Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/91E868D4902B11EF87435A54C4F9AE02.roa
File: 91E868D4902B11EF87435A54C4F9AE02.roa (raw, json)
Hash identifier: hlDssLyDweoJI1CWdf6PXWRb2ocZAW1+Z7Bn8Rhx/94=
Subject key identifier: 01:17:E2:B1:AA:D8:B0:94:03:9F:A7:92:C3:DC:FD:86:8B:17:86:56
Certificate issuer: /CN=A917E678/serialNumber=E243F3BE825569BB16ACB374BC98DABE690B17C1
Certificate serial: 064F
Authority key identifier: E2:43:F3:BE:82:55:69:BB:16:AC:B3:74:BC:98:DA:BE:69:0B:17:C1
Authority info access: rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/4kPzvoJVabsWrLN0vJjavmkLF8E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/91E868D4902B11EF87435A54C4F9AE02.roa
Signing time: Sun 26 Jan 2025 07:55:12 +0000
ROA not before: Sun 26 Jan 2025 07:55:12 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 136907
IP address blocks: 189.1.192.0/18 maxlen: 18
189.1.192.0/20 maxlen: 20
189.1.192.0/24 maxlen: 24
189.1.193.0/24 maxlen: 24
189.1.194.0/24 maxlen: 24
189.1.195.0/24 maxlen: 24
189.1.196.0/24 maxlen: 24
189.1.197.0/24 maxlen: 24
189.1.198.0/24 maxlen: 24
189.1.199.0/24 maxlen: 24
189.1.200.0/24 maxlen: 24
189.1.201.0/24 maxlen: 24
189.1.202.0/24 maxlen: 24
189.1.203.0/24 maxlen: 24
189.1.204.0/24 maxlen: 24
189.1.205.0/24 maxlen: 24
189.1.206.0/24 maxlen: 24
189.1.207.0/24 maxlen: 24
189.1.208.0/20 maxlen: 20
189.1.208.0/24 maxlen: 24
189.1.209.0/24 maxlen: 24
189.1.210.0/24 maxlen: 24
189.1.211.0/24 maxlen: 24
189.1.212.0/24 maxlen: 24
189.1.213.0/24 maxlen: 24
189.1.214.0/24 maxlen: 24
189.1.215.0/24 maxlen: 24
189.1.216.0/24 maxlen: 24
189.1.217.0/24 maxlen: 24
189.1.218.0/24 maxlen: 24
189.1.219.0/24 maxlen: 24
189.1.220.0/24 maxlen: 24
189.1.221.0/24 maxlen: 24
189.1.222.0/24 maxlen: 24
189.1.223.0/24 maxlen: 24
189.1.224.0/20 maxlen: 20
189.1.224.0/24 maxlen: 24
189.1.225.0/24 maxlen: 24
189.1.226.0/24 maxlen: 24
189.1.227.0/24 maxlen: 24
189.1.228.0/24 maxlen: 24
189.1.229.0/24 maxlen: 24
189.1.230.0/24 maxlen: 24
189.1.231.0/24 maxlen: 24
189.1.232.0/24 maxlen: 24
189.1.233.0/24 maxlen: 24
189.1.234.0/24 maxlen: 24
189.1.235.0/24 maxlen: 24
189.1.236.0/24 maxlen: 24
189.1.237.0/24 maxlen: 24
189.1.238.0/24 maxlen: 24
189.1.239.0/24 maxlen: 24
189.1.240.0/20 maxlen: 20
189.1.240.0/24 maxlen: 24
189.1.241.0/24 maxlen: 24
189.1.242.0/24 maxlen: 24
189.1.243.0/24 maxlen: 24
189.1.244.0/24 maxlen: 24
189.1.245.0/24 maxlen: 24
189.1.246.0/24 maxlen: 24
189.1.247.0/24 maxlen: 24
189.1.248.0/24 maxlen: 24
189.1.249.0/24 maxlen: 24
189.1.250.0/24 maxlen: 24
189.1.251.0/24 maxlen: 24
189.1.252.0/24 maxlen: 24
189.1.253.0/24 maxlen: 24
189.1.254.0/24 maxlen: 24
189.1.255.0/24 maxlen: 24
189.28.96.0/19 maxlen: 19
189.28.96.0/20 maxlen: 20
189.28.112.0/20 maxlen: 20
190.92.192.0/19 maxlen: 24
190.92.224.0/19 maxlen: 19
190.92.224.0/24 maxlen: 24
190.92.225.0/24 maxlen: 24
190.92.226.0/24 maxlen: 24
190.92.227.0/24 maxlen: 24
190.92.228.0/24 maxlen: 24
190.92.229.0/24 maxlen: 24
190.92.230.0/24 maxlen: 24
190.92.231.0/24 maxlen: 24
190.92.232.0/24 maxlen: 24
190.92.233.0/24 maxlen: 24
190.92.234.0/24 maxlen: 24
190.92.235.0/24 maxlen: 24
190.92.236.0/24 maxlen: 24
190.92.237.0/24 maxlen: 24
190.92.238.0/24 maxlen: 24
190.92.239.0/24 maxlen: 24
190.92.240.0/24 maxlen: 24
190.92.241.0/24 maxlen: 24
190.92.242.0/24 maxlen: 24
190.92.243.0/24 maxlen: 24
190.92.244.0/24 maxlen: 24
190.92.245.0/24 maxlen: 24
190.92.246.0/24 maxlen: 24
190.92.247.0/24 maxlen: 24
190.92.248.0/24 maxlen: 24
190.92.249.0/24 maxlen: 24
190.92.250.0/24 maxlen: 24
190.92.251.0/24 maxlen: 24
190.92.252.0/24 maxlen: 24
190.92.253.0/24 maxlen: 24
190.92.254.0/24 maxlen: 24
190.92.255.0/24 maxlen: 24
201.77.32.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1615 (0x64f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E678/serialNumber=E243F3BE825569BB16ACB374BC98DABE690B17C1
Validity
Not Before: Jan 26 07:55:12 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6795ea60-7083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:18:47:2d:eb:73:34:2a:5e:23:af:20:df:47:
c5:05:3f:15:78:9a:77:5e:23:c1:02:0d:b1:3e:94:
80:62:38:b7:7f:33:c0:0e:be:66:5d:46:82:53:a0:
e6:91:84:97:32:06:6f:5e:20:fc:f9:5d:b4:ae:12:
57:96:5c:eb:5a:36:c6:cd:a9:53:b6:0f:ae:0d:38:
9c:c9:f5:98:ec:dc:94:a8:99:21:9c:44:f4:e7:57:
35:f6:6a:e1:c1:57:eb:17:49:ed:e0:95:a0:5b:47:
b0:99:b0:d6:c8:da:af:88:b9:9a:59:c7:e9:76:29:
0d:f0:5e:f6:e0:10:eb:50:85:e3:06:95:59:dc:15:
dd:25:20:15:2d:f9:97:6d:5e:a3:69:46:b8:39:90:
e5:3f:b3:b2:8f:6f:f0:ee:de:0d:0a:12:47:32:83:
c5:6d:ba:f0:42:05:f0:f4:77:60:6f:39:64:39:3b:
ad:68:66:1d:a1:ef:a0:41:fb:c7:e0:60:7f:09:c8:
2b:f5:fb:1d:50:5a:e6:da:fe:97:de:c8:d2:9a:b0:
6d:2e:2b:50:f4:3d:3f:0c:cf:4b:74:0a:34:25:af:
89:00:20:de:7e:82:7d:31:a1:2e:a6:c5:0b:22:2a:
7d:15:f8:e3:6d:91:a4:cf:84:07:e3:5a:ad:3a:46:
37:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:17:E2:B1:AA:D8:B0:94:03:9F:A7:92:C3:DC:FD:86:8B:17:86:56
X509v3 Authority Key Identifier:
keyid:E2:43:F3:BE:82:55:69:BB:16:AC:B3:74:BC:98:DA:BE:69:0B:17:C1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/4kPzvoJVabsWrLN0vJjavmkLF8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/4kPzvoJVabsWrLN0vJjavmkLF8E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/91E868D4902B11EF87435A54C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
189.1.192.0/18
189.28.96.0/19
190.92.192.0/18
201.77.32.0/20
Signature Algorithm: sha256WithRSAEncryption
53:08:86:32:14:a7:db:79:15:5d:6f:a4:06:dd:0e:78:bb:7d:
72:72:38:26:64:5c:f0:54:3a:d3:d8:57:26:b2:2f:a3:1e:d1:
95:3b:94:6c:62:df:a6:a6:28:5e:03:a0:b9:d2:03:51:97:03:
74:78:2d:e9:72:9a:17:f8:a5:72:86:d6:d5:9a:52:70:2a:33:
cd:4a:7a:7d:65:d2:f9:66:5b:1f:81:04:f9:53:ee:70:ff:49:
69:be:39:11:ac:20:a4:e7:da:eb:ed:dc:64:84:2b:25:3a:fc:
a6:48:fb:0b:2d:35:4b:e8:77:fc:2d:fb:05:ac:17:2e:df:b7:
55:15:41:fe:ef:82:63:4d:17:cd:06:ce:ea:a9:c5:33:3e:4d:
ae:9e:f4:83:53:04:cb:32:0c:a6:a5:b9:4f:36:56:59:00:a4:
bc:5e:15:81:9f:9a:4b:51:9e:52:f4:1f:95:0e:ef:27:d8:e8:
77:ae:b3:e8:65:51:e3:f3:6a:22:67:2e:f5:c0:6c:2e:fb:4b:
b1:a2:87:c3:4c:0c:3a:7a:55:7e:61:2a:e8:00:df:a2:9a:80:
2e:2a:9a:b7:6e:9e:10:9e:a6:cd:95:57:56:5f:6f:ae:8a:b0:
1c:13:8e:21:af:57:aa:15:b4:e1:75:fa:50:61:5f:71:cd:7a:
4a:7a:37:b2
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBk8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0U2NzgxMTAvBgNVBAUTKEUyNDNGM0JFODI1NTY5QkIxNkFDQjM3NEJDOThEQUJF
NjkwQjE3QzEwHhcNMjUwMTI2MDc1NTEyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk1ZWE2MC03MDgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4RhHLetzNCpeI68g30fFBT8VeJp3XiPBAg2xPpSAYji3fzPADr5mXUaCU6Dm
kYSXMgZvXiD8+V20rhJXllzrWjbGzalTtg+uDTicyfWY7NyUqJkhnET051c19mrh
wVfrF0nt4JWgW0ewmbDWyNqviLmaWcfpdikN8F724BDrUIXjBpVZ3BXdJSAVLfmX
bV6jaUa4OZDlP7Oyj2/w7t4NChJHMoPFbbrwQgXw9HdgbzlkOTutaGYdoe+gQfvH
4GB/Ccgr9fsdUFrm2v6X3sjSmrBtLitQ9D0/DM9LdAo0Ja+JACDefoJ9MaEupsUL
Iip9FfjjbZGkz4QH41qtOkY3RQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFAEX4rGq
2LCUA5+nksPc/YaLF4ZWMB8GA1UdIwQYMBaAFOJD876CVWm7FqyzdLyY2r5pCxfB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC9CODk3QzU4MkEx
OUMxMUVCOTJBMkRGMjlDNEY5QUUwMi80a1B6dm9KVmFic1dyTE4wdkpqYXZta0xG
OEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I0QTFCRUE2MUQ2NjExRTJCMkNEOEI3Qzcy
RkQxRkYyLzRrUHp2b0pWYWJzV3JMTjB2Smphdm1rTEY4RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0U2NzgvQjg5N0M1ODJBMTlDMTFFQjkyQTJERjI5QzRGOUFFMDIvOTFFODY4RDQ5
MDJCMTFFRjg3NDM1QTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAa9AcADBAW9HGADBAa+XMADBATJTSAwDQYJKoZIhvcNAQEL
BQADggEBAFMIhjIUp9t5FV1vpAbdDni7fXJyOCZkXPBUOtPYVyayL6Me0ZU7lGxi
36amKF4DoLnSA1GXA3R4Lelymhf4pXKG1tWaUnAqM81Ken1l0vlmWx+BBPlT7nD/
SWm+ORGsIKTn2uvt3GSEKyU6/KZI+wstNUvod/wt+wWsFy7ft1UVQf7vgmNNF80G
zuqpxTM+Ta6e9INTBMsyDKaluU82VlkApLxeFYGfmktRnlL0H5UO7yfY6Heus+hl
UePzaiJnLvXAbC77S7Gih8NMDDp6VX5hKugA36KagC4qmrdunhCeps2VV1Zfb66K
sBwTjiGvV6oVtOF1+lBhX3HNekp6N7I=
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:39:23 2025 by rpki-client