Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/B969D2D0BA4A11EC90B53115C4F9AE02.roa
File: B969D2D0BA4A11EC90B53115C4F9AE02.roa (raw, json)
Hash identifier: kCVXgcVyC3mGVdPkmV42EUSht4RHcewllIn6s7mcD00=
Subject key identifier: 01:52:A0:00:49:DA:9D:0B:18:8B:FC:C1:20:A9:07:56:BF:3E:CD:9D
Certificate issuer: /CN=A91EA9BD/serialNumber=DA4B5C2123BA9D0F802378DADDD4801B5670A3ED
Certificate serial: 133E
Authority key identifier: DA:4B:5C:21:23:BA:9D:0F:80:23:78:DA:DD:D4:80:1B:56:70:A3:ED
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/B969D2D0BA4A11EC90B53115C4F9AE02.roa
Signing time: Sun 04 Aug 2024 15:51:46 +0000
ROA not before: Sun 04 Aug 2024 15:51:46 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 58664
IP address blocks: 130.248.113.0/24 maxlen: 24
130.248.115.0/24 maxlen: 24
130.248.126.0/23 maxlen: 23
130.248.126.0/24 maxlen: 24
130.248.127.0/24 maxlen: 24
192.150.16.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4926 (0x133e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA9BD/serialNumber=DA4B5C2123BA9D0F802378DADDD4801B5670A3ED
Validity
Not Before: Aug 4 15:51:46 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66afa392-8ec4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:99:ec:39:2b:cd:fc:41:c9:61:f1:62:5e:5e:
d8:07:71:8d:e7:22:8d:06:f7:87:0a:2c:bd:36:80:
cb:40:1a:61:f3:ba:1c:0b:28:f0:1d:88:af:57:93:
2d:bd:42:20:44:82:ee:3e:8e:a6:d8:04:e9:96:95:
e4:54:05:7a:0b:3f:8e:b0:21:df:a1:33:e0:ca:73:
8d:5c:1a:8d:64:b1:c1:e0:11:13:c6:e2:72:e9:6c:
9d:6b:20:f2:79:2b:58:10:41:ad:89:38:c4:b3:b0:
19:fd:c3:c1:57:9f:1d:25:86:ec:4b:a7:49:75:39:
e2:a9:a4:8c:8c:22:fb:91:cc:69:40:97:ba:4f:df:
af:f3:6e:fa:5c:fe:59:05:3e:8d:e1:96:53:4c:12:
2c:04:4d:b9:b1:c6:98:ba:4b:62:08:72:2e:63:39:
98:b0:42:43:f1:be:99:ed:6e:ee:b0:e7:d8:fe:d6:
a3:99:7a:78:28:d9:bd:7e:74:9b:f6:54:18:7d:32:
d3:5d:d8:8c:0f:10:e6:c0:8a:5c:94:46:90:9a:74:
31:48:0d:11:e2:d8:0f:33:84:86:4c:fd:24:c8:36:
2a:37:0c:ed:ad:32:78:de:f5:34:4a:5f:db:59:1a:
c5:54:10:42:b0:4a:b1:45:db:13:6d:91:6c:eb:ff:
37:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:52:A0:00:49:DA:9D:0B:18:8B:FC:C1:20:A9:07:56:BF:3E:CD:9D
X509v3 Authority Key Identifier:
keyid:DA:4B:5C:21:23:BA:9D:0F:80:23:78:DA:DD:D4:80:1B:56:70:A3:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/B969D2D0BA4A11EC90B53115C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
130.248.113.0/24
130.248.115.0/24
130.248.126.0/23
192.150.16.0/24
Signature Algorithm: sha256WithRSAEncryption
17:a7:51:81:07:f6:52:e1:1b:89:5b:4f:0e:52:30:db:b0:f1:
85:d2:aa:f8:74:a0:fc:68:7f:a4:fc:b5:f6:f0:cf:44:1a:df:
fb:c8:3a:cd:19:36:6d:c7:ca:50:82:14:97:2b:58:fe:e5:0f:
e1:b1:a4:3f:f9:6a:c7:50:de:8a:61:c6:9f:1e:8b:39:a6:70:
a5:af:b5:f1:a8:dc:cc:5b:e4:8a:da:53:7a:c5:a3:3d:4e:e4:
19:da:bf:be:56:9d:7c:7c:2d:8b:2d:64:d3:ef:6e:07:80:d5:
a8:ef:8b:00:ab:0e:e2:59:6a:f6:e8:3b:63:4b:28:cd:58:1b:
45:ed:2a:95:29:0e:bb:ba:42:42:eb:8b:9a:42:ea:96:23:57:
1f:2b:5e:85:8a:d7:b0:63:ed:27:a5:4e:70:80:43:31:78:35:
57:8f:a8:08:28:fe:8c:60:ee:4b:ab:00:be:7a:fc:b6:88:71:
4b:d4:3c:ca:85:45:7a:f6:60:8e:a0:f5:d0:55:d8:0e:d7:57:
22:99:ae:7a:42:54:bc:eb:60:90:4b:52:1f:b6:55:44:d4:9e:
d7:c8:f1:95:c3:70:83:31:67:11:45:52:3a:d7:1d:8d:35:66:
36:c1:a8:04:8f:0a:52:49:12:11:ac:26:96:5d:f2:b9:b3:24:
77:95:b3:ab
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEz4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE5QkQxMTAvBgNVBAUTKERBNEI1QzIxMjNCQTlEMEY4MDIzNzhEQURERDQ4MDFC
NTY3MEEzRUQwHhcNMjQwODA0MTU1MTQ2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFmYTM5Mi04ZWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4JnsOSvN/EHJYfFiXl7YB3GN5yKNBveHCiy9NoDLQBph87ocCyjwHYivV5Mt
vUIgRILuPo6m2ATplpXkVAV6Cz+OsCHfoTPgynONXBqNZLHB4BETxuJy6WydayDy
eStYEEGtiTjEs7AZ/cPBV58dJYbsS6dJdTniqaSMjCL7kcxpQJe6T9+v8276XP5Z
BT6N4ZZTTBIsBE25scaYuktiCHIuYzmYsEJD8b6Z7W7usOfY/tajmXp4KNm9fnSb
9lQYfTLTXdiMDxDmwIpclEaQmnQxSA0R4tgPM4SGTP0kyDYqNwztrTJ43vU0Sl/b
WRrFVBBCsEqxRdsTbZFs6/83OQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFAFSoABJ
2p0LGIv8wSCpB1a/Ps2dMB8GA1UdIwQYMBaAFNpLXCEjup0PgCN42t3UgBtWcKPt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTlCRC8wNzQ5NTg5MDkx
ODIxMUU4OTFDNEVDMTBDNEY5QUUwMi8ya3RjSVNPNm5RLUFJM2phM2RTQUcxWndv
LTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzJrdGNJU082blEtQUkzamEzZFNBRzFad28tMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUE5QkQvMDc0OTU4OTA5MTgyMTFFODkxQzRFQzEwQzRGOUFFMDIvQjk2OUQyRDBC
QTRBMTFFQzkwQjUzMTE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBACC+HEDBACC+HMDBAGC+H4DBADAlhAwDQYJKoZIhvcNAQEL
BQADggEBABenUYEH9lLhG4lbTw5SMNuw8YXSqvh0oPxof6T8tfbwz0Qa3/vIOs0Z
Nm3HylCCFJcrWP7lD+GxpD/5asdQ3ophxp8eizmmcKWvtfGo3Mxb5IraU3rFoz1O
5Bnav75WnXx8LYstZNPvbgeA1ajviwCrDuJZavboO2NLKM1YG0XtKpUpDru6QkLr
i5pC6pYjVx8rXoWK17Bj7SelTnCAQzF4NVePqAgo/oxg7kurAL56/LaIcUvUPMqF
RXr2YI6g9dBV2A7XVyKZrnpCVLzrYJBLUh+2VUTUntfI8ZXDcIMxZxFFUjrXHY01
ZjbBqASPClJJEhGsJpZd8rmzJHeVs6s=
-----END CERTIFICATE-----
Generated at Sun Apr 27 18:10:00 2025 by rpki-client