Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E1936/6EB9C03EC63611EEABCC040BC4F9AE02/CF6BED9EC63611EEA0C70259C4F9AE02.roa
File: CF6BED9EC63611EEA0C70259C4F9AE02.roa (raw, json)
Hash identifier: 5zP4asLuUMqFKymZj9u0orpzXVEOFrs4G4h8prjGFDs=
Subject key identifier: 4D:FF:F1:4B:4B:CB:A9:BC:65:DC:70:61:2A:AE:CB:26:1B:D8:C6:41
Certificate issuer: /CN=A91E1936/serialNumber=5B5CC40309A07C03DF0B6304FCD840F950BFB041
Certificate serial: 03
Authority key identifier: 5B:5C:C4:03:09:A0:7C:03:DF:0B:63:04:FC:D8:40:F9:50:BF:B0:41
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/W1zEAwmgfAPfC2ME_NhA-VC_sEE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E1936/6EB9C03EC63611EEABCC040BC4F9AE02/CF6BED9EC63611EEA0C70259C4F9AE02.roa
Signing time: Thu 08 Feb 2024 04:02:00 +0000
ROA not before: Thu 08 Feb 2024 04:02:00 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 398704
IP address blocks: 157.15.28.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E1936/serialNumber=5B5CC40309A07C03DF0B6304FCD840F950BFB041
Validity
Not Before: Feb 8 04:02:00 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65c45238-bc17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1b:b5:25:7f:17:b8:b3:9a:96:a3:cb:40:10:
4d:d2:f5:87:33:55:7c:6e:d1:fe:b9:e0:83:3f:cb:
87:c9:be:13:7d:ad:3a:a6:d8:e9:05:c2:eb:b8:62:
62:f5:b7:b8:7c:4c:11:18:3d:2a:7b:b7:3d:24:e8:
5c:d0:8b:a0:3f:8d:84:af:4c:11:c3:2c:5c:bc:6e:
d7:54:52:4e:36:4b:04:d3:e7:81:8e:57:cb:45:b3:
11:35:1d:5b:3f:14:5d:e0:e4:50:7b:7d:0e:35:3f:
14:1a:46:94:66:5b:c8:01:37:96:45:f0:7b:c3:8e:
5b:ac:af:66:54:cc:be:ce:a5:60:9a:2e:77:ae:33:
26:f2:83:78:ee:75:a4:bf:ac:0f:4c:b8:66:59:e3:
a6:01:bf:dd:59:40:26:90:22:87:94:5f:4b:31:09:
31:45:b4:e7:fb:1c:a7:66:f5:14:fd:71:8a:b8:6b:
17:f9:f7:69:8f:dd:20:b9:b5:03:a9:ff:c6:27:1b:
32:b5:c9:83:7f:9c:14:6b:43:6c:7a:6c:bd:89:c3:
34:25:72:ed:e5:56:10:7b:4f:8e:36:57:24:a7:a0:
04:45:f8:72:d9:20:b8:87:89:e2:84:b7:bb:b6:b4:
16:e7:e3:ba:15:05:19:ba:f8:a7:a9:81:c2:b4:30:
a8:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:FF:F1:4B:4B:CB:A9:BC:65:DC:70:61:2A:AE:CB:26:1B:D8:C6:41
X509v3 Authority Key Identifier:
keyid:5B:5C:C4:03:09:A0:7C:03:DF:0B:63:04:FC:D8:40:F9:50:BF:B0:41
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E1936/6EB9C03EC63611EEABCC040BC4F9AE02/W1zEAwmgfAPfC2ME_NhA-VC_sEE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/W1zEAwmgfAPfC2ME_NhA-VC_sEE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E1936/6EB9C03EC63611EEABCC040BC4F9AE02/CF6BED9EC63611EEA0C70259C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.28.0/23
Signature Algorithm: sha256WithRSAEncryption
06:d0:4e:2c:38:89:af:49:d4:fa:e2:75:4e:15:a8:02:b4:12:
da:14:8f:b4:13:f6:61:cb:5e:34:55:5c:b1:15:80:f9:75:ed:
e2:69:f7:ea:05:59:08:0b:f1:c2:12:50:85:ea:15:7b:13:82:
59:9b:72:e3:5f:26:40:cb:ce:10:fc:19:33:e1:09:b3:6f:e7:
4d:1f:ae:56:bc:26:b6:f4:c3:3d:a0:ad:80:46:3e:93:da:3f:
c4:7e:2a:49:79:83:5e:f8:88:89:04:90:fe:5e:89:5a:b1:61:
76:76:2b:4c:dd:3f:71:ad:3e:31:b6:0f:83:5d:48:60:c9:9f:
00:0d:ba:a7:7d:a2:23:08:a8:b4:84:06:05:c4:52:5a:cb:5d:
73:41:55:c2:cf:8c:3c:38:94:05:db:4b:37:59:b7:80:f3:0e:
e2:50:98:36:4c:ce:45:83:dc:46:d2:f1:40:a9:90:89:a9:0f:
0b:4c:7a:34:e8:13:37:55:7f:53:2e:96:26:e6:5a:e5:3f:b3:
a9:72:37:7a:2f:9a:e5:be:c1:04:5f:90:f2:4f:ae:e2:55:1a:
a9:44:e6:ac:ef:8b:e0:e6:39:b2:7d:de:b6:1e:fc:e8:f2:f8:
42:10:bf:f8:13:41:73:bf:54:0a:83:12:15:bf:9c:03:06:50:
36:e0:2a:5d
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
MTkzNjExMC8GA1UEBRMoNUI1Q0M0MDMwOUEwN0MwM0RGMEI2MzA0RkNEODQwRjk1
MEJGQjA0MTAeFw0yNDAyMDgwNDAyMDBaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YzQ1MjM4LWJjMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJG7Ulfxe4s5qWo8tAEE3S9YczVXxu0f654IM/y4fJvhN9rTqm2OkFwuu4YmL1
t7h8TBEYPSp7tz0k6FzQi6A/jYSvTBHDLFy8btdUUk42SwTT54GOV8tFsxE1HVs/
FF3g5FB7fQ41PxQaRpRmW8gBN5ZF8HvDjlusr2ZUzL7OpWCaLneuMybyg3judaS/
rA9MuGZZ46YBv91ZQCaQIoeUX0sxCTFFtOf7HKdm9RT9cYq4axf592mP3SC5tQOp
/8YnGzK1yYN/nBRrQ2x6bL2JwzQlcu3lVhB7T442VySnoARF+HLZILiHieKEt7u2
tBbn47oVBRm6+KepgcK0MKgPAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUTf/xS0vL
qbxl3HBhKq7LJhvYxkEwHwYDVR0jBBgwFoAUW1zEAwmgfAPfC2ME/NhA+VC/sEEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUxOTM2LzZFQjlDMDNFQzYz
NjExRUVBQkNDMDQwQkM0RjlBRTAyL1cxekVBd21nZkFQZkMyTUVfTmhBLVZDX3NF
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvVzF6RUF3bWdmQVBmQzJNRV9OaEEtVkNfc0VFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
MTkzNi82RUI5QzAzRUM2MzYxMUVFQUJDQzA0MEJDNEY5QUUwMi9DRjZCRUQ5RUM2
MzYxMUVFQTBDNzAyNTlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0PHDANBgkqhkiG9w0BAQsFAAOCAQEABtBOLDiJr0nU+uJ1
ThWoArQS2hSPtBP2YcteNFVcsRWA+XXt4mn36gVZCAvxwhJQheoVexOCWZty418m
QMvOEPwZM+EJs2/nTR+uVrwmtvTDPaCtgEY+k9o/xH4qSXmDXviIiQSQ/l6JWrFh
dnYrTN0/ca0+MbYPg11IYMmfAA26p32iIwiotIQGBcRSWstdc0FVws+MPDiUBdtL
N1m3gPMO4lCYNkzORYPcRtLxQKmQiakPC0x6NOgTN1V/Uy6WJuZa5T+zqXI3ei+a
5b7BBF+Q8k+u4lUaqUTmrO+L4OY5sn3eth786PL4QhC/+BNBc79UCoMSFb+cAwZQ
NuAqXQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 02:58:06 2025 by rpki-client