Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC068/D77B9D66D5C411EE89C1970DC4F9AE02/4DDA8A18D5DD11EEA5B1C711C4F9AE02.roa
File: 4DDA8A18D5DD11EEA5B1C711C4F9AE02.roa (raw, json)
Hash identifier: FHRlsB48eK0jdLR0VwZXrRd3F+Rj548sH8y8zKsy5+s=
Subject key identifier: 11:9E:D9:82:71:F5:21:F2:AD:03:BF:49:11:D6:97:F4:75:51:EB:AC
Certificate issuer: /CN=A91DC068/serialNumber=8B1A8065BE88AA6C1BA3FEDB54E087E7D2ADB4DE
Certificate serial: CA
Authority key identifier: 8B:1A:80:65:BE:88:AA:6C:1B:A3:FE:DB:54:E0:87:E7:D2:AD:B4:DE
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ixqAZb6Iqmwbo_7bVOCH59KttN4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DC068/D77B9D66D5C411EE89C1970DC4F9AE02/4DDA8A18D5DD11EEA5B1C711C4F9AE02.roa
Signing time: Mon 17 Mar 2025 04:50:57 +0000
ROA not before: Mon 17 Mar 2025 04:50:57 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 152590
IP address blocks: 157.20.112.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 202 (0xca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DC068
Validity
Not Before: Mar 17 04:50:57 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67d7aa31-7879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:09:35:fc:8a:f1:1e:af:76:d3:c5:b0:2a:29:
99:be:d4:76:48:0a:d6:74:e1:e5:f9:0a:13:d6:8d:
77:d6:e5:c0:a5:ae:80:4b:32:c2:af:72:b1:ec:82:
b7:91:6d:00:0a:2d:36:cd:06:29:6f:34:6a:96:bd:
fa:5e:55:72:82:59:1d:43:41:ba:24:6a:7c:4c:fc:
c8:c8:88:d1:36:d9:f1:bf:00:ae:11:be:1c:80:38:
5f:20:9b:42:c8:81:b2:ce:a8:6b:37:43:93:de:10:
cc:67:34:35:d4:0c:42:aa:76:51:4e:3a:2b:62:8d:
97:cb:d9:bf:89:9c:8f:29:a4:00:5b:d9:5c:44:d4:
4d:99:91:4c:83:0c:3c:de:7e:f0:0a:8b:57:8b:ee:
a1:3c:08:b7:61:f9:6d:1c:e3:97:c9:68:72:fd:1a:
4e:23:50:0b:37:83:a4:9e:38:8e:b2:40:d2:41:7e:
7c:b7:b7:61:30:36:b2:e2:56:05:a1:40:62:3d:e9:
5b:82:83:c7:e4:49:71:19:07:7b:5b:3a:10:cc:8f:
d7:1d:92:a6:a3:a9:b1:e9:dc:78:9d:ab:ec:94:37:
e4:54:0c:63:1e:8a:ba:0b:5a:9f:bf:35:fe:03:f6:
47:d3:40:f5:15:dd:5e:62:55:cd:af:ed:87:bd:86:
05:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:9E:D9:82:71:F5:21:F2:AD:03:BF:49:11:D6:97:F4:75:51:EB:AC
X509v3 Authority Key Identifier:
keyid:8B:1A:80:65:BE:88:AA:6C:1B:A3:FE:DB:54:E0:87:E7:D2:AD:B4:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DC068/D77B9D66D5C411EE89C1970DC4F9AE02/ixqAZb6Iqmwbo_7bVOCH59KttN4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ixqAZb6Iqmwbo_7bVOCH59KttN4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC068/D77B9D66D5C411EE89C1970DC4F9AE02/4DDA8A18D5DD11EEA5B1C711C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.112.0/23
Signature Algorithm: sha256WithRSAEncryption
df:eb:db:ec:45:8c:aa:05:26:a6:9a:5e:d1:12:98:ba:fc:d8:
ec:dc:78:d8:e7:05:a8:18:46:3c:64:b4:7d:d3:90:b3:e3:0b:
76:1c:13:b4:3e:e6:ba:61:70:aa:55:32:16:67:68:7e:80:6f:
12:8d:f0:b7:d9:91:a9:70:dd:7c:67:d6:4a:c0:a5:82:ef:20:
65:f1:72:c1:cc:b4:67:19:f2:1d:eb:8f:a6:82:6c:94:84:eb:
08:ae:f4:b3:be:a5:64:c1:28:54:cc:c8:4c:1d:e6:2f:db:a8:
4d:79:7c:f7:ee:35:6c:93:1c:1b:e7:e5:bd:2b:c3:5c:0e:e7:
35:61:2c:b6:b9:99:9b:0c:9d:c4:b4:31:82:b6:99:2e:e1:7d:
b9:31:8a:d5:89:c0:05:48:24:c7:ff:40:05:17:b9:82:79:7d:
02:6b:ed:8b:47:14:df:5f:ff:a9:0e:92:70:ab:d8:4e:a2:2d:
51:1f:2e:0a:80:5b:22:6c:ab:9e:bb:9a:6a:ef:cb:8b:42:e4:
c4:d8:b2:7c:a4:38:48:db:01:2c:bd:74:04:db:31:e7:28:c8:
40:0d:6a:c1:ca:ef:52:cc:1b:4d:92:e7:23:20:7b:05:7f:50:
89:01:c2:c2:f6:52:22:25:fa:6f:7f:85:b6:16:fb:b9:54:e4:
fe:12:35:c2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REMwNjgxMTAvBgNVBAUTKDhCMUE4MDY1QkU4OEFBNkMxQkEzRkVEQjU0RTA4N0U3
RDJBREI0REUwHhcNMjUwMzE3MDQ1MDU3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q3YWEzMS03ODc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2wk1/IrxHq9208WwKimZvtR2SArWdOHl+QoT1o131uXApa6ASzLCr3Kx7IK3
kW0ACi02zQYpbzRqlr36XlVyglkdQ0G6JGp8TPzIyIjRNtnxvwCuEb4cgDhfIJtC
yIGyzqhrN0OT3hDMZzQ11AxCqnZRTjorYo2Xy9m/iZyPKaQAW9lcRNRNmZFMgww8
3n7wCotXi+6hPAi3YfltHOOXyWhy/RpOI1ALN4OknjiOskDSQX58t7dhMDay4lYF
oUBiPelbgoPH5ElxGQd7WzoQzI/XHZKmo6mx6dx4navslDfkVAxjHoq6C1qfvzX+
A/ZH00D1Fd1eYlXNr+2HvYYF8QIDAQABo4IClTCCApEwHQYDVR0OBBYEFBGe2YJx
9SHyrQO/SRHWl/R1UeusMB8GA1UdIwQYMBaAFIsagGW+iKpsG6P+21Tgh+fSrbTe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzA2OC9ENzdCOUQ2NkQ1
QzQxMUVFODlDMTk3MERDNEY5QUUwMi9peHFBWmI2SXFtd2JvXzdiVk9DSDU5S3R0
TjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2l4cUFaYjZJcW13Ym9fN2JWT0NINTlLdHRONC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REMwNjgvRDc3QjlENjZENUM0MTFFRTg5QzE5NzBEQzRGOUFFMDIvNEREQThBMThE
NUREMTFFRUE1QjFDNzExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGdFHAwDQYJKoZIhvcNAQELBQADggEBAN/r2+xFjKoFJqaa
XtESmLr82OzceNjnBagYRjxktH3TkLPjC3YcE7Q+5rphcKpVMhZnaH6AbxKN8LfZ
kalw3Xxn1krApYLvIGXxcsHMtGcZ8h3rj6aCbJSE6wiu9LO+pWTBKFTMyEwd5i/b
qE15fPfuNWyTHBvn5b0rw1wO5zVhLLa5mZsMncS0MYK2mS7hfbkxitWJwAVIJMf/
QAUXuYJ5fQJr7YtHFN9f/6kOknCr2E6iLVEfLgqAWyJsq567mmrvy4tC5MTYsnyk
OEjbASy9dATbMecoyEANasHK71LMG02S5yMgewV/UIkBwsL2UiIl+m9/hbYW+7lU
5P4SNcI=
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:06:42 2025 by rpki-client