Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C74B5/9804356E34AA11EEA06AE133C4F9AE02/FBCA5E628A4E11EE8EFFA44BC4F9AE02.roa
File: FBCA5E628A4E11EE8EFFA44BC4F9AE02.roa (raw, json)
Hash identifier: n7d+wfVovpgFh/VPuHK0Be+tZJiAokXkxVBH6z58Cdo=
Subject key identifier: 71:D6:06:1A:59:FA:EF:E6:DC:39:86:9B:CE:51:1A:AE:4A:7D:0A:99
Certificate issuer: /CN=A91C74B5/serialNumber=E0ECA7BC5B25A0CA374D9A83CC4CF90DD6CF2209
Certificate serial: 0129
Authority key identifier: E0:EC:A7:BC:5B:25:A0:CA:37:4D:9A:83:CC:4C:F9:0D:D6:CF:22:09
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4OynvFsloMo3TZqDzEz5DdbPIgk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C74B5/9804356E34AA11EEA06AE133C4F9AE02/FBCA5E628A4E11EE8EFFA44BC4F9AE02.roa
Signing time: Fri 31 Jan 2025 04:20:13 +0000
ROA not before: Fri 31 Jan 2025 04:20:13 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 8075
IP address blocks: 192.150.134.0/24 maxlen: 24
192.150.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 297 (0x129)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C74B5
Validity
Not Before: Jan 31 04:20:13 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679c4f7d-5f4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:99:9a:c5:75:7d:6f:4a:e7:3f:cd:e3:4f:64:
a0:90:cc:2f:d0:36:4e:bc:8e:eb:07:77:90:3f:b8:
1a:79:ea:66:73:4d:ca:ed:c8:8f:2a:43:73:b4:21:
ec:b0:7b:4c:5e:05:e3:69:1c:b7:41:1d:fb:cb:d6:
ad:f3:7a:5a:64:bb:87:26:29:28:77:00:cc:91:db:
15:e3:9c:8d:5c:14:84:07:c5:94:ac:16:a8:8b:99:
47:74:0e:99:d8:84:63:c6:13:cf:1a:da:a8:66:3d:
a0:76:71:28:7e:b4:33:94:17:5d:ca:a8:e0:76:da:
d0:43:f0:a4:0d:95:f9:59:13:92:36:8f:82:24:3d:
e5:18:39:6b:c3:f8:8a:6d:5a:8b:9e:90:5e:bd:cf:
fa:79:3f:d3:76:12:42:f3:01:38:5b:05:d3:2c:67:
58:b2:d9:e2:3a:dc:08:b1:23:62:09:ae:f0:4c:5b:
77:c6:33:9b:bf:dd:08:ba:a1:d5:a9:90:40:26:23:
69:1f:ad:fd:f0:ae:73:42:c5:85:8d:27:0b:b4:a4:
21:53:97:df:99:19:26:ac:82:7f:e5:bf:a8:f5:5a:
94:07:c4:ef:83:68:05:5c:89:d2:02:a4:49:4e:be:
78:0d:f8:5e:e7:03:04:84:24:d2:e7:96:b1:3e:7f:
af:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D6:06:1A:59:FA:EF:E6:DC:39:86:9B:CE:51:1A:AE:4A:7D:0A:99
X509v3 Authority Key Identifier:
keyid:E0:EC:A7:BC:5B:25:A0:CA:37:4D:9A:83:CC:4C:F9:0D:D6:CF:22:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C74B5/9804356E34AA11EEA06AE133C4F9AE02/4OynvFsloMo3TZqDzEz5DdbPIgk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4OynvFsloMo3TZqDzEz5DdbPIgk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C74B5/9804356E34AA11EEA06AE133C4F9AE02/FBCA5E628A4E11EE8EFFA44BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.150.134.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:c8:58:4a:77:61:5a:08:e4:fd:b0:73:d1:8f:72:dd:d3:ab:
6d:77:49:1d:73:e3:cd:ad:50:6e:a9:46:da:bf:d9:8b:41:19:
bc:34:b5:43:24:ae:2c:b3:e0:14:04:58:d5:fb:a9:06:55:2a:
57:6d:2d:16:86:9f:cd:ad:bc:3e:c6:35:fe:b0:7b:89:7f:01:
d9:54:26:f5:e1:df:02:33:c1:0c:12:c9:46:b4:07:4a:0c:d0:
bc:26:e5:06:12:ef:3b:39:4b:53:b5:d6:90:a7:1c:3a:63:86:
09:16:25:0c:e4:6d:73:55:74:06:44:af:bf:48:9b:6b:60:3b:
d0:91:c0:4a:a6:2d:b0:f1:40:6e:ee:d7:8e:c2:25:c2:42:33:
21:2f:82:91:41:90:76:21:3f:78:6e:72:2a:cf:0e:5b:f5:67:
07:0e:12:78:44:82:fd:47:b6:a4:f5:eb:5e:39:89:cc:30:83:
7d:dc:2c:cc:72:a6:b2:51:d1:4d:9d:39:75:0e:46:1b:42:ee:
e0:ff:cc:f2:4f:15:c2:cc:35:58:fe:1e:8c:77:78:18:ee:84:
0f:4f:97:22:7f:f4:34:45:10:cb:f3:0d:8b:e5:60:e9:88:a3:
00:9f:37:b6:b6:87:0e:95:c6:e9:c6:79:bd:e7:0e:95:55:f9:
7a:2d:f9:98
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICASkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qzc0QjUxMTAvBgNVBAUTKEUwRUNBN0JDNUIyNUEwQ0EzNzREOUE4M0NDNENGOTBE
RDZDRjIyMDkwHhcNMjUwMTMxMDQyMDEzWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzljNGY3ZC01ZjRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw5maxXV9b0rnP83jT2SgkMwv0DZOvI7rB3eQP7gaeepmc03K7ciPKkNztCHs
sHtMXgXjaRy3QR37y9at83paZLuHJikodwDMkdsV45yNXBSEB8WUrBaoi5lHdA6Z
2IRjxhPPGtqoZj2gdnEofrQzlBddyqjgdtrQQ/CkDZX5WROSNo+CJD3lGDlrw/iK
bVqLnpBevc/6eT/TdhJC8wE4WwXTLGdYstniOtwIsSNiCa7wTFt3xjObv90IuqHV
qZBAJiNpH6398K5zQsWFjScLtKQhU5ffmRkmrIJ/5b+o9VqUB8Tvg2gFXInSAqRJ
Tr54Dfhe5wMEhCTS55axPn+vFwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHHWBhpZ
+u/m3DmGm85RGq5KfQqZMB8GA1UdIwQYMBaAFODsp7xbJaDKN02ag8xM+Q3WzyIJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzRCNS85ODA0MzU2RTM0
QUExMUVFQTA2QUUxMzNDNEY5QUUwMi80T3ludkZzbG9NbzNUWnFEekV6NURkYlBJ
Z2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzRPeW52RnNsb01vM1RacUR6RXo1RGRiUElnay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qzc0QjUvOTgwNDM1NkUzNEFBMTFFRUEwNkFFMTMzQzRGOUFFMDIvRkJDQTVFNjI4
QTRFMTFFRThFRkZBNDRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAHAloYwDQYJKoZIhvcNAQELBQADggEBALHIWEp3YVoI5P2w
c9GPct3Tq213SR1z482tUG6pRtq/2YtBGbw0tUMkriyz4BQEWNX7qQZVKldtLRaG
n82tvD7GNf6we4l/AdlUJvXh3wIzwQwSyUa0B0oM0Lwm5QYS7zs5S1O11pCnHDpj
hgkWJQzkbXNVdAZEr79Im2tgO9CRwEqmLbDxQG7u147CJcJCMyEvgpFBkHYhP3hu
cirPDlv1ZwcOEnhEgv1HtqT16145icwwg33cLMxyprJR0U2dOXUORhtC7uD/zPJP
FcLMNVj+Hox3eBjuhA9PlyJ/9DRFEMvzDYvlYOmIowCfN7a2hw6VxunGeb3nDpVV
+Xot+Zg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:34:28 2025 by rpki-client