Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/1ADDEF70D25C11EFB20F5434C4F9AE02.roa
File: 1ADDEF70D25C11EFB20F5434C4F9AE02.roa (raw, json)
Hash identifier: 0Y+HpFJxqADCETk2aDHWFOkFvZbi5uwuV5GO0FWF5Jg=
Subject key identifier: 89:8D:57:AF:56:6F:69:CC:C9:3B:64:B7:01:7E:B1:89:2F:47:9E:6F
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0BFD
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/1ADDEF70D25C11EFB20F5434C4F9AE02.roa
Signing time: Tue 14 Jan 2025 09:44:10 +0000
ROA not before: Tue 14 Jan 2025 09:44:10 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 43260
IP address blocks: 14.192.134.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3069 (0xbfd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: Jan 14 09:44:10 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=678631ea-e3d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:03:cf:d8:8f:6d:6f:e2:50:46:e5:a9:c1:43:
cf:0f:01:5c:96:d0:11:be:37:0a:aa:42:13:ec:d3:
02:10:bc:6f:7a:d3:ea:8e:51:2e:ed:5c:81:a0:6e:
26:44:13:01:1d:5e:0f:fc:de:d6:23:be:4a:d6:5f:
40:79:cc:84:7c:cc:8e:09:0a:ef:ce:95:c2:bf:73:
13:b4:39:86:f3:d4:c0:83:60:13:e5:29:44:cf:e9:
21:67:95:c0:59:6d:9c:d1:ad:d0:19:7e:a3:aa:74:
26:71:f2:13:4d:bc:48:62:d0:fd:88:06:40:8f:5c:
0c:97:a0:ae:6e:9c:1e:c2:f1:6c:41:20:0c:27:a2:
5c:01:2f:d5:28:c8:a1:e0:8f:86:82:75:2d:67:df:
97:e3:34:16:02:09:54:49:d4:95:60:68:cf:45:98:
ee:22:af:40:78:f6:59:8f:f9:71:40:a3:b2:69:c5:
f1:47:9f:f0:69:10:e1:77:3e:d0:eb:b8:6a:2f:5b:
c2:92:25:20:15:1c:65:d7:63:71:ef:fc:e1:75:9d:
16:99:a0:54:58:67:29:c2:b6:2f:a8:28:c0:cd:6d:
e7:6b:31:f9:a5:3b:ba:aa:c6:35:24:f1:11:70:07:
32:a3:52:d6:70:fe:ed:e9:eb:2d:18:40:31:f2:60:
53:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:8D:57:AF:56:6F:69:CC:C9:3B:64:B7:01:7E:B1:89:2F:47:9E:6F
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/1ADDEF70D25C11EFB20F5434C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.134.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:fa:82:d8:e0:73:ae:b0:e4:f1:0f:24:31:e3:fd:05:63:33:
d6:43:17:56:bc:79:8c:37:53:f4:29:fb:92:bf:49:ef:75:1a:
ed:6d:71:23:e8:5e:b0:18:4a:0d:ba:c7:e8:3e:cd:3c:79:1f:
9f:9f:77:94:b0:cb:36:87:14:8a:c3:69:7d:bb:d7:d5:41:23:
5d:b5:5c:f0:62:f8:0f:18:59:3f:99:02:b3:1c:4a:36:95:1b:
ab:1f:f9:b2:90:a8:65:30:c9:37:20:7c:aa:6f:8c:99:ae:4e:
d8:b9:7b:a1:07:d0:a5:6b:31:23:3c:ad:85:7e:b9:1a:58:2a:
c8:ea:8c:c1:67:a6:c5:d4:ff:01:ff:2e:62:67:28:5c:23:d4:
75:ec:ce:f5:83:a4:5a:db:97:ca:6a:87:51:34:6c:d5:e4:98:
f2:40:ea:6c:8c:ee:a6:fa:fd:1e:34:45:00:d3:22:08:ce:d6:
38:4e:37:7f:23:c9:a5:15:10:a3:c1:eb:5a:d4:4f:49:ae:51:
03:3d:47:b7:71:76:fa:03:1b:4b:b3:5a:a2:b0:80:fc:08:3f:
35:7d:d7:bc:da:f1:41:15:46:e0:aa:20:6b:f9:92:06:df:37:
03:86:2e:88:5e:7d:b5:33:98:e0:e8:e7:11:3b:d3:5b:ba:5e:
a6:3c:1b:ac
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC/0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwMTE0MDk0NDEwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg2MzFlYS1lM2QwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAogPP2I9tb+JQRuWpwUPPDwFcltARvjcKqkIT7NMCELxvetPqjlEu7VyBoG4m
RBMBHV4P/N7WI75K1l9AecyEfMyOCQrvzpXCv3MTtDmG89TAg2AT5SlEz+khZ5XA
WW2c0a3QGX6jqnQmcfITTbxIYtD9iAZAj1wMl6CubpwewvFsQSAMJ6JcAS/VKMih
4I+GgnUtZ9+X4zQWAglUSdSVYGjPRZjuIq9AePZZj/lxQKOyacXxR5/waRDhdz7Q
67hqL1vCkiUgFRxl12Nx7/zhdZ0WmaBUWGcpwrYvqCjAzW3nazH5pTu6qsY1JPER
cAcyo1LWcP7t6estGEAx8mBTeQIDAQABo4IClTCCApEwHQYDVR0OBBYEFImNV69W
b2nMyTtktwF+sYkvR55vMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvMUFEREVGNzBE
MjVDMTFFRkIyMEY1NDM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAOwIYwDQYJKoZIhvcNAQELBQADggEBAKH6gtjgc66w5PEP
JDHj/QVjM9ZDF1a8eYw3U/Qp+5K/Se91Gu1tcSPoXrAYSg26x+g+zTx5H5+fd5Sw
yzaHFIrDaX2719VBI121XPBi+A8YWT+ZArMcSjaVG6sf+bKQqGUwyTcgfKpvjJmu
Tti5e6EH0KVrMSM8rYV+uRpYKsjqjMFnpsXU/wH/LmJnKFwj1HXszvWDpFrbl8pq
h1E0bNXkmPJA6myM7qb6/R40RQDTIgjO1jhON38jyaUVEKPB61rUT0muUQM9R7dx
dvoDG0uzWqKwgPwIPzV917za8UEVRuCqIGv5kgbfNwOGLohefbUzmODo5xE701u6
XqY8G6w=
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:16:30 2025 by rpki-client