Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/0BABC0DCB15D11EB8937582CC4F9AE02.roa
File: 0BABC0DCB15D11EB8937582CC4F9AE02.roa (raw, json)
Hash identifier: myGu3py2MJoX+9pcsdAEfeXFlVuZbTSedA0MlFyQwmI=
Subject key identifier: D8:DF:84:34:B8:DF:AF:8F:0D:37:05:F0:11:8C:64:AC:E3:F6:D7:36
Certificate issuer: /CN=A91F277D/serialNumber=BBC103561AFD7A93036D1C72DD4C0A7C2A4E29CE
Certificate serial: 0607
Authority key identifier: BB:C1:03:56:1A:FD:7A:93:03:6D:1C:72:DD:4C:0A:7C:2A:4E:29:CE
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/u8EDVhr9epMDbRxy3UwKfCpOKc4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/0BABC0DCB15D11EB8937582CC4F9AE02.roa
Signing time: Fri 06 Dec 2024 22:11:54 +0000
ROA not before: Fri 06 Dec 2024 22:11:54 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 65488
IP address blocks: 168.134.3.0/25 maxlen: 25
168.134.3.128/25 maxlen: 25
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1543 (0x607)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F277D
Validity
Not Before: Dec 6 22:11:54 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=675376aa-3298
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:cb:88:42:8b:92:14:5e:02:4e:e8:a6:91:43:
20:53:13:b1:00:e2:fc:a2:d1:c4:ad:77:30:92:d5:
ae:de:12:e4:a0:d2:ee:dc:b2:7a:e7:bc:06:a6:05:
90:16:3b:9b:23:7b:d3:50:b1:cd:ce:5a:d8:f6:6a:
eb:ba:dd:97:6b:bf:ed:b4:79:f3:7a:58:4a:7c:d7:
b8:e4:e6:6a:5b:a1:96:ad:e5:2a:7e:c5:c6:c1:92:
ea:c3:e6:6c:17:de:8c:94:09:fe:06:b1:4e:07:48:
2a:e2:44:6d:50:1b:67:af:5b:b7:3d:43:f0:ec:b7:
60:97:33:51:79:d3:00:1d:89:b0:f2:c5:7c:a0:11:
cb:8c:b0:0f:86:c3:69:3f:03:d0:0c:25:33:8c:0b:
4e:54:df:b2:a0:9a:01:9f:cc:67:4c:bd:be:93:dc:
70:57:70:64:e9:12:fb:f1:e9:b0:5c:d4:97:ac:a5:
c8:65:6f:94:d0:af:12:cf:b4:d8:33:aa:02:49:f5:
35:60:84:59:86:9d:cd:53:9f:b3:4d:d3:9b:48:aa:
df:7b:e6:9a:fd:ca:7f:29:02:f0:41:b6:04:0e:5b:
e1:98:bb:cc:74:00:97:2d:7d:2c:ee:f7:37:7c:c8:
b9:04:2f:bb:ed:43:cc:36:f7:89:4a:39:73:4e:19:
9e:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:DF:84:34:B8:DF:AF:8F:0D:37:05:F0:11:8C:64:AC:E3:F6:D7:36
X509v3 Authority Key Identifier:
keyid:BB:C1:03:56:1A:FD:7A:93:03:6D:1C:72:DD:4C:0A:7C:2A:4E:29:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/u8EDVhr9epMDbRxy3UwKfCpOKc4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/u8EDVhr9epMDbRxy3UwKfCpOKc4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/0BABC0DCB15D11EB8937582CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
168.134.3.0/24
Signature Algorithm: sha256WithRSAEncryption
11:73:87:a4:9b:31:75:aa:c1:70:92:f9:e3:fa:6a:4f:c6:09:
75:27:62:b1:79:69:e1:0b:94:48:fe:b7:bb:93:7c:79:5c:cf:
97:70:ec:ca:13:fc:c0:f1:eb:51:83:1a:94:ba:37:32:ee:1c:
06:00:32:3e:5c:ad:ab:68:74:cc:bc:93:f4:14:bb:e0:36:be:
69:95:ce:a4:fd:7a:46:65:6c:c5:23:02:ab:85:fb:f4:71:95:
01:b4:45:3a:0f:30:ed:60:61:3d:b5:2e:dc:9a:03:03:11:cc:
c1:d5:0d:e0:8e:b1:84:bb:ae:53:6d:c3:2c:fa:70:59:ab:2c:
08:74:72:b8:0f:7d:ae:1a:bb:f7:3b:9c:6f:9a:35:53:cd:b1:
cb:79:fa:96:60:63:56:1e:01:99:f5:bf:17:31:23:7d:91:53:
21:5a:cb:33:7a:62:c2:ed:7d:45:83:79:18:68:73:db:8b:96:
cc:73:d2:2a:af:b5:d8:25:6a:27:64:46:69:2c:ba:96:0e:a6:
40:9f:50:b1:a4:e8:cf:20:bf:b2:29:66:38:09:e3:14:07:75:
b9:77:1f:a7:4e:32:f7:6b:46:70:d4:96:de:9a:6b:d3:4c:2d:
17:0f:8f:7f:45:5d:35:f8:8d:e4:64:f2:f9:ab:0e:aa:c6:60:
e5:ac:ef:5b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBgcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjI3N0QxMTAvBgNVBAUTKEJCQzEwMzU2MUFGRDdBOTMwMzZEMUM3MkRENEMwQTdD
MkE0RTI5Q0UwHhcNMjQxMjA2MjIxMTU0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUzNzZhYS0zMjk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA18uIQouSFF4CTuimkUMgUxOxAOL8otHErXcwktWu3hLkoNLu3LJ657wGpgWQ
FjubI3vTULHNzlrY9mrrut2Xa7/ttHnzelhKfNe45OZqW6GWreUqfsXGwZLqw+Zs
F96MlAn+BrFOB0gq4kRtUBtnr1u3PUPw7LdglzNRedMAHYmw8sV8oBHLjLAPhsNp
PwPQDCUzjAtOVN+yoJoBn8xnTL2+k9xwV3Bk6RL78emwXNSXrKXIZW+U0K8Sz7TY
M6oCSfU1YIRZhp3NU5+zTdObSKrfe+aa/cp/KQLwQbYEDlvhmLvMdACXLX0s7vc3
fMi5BC+77UPMNveJSjlzThmedwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNjfhDS4
36+PDTcF8BGMZKzj9tc2MB8GA1UdIwQYMBaAFLvBA1Ya/XqTA20cct1MCnwqTinO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjc3RC83OEExRDA4RThE
NkIxMUVCOTg0MEUwNUZDNEY5QUUwMi91OEVEVmhyOWVwTURiUnh5M1V3S2ZDcE9L
YzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3U4RURWaHI5ZXBNRGJSeHkzVXdLZkNwT0tjNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjI3N0QvNzhBMUQwOEU4RDZCMTFFQjk4NDBFMDVGQzRGOUFFMDIvMEJBQkMwRENC
MTVEMTFFQjg5Mzc1ODJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACohgMwDQYJKoZIhvcNAQELBQADggEBABFzh6SbMXWqwXCS
+eP6ak/GCXUnYrF5aeELlEj+t7uTfHlcz5dw7MoT/MDx61GDGpS6NzLuHAYAMj5c
ratodMy8k/QUu+A2vmmVzqT9ekZlbMUjAquF+/RxlQG0RToPMO1gYT21LtyaAwMR
zMHVDeCOsYS7rlNtwyz6cFmrLAh0crgPfa4au/c7nG+aNVPNsct5+pZgY1YeAZn1
vxcxI32RUyFayzN6YsLtfUWDeRhoc9uLlsxz0iqvtdglaidkRmksupYOpkCfULGk
6M8gv7IpZjgJ4xQHdbl3H6dOMvdrRnDUlt6aa9NMLRcPj39FXTX4jeRk8vmrDqrG
YOWs71s=
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:09:35 2025 by rpki-client