Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/5FA1BF8802DD11EE86865A23C4F9AE02.roa
File: 5FA1BF8802DD11EE86865A23C4F9AE02.roa (raw, json)
Hash identifier: 7u5yHhUW0tmFUgtQda0G1m191zC3pVBVWPeiM8HQpSA=
Subject key identifier: BE:09:30:6D:82:60:84:E0:4D:99:5D:25:5A:0F:12:0B:C6:14:73:F9
Certificate issuer: /CN=A91E4D3D/serialNumber=C8070FD061A851FF8AEDE0DE0C3607EEB98FF701
Certificate serial: 0580
Authority key identifier: C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/5FA1BF8802DD11EE86865A23C4F9AE02.roa
Signing time: Tue 04 Feb 2025 23:13:06 +0000
ROA not before: Tue 04 Feb 2025 23:13:06 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 138627
IP address blocks: 150.195.215.0/24 maxlen: 24
150.195.216.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1408 (0x580)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4D3D
Validity
Not Before: Feb 4 23:13:06 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67a29f02-547d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e1:cb:c4:bf:f2:6a:72:6a:c3:fb:d7:ad:89:
a0:ee:69:27:ba:34:50:2e:34:1a:d2:6c:ae:c7:80:
c5:a6:3e:4e:d0:62:5b:18:a5:c8:19:eb:db:1f:d2:
e6:43:18:a0:fa:09:8c:8f:b9:9d:6d:24:da:41:92:
f1:cf:b4:aa:a0:e2:bf:d1:0f:e4:da:21:b5:1b:a5:
f4:57:d2:90:9f:15:5c:d9:66:d2:80:5d:8e:da:ae:
f9:5f:4a:65:14:89:a0:db:ca:95:18:5a:9c:75:f3:
c3:ae:6c:bb:db:77:f2:ec:23:db:f8:5c:ef:fe:f1:
d8:0e:6b:8b:53:2b:f9:9f:8d:03:a3:0b:cb:8e:4c:
79:61:4e:d2:d1:94:43:5d:75:04:d7:e9:1e:75:6a:
c8:fd:ec:20:65:97:a5:0e:dd:08:07:ef:20:e2:10:
31:d1:8c:19:ac:21:b6:f9:de:25:04:6b:6f:6c:08:
25:2f:df:c8:e2:0c:de:f1:e7:ef:69:3e:1a:ca:30:
f9:14:94:39:ab:4d:4e:3e:21:98:47:b9:b5:a4:09:
5b:ae:5a:64:6f:74:ea:0c:b6:eb:d5:52:19:3a:97:
db:98:bf:6c:ba:a8:50:1d:ce:ef:d4:3b:3a:83:82:
e1:04:0f:53:b0:88:1c:14:33:bd:20:ee:ef:36:c5:
bc:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:09:30:6D:82:60:84:E0:4D:99:5D:25:5A:0F:12:0B:C6:14:73:F9
X509v3 Authority Key Identifier:
keyid:C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/5FA1BF8802DD11EE86865A23C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
150.195.215.0-150.195.216.255
Signature Algorithm: sha256WithRSAEncryption
0c:51:5b:bc:26:b2:ab:07:05:8d:37:6b:09:79:29:ae:c5:45:
8f:45:1e:20:32:b3:bb:ac:86:e0:60:18:7f:9d:8a:88:f0:6f:
09:42:d0:ce:0c:de:58:df:d3:1f:53:df:3a:55:2d:45:c7:e0:
6b:22:e0:aa:97:95:89:dd:3a:e3:35:0b:e8:e9:f0:67:f7:67:
0f:15:07:af:34:82:fb:11:76:dc:b3:af:bc:2e:cb:d2:9f:38:
32:76:a2:ab:83:82:27:89:0e:f2:f5:d6:7b:d1:3e:b6:d5:b3:
5a:d0:4f:f7:5f:80:19:88:5b:0c:d9:16:53:33:2a:ff:b6:9e:
47:91:5d:35:4b:04:2f:57:00:b0:fa:78:f8:76:16:1c:ce:6f:
4b:81:e2:2b:5d:26:53:06:a8:1c:c4:fc:94:08:05:d1:e8:8a:
2d:a7:5a:c1:80:29:b6:92:9e:86:07:25:b7:49:fc:19:98:de:
c9:f5:c2:6e:6a:93:0c:df:3e:b6:16:e6:f1:4b:e5:d1:c0:dc:
75:a5:9e:32:1f:96:f8:17:85:31:c5:cb:7b:36:31:20:1e:6c:
76:9b:cf:9f:5c:96:53:77:a6:90:80:43:99:5b:e5:d1:a1:e7:
f0:63:2f:24:5d:83:d3:d5:be:b9:60:fa:2a:7b:63:12:bb:65:
27:27:b4:ef
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICBYAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTREM0QxMTAvBgNVBAUTKEM4MDcwRkQwNjFBODUxRkY4QUVERTBERTBDMzYwN0VF
Qjk4RkY3MDEwHhcNMjUwMjA0MjMxMzA2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EyOWYwMi01NDdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt+HLxL/yanJqw/vXrYmg7mknujRQLjQa0myux4DFpj5O0GJbGKXIGevbH9Lm
Qxig+gmMj7mdbSTaQZLxz7SqoOK/0Q/k2iG1G6X0V9KQnxVc2WbSgF2O2q75X0pl
FImg28qVGFqcdfPDrmy723fy7CPb+Fzv/vHYDmuLUyv5n40DowvLjkx5YU7S0ZRD
XXUE1+kedWrI/ewgZZelDt0IB+8g4hAx0YwZrCG2+d4lBGtvbAglL9/I4gze8efv
aT4ayjD5FJQ5q01OPiGYR7m1pAlbrlpkb3TqDLbr1VIZOpfbmL9suqhQHc7v1Ds6
g4LhBA9TsIgcFDO9IO7vNsW8lQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFL4JMG2C
YITgTZldJVoPEgvGFHP5MB8GA1UdIwQYMBaAFMgHD9BhqFH/iu3g3gw2B+65j/cB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEQzRC9CMDIwMkQzMkQ4
QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi95QWNQMEdHb1VmLUs3ZURlRERZSDdybVA5
d0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lBY1AwR0dvVWYtSzdlRGVERFlIN3JtUDl3RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTREM0QvQjAyMDJEMzJEOEI5MTFFQkFCQzFGNDg1QzRGOUFFMDIvNUZBMUJGODgw
MkREMTFFRTg2ODY1QTIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAJbD1wMEAJbD2DANBgkqhkiG9w0BAQsFAAOCAQEADFFb
vCayqwcFjTdrCXkprsVFj0UeIDKzu6yG4GAYf52KiPBvCULQzgzeWN/TH1PfOlUt
RcfgayLgqpeVid064zUL6OnwZ/dnDxUHrzSC+xF23LOvvC7L0p84Mnaiq4OCJ4kO
8vXWe9E+ttWzWtBP91+AGYhbDNkWUzMq/7aeR5FdNUsEL1cAsPp4+HYWHM5vS4Hi
K10mUwaoHMT8lAgF0eiKLadawYAptpKehgclt0n8GZjeyfXCbmqTDN8+thbm8Uvl
0cDcdaWeMh+W+BeFMcXLezYxIB5sdpvPn1yWU3emkIBDmVvl0aHn8GMvJF2D09W+
uWD6KntjErtlJye07w==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:10:31 2025 by rpki-client