Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/07FBA006084E11EF89D29620C4F9AE02.roa
File: 07FBA006084E11EF89D29620C4F9AE02.roa (raw, json)
Hash identifier: olIQCCewOfkMwGkHHOS/5ivD24pRNNt8XVcMGE/8pfs=
Subject key identifier: 62:29:7C:60:7D:E1:12:93:A3:5C:71:FD:54:18:01:4F:15:B6:B0:68
Certificate issuer: /CN=A91FF5E4/serialNumber=85EE9038FFC3541ABDFB7DD9ED33F2AAE372E78C
Certificate serial: 053F
Authority key identifier: 85:EE:90:38:FF:C3:54:1A:BD:FB:7D:D9:ED:33:F2:AA:E3:72:E7:8C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/he6QOP_DVBq9-33Z7TPyquNy54w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/07FBA006084E11EF89D29620C4F9AE02.roa
Signing time: Tue 04 Feb 2025 23:13:21 +0000
ROA not before: Tue 04 Feb 2025 23:13:21 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 10207
IP address blocks: 223.25.224.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1343 (0x53f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FF5E4
Validity
Not Before: Feb 4 23:13:21 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67a29f11-d498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:0a:20:3b:2c:20:7a:f8:18:97:8c:86:a6:3a:
23:82:5b:1d:5d:c7:d2:91:9c:fb:c2:01:7a:7e:ce:
bc:55:72:0a:42:8e:75:4b:53:69:38:ed:b3:00:dc:
b1:aa:28:ea:ea:45:c3:cc:b9:b8:76:c4:da:a2:a7:
70:f4:6f:62:bb:9d:5d:4a:71:88:0b:48:30:d3:da:
db:1e:b6:7e:9e:c8:05:ea:17:d2:e3:11:39:2e:a7:
31:c7:d7:0a:00:1f:27:87:4a:58:6c:74:5d:46:d6:
06:d5:93:c8:96:45:b0:31:4a:98:32:d0:21:fe:2f:
d9:ed:86:14:7e:ab:c8:0f:8c:c4:e9:68:2b:7a:fc:
24:e4:98:f4:bf:71:44:77:48:85:02:b7:0a:7a:c0:
68:43:ad:94:a4:49:65:6a:82:8f:42:cf:ef:fe:41:
f8:e0:09:94:ed:00:f7:18:c5:ff:ea:49:54:e8:0e:
63:27:78:71:02:5b:cc:df:b5:d8:0c:4b:50:36:23:
a6:0f:dd:cd:1d:83:71:5e:eb:75:44:89:18:f6:c2:
63:0a:51:71:ca:b9:66:5e:8b:4e:90:00:9a:ae:0c:
a6:1f:58:97:f6:ef:69:df:02:fe:ed:6f:13:9b:12:
99:98:5d:96:ff:97:df:20:cd:dc:4a:2c:c4:08:01:
0b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:29:7C:60:7D:E1:12:93:A3:5C:71:FD:54:18:01:4F:15:B6:B0:68
X509v3 Authority Key Identifier:
keyid:85:EE:90:38:FF:C3:54:1A:BD:FB:7D:D9:ED:33:F2:AA:E3:72:E7:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/he6QOP_DVBq9-33Z7TPyquNy54w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/he6QOP_DVBq9-33Z7TPyquNy54w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/07FBA006084E11EF89D29620C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
223.25.224.0/22
Signature Algorithm: sha256WithRSAEncryption
47:b7:57:21:1a:b8:1f:fb:42:d5:5d:93:41:1b:a9:6d:49:25:
b4:a7:08:72:f2:1e:ae:8a:5a:50:8d:f9:3f:ad:b3:3b:b7:25:
f3:44:71:c6:fe:8f:f8:a2:e1:0c:e3:64:0f:4c:00:ce:79:c5:
06:b4:f5:f4:e7:4b:39:ca:c4:dd:bd:b0:2c:26:85:7b:65:00:
b6:82:aa:30:23:66:c9:3b:66:b4:6a:46:90:6d:a8:8b:ba:11:
ec:93:7a:fa:d3:a0:af:34:65:b2:f0:08:ed:a6:33:db:30:28:
03:ca:32:16:07:f5:29:3b:be:ce:d2:64:19:44:1e:41:2e:b9:
6d:43:43:d7:19:ae:bf:c8:ae:a1:77:b0:13:ed:e7:0c:4f:93:
c3:de:bc:b4:0c:6d:ce:55:fa:52:6a:7c:3d:4b:f1:ff:ac:4d:
0a:20:f5:7d:a3:e8:a1:5e:c2:38:a9:8a:db:d7:75:a6:4c:41:
1e:9c:c4:52:65:8b:2b:5b:88:a1:0a:01:00:6c:9d:ac:60:64:
e6:f9:ff:b8:c9:a1:75:ba:f8:08:2c:ff:c0:41:41:d5:07:7e:
a5:a2:c5:84:a4:a1:93:64:99:6a:ec:bc:66:75:97:67:2a:a1:
62:f8:a0:72:a9:5c:61:df:52:08:47:2d:a4:df:b7:83:87:01:
79:17:7d:b3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBT8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkY1RTQxMTAvBgNVBAUTKDg1RUU5MDM4RkZDMzU0MUFCREZCN0REOUVEMzNGMkFB
RTM3MkU3OEMwHhcNMjUwMjA0MjMxMzIxWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EyOWYxMS1kNDk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoQogOywgevgYl4yGpjojglsdXcfSkZz7wgF6fs68VXIKQo51S1NpOO2zANyx
qijq6kXDzLm4dsTaoqdw9G9iu51dSnGIC0gw09rbHrZ+nsgF6hfS4xE5Lqcxx9cK
AB8nh0pYbHRdRtYG1ZPIlkWwMUqYMtAh/i/Z7YYUfqvID4zE6Wgrevwk5Jj0v3FE
d0iFArcKesBoQ62UpEllaoKPQs/v/kH44AmU7QD3GMX/6klU6A5jJ3hxAlvM37XY
DEtQNiOmD93NHYNxXut1RIkY9sJjClFxyrlmXotOkACargymH1iX9u9p3wL+7W8T
mxKZmF2W/5ffIM3cSizECAELmQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGIpfGB9
4RKTo1xx/VQYAU8VtrBoMB8GA1UdIwQYMBaAFIXukDj/w1Qavft92e0z8qrjcueM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRjVFNC9FRDA3OURGRUUz
ODQxMUVCQTg1OTNCNjVDNEY5QUUwMi9oZTZRT1BfRFZCcTktMzNaN1RQeXF1Tnk1
NHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hlNlFPUF9EVkJxOS0zM1o3VFB5cXVOeTU0dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkY1RTQvRUQwNzlERkVFMzg0MTFFQkE4NTkzQjY1QzRGOUFFMDIvMDdGQkEwMDYw
ODRFMTFFRjg5RDI5NjIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALfGeAwDQYJKoZIhvcNAQELBQADggEBAEe3VyEauB/7QtVd
k0EbqW1JJbSnCHLyHq6KWlCN+T+tszu3JfNEccb+j/ii4QzjZA9MAM55xQa09fTn
SznKxN29sCwmhXtlALaCqjAjZsk7ZrRqRpBtqIu6EeyTevrToK80ZbLwCO2mM9sw
KAPKMhYH9Sk7vs7SZBlEHkEuuW1DQ9cZrr/IrqF3sBPt5wxPk8PevLQMbc5V+lJq
fD1L8f+sTQog9X2j6KFewjipitvXdaZMQR6cxFJliytbiKEKAQBsnaxgZOb5/7jJ
oXW6+Ags/8BBQdUHfqWixYSkoZNkmWrsvGZ1l2cqoWL4oHKpXGHfUghHLaTft4OH
AXkXfbM=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:23:24 2025 by rpki-client