Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/0E3F36D8C43D11EBAB31777FC4F9AE02.roa
File: 0E3F36D8C43D11EBAB31777FC4F9AE02.roa (raw, json)
Hash identifier: BThAKf2icEZsZqpXgnFl9VpqvpRKYGs7e0515Blb0yw=
Subject key identifier: 4C:4B:63:62:1A:0C:70:65:00:5D:34:32:26:D7:4A:86:12:C6:FE:EC
Certificate issuer: /CN=A91CFFA0/serialNumber=05433C3AEA8A49702C9A82EEC95D16B5503CEA60
Certificate serial: 0D0B
Authority key identifier: 05:43:3C:3A:EA:8A:49:70:2C:9A:82:EE:C9:5D:16:B5:50:3C:EA:60
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/0E3F36D8C43D11EBAB31777FC4F9AE02.roa
Signing time: Tue 14 Jan 2025 18:16:09 +0000
ROA not before: Tue 14 Jan 2025 18:16:09 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 19551
IP address blocks: 134.159.88.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3339 (0xd0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CFFA0
Validity
Not Before: Jan 14 18:16:09 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6786a9e9-b04a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e0:78:ca:25:a0:65:d6:27:34:98:77:b7:ae:
21:7a:8d:f7:e7:05:54:0d:cb:8e:dc:9b:71:6e:58:
3d:ef:6e:b2:68:18:36:9a:4a:ef:5f:da:91:31:17:
58:7a:25:de:37:80:a1:f7:b8:2b:86:d0:b7:74:81:
38:bd:cf:33:9c:6d:85:73:56:ac:ca:b2:c6:40:a9:
7f:59:e0:24:1a:56:2a:be:cb:a1:76:15:b7:e7:b7:
be:59:2a:c3:46:cd:01:5c:be:14:cd:c0:69:d9:9a:
c3:e8:fc:6e:33:7b:91:5d:53:e2:f0:0c:74:7d:93:
43:ec:7d:89:f2:9a:5f:cc:f2:8d:86:2e:6d:5a:08:
19:3b:42:d2:fb:7e:fb:9b:db:e3:40:2e:67:87:92:
60:47:60:0f:68:42:e1:e7:69:ce:86:bb:ac:f3:f1:
81:15:cd:9d:d2:b3:ca:25:16:67:b4:06:6e:8c:69:
ab:dc:2b:e8:fc:4d:dd:a9:5c:aa:b9:93:23:bc:db:
d5:e2:67:0e:9a:39:a8:2c:6b:8c:4e:3e:f8:1a:4a:
5d:c4:06:e1:95:69:a1:72:da:6e:c0:54:f8:90:c7:
f5:8f:53:22:0a:ad:a5:b5:f3:fc:82:44:8f:eb:02:
da:d5:db:c0:e4:69:13:80:7d:7f:11:9a:d2:8c:56:
17:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:4B:63:62:1A:0C:70:65:00:5D:34:32:26:D7:4A:86:12:C6:FE:EC
X509v3 Authority Key Identifier:
keyid:05:43:3C:3A:EA:8A:49:70:2C:9A:82:EE:C9:5D:16:B5:50:3C:EA:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/0E3F36D8C43D11EBAB31777FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
134.159.88.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:26:e3:f7:52:a6:26:a3:d9:3d:df:80:f2:81:45:20:0c:84:
ee:66:0f:a8:ba:9b:f8:4c:73:60:92:15:6d:98:b3:2d:67:fc:
90:ad:b4:f2:66:53:a9:ed:4d:11:81:76:5d:ff:32:78:20:0d:
3d:53:a7:59:2f:d1:73:d5:f1:8d:af:d1:ab:47:27:c1:c8:25:
80:89:a5:b2:9c:9e:63:4a:f2:a4:0e:c2:b7:36:a8:ad:af:18:
49:5f:49:ac:96:f0:89:70:d8:f6:0b:73:fa:2e:bd:b2:66:77:
e0:04:15:3f:39:8b:9b:c3:72:c0:23:7f:75:8b:f1:df:fc:02:
3c:bb:5e:b0:5e:e7:3d:1c:79:fe:93:63:1b:7c:a9:d2:a5:63:
8b:5b:3d:32:de:e9:07:de:93:26:c7:60:11:1f:df:27:ec:e8:
22:50:13:f7:5a:b7:68:0a:e4:11:9a:6f:3d:b3:73:a9:c4:a3:
a1:4c:88:a8:ef:b1:8c:bc:30:2b:0f:ea:6b:27:37:3c:f5:ef:
d6:50:d5:0a:72:bd:dc:0a:a9:b0:d6:bf:93:29:a3:0d:0a:b7:
a7:4b:11:98:af:ee:59:bb:c3:05:f1:c6:9c:4d:32:f2:86:29:
89:50:a5:66:c9:e6:02:d6:09:97:2f:1b:5d:29:73:00:e2:f8:
79:39:a8:d1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDQswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0ZGQTAxMTAvBgNVBAUTKDA1NDMzQzNBRUE4QTQ5NzAyQzlBODJFRUM5NUQxNkI1
NTAzQ0VBNjAwHhcNMjUwMTE0MTgxNjA5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg2YTllOS1iMDRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs+B4yiWgZdYnNJh3t64heo335wVUDcuO3Jtxblg9726yaBg2mkrvX9qRMRdY
eiXeN4Ch97grhtC3dIE4vc8znG2Fc1asyrLGQKl/WeAkGlYqvsuhdhW357e+WSrD
Rs0BXL4UzcBp2ZrD6PxuM3uRXVPi8Ax0fZND7H2J8ppfzPKNhi5tWggZO0LS+377
m9vjQC5nh5JgR2APaELh52nOhrus8/GBFc2d0rPKJRZntAZujGmr3Cvo/E3dqVyq
uZMjvNvV4mcOmjmoLGuMTj74GkpdxAbhlWmhctpuwFT4kMf1j1MiCq2ltfP8gkSP
6wLa1dvA5GkTgH1/EZrSjFYX6QIDAQABo4IClTCCApEwHQYDVR0OBBYEFExLY2Ia
DHBlAF00MibXSoYSxv7sMB8GA1UdIwQYMBaAFAVDPDrqiklwLJqC7sldFrVQPOpg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xNTBCRjY5MEQ4
Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9CVU04T3VxS1NYQXNtb0x1eVYwV3RWQTg2
bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0JVTThPdXFLU1hBc21vTHV5VjBXdFZBODZtQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0ZGQTAvMTUwQkY2OTBEOENCMTFFOUJBRTI0RDIxQzRGOUFFMDIvMEUzRjM2RDhD
NDNEMTFFQkFCMzE3NzdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACGn1gwDQYJKoZIhvcNAQELBQADggEBAKcm4/dSpiaj2T3f
gPKBRSAMhO5mD6i6m/hMc2CSFW2Ysy1n/JCttPJmU6ntTRGBdl3/MnggDT1Tp1kv
0XPV8Y2v0atHJ8HIJYCJpbKcnmNK8qQOwrc2qK2vGElfSayW8Ilw2PYLc/ouvbJm
d+AEFT85i5vDcsAjf3WL8d/8Ajy7XrBe5z0cef6TYxt8qdKlY4tbPTLe6QfekybH
YBEf3yfs6CJQE/dat2gK5BGabz2zc6nEo6FMiKjvsYy8MCsP6msnNzz179ZQ1Qpy
vdwKqbDWv5Mpow0Kt6dLEZiv7lm7wwXxxpxNMvKGKYlQpWbJ5gLWCZcvG10pcwDi
+Hk5qNE=
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:26:40 2025 by rpki-client