Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/62F01F00DE2C11EFBA66667AC4F9AE02.roa
File: 62F01F00DE2C11EFBA66667AC4F9AE02.roa (raw, json)
Hash identifier: OQK+FAuYqyPIe+y+agAZWuT5GDNpPlpXOUSZPUlQx4o=
Subject key identifier: 9C:F0:DE:97:5C:8A:35:BE:20:67:DF:57:59:27:9B:1C:80:A7:73:05
Certificate issuer: /CN=A91C167F/serialNumber=C7338DF1B768C05074CDAED0FDB1A4C14ADFB8B5
Certificate serial: EC
Authority key identifier: C7:33:8D:F1:B7:68:C0:50:74:CD:AE:D0:FD:B1:A4:C1:4A:DF:B8:B5
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xzON8bdowFB0za7Q_bGkwUrfuLU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/62F01F00DE2C11EFBA66667AC4F9AE02.roa
Signing time: Wed 29 Jan 2025 10:33:46 +0000
ROA not before: Wed 29 Jan 2025 10:33:46 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 152462
IP address blocks: 157.15.134.0/23 maxlen: 23
157.15.134.0/24 maxlen: 24
157.15.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 236 (0xec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C167F
Validity
Not Before: Jan 29 10:33:46 2025 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=679a040a-7441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0f:a0:47:a8:9c:bb:03:e1:15:70:5d:fb:25:
a8:ef:35:c6:85:31:bc:36:1a:b0:f9:fc:15:1f:d7:
4c:11:17:43:3e:77:49:1e:9e:4d:7d:2e:cf:99:08:
6f:88:ac:a4:ec:36:a6:68:3f:06:fb:5b:52:85:9f:
95:39:eb:72:4c:b6:59:29:d3:80:94:04:fe:26:24:
39:7d:95:5c:39:8b:21:27:26:ff:0d:f7:de:b1:5a:
7a:5c:c8:d2:27:21:00:65:fd:90:1c:8d:c3:92:fe:
2e:54:25:33:35:37:05:ba:1b:50:af:c1:19:a2:0b:
65:c4:2b:21:b6:89:94:24:01:00:1b:37:9f:ae:09:
fb:bc:eb:06:ea:b8:82:a6:0a:9d:ac:df:cc:f6:bc:
18:41:f5:c6:a8:df:0b:8c:e3:48:b7:f4:e0:0a:88:
96:01:94:cc:41:9c:f4:34:a1:fe:bb:d7:75:0f:5b:
a1:0a:20:39:f6:97:c5:48:58:49:75:a6:75:aa:ca:
32:54:ac:1f:c1:c8:c7:b4:db:96:99:e1:7d:e1:80:
73:2a:70:5f:ee:e2:0e:66:e8:64:8a:b5:3b:a3:4f:
7c:8d:b7:8e:e0:30:70:cc:5f:d3:e3:d3:7a:db:8a:
d3:e9:d3:75:18:aa:ec:61:b8:05:d0:8d:d6:ed:6a:
3a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:F0:DE:97:5C:8A:35:BE:20:67:DF:57:59:27:9B:1C:80:A7:73:05
X509v3 Authority Key Identifier:
keyid:C7:33:8D:F1:B7:68:C0:50:74:CD:AE:D0:FD:B1:A4:C1:4A:DF:B8:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/xzON8bdowFB0za7Q_bGkwUrfuLU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xzON8bdowFB0za7Q_bGkwUrfuLU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/62F01F00DE2C11EFBA66667AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.134.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:b7:9b:4c:6b:e6:91:28:2a:17:d2:03:10:37:fe:61:38:4c:
f2:f2:96:0b:12:00:b8:36:f6:0a:83:36:b3:b8:1c:dd:74:b7:
57:5d:1c:95:5f:6f:43:af:59:82:ee:ad:83:c9:33:2e:22:37:
13:45:11:9d:4b:7a:d1:9a:a8:88:55:b6:dd:81:2f:ec:5d:a3:
a5:cc:9e:7a:15:18:a1:78:28:1a:a5:45:bf:08:4e:93:e9:3e:
d5:30:01:31:03:4b:95:18:d4:c5:9f:a1:2a:93:db:1c:14:70:
ff:c8:58:7d:8b:07:2b:41:cc:04:53:18:e0:1d:3b:8d:f6:e6:
9c:24:9d:be:cc:db:bd:b7:39:24:d3:dd:ad:4d:e5:89:65:f1:
d8:ed:64:9d:5f:f3:7d:6e:53:0b:d3:57:42:cb:f7:27:08:4f:
14:87:7c:76:93:cc:98:11:88:5c:7e:ca:58:15:d3:2c:8b:23:
a1:72:f0:9b:6c:67:d7:6a:71:47:14:7d:48:bb:4c:7e:67:17:
e0:fa:3e:48:a0:43:cd:f6:20:cd:39:c3:08:2c:c3:2e:bc:30:
99:94:ca:f7:46:50:c4:72:ff:a8:b8:e1:6f:df:04:89:58:79:
76:0f:28:41:6f:57:84:95:aa:3a:86:05:a7:82:b7:96:42:76:
47:30:2c:a5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAOwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzE2N0YxMTAvBgNVBAUTKEM3MzM4REYxQjc2OEMwNTA3NENEQUVEMEZEQjFBNEMx
NEFERkI4QjUwHhcNMjUwMTI5MTAzMzQ2WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzlhMDQwYS03NDQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsg+gR6icuwPhFXBd+yWo7zXGhTG8Nhqw+fwVH9dMERdDPndJHp5NfS7PmQhv
iKyk7DamaD8G+1tShZ+VOetyTLZZKdOAlAT+JiQ5fZVcOYshJyb/DffesVp6XMjS
JyEAZf2QHI3Dkv4uVCUzNTcFuhtQr8EZogtlxCshtomUJAEAGzefrgn7vOsG6riC
pgqdrN/M9rwYQfXGqN8LjONIt/TgCoiWAZTMQZz0NKH+u9d1D1uhCiA59pfFSFhJ
daZ1qsoyVKwfwcjHtNuWmeF94YBzKnBf7uIOZuhkirU7o098jbeO4DBwzF/T49N6
24rT6dN1GKrsYbgF0I3W7Wo6bwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJzw3pdc
ijW+IGffV1knmxyAp3MFMB8GA1UdIwQYMBaAFMczjfG3aMBQdM2u0P2xpMFK37i1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMTY3Ri80QUFCN0JDQUM0
N0QxMUVFOUZDN0M4MEZDNEY5QUUwMi94ek9OOGJkb3dGQjB6YTdRX2JHa3dVcmZ1
TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3h6T044YmRvd0ZCMHphN1FfYkdrd1VyZnVMVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzE2N0YvNEFBQjdCQ0FDNDdEMTFFRTlGQzdDODBGQzRGOUFFMDIvNjJGMDFGMDBE
RTJDMTFFRkJBNjY2NjdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGdD4YwDQYJKoZIhvcNAQELBQADggEBABu3m0xr5pEoKhfS
AxA3/mE4TPLylgsSALg29gqDNrO4HN10t1ddHJVfb0OvWYLurYPJMy4iNxNFEZ1L
etGaqIhVtt2BL+xdo6XMnnoVGKF4KBqlRb8ITpPpPtUwATEDS5UY1MWfoSqT2xwU
cP/IWH2LBytBzARTGOAdO4325pwknb7M2723OSTT3a1N5Yll8djtZJ1f831uUwvT
V0LL9ycITxSHfHaTzJgRiFx+ylgV0yyLI6Fy8JtsZ9dqcUcUfUi7TH5nF+D6Pkig
Q832IM05wwgswy68MJmUyvdGUMRy/6i44W/fBIlYeXYPKEFvV4SVqjqGBaeCt5ZC
dkcwLKU=
-----END CERTIFICATE-----
Generated at Fri Apr 11 12:47:52 2025 by rpki-client