Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9172B65/015F6DEE45B711EFA59E1332C4F9AE02/76C3F7C645B711EFA2F0C732C4F9AE02.roa
File: 76C3F7C645B711EFA2F0C732C4F9AE02.roa (raw, json)
Hash identifier: 6KE/6WiXMHutimLQnkuyk/FwzPL7cpRiOFuQR2vWv2I=
Subject key identifier: 78:8B:BA:42:02:50:AC:20:F6:E1:9F:E2:FE:BD:B6:06:B7:4B:D2:50
Certificate issuer: /CN=A9172B65/serialNumber=3F36D0C8076E7ACFA83D04B72307172A8829D5B3
Certificate serial: 5D
Authority key identifier: 3F:36:D0:C8:07:6E:7A:CF:A8:3D:04:B7:23:07:17:2A:88:29:D5:B3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PzbQyAdues-oPQS3IwcXKogp1bM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9172B65/015F6DEE45B711EFA59E1332C4F9AE02/76C3F7C645B711EFA2F0C732C4F9AE02.roa
Signing time: Thu 09 Jan 2025 05:20:35 +0000
ROA not before: Thu 09 Jan 2025 05:20:35 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 152317
IP address blocks: 157.10.138.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93 (0x5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9172B65/serialNumber=3F36D0C8076E7ACFA83D04B72307172A8829D5B3
Validity
Not Before: Jan 9 05:20:35 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=677f5ca3-9dfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e7:23:2d:85:82:e4:d7:94:61:43:0e:67:f0:
46:8e:ff:5c:25:6d:0e:57:74:8b:96:c4:ca:34:8b:
a8:72:25:1b:7d:cd:6c:9e:01:1f:75:c2:ef:d8:b8:
96:7c:cf:97:e4:3a:af:16:95:b9:bb:72:63:20:ba:
2b:6b:44:f4:09:34:f7:5f:68:19:b2:72:e1:c5:98:
83:40:a2:c0:ce:7f:00:88:8d:39:95:3a:de:3c:46:
2c:6e:c3:50:e9:5a:a4:ad:a2:4c:0b:f0:e6:eb:d9:
b9:d0:78:92:4d:ec:0b:f6:15:4f:c6:c8:c5:bc:eb:
23:d5:de:33:c7:6e:90:51:88:dd:ff:6f:4c:26:10:
dc:b7:29:f3:2d:80:45:24:02:31:d5:77:6b:3a:34:
59:63:24:91:04:af:ac:6f:ad:a5:58:a7:c7:01:df:
71:10:3b:02:2f:35:3d:8e:fa:51:8e:8c:74:da:96:
09:51:fa:5c:33:2f:ff:02:67:12:ed:22:f9:ac:8d:
27:6d:1d:34:7c:69:60:ee:83:74:cd:c8:5a:1c:2e:
6f:ec:28:61:c4:86:6c:48:cb:40:6f:9f:cc:09:d1:
09:2b:87:da:78:09:e1:32:a3:10:7b:49:04:77:67:
ee:82:78:e2:df:c5:02:09:76:c0:e4:5e:39:37:db:
4b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:8B:BA:42:02:50:AC:20:F6:E1:9F:E2:FE:BD:B6:06:B7:4B:D2:50
X509v3 Authority Key Identifier:
keyid:3F:36:D0:C8:07:6E:7A:CF:A8:3D:04:B7:23:07:17:2A:88:29:D5:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9172B65/015F6DEE45B711EFA59E1332C4F9AE02/PzbQyAdues-oPQS3IwcXKogp1bM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PzbQyAdues-oPQS3IwcXKogp1bM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172B65/015F6DEE45B711EFA59E1332C4F9AE02/76C3F7C645B711EFA2F0C732C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.138.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:36:79:95:71:af:33:e9:02:53:b2:57:da:78:58:ab:53:3b:
ee:8a:b3:27:94:f6:74:99:61:50:85:d9:32:fc:5a:f5:70:3c:
b2:58:29:a7:c1:75:aa:02:16:ba:50:1c:8b:63:7c:a4:56:64:
26:dd:1e:c6:9f:99:43:41:8e:43:f1:66:73:8f:99:58:b0:82:
77:93:be:e5:38:e6:86:bd:70:1a:cd:a1:a6:94:20:31:2d:02:
d1:9b:82:a5:22:b0:29:00:99:ba:65:44:6c:11:1d:09:ce:c4:
b9:4a:1f:a4:b2:c7:01:81:47:03:7c:ad:30:c0:9a:de:05:0d:
71:04:56:0b:d9:f9:66:50:72:67:15:d2:f7:07:ac:bd:64:b2:
c4:4e:6d:10:17:82:7f:24:91:08:1f:69:c4:57:0c:20:be:14:
5d:85:48:ae:bd:dc:6f:bb:28:46:eb:36:96:49:01:ef:23:53:
45:81:e4:d0:2b:ce:23:88:2d:e5:08:7f:42:2e:f7:67:3e:f3:
17:57:33:3c:9e:b6:3e:09:a0:35:47:28:54:2c:08:fc:d9:bc:
a1:d5:27:29:a9:29:f5:ec:a6:15:f0:d2:66:30:02:3e:72:0d:
1d:77:32:73:19:d0:2b:15:eb:08:29:33:5b:0b:a3:29:68:87:
de:53:da:90
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBXTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MkI2NTExMC8GA1UEBRMoM0YzNkQwQzgwNzZFN0FDRkE4M0QwNEI3MjMwNzE3MkE4
ODI5RDVCMzAeFw0yNTAxMDkwNTIwMzVaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3N2Y1Y2EzLTlkZmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDS5yMthYLk15RhQw5n8EaO/1wlbQ5XdIuWxMo0i6hyJRt9zWyeAR91wu/YuJZ8
z5fkOq8Wlbm7cmMguitrRPQJNPdfaBmycuHFmINAosDOfwCIjTmVOt48Rixuw1Dp
WqStokwL8Obr2bnQeJJN7Av2FU/GyMW86yPV3jPHbpBRiN3/b0wmENy3KfMtgEUk
AjHVd2s6NFljJJEEr6xvraVYp8cB33EQOwIvNT2O+lGOjHTalglR+lwzL/8CZxLt
IvmsjSdtHTR8aWDug3TNyFocLm/sKGHEhmxIy0Bvn8wJ0Qkrh9p4CeEyoxB7SQR3
Z+6CeOLfxQIJdsDkXjk320sHAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUeIu6QgJQ
rCD24Z/i/r22BrdL0lAwHwYDVR0jBBgwFoAUPzbQyAdues+oPQS3IwcXKogp1bMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcyQjY1LzAxNUY2REVFNDVC
NzExRUZBNTlFMTMzMkM0RjlBRTAyL1B6YlF5QWR1ZXMtb1BRUzNJd2NYS29ncDFi
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvUHpiUXlBZHVlcy1vUFFTM0l3Y1hLb2dwMWJNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MkI2NS8wMTVGNkRFRTQ1QjcxMUVGQTU5RTEzMzJDNEY5QUUwMi83NkMzRjdDNjQ1
QjcxMUVGQTJGMEM3MzJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0KijANBgkqhkiG9w0BAQsFAAOCAQEAHzZ5lXGvM+kCU7JX
2nhYq1M77oqzJ5T2dJlhUIXZMvxa9XA8slgpp8F1qgIWulAci2N8pFZkJt0exp+Z
Q0GOQ/Fmc4+ZWLCCd5O+5Tjmhr1wGs2hppQgMS0C0ZuCpSKwKQCZumVEbBEdCc7E
uUofpLLHAYFHA3ytMMCa3gUNcQRWC9n5ZlByZxXS9wesvWSyxE5tEBeCfySRCB9p
xFcMIL4UXYVIrr3cb7soRus2lkkB7yNTRYHk0CvOI4gt5Qh/Qi73Zz7zF1czPJ62
PgmgNUcoVCwI/Nm8odUnKakp9eymFfDSZjACPnINHXcycxnQKxXrCCkzWwujKWiH
3lPakA==
-----END CERTIFICATE-----
Generated at Mon Apr 28 12:41:41 2025 by rpki-client