Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B758E/DDEC8124D53D11EE8F1E8A85C4F9AE02/675CAE1C097B11F089FAE77FC4F9AE02.roa
File: 675CAE1C097B11F089FAE77FC4F9AE02.roa (raw, json)
Hash identifier: kVfsFUwUwrb1+YlFZkxlvXafQa5nM+gSN0EAtRmVnos=
Subject key identifier: 3A:07:F3:E9:E4:3B:60:89:38:6E:D0:6E:00:8E:E0:D8:32:BC:24:2B
Certificate issuer: /CN=A91B758E/serialNumber=D3BC842802DAD22D5C30C28265F7D108BD478E70
Certificate serial: CC
Authority key identifier: D3:BC:84:28:02:DA:D2:2D:5C:30:C2:82:65:F7:D1:08:BD:47:8E:70
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/07yEKALa0i1cMMKCZffRCL1HjnA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B758E/DDEC8124D53D11EE8F1E8A85C4F9AE02/675CAE1C097B11F089FAE77FC4F9AE02.roa
Signing time: Tue 25 Mar 2025 13:16:47 +0000
ROA not before: Tue 25 Mar 2025 13:16:47 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 152474
IP address blocks: 157.15.229.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 204 (0xcc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B758E
Validity
Not Before: Mar 25 13:16:47 2025 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=67e2acbf-415a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:cb:72:64:95:d8:4b:c7:2a:c5:eb:39:c0:26:
3c:df:55:1d:0c:8c:91:6a:75:8d:96:96:1b:91:04:
f3:26:8b:f0:58:12:c3:e9:26:11:d1:c7:6a:32:36:
53:ab:8b:71:28:3c:78:43:4b:24:9b:a4:28:70:64:
70:3e:18:5b:5f:b1:80:34:11:b6:39:09:44:48:c3:
23:42:c6:78:74:61:98:cd:37:6e:71:ed:9c:31:1a:
f0:06:e3:5c:fb:72:9b:d3:11:33:2e:c1:0b:6c:a8:
cd:d1:02:f5:9d:c1:a1:7f:e3:b5:76:24:a4:db:97:
e7:d7:55:a9:2a:21:fc:b3:6a:04:3b:65:19:35:c8:
db:ff:cf:f9:1b:6e:e9:4e:38:e6:3a:a3:01:a7:a6:
7a:4d:13:63:a8:69:00:da:04:d3:8b:56:2f:9d:b1:
e8:10:8a:a1:92:5f:b5:f1:24:4b:ef:85:a3:55:9e:
26:c3:86:6d:cf:8e:a8:5c:17:e0:0e:4d:29:34:a0:
88:87:5c:6f:e1:47:c1:5f:2e:85:e4:b2:6f:b6:f5:
b6:14:a4:df:a6:84:eb:f9:f1:5c:ff:a8:52:d1:01:
96:a4:cd:b8:d0:75:e4:94:bb:14:3b:74:c0:06:e6:
20:a7:c6:48:2a:ec:16:39:0e:64:7b:7e:51:68:94:
28:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:07:F3:E9:E4:3B:60:89:38:6E:D0:6E:00:8E:E0:D8:32:BC:24:2B
X509v3 Authority Key Identifier:
keyid:D3:BC:84:28:02:DA:D2:2D:5C:30:C2:82:65:F7:D1:08:BD:47:8E:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B758E/DDEC8124D53D11EE8F1E8A85C4F9AE02/07yEKALa0i1cMMKCZffRCL1HjnA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/07yEKALa0i1cMMKCZffRCL1HjnA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B758E/DDEC8124D53D11EE8F1E8A85C4F9AE02/675CAE1C097B11F089FAE77FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.229.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:15:1d:07:5c:86:9a:bf:d0:bf:2e:92:f4:29:e5:c9:21:43:
c9:ea:9a:6a:11:4f:2b:da:c7:55:2b:2a:32:84:7f:d8:a6:54:
bf:13:1d:85:4f:66:d4:02:d2:82:29:5a:63:3e:24:7c:07:47:
de:ac:a5:ea:cb:c3:a8:40:12:0b:a0:cb:a7:9d:32:b8:ad:ab:
56:70:ee:7e:ac:fb:f8:e5:b2:2a:87:45:cc:f9:09:01:52:b5:
18:41:3d:f2:87:2b:41:eb:b1:a2:f3:20:36:60:25:e6:c2:cb:
77:43:d5:89:95:62:05:6a:dc:1f:96:55:ae:e5:cd:af:e3:46:
95:5a:d4:ce:26:4d:d0:8a:62:4c:d9:45:57:fa:ed:de:2f:ea:
bd:96:e9:b1:96:d4:44:08:66:d9:e9:cf:6d:a2:33:05:74:7a:
28:5c:cd:42:2a:8c:f2:9b:e5:ec:ed:c0:c6:a3:2f:ac:8a:79:
70:8c:f1:02:3c:4d:6d:38:5d:0f:64:91:46:f4:e9:b9:a2:e9:
2c:b1:39:ca:73:e9:6d:50:97:a4:a6:62:1a:9e:4e:88:7c:75:
ec:0c:57:ab:17:0b:77:1c:f6:3d:36:91:56:42:63:c1:46:63:
96:7a:b4:72:55:bc:23:57:47:e6:ac:dc:88:2d:5a:47:0e:bf:
6b:f8:b9:1c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjc1OEUxMTAvBgNVBAUTKEQzQkM4NDI4MDJEQUQyMkQ1QzMwQzI4MjY1RjdEMTA4
QkQ0NzhFNzAwHhcNMjUwMzI1MTMxNjQ3WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2UyYWNiZi00MTVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs8tyZJXYS8cqxes5wCY831UdDIyRanWNlpYbkQTzJovwWBLD6SYR0cdqMjZT
q4txKDx4Q0skm6QocGRwPhhbX7GANBG2OQlESMMjQsZ4dGGYzTduce2cMRrwBuNc
+3Kb0xEzLsELbKjN0QL1ncGhf+O1diSk25fn11WpKiH8s2oEO2UZNcjb/8/5G27p
TjjmOqMBp6Z6TRNjqGkA2gTTi1YvnbHoEIqhkl+18SRL74WjVZ4mw4Ztz46oXBfg
Dk0pNKCIh1xv4UfBXy6F5LJvtvW2FKTfpoTr+fFc/6hS0QGWpM240HXklLsUO3TA
BuYgp8ZIKuwWOQ5ke35RaJQozQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDoH8+nk
O2CJOG7QbgCO4NgyvCQrMB8GA1UdIwQYMBaAFNO8hCgC2tItXDDCgmX30Qi9R45w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzU4RS9EREVDODEyNEQ1
M0QxMUVFOEYxRThBODVDNEY5QUUwMi8wN3lFS0FMYTBpMWNNTUtDWmZmUkNMMUhq
bkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzA3eUVLQUxhMGkxY01NS0NaZmZSQ0wxSGpuQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjc1OEUvRERFQzgxMjRENTNEMTFFRThGMUU4QTg1QzRGOUFFMDIvNjc1Q0FFMUMw
OTdCMTFGMDg5RkFFNzdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACdD+UwDQYJKoZIhvcNAQELBQADggEBALIVHQdchpq/0L8u
kvQp5ckhQ8nqmmoRTyvax1UrKjKEf9imVL8THYVPZtQC0oIpWmM+JHwHR96sperL
w6hAEgugy6edMritq1Zw7n6s+/jlsiqHRcz5CQFStRhBPfKHK0HrsaLzIDZgJebC
y3dD1YmVYgVq3B+WVa7lza/jRpVa1M4mTdCKYkzZRVf67d4v6r2W6bGW1EQIZtnp
z22iMwV0eihczUIqjPKb5eztwMajL6yKeXCM8QI8TW04XQ9kkUb06bmi6SyxOcpz
6W1Ql6SmYhqeToh8dewMV6sXC3cc9j02kVZCY8FGY5Z6tHJVvCNXR+as3IgtWkcO
v2v4uRw=
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:29:23 2025 by rpki-client