Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA851/8BC5127CB9DF11EE94B4242AC4F9AE02/FDAEC9BEB9DF11EEB592092BC4F9AE02.roa
File: FDAEC9BEB9DF11EEB592092BC4F9AE02.roa (raw, json)
Hash identifier: pRZJiYQSbYzv1liMenxZtsfwbrKicNki6lsn6zoL4Qs=
Subject key identifier: BD:58:64:02:43:55:6F:12:BC:D4:56:34:6B:67:DC:9E:99:D8:8A:F9
Certificate issuer: /CN=A91FA851/serialNumber=50A0DC9558A6C40DDCD535FB7B5C0BEEA66E04E4
Certificate serial: 04
Authority key identifier: 50:A0:DC:95:58:A6:C4:0D:DC:D5:35:FB:7B:5C:0B:EE:A6:6E:04:E4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/UKDclVimxA3c1TX7e1wL7qZuBOQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FA851/8BC5127CB9DF11EE94B4242AC4F9AE02/FDAEC9BEB9DF11EEB592092BC4F9AE02.roa
Signing time: Tue 23 Jan 2024 11:41:07 +0000
ROA not before: Tue 23 Jan 2024 11:41:07 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 138548
IP address blocks: 157.15.20.0/23 maxlen: 23
157.15.20.0/24 maxlen: 24
157.15.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FA851
Validity
Not Before: Jan 23 11:41:07 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65afa5d3-28f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:12:2b:6a:3f:e7:ba:4d:71:d7:b0:22:b4:1b:
1d:34:de:ff:98:8d:1f:d8:ce:2a:48:2f:f5:f8:11:
14:e3:ee:66:43:08:c2:23:f8:09:6a:5a:c3:ae:24:
63:84:a9:02:d8:fe:63:9b:73:8f:4c:83:74:0c:46:
45:b0:f1:c0:32:81:41:c0:23:dd:68:d6:9a:ae:27:
a2:7b:8c:5a:f5:27:bc:ed:c5:e4:c1:2e:35:c0:c1:
6b:4c:69:dc:e9:03:1a:0f:48:bf:ab:45:b3:58:05:
67:21:2e:10:c3:72:4b:50:81:bb:f4:a8:b4:5f:09:
de:5f:97:f1:50:88:c1:36:c4:ec:14:5f:59:40:07:
86:6d:ae:4a:ed:b8:7f:a2:95:45:31:3f:df:ad:fd:
79:03:e6:13:f7:b5:9c:57:68:94:8a:2f:0d:f2:fc:
82:24:1a:48:5c:e7:f8:86:d4:59:f1:ae:41:c8:f2:
86:3e:14:95:c0:82:71:d6:39:ee:3f:59:ea:0d:cf:
05:73:4b:70:0e:c5:fa:85:34:ba:69:9f:9f:63:75:
6f:e9:fd:4c:a7:4a:54:87:44:4d:17:e3:9f:cb:8d:
47:13:1e:3e:e6:34:47:29:65:a5:f7:b3:53:ce:92:
42:eb:99:07:a2:ff:bf:e5:4d:88:f5:e6:b9:1e:a9:
df:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:58:64:02:43:55:6F:12:BC:D4:56:34:6B:67:DC:9E:99:D8:8A:F9
X509v3 Authority Key Identifier:
keyid:50:A0:DC:95:58:A6:C4:0D:DC:D5:35:FB:7B:5C:0B:EE:A6:6E:04:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FA851/8BC5127CB9DF11EE94B4242AC4F9AE02/UKDclVimxA3c1TX7e1wL7qZuBOQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/UKDclVimxA3c1TX7e1wL7qZuBOQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA851/8BC5127CB9DF11EE94B4242AC4F9AE02/FDAEC9BEB9DF11EEB592092BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.20.0/23
Signature Algorithm: sha256WithRSAEncryption
36:6f:d7:29:c2:fc:e3:34:2f:e2:b2:b7:34:81:db:b7:ed:03:
b0:08:6f:87:f7:ae:ce:f3:f2:bf:9d:6a:8f:3f:d6:15:86:d9:
5c:7f:02:17:5b:6f:ab:03:af:98:1e:51:58:f0:71:b1:c6:eb:
59:12:34:71:27:97:5a:2d:d8:e8:86:2f:cc:03:bc:e2:bb:03:
d4:dc:e4:53:9c:bf:aa:a6:d2:73:dd:1c:2a:ab:f7:bb:b0:ff:
8c:79:72:9d:1a:6b:5d:07:f2:78:80:7f:82:cf:62:13:53:67:
b9:ed:11:7d:19:33:0e:1f:3b:cf:bd:80:46:6e:6a:0f:ba:cc:
20:34:ee:60:30:f2:a8:4c:4f:76:c5:1f:ca:c2:f2:93:ea:b9:
14:7c:fb:e5:22:e2:75:4d:ed:2a:c7:a0:c5:ec:da:50:f3:f0:
1c:c9:57:3f:74:2d:04:a9:84:7e:64:8f:9d:fb:5d:f9:0d:00:
cb:e7:18:24:39:55:e0:91:68:71:8f:4c:1f:4e:c0:cb:f5:1e:
de:45:3c:ea:f7:1d:4a:d4:18:06:cd:2f:61:46:00:a1:28:9f:
46:ac:7c:ea:7d:15:c3:47:94:39:a2:cd:c4:34:e9:82:29:28:
af:1a:81:2e:30:a5:fe:e8:2b:9f:b8:50:1b:7f:58:b5:32:37:
8b:90:4b:ff
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
QTg1MTExMC8GA1UEBRMoNTBBMERDOTU1OEE2QzQwRERDRDUzNUZCN0I1QzBCRUVB
NjZFMDRFNDAeFw0yNDAxMjMxMTQxMDdaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YWZhNWQzLTI4ZjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDuEitqP+e6TXHXsCK0Gx003v+YjR/YzipIL/X4ERTj7mZDCMIj+AlqWsOuJGOE
qQLY/mObc49Mg3QMRkWw8cAygUHAI91o1pquJ6J7jFr1J7ztxeTBLjXAwWtMadzp
AxoPSL+rRbNYBWchLhDDcktQgbv0qLRfCd5fl/FQiME2xOwUX1lAB4ZtrkrtuH+i
lUUxP9+t/XkD5hP3tZxXaJSKLw3y/IIkGkhc5/iG1FnxrkHI8oY+FJXAgnHWOe4/
WeoNzwVzS3AOxfqFNLppn59jdW/p/UynSlSHRE0X45/LjUcTHj7mNEcpZaX3s1PO
kkLrmQei/7/lTYj15rkeqd/5AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUvVhkAkNV
bxK81FY0a2fcnpnYivkwHwYDVR0jBBgwFoAUUKDclVimxA3c1TX7e1wL7qZuBOQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZBODUxLzhCQzUxMjdDQjlE
RjExRUU5NEI0MjQyQUM0RjlBRTAyL1VLRGNsVmlteEEzYzFUWDdlMXdMN3FadUJP
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvVUtEY2xWaW14QTNjMVRYN2Uxd0w3cVp1Qk9RLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
QTg1MS84QkM1MTI3Q0I5REYxMUVFOTRCNDI0MkFDNEY5QUUwMi9GREFFQzlCRUI5
REYxMUVFQjU5MjA5MkJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0PFDANBgkqhkiG9w0BAQsFAAOCAQEANm/XKcL84zQv4rK3
NIHbt+0DsAhvh/euzvPyv51qjz/WFYbZXH8CF1tvqwOvmB5RWPBxscbrWRI0cSeX
Wi3Y6IYvzAO84rsD1NzkU5y/qqbSc90cKqv3u7D/jHlynRprXQfyeIB/gs9iE1Nn
ue0RfRkzDh87z72ARm5qD7rMIDTuYDDyqExPdsUfysLyk+q5FHz75SLidU3tKseg
xezaUPPwHMlXP3QtBKmEfmSPnftd+Q0Ay+cYJDlV4JFocY9MH07Ay/Ue3kU86vcd
StQYBs0vYUYAoSifRqx86n0Vw0eUOaLNxDTpgikorxqBLjCl/ugrn7hQG39YtTI3
i5BL/w==
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:05:40 2025 by rpki-client