subject key identifier: AA:82:7A:2C:A4:44:F2:89:54:AD:12:94:7F:65:4A:53:E5:C5:67:36
Certificate issuer: /CN=A91B4B33/serialNumber=EF0E4932FC68B752E3428922A93E66ABE31F3431
Certificate serial: 9C
Authority key identifier: EF:0E:49:32:FC:68:B7:52:E3:42:89:22:A9:3E:66:AB:E3:1F:34:31
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/7w5JMvxot1LjQokiqT5mq-MfNDE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B4B33/1ACE7D04221E11EF9344A309C4F9AE02/80741B04221F11EF92A42E1AC4F9AE02.roa
Signing time: Sat 29 Mar 2025 06:01:02 +0000
ROA not before: Sat 29 Mar 2025 06:01:02 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 152588
IP address blocks: 157.20.102.0/24 maxlen: 24
157.20.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156 (0x9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B4B33
Validity
Not Before: Mar 29 06:01:02 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e78c9e-b9ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ad:59:10:15:8d:8a:89:62:fb:ab:c6:b7:94:
6f:bd:86:9a:97:ab:0f:9e:f5:28:01:99:d0:39:74:
e2:76:52:95:f4:76:c5:a7:70:32:0f:87:8c:76:5d:
03:42:2c:ae:97:70:45:86:43:45:d1:82:2c:17:72:
9e:76:05:bc:65:c2:7a:c7:3f:bd:97:95:85:7e:73:
9d:07:09:65:cc:bd:53:b0:fd:e5:73:4c:81:f8:11:
29:fa:b1:60:81:e3:de:7e:7f:11:32:40:0b:af:bb:
f5:5d:68:da:a3:77:5f:a9:38:77:65:25:97:af:40:
49:fa:73:79:78:83:3a:95:8f:6a:3d:d4:94:25:2a:
63:15:a4:71:dd:3c:da:1b:ad:a6:bc:ac:80:cd:92:
64:72:94:06:dc:6e:7c:0c:64:39:eb:66:19:06:1e:
d6:5f:11:b5:75:dc:7d:b1:03:43:c7:7f:6e:db:25:
77:a3:17:14:a7:ae:42:f8:d0:41:a4:1f:ca:d2:db:
1f:ae:23:a1:3e:36:fc:0a:4a:5b:b1:f0:52:e5:3e:
2a:db:bb:a4:04:9a:28:21:36:cf:bf:91:3b:3a:26:
ae:ae:2b:7d:31:15:6a:91:a2:58:a6:77:f9:fc:2b:
21:a7:4a:4c:a3:bb:b6:2f:a0:65:fc:a6:c6:10:7c:
1f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:82:7A:2C:A4:44:F2:89:54:AD:12:94:7F:65:4A:53:E5:C5:67:36
X509v3 Authority Key Identifier:
keyid:EF:0E:49:32:FC:68:B7:52:E3:42:89:22:A9:3E:66:AB:E3:1F:34:31
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B4B33/1ACE7D04221E11EF9344A309C4F9AE02/7w5JMvxot1LjQokiqT5mq-MfNDE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/7w5JMvxot1LjQokiqT5mq-MfNDE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4B33/1ACE7D04221E11EF9344A309C4F9AE02/80741B04221F11EF92A42E1AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.102.0/23
Signature Algorithm: sha256WithRSAEncryption
53:59:71:c6:f3:c3:1c:14:84:62:1a:bc:90:00:aa:bd:f5:4f:
7e:11:a2:d9:93:ce:2f:a0:ee:c8:53:c6:69:b7:a9:96:58:50:
fa:37:32:97:01:3e:97:d8:42:bb:92:52:5a:11:34:af:ae:33:
5a:58:e9:c9:c6:8c:38:02:ab:4d:af:58:50:d8:dd:ae:af:4f:
74:77:23:55:5e:9b:9a:c4:24:32:f4:51:49:89:5b:a3:c4:a9:
80:8a:8c:e2:20:b1:d5:1f:eb:96:4b:e2:a6:97:f7:4a:74:9d:
f7:c9:2c:fc:04:8c:6d:52:a8:09:12:58:61:51:de:5e:0f:ee:
6f:6b:57:02:11:85:97:86:36:7c:9d:1c:9c:aa:1f:c0:04:ad:
e1:1a:29:cc:09:b1:e3:3a:be:af:a7:27:02:0f:93:1c:1c:3c:
f2:76:14:4e:e6:33:d3:64:29:03:93:61:a6:24:9c:26:5e:69:
98:7c:22:ca:79:c5:b1:22:56:69:2a:1d:47:bd:3f:11:35:2e:
30:bc:67:30:4d:58:56:8e:c0:51:68:c9:5e:af:54:96:84:9b:
95:f3:80:53:52:2b:83:24:49:3e:8b:07:f1:79:ea:0c:fc:73:
fe:e1:e9:a9:bb:36:fd:20:cc:8b:a0:74:3f:35:39:38:c0:2b:
72:15:98:b2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAJwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjRCMzMxMTAvBgNVBAUTKEVGMEU0OTMyRkM2OEI3NTJFMzQyODkyMkE5M0U2NkFC
RTMxRjM0MzEwHhcNMjUwMzI5MDYwMTAyWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U3OGM5ZS1iOWZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAua1ZEBWNioli+6vGt5RvvYaal6sPnvUoAZnQOXTidlKV9HbFp3AyD4eMdl0D
Qiyul3BFhkNF0YIsF3KedgW8ZcJ6xz+9l5WFfnOdBwllzL1TsP3lc0yB+BEp+rFg
gePefn8RMkALr7v1XWjao3dfqTh3ZSWXr0BJ+nN5eIM6lY9qPdSUJSpjFaRx3Tza
G62mvKyAzZJkcpQG3G58DGQ562YZBh7WXxG1ddx9sQNDx39u2yV3oxcUp65C+NBB
pB/K0tsfriOhPjb8CkpbsfBS5T4q27ukBJooITbPv5E7Oiaurit9MRVqkaJYpnf5
/Cshp0pMo7u2L6Bl/KbGEHwffQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKqCeiyk
RPKJVK0SlH9lSlPlxWc2MB8GA1UdIwQYMBaAFO8OSTL8aLdS40KJIqk+ZqvjHzQx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNEIzMy8xQUNFN0QwNDIy
MUUxMUVGOTM0NEEzMDlDNEY5QUUwMi83dzVKTXZ4b3QxTGpRb2tpcVQ1bXEtTWZO
REUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzd3NUpNdnhvdDFMalFva2lxVDVtcS1NZk5ERS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjRCMzMvMUFDRTdEMDQyMjFFMTFFRjkzNDRBMzA5QzRGOUFFMDIvODA3NDFCMDQy
MjFGMTFFRjkyQTQyRTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGdFGYwDQYJKoZIhvcNAQELBQADggEBAFNZccbzwxwUhGIa
vJAAqr31T34RotmTzi+g7shTxmm3qZZYUPo3MpcBPpfYQruSUloRNK+uM1pY6cnG
jDgCq02vWFDY3a6vT3R3I1Vem5rEJDL0UUmJW6PEqYCKjOIgsdUf65ZL4qaX90p0
nffJLPwEjG1SqAkSWGFR3l4P7m9rVwIRhZeGNnydHJyqH8AEreEaKcwJseM6vq+n
JwIPkxwcPPJ2FE7mM9NkKQOTYaYknCZeaZh8Isp5xbEiVmkqHUe9PxE1LjC8ZzBN
WFaOwFFoyV6vVJaEm5XzgFNSK4MkST6LB/F56gz8c/7h6am7Nv0gzIugdD81OTjA
K3IVmLI=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:34:18 2025 by rpki-client