Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD1A2/1A1E3DE4C9FA11EE83F5B029C4F9AE02/C19C2720CA2711EE82C12B0CC4F9AE02.roa
File: C19C2720CA2711EE82C12B0CC4F9AE02.roa (raw, json)
Hash identifier: VHJTWsm4wzJziIer/htU6hv3gqL/KMd1K2nOD3+RJsA=
Subject key identifier: 9B:0A:13:0A:0D:6C:BF:30:A1:65:05:95:58:4D:AB:14:E4:B8:C5:6F
Certificate issuer: /CN=A91CD1A2/serialNumber=C3E200D4005D9A23E4BFAEAE0EDB72EA43F1D096
Certificate serial: 7D
Authority key identifier: C3:E2:00:D4:00:5D:9A:23:E4:BF:AE:AE:0E:DB:72:EA:43:F1:D0:96
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/w-IA1ABdmiPkv66uDtty6kPx0JY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CD1A2/1A1E3DE4C9FA11EE83F5B029C4F9AE02/C19C2720CA2711EE82C12B0CC4F9AE02.roa
Signing time: Thu 03 Oct 2024 05:09:25 +0000
ROA not before: Thu 03 Oct 2024 05:09:25 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 136582
IP address blocks: 157.15.225.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125 (0x7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD1A2/serialNumber=C3E200D4005D9A23E4BFAEAE0EDB72EA43F1D096
Validity
Not Before: Oct 3 05:09:25 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66fe2705-5499
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:c2:0d:62:d1:e0:e4:5a:53:a2:08:2d:9a:bd:
ed:a7:d9:5e:59:81:4a:01:bd:88:68:27:b0:91:62:
7d:53:d6:17:ae:30:31:28:92:ce:a5:f2:0c:98:cb:
a9:51:c6:d6:47:01:38:39:1f:26:a7:51:1d:b1:12:
a8:2a:a9:10:44:5f:a1:20:ee:d0:10:ec:63:47:eb:
68:fa:05:2f:61:cc:b1:da:3c:a5:b9:37:d8:04:28:
24:57:b1:a6:2e:c6:95:7f:08:f7:c7:1b:ac:9b:f9:
36:e6:32:49:65:ed:9f:bb:cf:40:e2:1b:af:43:a5:
65:c3:26:fc:ae:61:8b:68:d6:14:40:39:d0:98:32:
27:92:1a:2c:cf:b2:71:3f:7d:3d:bc:1d:53:87:b8:
08:d8:2a:60:f7:0b:85:e2:c3:6d:a0:4c:ff:38:f1:
5b:87:e6:2e:34:b3:4e:1e:ba:6e:46:8f:74:64:42:
bc:9d:32:ce:f6:66:99:b1:8e:57:a7:aa:9f:24:8a:
74:52:a4:79:4d:d2:ab:f8:34:8a:fc:3b:a8:e8:dc:
73:07:de:8a:b2:3c:4f:d9:b6:76:74:65:28:f0:f5:
21:d1:16:d9:b0:6e:27:ff:c1:25:25:c4:4e:9f:0e:
77:50:c8:f0:c7:ba:48:b8:9a:a8:e4:9c:8e:a3:f9:
57:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:0A:13:0A:0D:6C:BF:30:A1:65:05:95:58:4D:AB:14:E4:B8:C5:6F
X509v3 Authority Key Identifier:
keyid:C3:E2:00:D4:00:5D:9A:23:E4:BF:AE:AE:0E:DB:72:EA:43:F1:D0:96
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CD1A2/1A1E3DE4C9FA11EE83F5B029C4F9AE02/w-IA1ABdmiPkv66uDtty6kPx0JY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/w-IA1ABdmiPkv66uDtty6kPx0JY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD1A2/1A1E3DE4C9FA11EE83F5B029C4F9AE02/C19C2720CA2711EE82C12B0CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.225.0/24
Signature Algorithm: sha256WithRSAEncryption
92:91:15:92:17:7d:b7:c9:97:1a:1b:5a:23:67:3f:c3:d2:9e:
e3:b9:04:b4:58:e5:29:68:c7:7b:aa:dd:ca:fc:ff:ac:4c:85:
be:15:b7:9f:6f:4b:28:30:57:af:1f:5f:bf:61:71:c6:2a:37:
50:2a:00:08:3d:b9:fe:84:53:e4:0d:9c:d7:a2:b2:93:8e:30:
f1:45:46:db:ec:43:53:3a:9e:9c:69:89:2f:fa:83:58:06:78:
75:04:69:9f:e2:ec:78:a9:72:17:61:4f:09:fb:3d:8c:d8:c3:
55:cf:44:69:3c:20:00:63:af:7c:ed:ad:28:36:0e:cd:41:50:
02:8a:57:02:51:ce:22:c2:76:b0:d0:79:42:81:2a:02:ca:ef:
f2:0a:5c:7f:ed:3d:32:98:f8:35:a0:0d:e6:78:7c:e7:23:1b:
0a:cc:5f:eb:83:04:b1:83:c1:5c:32:71:b2:b7:4b:86:bd:fa:
4e:ad:34:90:7e:8c:db:2d:a7:31:bd:69:a7:23:8d:41:43:e1:
59:bb:ba:58:e6:15:cc:7d:62:7e:33:3f:a3:d1:bc:49:3f:eb:
ce:a5:f8:b3:ab:ee:13:ad:e7:01:6d:96:8d:f8:21:21:04:50:
a8:76:e7:00:2e:1d:c5:c6:95:f2:5e:18:26:ec:34:36:0a:bc:
b3:5f:d8:9f
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBfTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RDFBMjExMC8GA1UEBRMoQzNFMjAwRDQwMDVEOUEyM0U0QkZBRUFFMEVEQjcyRUE0
M0YxRDA5NjAeFw0yNDEwMDMwNTA5MjVaFw0yNTEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZmUyNzA1LTU0OTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD6wg1i0eDkWlOiCC2ave2n2V5ZgUoBvYhoJ7CRYn1T1heuMDEoks6l8gyYy6lR
xtZHATg5HyanUR2xEqgqqRBEX6Eg7tAQ7GNH62j6BS9hzLHaPKW5N9gEKCRXsaYu
xpV/CPfHG6yb+TbmMkll7Z+7z0DiG69DpWXDJvyuYYto1hRAOdCYMieSGizPsnE/
fT28HVOHuAjYKmD3C4Xiw22gTP848VuH5i40s04eum5Gj3RkQrydMs72Zpmxjlen
qp8kinRSpHlN0qv4NIr8O6jo3HMH3oqyPE/ZtnZ0ZSjw9SHRFtmwbif/wSUlxE6f
DndQyPDHuki4mqjknI6j+VczAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUmwoTCg1s
vzChZQWVWE2rFOS4xW8wHwYDVR0jBBgwFoAUw+IA1ABdmiPkv66uDtty6kPx0JYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNEMUEyLzFBMUUzREU0QzlG
QTExRUU4M0Y1QjAyOUM0RjlBRTAyL3ctSUExQUJkbWlQa3Y2NnVEdHR5NmtQeDBK
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvdy1JQTFBQmRtaVBrdjY2dUR0dHk2a1B4MEpZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RDFBMi8xQTFFM0RFNEM5RkExMUVFODNGNUIwMjlDNEY5QUUwMi9DMTlDMjcyMENB
MjcxMUVFODJDMTJCMENDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAJ0P4TANBgkqhkiG9w0BAQsFAAOCAQEAkpEVkhd9t8mXGhta
I2c/w9Ke47kEtFjlKWjHe6rdyvz/rEyFvhW3n29LKDBXrx9fv2Fxxio3UCoACD25
/oRT5A2c16Kyk44w8UVG2+xDUzqenGmJL/qDWAZ4dQRpn+LseKlyF2FPCfs9jNjD
Vc9EaTwgAGOvfO2tKDYOzUFQAopXAlHOIsJ2sNB5QoEqAsrv8gpcf+09Mpj4NaAN
5nh85yMbCsxf64MEsYPBXDJxsrdLhr36Tq00kH6M2y2nMb1ppyONQUPhWbu6WOYV
zH1ifjM/o9G8ST/rzqX4s6vuE63nAW2WjfghIQRQqHbnAC4dxcaV8l4YJuw0Ngq8
s1/Ynw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:05:11 2025 by rpki-client