Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6CAF/F3E0FAE4B6F411EEAC203810C4F9AE02/09E42D1E921B11EF829E0041C4F9AE02.roa
File: 09E42D1E921B11EF829E0041C4F9AE02.roa (raw, json)
Hash identifier: B4bx9kA0p4n5ASz52WYMBOS7rU+I5DT2fmWjDq/qssM=
Subject key identifier: 30:C7:2C:C1:EC:18:D7:8C:F3:C0:57:57:18:E3:7E:C3:D3:FA:22:9C
Certificate issuer: /CN=A91C6CAF/serialNumber=9F02DA3AB5FB45317507C48021CE0A8B937255C9
Certificate serial: D6
Authority key identifier: 9F:02:DA:3A:B5:FB:45:31:75:07:C4:80:21:CE:0A:8B:93:72:55:C9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nwLaOrX7RTF1B8SAIc4Ki5NyVck.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6CAF/F3E0FAE4B6F411EEAC203810C4F9AE02/09E42D1E921B11EF829E0041C4F9AE02.roa
Signing time: Wed 29 Jan 2025 04:18:02 +0000
ROA not before: Wed 29 Jan 2025 04:18:02 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 152334
IP address blocks: 157.10.238.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 214 (0xd6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6CAF/serialNumber=9F02DA3AB5FB45317507C48021CE0A8B937255C9
Validity
Not Before: Jan 29 04:18:02 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6799abfa-c8b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:71:1f:2f:ec:3a:e4:89:34:9d:22:df:b8:02:
d8:12:a2:f9:e8:73:54:0c:ab:49:4b:d3:d2:36:e9:
0e:49:37:4c:32:1f:a4:24:d8:ca:df:2c:62:d0:d2:
7b:a3:c3:e2:1e:b0:81:01:f1:d2:9d:27:67:d1:94:
50:ca:f8:29:6b:a0:0d:3e:19:70:49:df:bc:90:6e:
ee:a0:8e:c6:d8:26:3a:d5:6f:8d:a7:c3:4a:5b:bb:
25:85:6d:6d:0f:b7:7b:c4:1f:46:e2:6d:89:eb:87:
1d:18:d7:ee:46:88:00:ce:18:63:72:da:d6:4d:05:
80:a4:fa:19:18:29:0d:87:32:8b:8b:5a:d3:de:81:
43:22:82:35:03:db:55:55:44:7c:32:7c:70:60:35:
ed:fd:97:4c:54:af:14:4a:4d:fe:53:a7:93:32:13:
6f:53:e2:56:e3:d6:2c:02:12:2d:a2:c5:32:c2:8a:
00:38:66:16:fc:05:c4:b8:3f:55:b8:10:86:48:ff:
2b:3c:1f:74:51:f9:5a:c4:e5:e3:79:3a:50:63:eb:
1d:bb:f4:09:c1:51:90:4c:d5:6f:ac:a6:35:30:5e:
ed:80:e0:d3:fe:e6:8b:62:7a:97:91:31:c9:b8:51:
bc:9c:7e:94:17:67:d3:fb:c2:ee:d6:de:db:be:11:
3b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:C7:2C:C1:EC:18:D7:8C:F3:C0:57:57:18:E3:7E:C3:D3:FA:22:9C
X509v3 Authority Key Identifier:
keyid:9F:02:DA:3A:B5:FB:45:31:75:07:C4:80:21:CE:0A:8B:93:72:55:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6CAF/F3E0FAE4B6F411EEAC203810C4F9AE02/nwLaOrX7RTF1B8SAIc4Ki5NyVck.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nwLaOrX7RTF1B8SAIc4Ki5NyVck.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6CAF/F3E0FAE4B6F411EEAC203810C4F9AE02/09E42D1E921B11EF829E0041C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.238.0/24
Signature Algorithm: sha256WithRSAEncryption
54:d7:39:7f:f5:53:ee:3c:2b:56:11:02:20:e7:61:5f:c2:bd:
38:bf:97:11:6a:ac:79:85:10:de:dc:93:fa:fa:e8:c9:ef:fd:
34:d3:8a:46:c4:f2:c6:2b:ab:b5:23:dc:66:1b:f7:8c:4f:c6:
b8:c9:48:d4:b3:4e:95:74:51:e1:43:71:86:ee:56:f2:98:05:
b3:57:47:6a:5a:e1:67:bf:88:1f:32:10:aa:7e:08:e4:d7:d1:
7c:9b:21:7a:9d:0b:e4:29:19:43:0e:d3:a0:d7:91:df:5e:75:
07:b3:99:79:61:25:45:87:35:61:5f:49:83:a0:7b:bc:e3:9c:
5c:04:b1:6e:ea:cf:80:75:ae:ca:5b:1a:18:27:0f:c6:81:c7:
b7:13:0d:d5:41:4b:d7:31:f0:f7:0d:5c:af:78:77:0c:65:5c:
e7:fb:9f:51:b3:5e:d0:c2:8a:1f:88:7c:7b:5a:05:8b:51:5b:
dd:8f:bc:51:f8:d8:8c:ed:75:66:b6:dc:f5:b5:12:a9:8c:01:
f5:38:35:92:aa:ad:35:59:ee:ca:d4:d5:47:d7:a3:34:34:51:
37:2e:80:90:06:b3:9f:fc:06:83:b0:8e:23:35:7d:37:43:c8:
66:ab:a3:79:b7:1d:90:54:b9:e4:59:86:34:9f:6c:fe:e7:9b:
6e:04:8b:f0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICANYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzZDQUYxMTAvBgNVBAUTKDlGMDJEQTNBQjVGQjQ1MzE3NTA3QzQ4MDIxQ0UwQThC
OTM3MjU1QzkwHhcNMjUwMTI5MDQxODAyWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk5YWJmYS1jOGI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwXEfL+w65Ik0nSLfuALYEqL56HNUDKtJS9PSNukOSTdMMh+kJNjK3yxi0NJ7
o8PiHrCBAfHSnSdn0ZRQyvgpa6ANPhlwSd+8kG7uoI7G2CY61W+Np8NKW7slhW1t
D7d7xB9G4m2J64cdGNfuRogAzhhjctrWTQWApPoZGCkNhzKLi1rT3oFDIoI1A9tV
VUR8MnxwYDXt/ZdMVK8USk3+U6eTMhNvU+JW49YsAhItosUywooAOGYW/AXEuD9V
uBCGSP8rPB90UflaxOXjeTpQY+sdu/QJwVGQTNVvrKY1MF7tgODT/uaLYnqXkTHJ
uFG8nH6UF2fT+8Lu1t7bvhE7/QIDAQABo4IClTCCApEwHQYDVR0OBBYEFDDHLMHs
GNeM88BXVxjjfsPT+iKcMB8GA1UdIwQYMBaAFJ8C2jq1+0UxdQfEgCHOCouTclXJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNkNBRi9GM0UwRkFFNEI2
RjQxMUVFQUMyMDM4MTBDNEY5QUUwMi9ud0xhT3JYN1JURjFCOFNBSWM0S2k1TnlW
Y2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL253TGFPclg3UlRGMUI4U0FJYzRLaTVOeVZjay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzZDQUYvRjNFMEZBRTRCNkY0MTFFRUFDMjAzODEwQzRGOUFFMDIvMDlFNDJEMUU5
MjFCMTFFRjgyOUUwMDQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACdCu4wDQYJKoZIhvcNAQELBQADggEBAFTXOX/1U+48K1YR
AiDnYV/CvTi/lxFqrHmFEN7ck/r66Mnv/TTTikbE8sYrq7Uj3GYb94xPxrjJSNSz
TpV0UeFDcYbuVvKYBbNXR2pa4We/iB8yEKp+COTX0XybIXqdC+QpGUMO06DXkd9e
dQezmXlhJUWHNWFfSYOge7zjnFwEsW7qz4B1rspbGhgnD8aBx7cTDdVBS9cx8PcN
XK94dwxlXOf7n1GzXtDCih+IfHtaBYtRW92PvFH42IztdWa23PW1EqmMAfU4NZKq
rTVZ7srU1UfXozQ0UTcugJAGs5/8BoOwjiM1fTdDyGaro3m3HZBUueRZhjSfbP7n
m24Ei/A=
-----END CERTIFICATE-----
Generated at Mon Apr 28 00:03:36 2025 by rpki-client