Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F67BB/BDFBF1860E3E11E9836F4014C4F9AE02/53BDA2F60F1A11E9B3F2A713C4F9AE02.roa
File: 53BDA2F60F1A11E9B3F2A713C4F9AE02.roa (raw, json)
Hash identifier: tG0xAoHX5Jrg4VXIV0PMgN27hGtGNiwPzNpPEMcc5ZU=
Subject key identifier: F1:BB:08:E2:FE:C1:01:91:58:82:F6:63:71:19:02:D6:61:0F:0F:C3
Certificate issuer: /CN=A91F67BB/serialNumber=CC592176D88C423F8859B518B6AD334FFF767409
Certificate serial: 10F0
Authority key identifier: CC:59:21:76:D8:8C:42:3F:88:59:B5:18:B6:AD:33:4F:FF:76:74:09
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/zFkhdtiMQj-IWbUYtq0zT_92dAk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F67BB/BDFBF1860E3E11E9836F4014C4F9AE02/53BDA2F60F1A11E9B3F2A713C4F9AE02.roa
Signing time: Tue 10 Dec 2024 17:45:27 +0000
ROA not before: Tue 10 Dec 2024 17:45:27 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 133058
IP address blocks: 158.140.152.0/24 maxlen: 24
158.140.153.0/24 maxlen: 24
158.140.154.0/24 maxlen: 24
158.140.155.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4336 (0x10f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F67BB
Validity
Not Before: Dec 10 17:45:27 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67587e37-ee9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3e:91:8a:af:ee:07:bb:95:ad:6f:84:45:36:
3d:29:1d:d5:8d:5d:cc:68:bc:2f:85:38:47:ea:96:
76:a5:b2:e7:44:1c:fc:a8:09:0c:76:d8:64:84:5b:
f0:f4:57:1e:fb:5f:ae:68:2f:92:54:eb:76:79:21:
b7:bc:e5:6f:73:4f:f1:36:35:19:16:6a:2e:33:db:
a3:4a:26:f0:d7:85:e0:01:77:54:ba:87:1c:24:1e:
c3:e3:a4:55:a9:31:e6:8d:e1:07:86:90:2a:00:e1:
d7:38:c4:6f:29:d2:94:36:ae:9b:3d:87:1a:54:30:
94:da:86:a2:78:04:9c:af:28:95:74:1a:22:f2:06:
9f:63:eb:f5:46:58:25:c2:ad:82:15:9b:ac:fc:e6:
c4:6b:87:8f:82:7d:8d:b4:c1:53:af:a3:ab:67:73:
72:38:0e:01:f1:9a:85:5c:c5:ee:cd:08:fd:2f:89:
8e:ff:66:4e:18:e9:41:56:8e:05:8d:51:ee:ca:fd:
db:04:47:87:39:fa:6f:a7:02:b9:72:48:9e:8c:a1:
07:6a:1f:0e:38:b8:32:31:d9:a1:46:6d:07:7d:83:
02:7d:d1:dc:13:6b:7c:ee:7f:58:02:e9:b0:25:fa:
68:ff:87:5b:0e:a4:ac:47:1e:ee:05:92:dd:52:93:
14:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:BB:08:E2:FE:C1:01:91:58:82:F6:63:71:19:02:D6:61:0F:0F:C3
X509v3 Authority Key Identifier:
keyid:CC:59:21:76:D8:8C:42:3F:88:59:B5:18:B6:AD:33:4F:FF:76:74:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F67BB/BDFBF1860E3E11E9836F4014C4F9AE02/zFkhdtiMQj-IWbUYtq0zT_92dAk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/zFkhdtiMQj-IWbUYtq0zT_92dAk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F67BB/BDFBF1860E3E11E9836F4014C4F9AE02/53BDA2F60F1A11E9B3F2A713C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
158.140.152.0/22
Signature Algorithm: sha256WithRSAEncryption
59:99:ef:34:a9:ac:26:ae:fe:2e:ef:c4:85:d1:09:9a:b9:4c:
5f:e7:72:b2:2a:99:ca:72:cd:73:10:d2:84:14:71:c2:d4:2a:
8c:fc:74:57:0d:2e:92:41:77:b5:c8:3e:18:12:1b:c5:7b:29:
c8:49:c1:f8:cf:cb:76:49:db:d3:6c:c1:57:f0:b7:bb:cf:57:
63:b4:92:7a:f0:31:d5:d9:72:76:6a:b6:4e:0e:76:a6:7d:9d:
b2:36:c8:ea:ed:b1:e3:b8:7a:e1:dd:60:c1:16:eb:30:55:99:
47:42:dd:53:50:aa:a8:ea:27:79:0b:4a:33:f1:79:30:2b:0b:
1f:ed:bf:d7:0d:bd:2c:e0:b0:3a:b1:37:4c:1c:a7:b9:d2:74:
d4:f0:e2:17:dd:76:c1:52:92:7d:bc:4b:a3:38:0f:28:00:27:
7c:8c:f9:c8:7d:4a:9a:be:27:51:71:3e:2b:56:1a:ef:cc:c3:
4a:c7:90:a5:72:eb:5d:61:aa:ab:88:ca:f5:6a:5a:e2:3a:1e:
2b:b6:fe:3c:64:66:29:9b:40:a5:7f:55:c8:36:b4:83:fc:0a:
78:53:b0:8f:15:f8:76:d3:ea:eb:94:96:dd:1a:99:60:f5:ac:
bc:ca:e3:72:f5:96:2d:b5:46:b3:84:83:39:f9:3b:97:03:55:
f8:29:f3:5c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICEPAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY3QkIxMTAvBgNVBAUTKENDNTkyMTc2RDg4QzQyM0Y4ODU5QjUxOEI2QUQzMzRG
RkY3Njc0MDkwHhcNMjQxMjEwMTc0NTI3WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU4N2UzNy1lZTlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnz6Riq/uB7uVrW+ERTY9KR3VjV3MaLwvhThH6pZ2pbLnRBz8qAkMdthkhFvw
9Fce+1+uaC+SVOt2eSG3vOVvc0/xNjUZFmouM9ujSibw14XgAXdUuoccJB7D46RV
qTHmjeEHhpAqAOHXOMRvKdKUNq6bPYcaVDCU2oaieAScryiVdBoi8gafY+v1Rlgl
wq2CFZus/ObEa4ePgn2NtMFTr6OrZ3NyOA4B8ZqFXMXuzQj9L4mO/2ZOGOlBVo4F
jVHuyv3bBEeHOfpvpwK5ckiejKEHah8OOLgyMdmhRm0HfYMCfdHcE2t87n9YAumw
Jfpo/4dbDqSsRx7uBZLdUpMUWwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPG7COL+
wQGRWIL2Y3EZAtZhDw/DMB8GA1UdIwQYMBaAFMxZIXbYjEI/iFm1GLatM0//dnQJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjdCQi9CREZCRjE4NjBF
M0UxMUU5ODM2RjQwMTRDNEY5QUUwMi96RmtoZHRpTVFqLUlXYlVZdHEwelRfOTJk
QWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3pGa2hkdGlNUWotSVdiVVl0cTB6VF85MmRBay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY3QkIvQkRGQkYxODYwRTNFMTFFOTgzNkY0MDE0QzRGOUFFMDIvNTNCREEyRjYw
RjFBMTFFOUIzRjJBNzEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAKejJgwDQYJKoZIhvcNAQELBQADggEBAFmZ7zSprCau/i7v
xIXRCZq5TF/ncrIqmcpyzXMQ0oQUccLUKoz8dFcNLpJBd7XIPhgSG8V7KchJwfjP
y3ZJ29NswVfwt7vPV2O0knrwMdXZcnZqtk4OdqZ9nbI2yOrtseO4euHdYMEW6zBV
mUdC3VNQqqjqJ3kLSjPxeTArCx/tv9cNvSzgsDqxN0wcp7nSdNTw4hfddsFSkn28
S6M4DygAJ3yM+ch9Spq+J1FxPitWGu/Mw0rHkKVy611hqquIyvVqWuI6Hiu2/jxk
ZimbQKV/Vcg2tIP8CnhTsI8V+HbT6uuUlt0amWD1rLzK43L1li21RrOEgzn5O5cD
Vfgp81w=
-----END CERTIFICATE-----
Generated at Fri Apr 11 22:19:53 2025 by rpki-client