Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D63AF/4DFE6824B6B711EEA9D7FC3AC4F9AE02/8C508DC055F711EFA5200828C4F9AE02.roa
File: 8C508DC055F711EFA5200828C4F9AE02.roa (raw, json)
Hash identifier: ihNWokHlCtMazUN4Q0S1jw6bRWJLab7FqUZHdXu5av8=
Subject key identifier: C5:09:C4:1E:F5:72:FA:E9:28:D7:49:BF:24:83:2B:EE:84:72:DE:60
Certificate issuer: /CN=A91D63AF/serialNumber=3474C2539861100AFD963A163C802D0264F8EC7D
Certificate serial: D6
Authority key identifier: 34:74:C2:53:98:61:10:0A:FD:96:3A:16:3C:80:2D:02:64:F8:EC:7D
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NHTCU5hhEAr9ljoWPIAtAmT47H0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D63AF/4DFE6824B6B711EEA9D7FC3AC4F9AE02/8C508DC055F711EFA5200828C4F9AE02.roa
Signing time: Thu 13 Feb 2025 07:08:08 +0000
ROA not before: Thu 13 Feb 2025 07:08:08 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 140362
IP address blocks: 157.10.251.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 214 (0xd6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D63AF
Validity
Not Before: Feb 13 07:08:08 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67ad9a58-9360
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6e:67:5d:b5:8c:96:a9:94:57:7b:34:2d:c5:
91:64:cd:8d:56:31:15:54:45:11:b1:b2:e7:d8:b2:
2d:04:e9:97:9e:ff:d2:94:76:1c:a2:68:04:3c:b1:
37:fb:68:cb:6d:6d:a9:52:eb:77:d6:dc:f5:fc:2e:
37:52:5e:cd:45:b2:57:55:08:d7:0c:8d:ef:1b:73:
fa:f7:40:7e:19:d0:45:ab:5d:75:b5:82:0a:d1:ca:
82:91:6d:25:06:c2:e6:0b:18:a3:54:80:05:ac:83:
a5:ac:bd:5a:92:c7:9e:48:45:d1:57:46:da:69:6b:
66:33:43:67:71:b4:26:5e:ab:2f:a8:a6:b0:32:5a:
66:57:99:5c:6e:9d:b3:dc:3c:93:77:34:97:07:e8:
b6:b7:44:10:7f:37:0d:67:e0:86:ce:ab:e5:31:ee:
95:cb:4b:69:11:a4:94:5f:b0:da:05:43:53:58:4f:
1a:af:8f:69:88:75:2c:ef:2b:9b:f3:dc:6c:c0:ef:
e2:1c:96:07:5b:9d:1b:90:ab:d5:41:13:35:eb:ee:
0f:d7:a5:c8:dc:0d:24:cd:5b:cc:17:93:f6:25:b4:
e7:0e:ed:25:a3:f0:0d:63:20:45:0d:d7:22:20:9d:
1c:4a:ed:64:b7:2a:0d:84:cb:95:f4:9e:86:96:86:
5d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:09:C4:1E:F5:72:FA:E9:28:D7:49:BF:24:83:2B:EE:84:72:DE:60
X509v3 Authority Key Identifier:
keyid:34:74:C2:53:98:61:10:0A:FD:96:3A:16:3C:80:2D:02:64:F8:EC:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D63AF/4DFE6824B6B711EEA9D7FC3AC4F9AE02/NHTCU5hhEAr9ljoWPIAtAmT47H0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NHTCU5hhEAr9ljoWPIAtAmT47H0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D63AF/4DFE6824B6B711EEA9D7FC3AC4F9AE02/8C508DC055F711EFA5200828C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.251.0/24
Signature Algorithm: sha256WithRSAEncryption
68:8d:92:38:ce:7b:74:51:43:c9:51:08:69:1f:fc:8d:30:34:
fc:ff:b8:77:54:f5:1e:ff:4f:2d:e9:18:2b:f8:f7:36:3c:73:
6e:a2:72:aa:4b:ed:d7:a3:1f:32:f0:7d:a2:3c:16:da:4c:63:
a4:3d:0e:e3:d0:38:a6:03:9a:61:19:1c:65:1a:db:3c:50:02:
7f:1d:7d:6b:d8:32:68:a1:a2:cd:28:c2:ff:ea:a5:1e:9c:fa:
33:6a:1c:d5:7b:a5:e4:32:8d:67:74:8e:6b:8f:eb:a1:92:9d:
41:0a:60:2a:cd:91:3e:ba:94:2f:ea:95:06:bb:26:4a:94:ad:
b6:f3:75:cb:f7:be:42:e3:02:d4:8c:9c:3a:c9:c0:74:c9:59:
4b:07:f3:53:08:be:b8:a0:98:6a:0f:3a:78:7f:ec:d3:6c:ca:
47:c4:a0:65:41:f1:1c:6e:63:27:6b:99:dc:01:0a:39:3b:20:
37:44:b6:a0:9f:47:d1:ef:68:58:9e:2a:47:5b:88:28:92:a6:
0c:94:54:e1:6e:f8:32:5f:40:20:b0:51:34:0b:e9:d0:37:8c:
a7:5e:8f:d9:98:1f:86:5c:ab:06:20:6d:28:61:08:24:21:5d:
7d:13:f3:e0:ad:1f:da:c4:f8:17:1d:2c:9f:64:77:24:81:37:
08:28:db:ee
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICANYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDYzQUYxMTAvBgNVBAUTKDM0NzRDMjUzOTg2MTEwMEFGRDk2M0ExNjNDODAyRDAy
NjRGOEVDN0QwHhcNMjUwMjEzMDcwODA4WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FkOWE1OC05MzYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmm5nXbWMlqmUV3s0LcWRZM2NVjEVVEURsbLn2LItBOmXnv/SlHYcomgEPLE3
+2jLbW2pUut31tz1/C43Ul7NRbJXVQjXDI3vG3P690B+GdBFq111tYIK0cqCkW0l
BsLmCxijVIAFrIOlrL1akseeSEXRV0baaWtmM0NncbQmXqsvqKawMlpmV5lcbp2z
3DyTdzSXB+i2t0QQfzcNZ+CGzqvlMe6Vy0tpEaSUX7DaBUNTWE8ar49piHUs7yub
89xswO/iHJYHW50bkKvVQRM16+4P16XI3A0kzVvMF5P2JbTnDu0lo/ANYyBFDdci
IJ0cSu1ktyoNhMuV9J6GloZdUwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMUJxB71
cvrpKNdJvySDK+6Ect5gMB8GA1UdIwQYMBaAFDR0wlOYYRAK/ZY6FjyALQJk+Ox9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENjNBRi80REZFNjgyNEI2
QjcxMUVFQTlEN0ZDM0FDNEY5QUUwMi9OSFRDVTVoaEVBcjlsam9XUElBdEFtVDQ3
SDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL05IVENVNWhoRUFyOWxqb1dQSUF0QW1UNDdIMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDYzQUYvNERGRTY4MjRCNkI3MTFFRUE5RDdGQzNBQzRGOUFFMDIvOEM1MDhEQzA1
NUY3MTFFRkE1MjAwODI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACdCvswDQYJKoZIhvcNAQELBQADggEBAGiNkjjOe3RRQ8lR
CGkf/I0wNPz/uHdU9R7/Ty3pGCv49zY8c26icqpL7dejHzLwfaI8FtpMY6Q9DuPQ
OKYDmmEZHGUa2zxQAn8dfWvYMmihos0owv/qpR6c+jNqHNV7peQyjWd0jmuP66GS
nUEKYCrNkT66lC/qlQa7JkqUrbbzdcv3vkLjAtSMnDrJwHTJWUsH81MIvrigmGoP
Onh/7NNsykfEoGVB8RxuYydrmdwBCjk7IDdEtqCfR9HvaFieKkdbiCiSpgyUVOFu
+DJfQCCwUTQL6dA3jKdej9mYH4ZcqwYgbShhCCQhXX0T8+CtH9rE+BcdLJ9kdySB
Nwgo2+4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:50:18 2025 by rpki-client