Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919536C/75B98BF0366011EE88E0F530C4F9AE02/AEC0C8428C5811EFA0E8E859C4F9AE02.roa
File: AEC0C8428C5811EFA0E8E859C4F9AE02.roa (raw, json)
Hash identifier: RRetVybUwFxGaSKknNCaa7/I6tqAGe/pCAUndWUR9fw=
Subject key identifier: C7:AD:8D:BB:9D:A8:78:50:98:DB:58:5E:43:F8:D1:7E:CE:2F:1E:E7
Certificate issuer: /CN=A919536C/serialNumber=A090E520BF9D51F2FDCEED413AF27AC758F6AE1D
Certificate serial: 0129
Authority key identifier: A0:90:E5:20:BF:9D:51:F2:FD:CE:ED:41:3A:F2:7A:C7:58:F6:AE:1D
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oJDlIL-dUfL9zu1BOvJ6x1j2rh0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919536C/75B98BF0366011EE88E0F530C4F9AE02/AEC0C8428C5811EFA0E8E859C4F9AE02.roa
Signing time: Mon 04 Nov 2024 19:24:14 +0000
ROA not before: Mon 04 Nov 2024 19:24:14 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 132280
IP address blocks: 96.30.74.0/23 maxlen: 24
96.30.76.0/23 maxlen: 24
96.30.80.0/22 maxlen: 22
96.30.83.0/24 maxlen: 24
96.30.88.0/23 maxlen: 24
96.30.90.0/23 maxlen: 24
96.30.92.0/22 maxlen: 22
96.30.93.0/24 maxlen: 24
96.30.94.0/23 maxlen: 23
96.30.96.0/22 maxlen: 23
96.30.97.0/24 maxlen: 24
96.30.104.0/23 maxlen: 24
96.30.106.0/24 maxlen: 24
96.30.110.0/24 maxlen: 24
96.30.113.0/24 maxlen: 24
96.30.114.0/23 maxlen: 24
96.30.116.0/22 maxlen: 23
96.30.116.0/24 maxlen: 24
96.30.120.0/23 maxlen: 23
96.30.120.0/24 maxlen: 24
96.30.123.0/24 maxlen: 24
96.30.124.0/24 maxlen: 24
96.30.125.0/24 maxlen: 24
96.30.126.0/23 maxlen: 24
146.88.32.0/20 maxlen: 21
146.88.32.0/22 maxlen: 22
146.88.32.0/24 maxlen: 24
146.88.33.0/24 maxlen: 24
146.88.40.0/24 maxlen: 24
146.88.48.0/22 maxlen: 23
146.88.56.0/23 maxlen: 24
146.88.58.0/24 maxlen: 24
146.88.59.0/24 maxlen: 24
146.88.60.0/24 maxlen: 24
146.88.61.0/24 maxlen: 24
146.88.62.0/24 maxlen: 24
146.88.63.0/24 maxlen: 24
161.82.128.0/17 maxlen: 19
161.82.128.0/21 maxlen: 22
161.82.135.0/24 maxlen: 24
161.82.136.0/21 maxlen: 22
161.82.138.0/24 maxlen: 24
161.82.142.0/24 maxlen: 24
161.82.144.0/21 maxlen: 22
161.82.146.0/24 maxlen: 24
161.82.152.0/21 maxlen: 22
161.82.156.0/24 maxlen: 24
161.82.157.0/24 maxlen: 24
161.82.160.0/21 maxlen: 22
161.82.164.0/24 maxlen: 24
161.82.168.0/21 maxlen: 22
161.82.173.0/24 maxlen: 24
161.82.176.0/21 maxlen: 22
161.82.180.0/24 maxlen: 24
161.82.182.0/24 maxlen: 24
161.82.184.0/21 maxlen: 22
161.82.189.0/24 maxlen: 24
161.82.192.0/21 maxlen: 22
161.82.197.0/24 maxlen: 24
161.82.200.0/21 maxlen: 22
161.82.203.0/24 maxlen: 24
161.82.204.0/24 maxlen: 24
161.82.208.0/21 maxlen: 22
161.82.208.0/24 maxlen: 24
161.82.210.0/24 maxlen: 24
161.82.211.0/24 maxlen: 24
161.82.212.0/24 maxlen: 24
161.82.213.0/24 maxlen: 24
161.82.214.0/24 maxlen: 24
161.82.216.0/21 maxlen: 22
161.82.216.0/24 maxlen: 24
161.82.220.0/24 maxlen: 24
161.82.221.0/24 maxlen: 24
161.82.222.0/24 maxlen: 24
161.82.223.0/24 maxlen: 24
161.82.224.0/19 maxlen: 22
161.82.226.0/24 maxlen: 24
161.82.233.0/24 maxlen: 24
161.82.237.0/24 maxlen: 24
161.82.246.0/24 maxlen: 24
161.82.248.0/24 maxlen: 24
161.82.249.0/24 maxlen: 24
161.82.250.0/24 maxlen: 24
161.82.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 297 (0x129)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919536C/serialNumber=A090E520BF9D51F2FDCEED413AF27AC758F6AE1D
Validity
Not Before: Nov 4 19:24:14 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67291f5e-0030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:42:92:5a:5f:8f:90:4f:4f:89:c7:ed:1f:5d:
bd:92:05:f7:2f:81:7a:23:32:2b:b1:99:9d:30:3d:
a7:05:2b:5f:5c:7c:9b:3f:24:1b:39:66:97:13:08:
d2:6a:07:ee:c1:f9:12:43:b8:9e:39:94:e3:ea:c0:
35:f5:89:b4:89:e7:bd:1b:5b:02:f7:13:89:10:cf:
38:d5:19:ed:06:09:3f:02:c8:ac:24:68:36:8b:52:
10:6f:fe:44:3c:c8:66:9f:9f:3d:55:9b:fa:a7:36:
f4:90:8a:2c:ca:4c:fc:a4:c3:04:b0:ac:0f:ed:3a:
9e:8b:02:db:cd:51:ac:2f:af:0c:2d:ad:4b:fc:2c:
61:e9:a6:69:a3:e5:2d:97:c1:28:9f:52:61:82:0c:
43:8c:40:0f:14:fd:5f:3f:ac:ce:fa:69:e4:19:03:
61:c4:1b:1a:c9:e0:3d:07:33:a2:9c:19:91:57:ae:
e6:24:31:c2:48:f3:55:54:41:c0:ee:ce:31:03:bd:
91:73:00:9c:77:89:22:49:13:a2:52:fb:30:c1:67:
bb:0f:69:65:dc:1c:7c:e2:dd:eb:02:c3:97:21:95:
73:b2:64:5f:8d:f5:36:2a:d3:2e:d2:8f:2f:d8:dd:
aa:d0:38:f4:d7:87:22:4e:7b:86:19:4d:25:98:a1:
4b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:AD:8D:BB:9D:A8:78:50:98:DB:58:5E:43:F8:D1:7E:CE:2F:1E:E7
X509v3 Authority Key Identifier:
keyid:A0:90:E5:20:BF:9D:51:F2:FD:CE:ED:41:3A:F2:7A:C7:58:F6:AE:1D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919536C/75B98BF0366011EE88E0F530C4F9AE02/oJDlIL-dUfL9zu1BOvJ6x1j2rh0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oJDlIL-dUfL9zu1BOvJ6x1j2rh0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919536C/75B98BF0366011EE88E0F530C4F9AE02/AEC0C8428C5811EFA0E8E859C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
96.30.74.0-96.30.77.255
96.30.80.0/22
96.30.88.0-96.30.99.255
96.30.104.0-96.30.106.255
96.30.110.0/24
96.30.113.0-96.30.121.255
96.30.123.0-96.30.127.255
146.88.32.0-146.88.51.255
146.88.56.0/21
161.82.128.0/17
Signature Algorithm: sha256WithRSAEncryption
ac:de:8d:9e:ca:0f:f0:7c:cc:26:b9:8e:59:7a:b5:9c:ea:40:
3d:1b:d9:6d:83:7f:a1:a3:b0:d1:0b:6b:fd:c5:9e:00:94:ab:
28:9f:99:1d:12:ad:3e:f9:f7:ea:53:97:85:fe:6f:0c:22:68:
2a:fb:c8:32:c9:60:65:7f:41:db:7f:bb:b3:cc:ee:67:74:77:
bf:18:24:2d:41:a1:8b:a8:d9:01:f8:d0:92:89:cf:0e:7a:90:
f1:b1:41:46:78:41:c2:57:69:4a:bd:62:49:a3:4c:a1:5f:f1:
ec:e7:72:4f:3f:c2:aa:3c:ab:dd:7c:c8:15:98:58:d3:e2:79:
45:64:56:09:48:89:58:c4:38:77:99:cf:db:f0:20:07:5c:d5:
4e:f0:68:61:36:e8:47:1e:42:db:9f:b5:e2:1e:c5:84:c0:eb:
e4:46:f8:2a:25:ae:61:c1:37:67:2c:93:85:6b:33:33:f9:20:
3e:eb:27:dc:3d:02:0f:ad:1f:5d:d9:0f:8c:fd:03:86:01:97:
0f:69:5d:3c:1c:0d:5b:c7:19:02:5d:e2:03:80:84:29:4f:56:
de:a1:4e:d2:6f:e4:26:26:50:8f:c6:81:57:ab:fd:70:ee:6a:
c0:66:e9:22:55:ba:2c:a1:40:1f:23:86:05:6b:2f:19:f2:6f:
9d:d6:22:a5
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgICASkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTUzNkMxMTAvBgNVBAUTKEEwOTBFNTIwQkY5RDUxRjJGRENFRUQ0MTNBRjI3QUM3
NThGNkFFMUQwHhcNMjQxMTA0MTkyNDE0WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI5MWY1ZS0wMDMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqkKSWl+PkE9PicftH129kgX3L4F6IzIrsZmdMD2nBStfXHybPyQbOWaXEwjS
agfuwfkSQ7ieOZTj6sA19Ym0iee9G1sC9xOJEM841RntBgk/AsisJGg2i1IQb/5E
PMhmn589VZv6pzb0kIosykz8pMMEsKwP7TqeiwLbzVGsL68MLa1L/Cxh6aZpo+Ut
l8Eon1JhggxDjEAPFP1fP6zO+mnkGQNhxBsayeA9BzOinBmRV67mJDHCSPNVVEHA
7s4xA72RcwCcd4kiSROiUvswwWe7D2ll3Bx84t3rAsOXIZVzsmRfjfU2KtMu0o8v
2N2q0Dj014ciTnuGGU0lmKFLrQIDAQABo4IC/DCCAvgwHQYDVR0OBBYEFMetjbud
qHhQmNtYXkP40X7OLx7nMB8GA1UdIwQYMBaAFKCQ5SC/nVHy/c7tQTryesdY9q4d
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTM2Qy83NUI5OEJGMDM2
NjAxMUVFODhFMEY1MzBDNEY5QUUwMi9vSkRsSUwtZFVmTDl6dTFCT3ZKNngxajJy
aDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL29KRGxJTC1kVWZMOXp1MUJPdko2eDFqMnJoMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTUzNkMvNzVCOThCRjAzNjYwMTFFRTg4RTBGNTMwQzRGOUFFMDIvQUVDMEM4NDI4
QzU4MTFFRkEwRThFODU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYUGCCsGAQUFBwEHAQH/
BHYwdDByBAIAATBsMAwDBAFgHkoDBAFgHkwDBAJgHlAwDAMEA2AeWAMEAmAeYDAM
AwQDYB5oAwQAYB5qAwQAYB5uMAwDBABgHnEDBAFgHngwDAMEAGAeewMEB2AeADAM
AwQFklggAwQCklgwAwQDklg4AwQHoVKAMA0GCSqGSIb3DQEBCwUAA4IBAQCs3o2e
yg/wfMwmuY5ZerWc6kA9G9ltg3+ho7DRC2v9xZ4AlKson5kdEq0++ffqU5eF/m8M
Imgq+8gyyWBlf0Hbf7uzzO5ndHe/GCQtQaGLqNkB+NCSic8OepDxsUFGeEHCV2lK
vWJJo0yhX/Hs53JPP8KqPKvdfMgVmFjT4nlFZFYJSIlYxDh3mc/b8CAHXNVO8Ghh
NuhHHkLbn7XiHsWEwOvkRvgqJa5hwTdnLJOFazMz+SA+6yfcPQIPrR9d2Q+M/QOG
AZcPaV08HA1bxxkCXeIDgIQpT1beoU7Sb+QmJlCPxoFXq/1w7mrAZukiVbosoUAf
I4YFay8Z8m+d1iKl
-----END CERTIFICATE-----
Generated at Tue Apr 29 15:01:05 2025 by rpki-client