Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916814B/FB606F56162E11E8B8DE2669C4F9AE02/B4450EF68E5311EBB81E6C70C4F9AE02.roa
File: B4450EF68E5311EBB81E6C70C4F9AE02.roa (raw, json)
Hash identifier: mykXr6ve/cwvr+LfcirysCKrHVhRt9J9fVkHn/0QFbY=
Subject key identifier: AB:FF:B3:AD:1A:85:B1:FA:C5:FC:B9:D4:7A:3E:F5:DB:71:76:6A:3E
Certificate issuer: /CN=A916814B/serialNumber=0958F097CAE4297DF27282E4183E3AF1424C8F7E
Certificate serial: 15DE
Authority key identifier: 09:58:F0:97:CA:E4:29:7D:F2:72:82:E4:18:3E:3A:F1:42:4C:8F:7E
Authority info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/CVjwl8rkKX3ycoLkGD468UJMj34.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916814B/FB606F56162E11E8B8DE2669C4F9AE02/B4450EF68E5311EBB81E6C70C4F9AE02.roa
Signing time: Sat 04 Jan 2025 16:54:38 +0000
ROA not before: Sat 04 Jan 2025 16:54:38 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 55446
IP address blocks: 196.1.105.0/24 maxlen: 24
196.1.106.0/24 maxlen: 24
196.1.110.0/23 maxlen: 23
196.1.110.0/24 maxlen: 24
196.1.111.0/24 maxlen: 24
196.1.111.0/25 maxlen: 25
196.1.111.128/27 maxlen: 27
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5598 (0x15de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916814B/serialNumber=0958F097CAE4297DF27282E4183E3AF1424C8F7E
Validity
Not Before: Jan 4 16:54:38 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=677967cd-4933
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:10:fb:39:e2:ff:ff:8e:f0:4f:22:52:7f:34:
00:7b:1e:d1:c5:de:c6:e3:44:28:0c:3f:23:12:51:
3d:ff:e2:5a:c7:02:d7:4f:fe:f1:63:d6:ba:8a:53:
b2:64:eb:b1:45:93:ae:c9:48:b3:6f:aa:b1:24:18:
08:37:70:32:7e:4b:70:f2:a1:55:84:47:71:d7:3a:
9a:ed:a6:67:78:b4:93:43:14:49:48:93:84:1c:30:
f4:22:87:27:e2:d4:cb:7c:37:5a:18:66:c4:78:48:
0c:53:92:5e:c9:82:07:a8:c0:46:f6:bb:3c:ff:90:
7f:e5:81:1d:3d:b1:bb:50:bf:f3:c1:07:3b:59:ca:
13:23:ef:99:41:34:09:46:b1:cc:dd:5c:05:75:4e:
53:01:16:b9:67:61:8f:47:71:34:77:81:c5:0b:91:
c1:e3:eb:5e:69:4f:8e:ab:a1:bd:91:e1:66:8b:7f:
12:09:d3:5c:2a:95:5e:15:11:e0:cc:6b:4d:e5:42:
4d:d4:27:52:78:b7:7f:65:09:fa:f8:7d:25:ea:99:
21:b5:a1:64:6f:54:b2:8f:98:f7:6d:2f:79:9f:14:
b7:26:9f:48:d3:ad:37:10:07:75:10:27:b2:ed:dd:
01:99:51:3c:98:12:37:b3:1d:56:89:8d:05:8b:81:
02:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:FF:B3:AD:1A:85:B1:FA:C5:FC:B9:D4:7A:3E:F5:DB:71:76:6A:3E
X509v3 Authority Key Identifier:
keyid:09:58:F0:97:CA:E4:29:7D:F2:72:82:E4:18:3E:3A:F1:42:4C:8F:7E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916814B/FB606F56162E11E8B8DE2669C4F9AE02/CVjwl8rkKX3ycoLkGD468UJMj34.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/CVjwl8rkKX3ycoLkGD468UJMj34.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916814B/FB606F56162E11E8B8DE2669C4F9AE02/B4450EF68E5311EBB81E6C70C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.1.105.0-196.1.106.255
196.1.110.0/23
Signature Algorithm: sha256WithRSAEncryption
39:01:64:b1:5a:0c:f7:bd:10:76:ce:9f:21:68:7a:69:11:2a:
1b:61:3f:d6:c4:1f:42:0c:7c:5e:b1:ee:b1:a9:aa:81:34:90:
ec:59:d3:6e:43:41:14:da:26:88:67:7a:d5:cf:5c:75:cf:0b:
cf:87:6c:54:58:64:55:4d:5e:df:3b:57:90:74:40:16:d0:c4:
cc:2b:0f:41:a7:6d:ec:57:47:d1:73:88:49:b1:d4:88:13:e5:
69:93:1b:4b:95:1c:6e:9a:6a:31:c7:0d:9a:6c:30:09:a4:9f:
fe:86:4f:a4:ab:48:89:c9:de:91:78:94:8f:b7:b2:62:3a:df:
e0:e4:e4:63:3f:4a:3d:02:90:bc:ae:ad:9d:0e:02:a9:35:7c:
87:b3:38:db:64:3a:e0:61:9a:00:8c:33:e5:c3:38:ad:7d:55:
2a:ca:40:70:02:82:51:c7:13:71:45:13:9f:28:35:f9:f5:4a:
fe:21:17:9e:eb:4f:42:54:c4:7b:21:95:7f:72:f2:0e:8b:48:
6f:d0:71:d9:36:7c:f5:9d:70:08:d4:c8:a1:e3:dd:21:fb:b3:
32:c0:2e:33:00:24:23:08:17:fd:25:1c:2b:ad:29:fc:15:0c:
ff:6a:ca:8b:e1:25:b5:e3:4d:08:08:1f:52:98:66:58:a7:55:
0a:ce:34:1e
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICFd4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjgxNEIxMTAvBgNVBAUTKDA5NThGMDk3Q0FFNDI5N0RGMjcyODJFNDE4M0UzQUYx
NDI0QzhGN0UwHhcNMjUwMTA0MTY1NDM4WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc5NjdjZC00OTMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoxD7OeL//47wTyJSfzQAex7Rxd7G40QoDD8jElE9/+JaxwLXT/7xY9a6ilOy
ZOuxRZOuyUizb6qxJBgIN3Ayfktw8qFVhEdx1zqa7aZneLSTQxRJSJOEHDD0Iocn
4tTLfDdaGGbEeEgMU5JeyYIHqMBG9rs8/5B/5YEdPbG7UL/zwQc7WcoTI++ZQTQJ
RrHM3VwFdU5TARa5Z2GPR3E0d4HFC5HB4+teaU+Oq6G9keFmi38SCdNcKpVeFRHg
zGtN5UJN1CdSeLd/ZQn6+H0l6pkhtaFkb1Syj5j3bS95nxS3Jp9I0603EAd1ECey
7d0BmVE8mBI3sx1WiY0Fi4EC+QIDAQABo4ICozCCAp8wHQYDVR0OBBYEFKv/s60a
hbH6xfy51Ho+9dtxdmo+MB8GA1UdIwQYMBaAFAlY8JfK5Cl98nKC5Bg+OvFCTI9+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2ODE0Qi9GQjYwNkY1NjE2
MkUxMUU4QjhERTI2NjlDNEY5QUUwMi9DVmp3bDhya0tYM3ljb0xrR0Q0NjhVSk1q
MzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I0MUZFNjEwMUQ2NjExRTJBNjJGODc3Qzcy
RkQxRkYyL0NWandsOHJrS1gzeWNvTGtHRDQ2OFVKTWozNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjgxNEIvRkI2MDZGNTYxNjJFMTFFOEI4REUyNjY5QzRGOUFFMDIvQjQ0NTBFRjY4
RTUzMTFFQkI4MUU2QzcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEAMQBaQMEAMQBagMEAcQBbjANBgkqhkiG9w0BAQsFAAOC
AQEAOQFksVoM970Qds6fIWh6aREqG2E/1sQfQgx8XrHusamqgTSQ7FnTbkNBFNom
iGd61c9cdc8Lz4dsVFhkVU1e3ztXkHRAFtDEzCsPQadt7FdH0XOISbHUiBPlaZMb
S5UcbppqMccNmmwwCaSf/oZPpKtIicnekXiUj7eyYjrf4OTkYz9KPQKQvK6tnQ4C
qTV8h7M422Q64GGaAIwz5cM4rX1VKspAcAKCUccTcUUTnyg1+fVK/iEXnutPQlTE
eyGVf3LyDotIb9Bx2TZ89Z1wCNTIoePdIfuzMsAuMwAkIwgX/SUcK60p/BUM/2rK
i+ElteNNCAgfUphmWKdVCs40Hg==
-----END CERTIFICATE-----
Generated at Mon Apr 28 16:12:54 2025 by rpki-client