Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9122C94/6AE202A6A1D011EB92A2DF29C4F9AE02/DFA876BAA1D011EB909F3352C4F9AE02.roa
File: DFA876BAA1D011EB909F3352C4F9AE02.roa (raw, json)
Hash identifier: iU7wUJ3hXR1AJP4W6iQ9Q4xhVfpuGa8z3zC49Uy6j+E=
Subject key identifier: F6:79:31:B8:46:BF:85:A5:7E:0C:89:49:5D:9C:15:B9:F6:EE:E9:80
Certificate issuer: /CN=A9122C94/serialNumber=91772A9A6C39719F8A6E6971636D484EDE43A650
Certificate serial: 05A1
Authority key identifier: 91:77:2A:9A:6C:39:71:9F:8A:6E:69:71:63:6D:48:4E:DE:43:A6:50
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kXcqmmw5cZ-KbmlxY21ITt5DplA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9122C94/6AE202A6A1D011EB92A2DF29C4F9AE02/DFA876BAA1D011EB909F3352C4F9AE02.roa
Signing time: Tue 24 Sep 2024 22:11:36 +0000
ROA not before: Tue 24 Sep 2024 22:11:36 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 133066
IP address blocks: 64.224.144.0/20 maxlen: 20
64.224.144.0/24 maxlen: 24
64.224.145.0/24 maxlen: 24
64.224.146.0/24 maxlen: 24
64.224.147.0/24 maxlen: 24
64.224.148.0/24 maxlen: 24
64.224.149.0/24 maxlen: 24
64.224.150.0/24 maxlen: 24
64.224.151.0/24 maxlen: 24
64.224.152.0/24 maxlen: 24
64.224.153.0/24 maxlen: 24
64.224.154.0/24 maxlen: 24
64.224.155.0/24 maxlen: 24
64.224.156.0/24 maxlen: 24
64.224.157.0/24 maxlen: 24
64.224.158.0/24 maxlen: 24
64.224.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1441 (0x5a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9122C94/serialNumber=91772A9A6C39719F8A6E6971636D484EDE43A650
Validity
Not Before: Sep 24 22:11:36 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66f33918-c929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2a:c2:aa:45:3b:81:4d:c4:0b:9f:8b:55:58:
8f:21:73:65:b6:98:df:ae:f7:e2:6c:05:81:38:c4:
65:1a:07:cf:f2:0a:8c:86:79:54:21:4e:9d:8b:24:
8a:7e:a6:5e:0d:73:0b:a3:64:f8:6d:0d:3b:42:84:
9a:24:82:53:3b:93:25:3a:aa:b3:96:57:b0:3b:3f:
88:a0:5c:07:52:18:81:31:34:ca:8d:eb:e7:04:79:
8d:91:78:4e:9e:76:d7:b9:b6:5c:8f:c1:80:c0:0d:
66:a2:16:10:3e:4d:61:ca:1a:c4:37:0d:79:25:32:
fe:54:5d:9b:61:36:34:85:a3:5d:e5:7e:53:86:a0:
d2:d8:af:66:8f:4f:1e:46:c4:53:21:0f:6c:7e:a9:
98:1e:71:03:ad:95:a3:e4:b9:4e:bb:0f:be:47:93:
80:ce:df:c5:b2:80:a1:b2:38:f5:d2:91:2f:4f:aa:
27:ad:32:b8:29:d7:84:c0:e4:9c:66:ab:ee:bf:27:
bf:c3:ff:32:76:46:a2:ae:43:06:93:86:d9:89:4a:
80:2c:ab:05:36:6f:47:37:b6:9f:53:57:50:12:d2:
19:32:66:e0:83:60:07:f1:28:40:e5:2c:d3:23:cd:
71:a7:a8:b6:a9:5c:c0:52:ba:6d:86:fd:3c:f9:e9:
fb:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:79:31:B8:46:BF:85:A5:7E:0C:89:49:5D:9C:15:B9:F6:EE:E9:80
X509v3 Authority Key Identifier:
keyid:91:77:2A:9A:6C:39:71:9F:8A:6E:69:71:63:6D:48:4E:DE:43:A6:50
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9122C94/6AE202A6A1D011EB92A2DF29C4F9AE02/kXcqmmw5cZ-KbmlxY21ITt5DplA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kXcqmmw5cZ-KbmlxY21ITt5DplA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122C94/6AE202A6A1D011EB92A2DF29C4F9AE02/DFA876BAA1D011EB909F3352C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
64.224.144.0/20
Signature Algorithm: sha256WithRSAEncryption
10:33:f1:a5:88:07:77:aa:47:4c:88:0a:44:c4:48:71:d3:de:
ff:1f:4e:05:39:d6:c8:37:03:ba:7a:ea:5f:9c:ae:dc:c8:99:
af:b7:88:60:23:2d:3e:dd:36:cd:34:4b:3b:fa:f5:be:07:e7:
02:95:09:a5:1c:f4:96:c1:d7:1b:d6:6c:ad:78:49:dd:0f:aa:
46:5f:84:ec:9e:4f:17:08:98:18:9a:8c:43:0e:46:f8:b5:55:
93:9d:aa:5c:36:1e:c0:ef:1a:37:11:fa:c0:92:1d:bb:9c:03:
f4:00:c6:57:6b:e7:e7:aa:82:67:9a:a4:1e:0f:3f:de:c6:83:
2b:62:80:39:3e:a9:27:64:a2:19:02:a1:f3:ef:39:1e:69:39:
17:c3:1e:ba:cd:65:f8:59:99:41:ab:0a:36:97:e8:da:63:14:
b1:f3:e8:64:b8:63:ff:94:f5:ef:d0:f5:22:e2:b2:53:de:a1:
a6:5c:cc:26:93:87:1a:ae:69:a8:91:4c:88:62:b7:1d:18:b0:
a0:5c:18:5f:31:7c:83:5e:fb:b8:39:e8:b6:33:94:60:2c:69:
fb:3d:77:57:03:68:b2:3f:f3:70:76:31:e2:f0:4d:40:0c:a9:
39:a6:5a:a2:b7:43:08:a8:e3:b9:27:57:2a:a0:d5:1f:11:6c:
69:0f:03:92
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBaEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjJDOTQxMTAvBgNVBAUTKDkxNzcyQTlBNkMzOTcxOUY4QTZFNjk3MTYzNkQ0ODRF
REU0M0E2NTAwHhcNMjQwOTI0MjIxMTM2WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYzMzkxOC1jOTI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxCrCqkU7gU3EC5+LVViPIXNltpjfrvfibAWBOMRlGgfP8gqMhnlUIU6diySK
fqZeDXMLo2T4bQ07QoSaJIJTO5MlOqqzllewOz+IoFwHUhiBMTTKjevnBHmNkXhO
nnbXubZcj8GAwA1mohYQPk1hyhrENw15JTL+VF2bYTY0haNd5X5ThqDS2K9mj08e
RsRTIQ9sfqmYHnEDrZWj5LlOuw++R5OAzt/FsoChsjj10pEvT6onrTK4KdeEwOSc
Zqvuvye/w/8ydkairkMGk4bZiUqALKsFNm9HN7afU1dQEtIZMmbgg2AH8ShA5SzT
I81xp6i2qVzAUrpthv08+en71QIDAQABo4IClTCCApEwHQYDVR0OBBYEFPZ5MbhG
v4WlfgyJSV2cFbn27umAMB8GA1UdIwQYMBaAFJF3KppsOXGfim5pcWNtSE7eQ6ZQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMkM5NC82QUUyMDJBNkEx
RDAxMUVCOTJBMkRGMjlDNEY5QUUwMi9rWGNxbW13NWNaLUtibWx4WTIxSVR0NURw
bEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2tYY3FtbXc1Y1otS2JtbHhZMjFJVHQ1RHBsQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjJDOTQvNkFFMjAyQTZBMUQwMTFFQjkyQTJERjI5QzRGOUFFMDIvREZBODc2QkFB
MUQwMTFFQjkwOUYzMzUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBARA4JAwDQYJKoZIhvcNAQELBQADggEBABAz8aWIB3eqR0yI
CkTESHHT3v8fTgU51sg3A7p66l+crtzIma+3iGAjLT7dNs00Szv69b4H5wKVCaUc
9JbB1xvWbK14Sd0PqkZfhOyeTxcImBiajEMORvi1VZOdqlw2HsDvGjcR+sCSHbuc
A/QAxldr5+eqgmeapB4PP97GgytigDk+qSdkohkCofPvOR5pORfDHrrNZfhZmUGr
CjaX6NpjFLHz6GS4Y/+U9e/Q9SLislPeoaZczCaThxquaaiRTIhitx0YsKBcGF8x
fINe+7g56LYzlGAsafs9d1cDaLI/83B2MeLwTUAMqTmmWqK3Qwio47knVyqg1R8R
bGkPA5I=
-----END CERTIFICATE-----
Generated at Tue Apr 29 07:14:46 2025 by rpki-client