Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/08990BC0084E11EF89D29620C4F9AE02.roa
File: 08990BC0084E11EF89D29620C4F9AE02.roa (raw, json)
Hash identifier: 8EivjdWyyPlLeLaqCsiwmtFtESuhOy3I6leM27cuB5Y=
Subject key identifier: 91:0E:11:AB:B4:4F:0D:F1:D0:FD:25:A1:B1:A4:F1:7D:2C:EA:7E:D7
Certificate issuer: /CN=A91FF5E4/serialNumber=85EE9038FFC3541ABDFB7DD9ED33F2AAE372E78C
Certificate serial: 0540
Authority key identifier: 85:EE:90:38:FF:C3:54:1A:BD:FB:7D:D9:ED:33:F2:AA:E3:72:E7:8C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/he6QOP_DVBq9-33Z7TPyquNy54w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/08990BC0084E11EF89D29620C4F9AE02.roa
Signing time: Tue 04 Feb 2025 23:13:22 +0000
ROA not before: Tue 04 Feb 2025 23:13:22 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 45270
IP address blocks: 223.25.224.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1344 (0x540)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FF5E4
Validity
Not Before: Feb 4 23:13:22 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67a29f12-37e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:65:65:54:ad:72:9c:7b:be:f1:19:1a:c5:38:
de:d3:d9:a2:fc:49:d3:de:b4:3e:d2:29:89:59:08:
e7:72:18:96:7c:fb:51:f0:96:d6:63:3f:22:05:0e:
fb:93:3a:58:b5:3f:1d:72:e9:f7:74:fc:5b:8f:84:
2d:bc:72:f9:45:0d:99:26:ac:13:0b:60:43:38:07:
0f:d8:fc:f8:7d:36:f5:c6:5d:77:27:1c:e5:5f:b0:
1a:a1:86:e7:f7:96:0a:65:1d:e0:0e:22:f0:dc:00:
fd:d9:59:92:49:45:32:fa:5a:11:37:d0:af:57:90:
5b:10:0d:a3:87:4f:f8:fe:85:12:8e:c8:82:a0:89:
a9:7e:9c:24:c8:53:ea:88:e7:62:e2:b3:eb:a1:af:
d7:66:2a:5e:6b:a2:f9:79:a9:52:42:2e:07:01:73:
70:0c:40:9a:80:ed:fc:58:13:84:be:7c:ef:5c:38:
e4:a2:9d:33:d6:df:2a:1a:85:a7:4f:14:ce:e7:9b:
15:71:a5:4a:b6:f7:8e:4a:51:2a:23:b0:a6:16:ae:
50:4f:2b:b5:f4:5d:02:9c:2b:e8:cd:75:e5:d4:a0:
ab:56:2a:53:18:01:f3:8f:af:d2:95:e5:38:81:25:
68:bc:73:d3:a5:40:c6:54:8a:12:1d:23:86:00:f6:
d9:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:0E:11:AB:B4:4F:0D:F1:D0:FD:25:A1:B1:A4:F1:7D:2C:EA:7E:D7
X509v3 Authority Key Identifier:
keyid:85:EE:90:38:FF:C3:54:1A:BD:FB:7D:D9:ED:33:F2:AA:E3:72:E7:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/he6QOP_DVBq9-33Z7TPyquNy54w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/he6QOP_DVBq9-33Z7TPyquNy54w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/08990BC0084E11EF89D29620C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
223.25.224.0/22
Signature Algorithm: sha256WithRSAEncryption
36:07:79:ee:25:89:1a:06:e6:ce:ee:94:73:00:a7:bc:ce:26:
e8:c7:85:2f:aa:8a:20:5f:2c:88:7d:93:6b:1d:32:cd:3f:29:
1d:56:6c:3e:72:5b:ea:fd:f1:cc:35:13:3d:e1:4c:d4:7c:4c:
93:43:da:91:30:0b:78:fc:d2:e9:8a:f3:d7:d4:23:ba:51:d6:
71:c9:44:31:bb:10:fb:a9:b8:7f:6b:cd:ad:c9:a4:fb:64:ff:
30:31:69:62:38:23:ff:0d:bb:f9:50:c1:6e:43:76:7a:11:5f:
fb:0b:91:d1:70:82:1f:e8:83:2d:35:86:e1:08:54:8c:f7:bd:
81:c4:8d:8c:f0:db:30:83:6d:96:43:6a:7a:8c:3b:f2:c4:ff:
09:4b:a4:77:7e:b0:4c:02:94:97:26:46:48:19:29:8d:c8:03:
3c:c6:79:47:a2:21:7e:11:58:dc:87:10:38:c1:a7:19:c2:7c:
15:84:b7:52:61:3d:59:4d:03:48:6a:b4:de:f9:8d:81:ac:33:
6f:4c:25:d8:fd:b9:41:75:1b:ae:d7:ac:84:4c:69:ca:02:b2:
de:59:ff:f3:cd:a9:ec:42:c1:3d:99:da:98:a4:11:46:d2:2a:
b3:fd:6b:57:e1:f1:fe:89:d0:c6:d0:a9:2b:f7:9a:72:a1:02:
59:94:10:0c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBUAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkY1RTQxMTAvBgNVBAUTKDg1RUU5MDM4RkZDMzU0MUFCREZCN0REOUVEMzNGMkFB
RTM3MkU3OEMwHhcNMjUwMjA0MjMxMzIyWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EyOWYxMi0zN2U1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoWVlVK1ynHu+8RkaxTje09mi/EnT3rQ+0imJWQjnchiWfPtR8JbWYz8iBQ77
kzpYtT8dcun3dPxbj4QtvHL5RQ2ZJqwTC2BDOAcP2Pz4fTb1xl13JxzlX7AaoYbn
95YKZR3gDiLw3AD92VmSSUUy+loRN9CvV5BbEA2jh0/4/oUSjsiCoImpfpwkyFPq
iOdi4rProa/XZipea6L5ealSQi4HAXNwDECagO38WBOEvnzvXDjkop0z1t8qGoWn
TxTO55sVcaVKtveOSlEqI7CmFq5QTyu19F0CnCvozXXl1KCrVipTGAHzj6/SleU4
gSVovHPTpUDGVIoSHSOGAPbZ6QIDAQABo4IClTCCApEwHQYDVR0OBBYEFJEOEau0
Tw3x0P0lobGk8X0s6n7XMB8GA1UdIwQYMBaAFIXukDj/w1Qavft92e0z8qrjcueM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRjVFNC9FRDA3OURGRUUz
ODQxMUVCQTg1OTNCNjVDNEY5QUUwMi9oZTZRT1BfRFZCcTktMzNaN1RQeXF1Tnk1
NHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hlNlFPUF9EVkJxOS0zM1o3VFB5cXVOeTU0dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkY1RTQvRUQwNzlERkVFMzg0MTFFQkE4NTkzQjY1QzRGOUFFMDIvMDg5OTBCQzAw
ODRFMTFFRjg5RDI5NjIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALfGeAwDQYJKoZIhvcNAQELBQADggEBADYHee4liRoG5s7u
lHMAp7zOJujHhS+qiiBfLIh9k2sdMs0/KR1WbD5yW+r98cw1Ez3hTNR8TJND2pEw
C3j80umK89fUI7pR1nHJRDG7EPupuH9rza3JpPtk/zAxaWI4I/8Nu/lQwW5DdnoR
X/sLkdFwgh/ogy01huEIVIz3vYHEjYzw2zCDbZZDanqMO/LE/wlLpHd+sEwClJcm
RkgZKY3IAzzGeUeiIX4RWNyHEDjBpxnCfBWEt1JhPVlNA0hqtN75jYGsM29MJdj9
uUF1G67XrIRMacoCst5Z//PNqexCwT2Z2pikEUbSKrP9a1fh8f6J0MbQqSv3mnKh
AlmUEAw=
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:29:50 2025 by rpki-client