Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/54C069B0523211EBAD962F7AC4F9AE02.roa
File: 54C069B0523211EBAD962F7AC4F9AE02.roa (raw, json)
Hash identifier: ndDo6V/PgJ7lhP3TRJ1Y+opY3nB3jcqOWJJ1/gi94EE=
Subject key identifier: 31:99:10:96:9F:E3:1B:61:7D:67:DC:50:50:87:74:5C:24:EB:39:4D
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 1888
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/54C069B0523211EBAD962F7AC4F9AE02.roa
Signing time: Tue 18 Feb 2025 17:35:15 +0000
ROA not before: Tue 18 Feb 2025 17:35:15 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 131109
IP address blocks: 121.54.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6280 (0x1888)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D
Validity
Not Before: Feb 18 17:35:15 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67b4c4d2-b564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:41:ae:09:42:14:1f:2d:5f:65:c6:a7:68:24:
c2:25:d7:8e:d2:2c:22:e4:70:74:63:3a:18:46:60:
2c:d4:28:82:3b:c4:5b:91:76:32:fb:20:47:43:74:
80:d2:a1:34:c2:a6:7c:5a:2b:f0:52:41:7c:f0:5a:
bf:91:5a:30:af:da:42:ab:ab:65:08:3d:d1:3b:94:
87:7d:28:86:c9:09:6e:d7:48:14:52:84:3e:38:92:
24:17:5f:00:78:4f:04:af:2e:08:32:b4:a6:1c:e5:
63:85:53:ce:59:cd:64:46:02:45:25:5d:51:0f:8f:
03:a3:1b:cd:9d:b7:44:6b:c1:ac:fe:71:6e:c2:08:
40:33:47:70:6b:01:fe:73:be:31:04:57:6d:94:d3:
20:1d:1d:98:1f:cf:6f:95:86:e2:fb:12:85:d7:38:
3d:15:13:36:c6:11:9c:a5:19:4e:98:70:fa:c1:8b:
1b:42:01:d1:ba:b5:e8:9f:81:f8:51:21:06:d6:4f:
86:0d:c2:c0:f8:2f:85:79:9b:48:f6:67:56:60:ca:
fe:6f:e8:18:31:46:d9:b4:d8:31:54:fa:7d:3e:6e:
c6:96:7f:83:0b:f3:c2:71:6d:4e:ce:6a:c9:75:5b:
eb:5f:02:e5:c2:f7:71:2c:20:f8:e6:f8:fa:8a:c0:
94:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:99:10:96:9F:E3:1B:61:7D:67:DC:50:50:87:74:5C:24:EB:39:4D
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/54C069B0523211EBAD962F7AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
121.54.129.0/24
Signature Algorithm: sha256WithRSAEncryption
83:73:9b:0c:78:69:c7:72:e6:bd:77:d7:b8:85:53:57:f6:35:
a9:03:d3:ac:60:49:8d:fa:48:6a:e9:df:7b:49:61:a4:23:77:
97:7a:12:02:69:bb:9d:f6:ad:fb:61:0f:f7:52:13:c8:cc:22:
aa:55:1a:a4:1a:d8:3a:81:56:3b:e1:26:c8:5e:cb:25:cd:02:
8b:6a:e9:77:9c:13:ed:53:bf:82:19:77:64:8b:75:1c:f1:3e:
ae:f4:62:f8:4c:a9:f2:c6:03:64:e3:b6:e6:55:dc:07:45:17:
6d:c4:84:88:02:72:87:97:cd:f9:0b:ff:db:a5:f9:4f:3c:38:
78:3f:8c:94:82:a6:4a:ef:2c:8c:b6:66:ff:c5:e4:c0:eb:84:
ae:f6:84:15:eb:63:fa:2c:22:b3:eb:90:1c:d9:40:3c:34:e9:
e4:7a:0d:0d:61:bf:6a:0e:b6:26:3b:a3:2b:2b:a6:aa:f3:d4:
67:fc:4a:6e:a9:90:3c:c8:aa:02:cd:e6:f5:b7:71:53:6c:6d:
8e:85:9b:0b:d9:dd:10:d8:79:07:25:18:e6:33:e0:a2:d8:bb:
e0:41:3e:45:27:de:c9:5a:18:cf:72:87:a7:70:1f:4f:72:15:
7a:a9:e2:fc:b5:66:7c:7a:4a:f0:73:8b:bb:35:25:4c:91:ac:
64:82:2f:12
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGIgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjUwMjE4MTczNTE1WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I0YzRkMi1iNTY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA10GuCUIUHy1fZcanaCTCJdeO0iwi5HB0YzoYRmAs1CiCO8RbkXYy+yBHQ3SA
0qE0wqZ8WivwUkF88Fq/kVowr9pCq6tlCD3RO5SHfSiGyQlu10gUUoQ+OJIkF18A
eE8Ery4IMrSmHOVjhVPOWc1kRgJFJV1RD48DoxvNnbdEa8Gs/nFuwghAM0dwawH+
c74xBFdtlNMgHR2YH89vlYbi+xKF1zg9FRM2xhGcpRlOmHD6wYsbQgHRurXon4H4
USEG1k+GDcLA+C+FeZtI9mdWYMr+b+gYMUbZtNgxVPp9Pm7Gln+DC/PCcW1OzmrJ
dVvrXwLlwvdxLCD45vj6isCUewIDAQABo4IClTCCApEwHQYDVR0OBBYEFDGZEJaf
4xthfWfcUFCHdFwk6zlNMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvNTRDMDY5QjA1
MjMyMTFFQkFEOTYyRjdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB5NoEwDQYJKoZIhvcNAQELBQADggEBAINzmwx4acdy5r13
17iFU1f2NakD06xgSY36SGrp33tJYaQjd5d6EgJpu532rfthD/dSE8jMIqpVGqQa
2DqBVjvhJsheyyXNAotq6XecE+1Tv4IZd2SLdRzxPq70YvhMqfLGA2TjtuZV3AdF
F23EhIgCcoeXzfkL/9ul+U88OHg/jJSCpkrvLIy2Zv/F5MDrhK72hBXrY/osIrPr
kBzZQDw06eR6DQ1hv2oOtiY7oysrpqrz1Gf8Sm6pkDzIqgLN5vW3cVNsbY6FmwvZ
3RDYeQclGOYz4KLYu+BBPkUn3slaGM9yh6dwH09yFXqp4vy1Znx6SvBzi7s1JUyR
rGSCLxI=
-----END CERTIFICATE-----
Generated at Fri Apr 11 20:34:54 2025 by rpki-client