Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914530B/9E75DDB6B79A11EFA0D6975DC4F9AE02/87A33C66B79D11EF9A384C65C4F9AE02.roa
File: 87A33C66B79D11EF9A384C65C4F9AE02.roa (raw, json)
Hash identifier: G0RH92bUHo0viHdC4w7f3T+l7e4HdL4P2CYtBV/Kdpc=
Subject key identifier: 1C:65:72:24:B1:2A:A4:4A:CD:04:25:F5:64:34:22:D9:9C:9B:44:D1
Certificate issuer: /CN=A914530B/serialNumber=E77A798419B3F38C8B02590A294C7B35F7C3444C
Certificate serial: 02
Authority key identifier: E7:7A:79:84:19:B3:F3:8C:8B:02:59:0A:29:4C:7B:35:F7:C3:44:4C
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/53p5hBmz84yLAlkKKUx7NffDREw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914530B/9E75DDB6B79A11EFA0D6975DC4F9AE02/87A33C66B79D11EF9A384C65C4F9AE02.roa
Signing time: Wed 11 Dec 2024 08:54:29 +0000
ROA not before: Wed 11 Dec 2024 08:54:29 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 2914
IP address blocks: 157.15.200.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914530B/serialNumber=E77A798419B3F38C8B02590A294C7B35F7C3444C
Validity
Not Before: Dec 11 08:54:29 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=67595344-711c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c7:9a:25:a8:84:8c:f0:69:b9:b6:26:28:43:
e4:8a:26:9c:78:19:5a:3d:28:74:d9:69:fe:28:d5:
9d:f6:7b:c9:12:ca:05:3b:82:5d:36:fe:a6:bb:23:
55:18:0e:d9:6d:c7:d4:13:c2:cd:cd:51:0b:03:38:
d7:37:3e:10:16:28:7c:59:79:de:1f:b4:4e:d7:0d:
04:e0:3c:28:5f:11:bb:65:8e:9e:ca:90:30:fc:1a:
45:0c:cd:71:54:b4:19:11:30:32:8d:64:e5:1f:d1:
63:3d:ca:2e:74:b8:4c:42:e2:77:80:ce:d6:e9:e4:
6c:96:a7:9f:9f:04:b3:8b:4d:af:d1:5f:ab:74:a5:
62:2f:09:19:1a:64:9c:89:0f:cb:de:42:23:6f:e5:
6d:48:e8:33:e2:9c:16:8d:b9:38:12:af:8b:7a:9f:
be:19:82:28:b2:b1:e5:f3:ae:ff:ea:35:2b:b3:57:
58:ac:a5:8e:89:12:1d:6e:28:d7:18:9b:7d:77:3b:
6e:f9:e3:f9:d6:17:43:e2:e6:31:22:6f:d5:3a:08:
91:bc:bc:16:84:86:85:3a:2d:3a:5b:30:58:87:cd:
71:5a:cf:d1:8c:00:9f:38:50:c2:97:ef:b5:df:4f:
b0:cf:14:a4:13:d1:fd:d0:44:44:49:8b:cc:3e:f4:
f4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:65:72:24:B1:2A:A4:4A:CD:04:25:F5:64:34:22:D9:9C:9B:44:D1
X509v3 Authority Key Identifier:
keyid:E7:7A:79:84:19:B3:F3:8C:8B:02:59:0A:29:4C:7B:35:F7:C3:44:4C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914530B/9E75DDB6B79A11EFA0D6975DC4F9AE02/53p5hBmz84yLAlkKKUx7NffDREw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/53p5hBmz84yLAlkKKUx7NffDREw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914530B/9E75DDB6B79A11EFA0D6975DC4F9AE02/87A33C66B79D11EF9A384C65C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.200.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:02:26:ab:2a:bb:4b:d7:63:95:66:75:a5:b7:eb:7d:dd:c4:
08:ba:91:99:a4:65:1c:3d:79:2a:1e:f5:63:17:02:fb:4c:1a:
13:8c:f1:40:0a:53:10:d0:8a:25:98:a8:c0:4c:4c:63:ed:57:
0d:ed:13:ce:22:20:5f:10:36:87:73:4d:65:cc:e4:7b:bf:a5:
23:03:e3:96:57:28:a6:71:bf:87:a8:4e:e3:b1:c0:ea:39:3d:
19:27:ed:a8:32:5f:aa:7c:8b:e6:9c:85:dd:77:92:66:4e:01:
f1:7a:e9:84:c1:58:7f:de:2b:3a:52:96:72:f4:47:07:1e:2f:
30:0d:38:2b:dd:93:1c:d2:cb:b9:05:47:10:07:e8:7a:85:78:
ed:e0:a0:21:d6:90:ef:0c:98:0a:91:1d:f5:56:68:c6:b9:43:
66:e5:74:6b:f3:9b:0e:7f:59:88:e3:a7:0c:d7:e0:b7:ee:a1:
0b:71:3d:6e:ff:1a:43:c7:e0:7a:f9:40:ed:7c:6d:24:7a:a3:
14:69:36:cb:02:33:5c:07:45:3d:0e:04:43:58:fe:87:bf:27:
dc:eb:d0:41:29:8e:2f:fe:9e:db:fe:32:74:b4:6b:8a:bb:de:
bb:d5:aa:55:31:fd:4f:8b:a9:1b:7c:78:39:35:19:ac:ec:02:
68:53:ff:ac
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
NTMwQjExMC8GA1UEBRMoRTc3QTc5ODQxOUIzRjM4QzhCMDI1OTBBMjk0QzdCMzVG
N0MzNDQ0QzAeFw0yNDEyMTEwODU0MjlaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NTk1MzQ0LTcxMWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCkx5olqISM8Gm5tiYoQ+SKJpx4GVo9KHTZaf4o1Z32e8kSygU7gl02/qa7I1UY
Dtltx9QTws3NUQsDONc3PhAWKHxZed4ftE7XDQTgPChfEbtljp7KkDD8GkUMzXFU
tBkRMDKNZOUf0WM9yi50uExC4neAztbp5GyWp5+fBLOLTa/RX6t0pWIvCRkaZJyJ
D8veQiNv5W1I6DPinBaNuTgSr4t6n74ZgiiyseXzrv/qNSuzV1ispY6JEh1uKNcY
m313O2754/nWF0Pi5jEib9U6CJG8vBaEhoU6LTpbMFiHzXFaz9GMAJ84UMKX77Xf
T7DPFKQT0f3QRERJi8w+9PRnAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUHGVyJLEq
pErNBCX1ZDQi2ZybRNEwHwYDVR0jBBgwFoAU53p5hBmz84yLAlkKKUx7NffDREww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ1MzBCLzlFNzVEREI2Qjc5
QTExRUZBMEQ2OTc1REM0RjlBRTAyLzUzcDVoQm16ODR5TEFsa0tLVXg3TmZmRFJF
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvNTNwNWhCbXo4NHlMQWxrS0tVeDdOZmZEUkV3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
NTMwQi85RTc1RERCNkI3OUExMUVGQTBENjk3NURDNEY5QUUwMi84N0EzM0M2NkI3
OUQxMUVGOUEzODRDNjVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0PyDANBgkqhkiG9w0BAQsFAAOCAQEAbgImqyq7S9djlWZ1
pbfrfd3ECLqRmaRlHD15Kh71YxcC+0waE4zxQApTENCKJZiowExMY+1XDe0TziIg
XxA2h3NNZczke7+lIwPjllcopnG/h6hO47HA6jk9GSftqDJfqnyL5pyF3XeSZk4B
8XrphMFYf94rOlKWcvRHBx4vMA04K92THNLLuQVHEAfoeoV47eCgIdaQ7wyYCpEd
9VZoxrlDZuV0a/ObDn9ZiOOnDNfgt+6hC3E9bv8aQ8fgevlA7XxtJHqjFGk2ywIz
XAdFPQ4EQ1j+h78n3OvQQSmOL/6e2/4ydLRrirveu9WqVTH9T4upG3x4OTUZrOwC
aFP/rA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 16:33:47 2025 by rpki-client