Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/FEE4F664FC3511EC95130A10C4F9AE02.roa
File: FEE4F664FC3511EC95130A10C4F9AE02.roa (raw, json)
Hash identifier: pr8081gT+62EokV+06Nh9bna1kXmOnmQ/d1lZKqfDKk=
Subject key identifier: 6B:ED:92:88:1D:82:CA:7A:5E:7B:1F:0A:A0:6F:CA:10:47:FB:17:2D
Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Certificate serial: 298D
Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/FEE4F664FC3511EC95130A10C4F9AE02.roa
Signing time: Tue 31 Dec 2024 15:53:20 +0000
ROA not before: Tue 31 Dec 2024 15:53:20 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 45430
IP address blocks: 49.0.64.0/18 maxlen: 18
49.229.0.0/16 maxlen: 16
49.229.0.0/20 maxlen: 20
49.229.8.0/24 maxlen: 24
49.229.31.0/24 maxlen: 24
49.229.33.0/24 maxlen: 24
49.229.68.0/24 maxlen: 24
49.229.94.0/24 maxlen: 24
49.229.95.0/24 maxlen: 24
49.229.112.0/21 maxlen: 21
49.229.128.0/17 maxlen: 17
49.229.160.0/19 maxlen: 19
49.229.192.0/19 maxlen: 19
49.229.224.0/19 maxlen: 19
49.230.0.0/16 maxlen: 16
49.230.40.0/24 maxlen: 24
49.230.41.0/24 maxlen: 24
49.230.42.0/24 maxlen: 24
49.230.43.0/24 maxlen: 24
49.231.0.0/16 maxlen: 16
49.231.32.0/21 maxlen: 21
49.231.44.0/22 maxlen: 24
49.231.48.0/20 maxlen: 24
49.231.64.0/21 maxlen: 21
49.231.70.0/24 maxlen: 24
49.231.71.0/24 maxlen: 24
49.231.80.0/20 maxlen: 20
49.231.87.0/24 maxlen: 24
49.231.96.0/19 maxlen: 24
58.64.0.0/17 maxlen: 17
58.136.0.0/16 maxlen: 16
103.3.64.0/22 maxlen: 22
103.3.64.0/24 maxlen: 24
110.49.113.0/24 maxlen: 24
115.178.56.0/22 maxlen: 22
115.178.57.0/24 maxlen: 24
115.178.59.0/24 maxlen: 24
119.31.0.0/17 maxlen: 17
182.232.0.0/16 maxlen: 16
202.80.224.0/19 maxlen: 19
2001:df2:400::/48 maxlen: 48
2001:44c8::/32 maxlen: 32
2405:9800::/32 maxlen: 32
2405:9800:8::/48 maxlen: 48
2405:9800:c::/48 maxlen: 48
2405:9800:d::/48 maxlen: 48
2405:9800:10::/48 maxlen: 48
2405:9800:12::/48 maxlen: 48
2405:9800:13::/48 maxlen: 48
2405:9800:14::/48 maxlen: 48
2405:9800:20::/48 maxlen: 48
2405:9800:21::/48 maxlen: 48
2405:9800:30::/44 maxlen: 48
2405:9800:40::/48 maxlen: 48
2405:9800:41::/48 maxlen: 48
2405:9800:42::/48 maxlen: 48
2405:9800:60::/44 maxlen: 44
2405:9800:9800::/48 maxlen: 48
2405:9800:9805::/48 maxlen: 48
2405:9800:9813::/48 maxlen: 48
2405:9800:b000::/36 maxlen: 36
2405:9800:c820::/44 maxlen: 44
2405:9800:c925::/48 maxlen: 48
2405:9800:c92e::/48 maxlen: 48
2405:9800:f00f::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10637 (0x298d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Validity
Not Before: Dec 31 15:53:20 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67741370-7721
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:86:84:85:4f:9a:56:5d:6f:6f:a0:45:1e:08:
ff:28:2d:8b:df:51:d8:df:fd:60:0b:bc:8c:04:71:
e7:90:06:75:5d:c3:4f:fa:bd:cb:28:00:52:6d:87:
25:cd:31:31:82:fb:af:32:06:32:1f:6d:90:28:9e:
e8:6c:a9:85:e6:1a:29:f4:95:fc:e2:ea:70:99:83:
e6:fe:24:eb:da:8f:8b:27:88:96:85:59:66:02:eb:
98:3c:df:6f:b9:0f:57:cd:26:2c:7f:70:0b:8f:8f:
53:b8:e1:20:74:d7:9f:0f:96:8d:c4:8f:32:84:1d:
ff:16:64:43:7b:3a:6e:5f:90:a5:c6:bf:b2:38:e1:
04:5b:33:04:eb:58:96:2b:de:1b:ff:a4:4b:81:56:
32:e9:30:9e:dd:7b:20:ae:2b:e5:c0:f5:5c:79:4c:
a2:56:af:2b:28:77:0d:b6:21:7e:e1:b1:d7:11:ab:
29:6b:77:71:41:ce:2d:c2:e5:27:1a:77:3a:a2:0c:
ee:5d:68:53:04:9b:40:b8:b9:64:4d:4f:98:2a:a1:
de:c1:7c:86:9b:2d:9b:dd:d7:20:63:72:a0:04:b6:
dc:0d:41:53:67:d2:7f:54:84:72:4f:87:5c:72:ab:
28:34:03:92:97:87:16:0f:7d:50:ee:37:43:fa:07:
b4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:ED:92:88:1D:82:CA:7A:5E:7B:1F:0A:A0:6F:CA:10:47:FB:17:2D
X509v3 Authority Key Identifier:
keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/FEE4F664FC3511EC95130A10C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.0.64.0/18
49.229.0.0-49.231.255.255
58.64.0.0/17
58.136.0.0/16
103.3.64.0/22
110.49.113.0/24
115.178.56.0/22
119.31.0.0/17
182.232.0.0/16
202.80.224.0/19
IPv6:
2001:df2:400::/48
2001:44c8::/32
2405:9800::/32
Signature Algorithm: sha256WithRSAEncryption
88:0d:26:5b:26:b7:74:e6:aa:d1:8b:b4:e5:0e:6f:87:32:34:
2f:26:a7:01:31:99:ab:c3:87:68:4f:7b:24:57:47:a1:15:a8:
65:77:41:2c:86:67:c9:2f:1d:8e:e7:b9:35:66:f7:fa:82:2b:
33:d9:b9:81:5e:0e:e8:c7:fc:e8:7e:7f:79:58:48:3a:88:e9:
9a:c3:3c:0b:89:23:f6:1f:9e:1c:f1:b0:e3:04:70:04:9a:c2:
ad:85:77:86:b1:10:ab:c8:df:ad:d5:1f:3e:b2:4f:53:70:f0:
32:cd:23:62:60:20:d9:60:52:ba:e0:8b:9a:13:e2:7b:9a:98:
1b:6c:59:c5:ac:0d:6b:cb:0a:be:d7:19:e4:2f:d0:eb:3b:f4:
93:5d:33:58:65:8c:db:9a:29:6d:9a:f7:24:79:aa:6f:ad:19:
99:ad:a3:6f:8a:64:ef:05:f1:b6:c0:c7:18:e0:58:f1:97:9f:
ff:ee:2c:de:ca:d0:95:64:d3:38:b7:54:5d:98:84:d6:6d:24:
e2:5d:68:62:c5:5e:f4:ae:46:f2:3e:7c:75:6e:03:5a:18:64:
3a:f4:0b:83:ae:1d:35:9f:78:10:8e:26:84:a0:4d:f4:35:80:
e1:ec:24:ae:45:75:e9:b3:d7:61:3d:36:e3:02:04:d7:9a:86:
2c:02:e4:04
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgICKY0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2
QUYyMDcxNUMwHhcNMjQxMjMxMTU1MzIwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc0MTM3MC03NzIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr4aEhU+aVl1vb6BFHgj/KC2L31HY3/1gC7yMBHHnkAZ1XcNP+r3LKABSbYcl
zTExgvuvMgYyH22QKJ7obKmF5hop9JX84upwmYPm/iTr2o+LJ4iWhVlmAuuYPN9v
uQ9XzSYsf3ALj49TuOEgdNefD5aNxI8yhB3/FmRDezpuX5Clxr+yOOEEWzME61iW
K94b/6RLgVYy6TCe3XsgrivlwPVceUyiVq8rKHcNtiF+4bHXEaspa3dxQc4twuUn
Gnc6ogzuXWhTBJtAuLlkTU+YKqHewXyGmy2b3dcgY3KgBLbcDUFTZ9J/VIRyT4dc
cqsoNAOSl4cWD31Q7jdD+ge0eQIDAQABo4IC7jCCAuowHQYDVR0OBBYEFGvtkogd
gsp6XnsfCqBvyhBH+xctMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw
NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvRkVFNEY2NjRG
QzM1MTFFQzk1MTMwQTEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwweAYIKwYBBQUHAQcBAf8E
aTBnMEYEAgABMEADBAYxAEAwCgMDADHlAwMDMeADBAc6QAADAwA6iAMEAmcDQAME
AG4xcQMEAnOyOAMEB3cfAAMDALboAwQFylDgMB0EAgACMBcDBwAgAQ3yBAADBQAg
AUTIAwUAJAWYADANBgkqhkiG9w0BAQsFAAOCAQEAiA0mWya3dOaq0Yu05Q5vhzI0
LyanATGZq8OHaE97JFdHoRWoZXdBLIZnyS8djue5NWb3+oIrM9m5gV4O6Mf86H5/
eVhIOojpmsM8C4kj9h+eHPGw4wRwBJrCrYV3hrEQq8jfrdUfPrJPU3DwMs0jYmAg
2WBSuuCLmhPie5qYG2xZxawNa8sKvtcZ5C/Q6zv0k10zWGWM25opbZr3JHmqb60Z
ma2jb4pk7wXxtsDHGOBY8Zef/+4s3srQlWTTOLdUXZiE1m0k4l1oYsVe9K5G8j58
dW4DWhhkOvQLg64dNZ94EI4mhKBN9DWA4ewkrkV16bPXYT024wIE15qGLALkBA==
-----END CERTIFICATE-----
Generated at Sun Apr 27 02:37:07 2025 by rpki-client