Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9195BA9/D891478C838E11EA8CEA0960C4F9AE02/54DD69FA839011EAB5B82263C4F9AE02.roa
File: 54DD69FA839011EAB5B82263C4F9AE02.roa (raw, json)
Hash identifier: YJ7W6HYFgOqdoVWF2hJtmCaUJf59puKnAmoMTngU5VA=
Subject key identifier: 25:57:C5:53:6F:37:E4:2E:94:E4:42:4A:AF:0E:4A:CF:79:AB:F2:F7
Certificate issuer: /CN=A9195BA9/serialNumber=2245AD91543ADDAD78123DD415D659BB52D5FB62
Certificate serial: 0973
Authority key identifier: 22:45:AD:91:54:3A:DD:AD:78:12:3D:D4:15:D6:59:BB:52:D5:FB:62
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IkWtkVQ63a14Ej3UFdZZu1LV-2I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9195BA9/D891478C838E11EA8CEA0960C4F9AE02/54DD69FA839011EAB5B82263C4F9AE02.roa
Signing time: Fri 20 Dec 2024 20:09:27 +0000
ROA not before: Fri 20 Dec 2024 20:09:27 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 18106
IP address blocks: 96.9.160.0/20 maxlen: 20
132.147.64.0/18 maxlen: 18
132.147.112.0/24 maxlen: 24
132.147.113.0/24 maxlen: 24
132.147.114.0/24 maxlen: 24
132.147.116.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2419 (0x973)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9195BA9/serialNumber=2245AD91543ADDAD78123DD415D659BB52D5FB62
Validity
Not Before: Dec 20 20:09:27 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6765cef6-2b73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:03:1b:31:2e:38:48:0a:f1:81:bc:cd:20:91:
39:f7:7f:2e:d4:06:80:d2:7d:b5:b5:e0:50:44:13:
fe:18:23:1b:73:4d:fb:6f:cd:21:20:8a:4b:41:9e:
95:16:6f:02:86:c9:55:99:db:92:bd:f6:e1:51:48:
10:9d:aa:8a:80:88:14:65:a7:9c:a7:58:10:8d:66:
17:7c:d1:d1:c4:a7:bf:9b:13:f4:b0:80:90:f3:18:
0b:bf:e0:fb:c0:69:fd:b3:a7:b5:47:33:d5:35:24:
18:77:96:78:70:f9:bd:88:80:38:ba:a6:7b:e1:2b:
77:94:63:0f:d0:e3:6a:88:a1:c9:d5:84:48:00:80:
41:eb:3f:d0:97:b3:f0:8f:64:99:6a:35:72:63:d4:
a2:23:dd:ba:95:56:d0:5f:52:79:fd:1a:00:55:82:
bc:1e:93:e2:63:b2:6f:59:da:98:03:85:b9:31:81:
b9:75:e6:4a:1d:3d:3f:e7:64:c5:87:7b:b7:05:f9:
8e:17:d4:ab:7c:03:a7:a7:ba:bc:7f:21:f6:51:9a:
ea:1b:71:34:0c:4f:38:6d:e1:7a:1f:d3:11:86:7e:
50:66:14:2e:6d:ae:69:47:09:70:e9:fd:68:37:cc:
24:37:3a:c8:ee:04:15:59:a1:e8:d3:83:34:01:74:
7e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:57:C5:53:6F:37:E4:2E:94:E4:42:4A:AF:0E:4A:CF:79:AB:F2:F7
X509v3 Authority Key Identifier:
keyid:22:45:AD:91:54:3A:DD:AD:78:12:3D:D4:15:D6:59:BB:52:D5:FB:62
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9195BA9/D891478C838E11EA8CEA0960C4F9AE02/IkWtkVQ63a14Ej3UFdZZu1LV-2I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IkWtkVQ63a14Ej3UFdZZu1LV-2I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9195BA9/D891478C838E11EA8CEA0960C4F9AE02/54DD69FA839011EAB5B82263C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
96.9.160.0/20
132.147.64.0/18
Signature Algorithm: sha256WithRSAEncryption
66:35:0a:15:03:40:07:7c:03:6f:45:cb:97:ea:38:40:9c:09:
bd:8a:fb:c8:0f:89:be:21:c4:87:53:10:e4:e7:dc:90:ee:b7:
3e:fd:97:d5:74:33:b4:73:69:48:9c:7d:94:3f:e3:a5:2f:a7:
20:22:f7:e7:3f:d0:5b:d9:77:25:79:d3:1d:e9:98:c0:37:99:
9a:6b:88:65:88:f6:04:d2:55:f5:6b:b0:e5:52:e2:48:69:e7:
b4:d8:34:17:57:da:1e:03:23:9a:02:fd:a1:51:4a:e1:c1:e7:
0c:ff:dc:c7:a9:53:07:0f:05:19:89:00:0d:ea:1e:ac:b2:a5:
22:23:d3:52:e9:1a:0a:ab:da:37:02:dd:94:11:c7:a3:fb:aa:
73:19:e3:9f:49:25:28:87:0c:66:37:c2:7b:a9:ad:a5:3b:ed:
14:c3:8e:44:d0:19:2b:16:45:54:0f:82:95:2c:b1:5d:39:e4:
ca:38:05:9d:c2:72:d0:b3:45:9c:1f:86:04:81:1b:2e:eb:44:
b5:09:61:c2:aa:a5:13:d9:8e:7a:dc:62:64:89:cc:48:c6:52:
9e:3f:d1:c0:6b:b5:f6:90:48:d7:b5:2b:06:3d:0c:92:c4:ae:
02:e2:6f:80:ab:41:21:23:3a:27:c1:8b:fb:1c:cc:49:42:68:
b6:3d:a0:56
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCXMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTVCQTkxMTAvBgNVBAUTKDIyNDVBRDkxNTQzQUREQUQ3ODEyM0RENDE1RDY1OUJC
NTJENUZCNjIwHhcNMjQxMjIwMjAwOTI3WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY1Y2VmNi0yYjczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzwMbMS44SArxgbzNIJE5938u1AaA0n21teBQRBP+GCMbc037b80hIIpLQZ6V
Fm8ChslVmduSvfbhUUgQnaqKgIgUZaecp1gQjWYXfNHRxKe/mxP0sICQ8xgLv+D7
wGn9s6e1RzPVNSQYd5Z4cPm9iIA4uqZ74St3lGMP0ONqiKHJ1YRIAIBB6z/Ql7Pw
j2SZajVyY9SiI926lVbQX1J5/RoAVYK8HpPiY7JvWdqYA4W5MYG5deZKHT0/52TF
h3u3BfmOF9SrfAOnp7q8fyH2UZrqG3E0DE84beF6H9MRhn5QZhQuba5pRwlw6f1o
N8wkNzrI7gQVWaHo04M0AXR+sQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCVXxVNv
N+QulORCSq8OSs95q/L3MB8GA1UdIwQYMBaAFCJFrZFUOt2teBI91BXWWbtS1fti
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NUJBOS9EODkxNDc4Qzgz
OEUxMUVBOENFQTA5NjBDNEY5QUUwMi9Ja1d0a1ZRNjNhMTRFajNVRmRaWnUxTFYt
MkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0lrV3RrVlE2M2ExNEVqM1VGZFpadTFMVi0ySS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTVCQTkvRDg5MTQ3OEM4MzhFMTFFQThDRUEwOTYwQzRGOUFFMDIvNTRERDY5RkE4
MzkwMTFFQUI1QjgyMjYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBARgCaADBAaEk0AwDQYJKoZIhvcNAQELBQADggEBAGY1ChUD
QAd8A29Fy5fqOECcCb2K+8gPib4hxIdTEOTn3JDutz79l9V0M7RzaUicfZQ/46Uv
pyAi9+c/0FvZdyV50x3pmMA3mZpriGWI9gTSVfVrsOVS4khp57TYNBdX2h4DI5oC
/aFRSuHB5wz/3MepUwcPBRmJAA3qHqyypSIj01LpGgqr2jcC3ZQRx6P7qnMZ459J
JSiHDGY3wnupraU77RTDjkTQGSsWRVQPgpUssV055Mo4BZ3CctCzRZwfhgSBGy7r
RLUJYcKqpRPZjnrcYmSJzEjGUp4/0cBrtfaQSNe1KwY9DJLErgLib4CrQSEjOifB
i/sczElCaLY9oFY=
-----END CERTIFICATE-----
Generated at Sat Apr 26 10:21:33 2025 by rpki-client