Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914530B/9E75DDB6B79A11EFA0D6975DC4F9AE02/87A33C66B79D11EF9A384C65C4F9AE02.roa
File: 87A33C66B79D11EF9A384C65C4F9AE02.roa (raw, json)
Hash identifier: PmWdGEFbgxUM5JARv+3955i+yLCgnSi8KLnrb7A4Hd0=
Subject key identifier: 7D:F6:50:43:AC:FB:28:63:7F:D7:C5:8B:19:0D:C8:00:ED:A6:7A:1E
Certificate issuer: /CN=A914530B/serialNumber=E77A798419B3F38C8B02590A294C7B35F7C3444C
Certificate serial: 28
Authority key identifier: E7:7A:79:84:19:B3:F3:8C:8B:02:59:0A:29:4C:7B:35:F7:C3:44:4C
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/53p5hBmz84yLAlkKKUx7NffDREw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914530B/9E75DDB6B79A11EFA0D6975DC4F9AE02/87A33C66B79D11EF9A384C65C4F9AE02.roa
Signing time: Mon 17 Feb 2025 09:00:09 +0000
ROA not before: Mon 17 Feb 2025 09:00:09 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 2914
IP address blocks: 157.15.200.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40 (0x28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914530B
Validity
Not Before: Feb 17 09:00:09 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67b2fa98-0112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:2e:11:60:4d:6d:3a:1c:31:b2:fc:c0:56:15:
7c:c0:c1:89:43:34:d2:18:b6:27:7c:05:6f:98:ef:
45:17:4a:53:b1:5f:da:97:5c:fc:45:40:92:53:97:
09:42:e6:d5:c7:f7:8a:49:2b:a8:23:1f:75:c4:b7:
b4:e7:fb:ac:c5:65:af:fd:5b:75:07:eb:69:8b:f0:
63:08:17:29:81:94:7c:bc:43:b2:81:eb:fa:70:0f:
09:91:77:3f:bd:f2:27:93:fe:50:c7:19:13:f7:35:
d6:ef:fe:11:bb:05:4d:34:d8:2a:b6:af:5c:7b:3c:
ac:a6:c0:f0:19:45:16:05:29:97:25:22:e1:ed:62:
24:e7:c9:7c:98:aa:d0:cb:18:98:fe:96:da:06:f1:
b5:7c:98:3b:eb:4e:fe:72:5a:29:58:2a:29:a1:f2:
4b:c8:b4:bf:3b:43:40:01:24:b3:16:8d:64:8c:1b:
3e:82:61:da:7a:df:d6:b6:d9:27:ba:cc:73:01:f8:
a0:60:78:70:47:b8:98:d2:20:64:ab:0a:36:a9:95:
3b:37:a8:fe:04:80:85:ac:d7:9a:90:69:dd:78:73:
5c:b8:d7:a4:87:ee:18:ef:26:51:ad:a4:20:93:28:
75:3a:0c:46:ea:4f:19:67:f1:b7:96:d2:89:55:65:
2b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:F6:50:43:AC:FB:28:63:7F:D7:C5:8B:19:0D:C8:00:ED:A6:7A:1E
X509v3 Authority Key Identifier:
keyid:E7:7A:79:84:19:B3:F3:8C:8B:02:59:0A:29:4C:7B:35:F7:C3:44:4C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914530B/9E75DDB6B79A11EFA0D6975DC4F9AE02/53p5hBmz84yLAlkKKUx7NffDREw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/53p5hBmz84yLAlkKKUx7NffDREw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914530B/9E75DDB6B79A11EFA0D6975DC4F9AE02/87A33C66B79D11EF9A384C65C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.200.0/23
Signature Algorithm: sha256WithRSAEncryption
bb:48:f8:85:e7:24:38:8d:66:dd:9e:b7:a0:14:4a:66:8d:b9:
fc:d1:a3:f7:ea:b3:52:24:9a:5a:29:b0:13:2b:5c:c2:c9:84:
2c:cc:b4:c0:af:81:62:bb:dd:ee:9e:ff:5d:86:3c:b3:69:f8:
1f:91:21:8b:a2:fb:fd:10:c4:d2:61:af:67:3c:7d:4c:7a:58:
39:fb:ba:a5:c5:14:87:f6:59:d2:61:8f:49:ae:11:b3:fa:c5:
19:00:d2:cb:06:90:39:70:94:ab:1a:3b:dd:5b:84:0e:d2:04:
c4:33:27:2d:8e:6a:d5:af:ea:c0:3d:bb:7a:1d:5e:87:fa:1c:
50:49:bb:6f:bf:56:7a:6a:71:fe:be:fb:c2:23:25:d6:fd:16:
be:3e:1c:5a:1b:b7:07:31:14:b2:74:b3:bd:78:15:76:4e:19:
5b:1a:4b:3a:75:6a:c3:ff:65:95:fa:8d:3c:5a:46:d5:a3:1d:
40:45:92:44:fb:fc:fa:b7:fd:fe:50:be:b7:1c:0a:7a:ce:8b:
a3:b8:8d:6f:c9:0b:18:32:b1:37:fc:2d:66:ed:01:f3:40:58:
e3:3f:64:01:9f:ad:4c:ce:3c:8e:1d:e3:85:89:43:29:e2:54:
1b:ab:ea:34:76:7c:29:1d:cc:5e:30:e3:1b:77:98:da:6c:dc:
20:d8:77:cb
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBKDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
NTMwQjExMC8GA1UEBRMoRTc3QTc5ODQxOUIzRjM4QzhCMDI1OTBBMjk0QzdCMzVG
N0MzNDQ0QzAeFw0yNTAyMTcwOTAwMDlaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YjJmYTk4LTAxMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCVLhFgTW06HDGy/MBWFXzAwYlDNNIYtid8BW+Y70UXSlOxX9qXXPxFQJJTlwlC
5tXH94pJK6gjH3XEt7Tn+6zFZa/9W3UH62mL8GMIFymBlHy8Q7KB6/pwDwmRdz+9
8ieT/lDHGRP3Ndbv/hG7BU002Cq2r1x7PKymwPAZRRYFKZclIuHtYiTnyXyYqtDL
GJj+ltoG8bV8mDvrTv5yWilYKimh8kvItL87Q0ABJLMWjWSMGz6CYdp639a22Se6
zHMB+KBgeHBHuJjSIGSrCjaplTs3qP4EgIWs15qQad14c1y416SH7hjvJlGtpCCT
KHU6DEbqTxln8beW0olVZStzAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUffZQQ6z7
KGN/18WLGQ3IAO2meh4wHwYDVR0jBBgwFoAU53p5hBmz84yLAlkKKUx7NffDREww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ1MzBCLzlFNzVEREI2Qjc5
QTExRUZBMEQ2OTc1REM0RjlBRTAyLzUzcDVoQm16ODR5TEFsa0tLVXg3TmZmRFJF
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvNTNwNWhCbXo4NHlMQWxrS0tVeDdOZmZEUkV3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
NTMwQi85RTc1RERCNkI3OUExMUVGQTBENjk3NURDNEY5QUUwMi84N0EzM0M2NkI3
OUQxMUVGOUEzODRDNjVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0PyDANBgkqhkiG9w0BAQsFAAOCAQEAu0j4heckOI1m3Z63
oBRKZo25/NGj9+qzUiSaWimwEytcwsmELMy0wK+BYrvd7p7/XYY8s2n4H5Ehi6L7
/RDE0mGvZzx9THpYOfu6pcUUh/ZZ0mGPSa4Rs/rFGQDSywaQOXCUqxo73VuEDtIE
xDMnLY5q1a/qwD27eh1eh/ocUEm7b79Wempx/r77wiMl1v0Wvj4cWhu3BzEUsnSz
vXgVdk4ZWxpLOnVqw/9llfqNPFpG1aMdQEWSRPv8+rf9/lC+txwKes6Lo7iNb8kL
GDKxN/wtZu0B80BY4z9kAZ+tTM48jh3jhYlDKeJUG6vqNHZ8KR3MXjDjG3eY2mzc
INh3yw==
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:30:57 2025 by rpki-client