Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF73D/C92B3232CE1F11EEAC62617CC4F9AE02/00E1AC30FBAA11EE9C7F3921C4F9AE02.roa
File: 00E1AC30FBAA11EE9C7F3921C4F9AE02.roa (raw, json)
Hash identifier: tThNJYbUDEGX7l9BePqZBqRS3H5vx42AJaOXqIGJAP0=
Subject key identifier: D9:D3:C0:C8:4F:BD:34:14:D5:08:74:EC:DF:8C:09:26:86:E1:53:28
Certificate issuer: /CN=A91EF73D/serialNumber=9A89BB37C54386DA9A87A64FF0094428A3171A47
Certificate serial: 3D
Authority key identifier: 9A:89:BB:37:C5:43:86:DA:9A:87:A6:4F:F0:09:44:28:A3:17:1A:47
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mom7N8VDhtqah6ZP8AlEKKMXGkc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EF73D/C92B3232CE1F11EEAC62617CC4F9AE02/00E1AC30FBAA11EE9C7F3921C4F9AE02.roa
Signing time: Tue 16 Apr 2024 05:24:12 +0000
ROA not before: Tue 16 Apr 2024 05:24:12 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 9230
IP address blocks: 157.20.54.0/23 maxlen: 23
157.20.54.0/24 maxlen: 24
157.20.55.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61 (0x3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EF73D/serialNumber=9A89BB37C54386DA9A87A64FF0094428A3171A47
Validity
Not Before: Apr 16 05:24:12 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=661e0b7b-6cb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a5:32:bc:87:fc:d5:0d:47:37:2e:8e:89:fc:
f8:9a:97:e5:e4:20:72:60:00:5c:9e:6d:25:7d:47:
10:b1:7e:23:7c:30:d8:4b:c3:c6:31:15:71:04:c3:
8e:c3:43:a0:23:52:9c:59:be:f7:b6:0c:bc:44:7a:
01:bd:56:8d:a2:76:12:10:1a:57:8a:bd:bd:ce:0e:
35:60:ea:32:88:9f:9c:b8:ee:a0:a1:ee:1f:e4:8c:
2c:9e:61:8a:0d:e1:40:2b:8b:99:2d:0c:f3:5c:6d:
2d:23:75:80:aa:fc:2f:8c:a9:60:4a:27:20:06:97:
b6:dd:17:b1:98:e5:0c:32:0a:70:ee:e2:82:4e:70:
59:27:2f:a3:21:87:4a:d2:0a:48:09:cc:42:4f:79:
0a:49:da:bc:d7:f1:ff:ca:ab:e2:38:71:48:73:3a:
0f:f9:c0:39:a3:05:4d:42:31:f7:27:d0:cb:d0:fb:
4e:5a:09:df:2b:2e:bb:51:ee:f3:18:a8:bd:71:dd:
a3:67:72:9d:e5:76:ce:95:ef:9e:cc:c6:e3:48:6a:
ac:10:6e:73:ba:eb:1b:70:c8:f0:67:4f:a1:a6:8e:
54:f4:b9:4c:13:1c:76:f1:85:d3:81:3d:a8:d4:a3:
9b:2c:2b:f1:45:9e:51:ff:46:42:6e:0d:cb:05:46:
6c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:D3:C0:C8:4F:BD:34:14:D5:08:74:EC:DF:8C:09:26:86:E1:53:28
X509v3 Authority Key Identifier:
keyid:9A:89:BB:37:C5:43:86:DA:9A:87:A6:4F:F0:09:44:28:A3:17:1A:47
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EF73D/C92B3232CE1F11EEAC62617CC4F9AE02/mom7N8VDhtqah6ZP8AlEKKMXGkc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mom7N8VDhtqah6ZP8AlEKKMXGkc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF73D/C92B3232CE1F11EEAC62617CC4F9AE02/00E1AC30FBAA11EE9C7F3921C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.54.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:a3:8a:99:ae:29:30:67:61:43:28:fe:a0:dd:75:4c:48:a6:
d9:f3:5e:a2:79:d7:a0:d8:2c:2f:da:f8:de:78:42:5e:f8:73:
9f:4e:79:bf:58:75:f9:50:9d:f4:68:5e:c2:ef:af:65:10:c0:
c9:1e:52:31:77:68:1b:bc:00:2b:32:de:2c:dc:97:ab:9d:fb:
63:a1:08:42:11:3b:f2:fa:cc:0c:d5:c8:2f:41:06:28:97:b4:
20:6d:43:06:d2:b1:0a:96:ba:65:7a:f4:cc:17:77:26:ef:f2:
12:d4:b9:98:6c:d3:2a:64:d0:18:c7:d8:c7:dc:58:f6:63:90:
a4:d2:35:5c:bc:1b:39:9b:6c:88:2e:f4:54:2d:af:bd:b3:cd:
6d:b2:77:71:ff:d6:ac:73:ef:46:d9:1e:b8:b6:d0:c8:68:70:
75:58:70:2c:3a:b1:52:73:92:d1:9c:b7:ef:51:92:5f:b5:5c:
5c:d0:d2:a1:99:f2:a4:b5:4a:e1:1a:c7:be:41:d0:7c:20:e7:
2d:66:c3:07:1b:a7:2f:70:41:3e:67:cd:e8:3f:30:61:0e:f2:
d6:f8:ff:90:26:41:7b:f0:cc:6a:a6:c5:b3:db:8d:2b:85:0c:
f3:09:39:4b:c5:67:03:96:42:5b:f6:11:0a:ab:aa:33:f5:a5:
c2:ce:b7:e7
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBPTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
RjczRDExMC8GA1UEBRMoOUE4OUJCMzdDNTQzODZEQTlBODdBNjRGRjAwOTQ0MjhB
MzE3MUE0NzAeFw0yNDA0MTYwNTI0MTJaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MWUwYjdiLTZjYjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJpTK8h/zVDUc3Lo6J/Pial+XkIHJgAFyebSV9RxCxfiN8MNhLw8YxFXEEw47D
Q6AjUpxZvve2DLxEegG9Vo2idhIQGleKvb3ODjVg6jKIn5y47qCh7h/kjCyeYYoN
4UAri5ktDPNcbS0jdYCq/C+MqWBKJyAGl7bdF7GY5QwyCnDu4oJOcFknL6Mhh0rS
CkgJzEJPeQpJ2rzX8f/Kq+I4cUhzOg/5wDmjBU1CMfcn0MvQ+05aCd8rLrtR7vMY
qL1x3aNncp3lds6V757MxuNIaqwQbnO66xtwyPBnT6GmjlT0uUwTHHbxhdOBPajU
o5ssK/FFnlH/RkJuDcsFRmyzAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU2dPAyE+9
NBTVCHTs34wJJobhUygwHwYDVR0jBBgwFoAUmom7N8VDhtqah6ZP8AlEKKMXGkcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVGNzNEL0M5MkIzMjMyQ0Ux
RjExRUVBQzYyNjE3Q0M0RjlBRTAyL21vbTdOOFZEaHRxYWg2WlA4QWxFS0tNWEdr
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvbW9tN044VkRodHFhaDZaUDhBbEVLS01YR2tjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
RjczRC9DOTJCMzIzMkNFMUYxMUVFQUM2MjYxN0NDNEY5QUUwMi8wMEUxQUMzMEZC
QUExMUVFOUM3RjM5MjFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0UNjANBgkqhkiG9w0BAQsFAAOCAQEAsqOKma4pMGdhQyj+
oN11TEim2fNeonnXoNgsL9r43nhCXvhzn055v1h1+VCd9Ghewu+vZRDAyR5SMXdo
G7wAKzLeLNyXq537Y6EIQhE78vrMDNXIL0EGKJe0IG1DBtKxCpa6ZXr0zBd3Ju/y
EtS5mGzTKmTQGMfYx9xY9mOQpNI1XLwbOZtsiC70VC2vvbPNbbJ3cf/WrHPvRtke
uLbQyGhwdVhwLDqxUnOS0Zy371GSX7VcXNDSoZnypLVK4RrHvkHQfCDnLWbDBxun
L3BBPmfN6D8wYQ7y1vj/kCZBe/DMaqbFs9uNK4UM8wk5S8VnA5ZCW/YRCquqM/Wl
ws635w==
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:44:04 2025 by rpki-client