Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9190D72/6AC989F0D48211EE87D5D724C4F9AE02/35D2294C4AB511EF87AB161BC4F9AE02.roa
File: 35D2294C4AB511EF87AB161BC4F9AE02.roa (raw, json)
Hash identifier: wSSqQMMKuW18jGVxI6I4it07IVNzD9AIIVQr7WyPhLs=
Subject key identifier: 95:E9:23:DB:72:DB:E6:3F:22:83:A4:AE:65:D3:26:02:77:5F:3B:03
Certificate issuer: /CN=A9190D72/serialNumber=A54CB7742AABCF4E58E5D4C1F3B9D12DAD91B406
Certificate serial: 51
Authority key identifier: A5:4C:B7:74:2A:AB:CF:4E:58:E5:D4:C1:F3:B9:D1:2D:AD:91:B4:06
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pUy3dCqrz05Y5dTB87nRLa2RtAY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9190D72/6AC989F0D48211EE87D5D724C4F9AE02/35D2294C4AB511EF87AB161BC4F9AE02.roa
Signing time: Thu 25 Jul 2024 18:39:22 +0000
ROA not before: Thu 25 Jul 2024 18:39:22 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 136557
IP address blocks: 157.20.104.0/24 maxlen: 24
157.20.105.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81 (0x51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9190D72/serialNumber=A54CB7742AABCF4E58E5D4C1F3B9D12DAD91B406
Validity
Not Before: Jul 25 18:39:22 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66a29bda-2c5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f9:b6:60:7c:87:08:ae:bf:4c:81:3c:39:df:
15:ca:ef:9d:77:09:ee:59:90:8f:4f:2c:56:01:90:
47:b2:36:d2:47:55:3c:8d:c6:35:46:2e:e2:dd:6c:
7f:42:93:22:7e:26:b1:35:8c:15:ef:e3:d5:e3:f1:
90:0a:66:e4:7e:2f:a9:a2:63:f2:71:45:03:01:fd:
2f:00:dd:4d:fa:44:98:19:6d:66:8e:4f:f9:47:94:
6c:bf:5a:db:16:4c:ca:25:ed:c7:c1:9e:b9:ff:f3:
ab:42:42:b4:44:b3:d4:c8:a0:dd:33:36:ae:80:0f:
ae:9a:3a:75:f4:8b:87:63:f9:08:12:c0:87:d8:cc:
25:4b:5e:41:a7:9b:4b:27:0d:df:0c:dc:29:47:e9:
44:3b:de:25:75:2c:60:7a:ad:53:93:fb:a5:7a:bd:
45:39:fa:36:fd:af:2b:44:1b:e9:a3:91:7d:8a:a4:
15:61:fc:af:76:61:d9:8a:eb:5c:ff:e5:ab:9b:74:
e9:62:74:c7:74:df:a3:c2:7f:2d:39:96:9f:e5:ed:
86:cd:27:9f:53:7b:12:3b:c2:00:b6:4c:97:d9:c9:
24:ec:93:60:e7:b8:18:22:cc:9e:37:6d:07:5a:e7:
fb:84:f8:e6:e7:64:fd:d8:fb:35:81:23:9e:47:13:
f9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:E9:23:DB:72:DB:E6:3F:22:83:A4:AE:65:D3:26:02:77:5F:3B:03
X509v3 Authority Key Identifier:
keyid:A5:4C:B7:74:2A:AB:CF:4E:58:E5:D4:C1:F3:B9:D1:2D:AD:91:B4:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9190D72/6AC989F0D48211EE87D5D724C4F9AE02/pUy3dCqrz05Y5dTB87nRLa2RtAY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pUy3dCqrz05Y5dTB87nRLa2RtAY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9190D72/6AC989F0D48211EE87D5D724C4F9AE02/35D2294C4AB511EF87AB161BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.104.0/23
Signature Algorithm: sha256WithRSAEncryption
71:a8:a4:90:4d:b7:5b:e7:fa:b6:6e:d4:bd:eb:7f:f1:c3:5e:
3f:43:a8:30:a4:ef:96:00:43:58:7b:05:ad:3f:d6:99:20:99:
08:5d:e3:fe:6f:f4:0b:c6:fe:7c:91:f9:e9:78:eb:3d:7a:51:
8e:c6:ff:18:df:75:ef:43:70:c7:5d:0a:c9:d5:db:45:c5:ff:
e0:de:a2:52:9a:84:72:51:c8:9f:9c:48:22:31:62:b6:b8:bc:
10:66:6f:a1:6d:49:e9:74:b9:ea:d4:d3:82:76:c9:ef:f8:c2:
3d:ad:8d:dd:8f:07:ba:03:83:69:72:77:97:63:a6:b0:56:25:
a7:0b:d1:4e:e2:57:4c:a9:1a:a0:a3:fe:e3:f9:64:13:f4:c8:
e6:a6:c2:c4:13:3e:f5:9e:bd:d0:2e:06:01:01:aa:6f:8e:07:
da:16:5e:5c:0e:13:4c:d3:b3:6b:44:85:85:10:17:0f:c2:b0:
57:94:ac:16:7e:c7:e3:83:bd:75:51:e0:d4:9b:c1:93:39:c7:
c9:5d:be:2a:da:b9:df:e7:fe:21:55:b9:52:be:8f:44:47:54:
16:fe:e6:85:0e:50:87:6a:b5:cf:4f:c9:aa:f9:88:af:15:73:
24:d0:c3:95:0c:93:65:4c:60:e8:d3:81:45:c0:62:85:40:12:
90:23:79:1e
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBUTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
MEQ3MjExMC8GA1UEBRMoQTU0Q0I3NzQyQUFCQ0Y0RTU4RTVENEMxRjNCOUQxMkRB
RDkxQjQwNjAeFw0yNDA3MjUxODM5MjJaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YTI5YmRhLTJjNWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/+bZgfIcIrr9MgTw53xXK7513Ce5ZkI9PLFYBkEeyNtJHVTyNxjVGLuLdbH9C
kyJ+JrE1jBXv49Xj8ZAKZuR+L6miY/JxRQMB/S8A3U36RJgZbWaOT/lHlGy/WtsW
TMol7cfBnrn/86tCQrREs9TIoN0zNq6AD66aOnX0i4dj+QgSwIfYzCVLXkGnm0sn
Dd8M3ClH6UQ73iV1LGB6rVOT+6V6vUU5+jb9rytEG+mjkX2KpBVh/K92YdmK61z/
5aubdOlidMd036PCfy05lp/l7YbNJ59TexI7wgC2TJfZySTsk2DnuBgizJ43bQda
5/uE+ObnZP3Y+zWBI55HE/njAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUlekj23Lb
5j8ig6SuZdMmAndfOwMwHwYDVR0jBBgwFoAUpUy3dCqrz05Y5dTB87nRLa2RtAYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTkwRDcyLzZBQzk4OUYwRDQ4
MjExRUU4N0Q1RDcyNEM0RjlBRTAyL3BVeTNkQ3FyejA1WTVkVEI4N25STGEyUnRB
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvcFV5M2RDcXJ6MDVZNWRUQjg3blJMYTJSdEFZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
MEQ3Mi82QUM5ODlGMEQ0ODIxMUVFODdENUQ3MjRDNEY5QUUwMi8zNUQyMjk0QzRB
QjUxMUVGODdBQjE2MUJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0UaDANBgkqhkiG9w0BAQsFAAOCAQEAcaikkE23W+f6tm7U
vet/8cNeP0OoMKTvlgBDWHsFrT/WmSCZCF3j/m/0C8b+fJH56XjrPXpRjsb/GN91
70Nwx10KydXbRcX/4N6iUpqEclHIn5xIIjFitri8EGZvoW1J6XS56tTTgnbJ7/jC
Pa2N3Y8HugODaXJ3l2OmsFYlpwvRTuJXTKkaoKP+4/lkE/TI5qbCxBM+9Z690C4G
AQGqb44H2hZeXA4TTNOza0SFhRAXD8KwV5SsFn7H44O9dVHg1JvBkznHyV2+Ktq5
3+f+IVW5Ur6PREdUFv7mhQ5Qh2q1z0/JqvmIrxVzJNDDlQyTZUxg6NOBRcBihUAS
kCN5Hg==
-----END CERTIFICATE-----
Generated at Sun Apr 27 13:16:29 2025 by rpki-client