Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/A08AFBB284F211EE89828225C4F9AE02.roa
File: A08AFBB284F211EE89828225C4F9AE02.roa (raw, json)
Hash identifier: o0/UmqHBu35TkHikAhbVdhXHi+7hDM8lM9U+g+mEr/c=
Subject key identifier: 6F:BC:68:7F:5E:BA:0B:1C:AF:35:AC:20:CB:3E:3E:53:48:C4:AB:C8
Certificate issuer: /CN=A91406AA/serialNumber=218A8AA050267B0805E3FDC8A939BF8FBCB00101
Certificate serial: 0623
Authority key identifier: 21:8A:8A:A0:50:26:7B:08:05:E3:FD:C8:A9:39:BF:8F:BC:B0:01:01
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/A08AFBB284F211EE89828225C4F9AE02.roa
Signing time: Mon 14 Oct 2024 22:52:33 +0000
ROA not before: Mon 14 Oct 2024 22:52:33 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 9790
IP address blocks: 131.203.0.0/16 maxlen: 20
131.203.29.0/24 maxlen: 24
131.203.48.0/24 maxlen: 24
131.203.49.0/24 maxlen: 24
131.203.78.0/24 maxlen: 24
131.203.79.0/24 maxlen: 24
151.210.224.0/20 maxlen: 24
158.140.224.0/20 maxlen: 24
158.140.240.0/21 maxlen: 24
158.140.248.0/22 maxlen: 24
161.29.0.0/16 maxlen: 20
161.65.0.0/19 maxlen: 20
161.65.64.0/18 maxlen: 22
161.65.128.0/19 maxlen: 19
161.65.192.0/18 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1571 (0x623)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91406AA
Validity
Not Before: Oct 14 22:52:33 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=670da0b1-8908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:37:83:ee:f5:fb:eb:90:8d:67:85:d9:60:2b:
e2:1c:70:5b:5c:f2:ec:76:9e:9f:33:d5:ca:b4:b0:
0f:ea:c0:71:69:8e:84:70:6f:c1:fb:73:ac:24:cf:
6a:19:64:52:0e:20:d3:7d:fa:fd:ae:3c:5b:02:88:
7a:2a:bb:da:07:05:70:47:f2:6d:d5:99:9e:6e:20:
7d:88:10:96:8b:67:81:73:a6:e6:80:bf:57:fc:47:
58:e4:d7:3a:de:ba:55:67:bd:75:3b:31:cc:26:62:
ef:9a:5b:d6:71:4b:3e:73:20:2b:36:5b:ff:89:82:
32:e7:d4:03:41:6e:25:ca:ac:8a:f1:ea:1b:de:27:
09:52:d7:7b:cc:2d:69:bb:d9:73:a8:df:f2:08:f4:
3b:b6:95:cb:3a:93:07:7b:2a:f3:4c:c5:db:65:ec:
d2:38:e4:af:90:b7:10:e1:fa:63:5d:df:e2:2e:8b:
ec:d6:25:ef:1f:67:4c:4c:3d:48:c5:02:ce:f6:f8:
50:0c:7b:f5:19:e4:21:85:f6:cf:cf:51:c7:0f:f0:
39:42:44:17:e4:4b:fd:fa:86:fc:a0:f6:48:3b:c2:
05:50:f4:9e:df:6a:4c:e7:8a:da:7b:7e:2d:30:ac:
00:4e:52:19:1a:64:93:40:55:39:f3:4d:d2:6b:44:
f9:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:BC:68:7F:5E:BA:0B:1C:AF:35:AC:20:CB:3E:3E:53:48:C4:AB:C8
X509v3 Authority Key Identifier:
keyid:21:8A:8A:A0:50:26:7B:08:05:E3:FD:C8:A9:39:BF:8F:BC:B0:01:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/A08AFBB284F211EE89828225C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
131.203.0.0/16
151.210.224.0/20
158.140.224.0-158.140.251.255
161.29.0.0/16
161.65.0.0/19
161.65.64.0-161.65.159.255
161.65.192.0/18
Signature Algorithm: sha256WithRSAEncryption
9e:2b:43:af:aa:7d:6d:b9:10:9b:0a:76:2a:de:d6:f8:1b:c5:
6c:d6:a4:f9:51:fd:b4:0e:4d:05:b5:6f:c2:82:56:54:23:79:
be:dc:fd:7a:ff:49:10:fc:57:d1:11:61:8d:cf:2c:78:fb:52:
51:04:5e:0e:ab:8a:a0:62:13:57:53:47:2f:de:29:f3:3b:59:
39:2d:8f:e7:cd:2d:85:2d:78:9b:cc:85:5d:51:45:dd:e6:96:
a2:9b:0a:92:5e:59:eb:46:0c:30:d1:cc:7e:66:a8:75:db:2b:
70:e7:54:8b:5a:84:5b:ef:1f:1f:e9:b4:df:6b:bd:67:01:dd:
81:c0:dd:d5:9c:53:10:9b:5b:4e:0b:c0:7b:7f:e7:36:8f:81:
0a:cb:ee:d9:1c:71:64:f2:04:3a:82:43:b6:7e:5d:9a:2b:0b:
47:82:55:b4:bf:db:dc:24:d9:ff:9c:3b:52:4f:90:45:c5:96:
34:aa:8b:36:f3:a0:74:00:bf:56:50:32:03:18:bf:10:eb:83:
75:a9:3c:ed:01:36:e8:d9:e0:87:e0:e3:9a:97:ac:b5:60:a6:
0a:7c:8a:e2:1b:3f:b6:0d:f6:36:35:df:8c:4a:7e:b5:4b:38:
cf:b1:88:eb:bc:3a:99:be:8f:c8:e8:5f:2b:8e:88:db:ec:93:
ce:2b:9b:d0
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgICBiMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDA2QUExMTAvBgNVBAUTKDIxOEE4QUEwNTAyNjdCMDgwNUUzRkRDOEE5MzlCRjhG
QkNCMDAxMDEwHhcNMjQxMDE0MjI1MjMzWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzBkYTBiMS04OTA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtjeD7vX765CNZ4XZYCviHHBbXPLsdp6fM9XKtLAP6sBxaY6EcG/B+3OsJM9q
GWRSDiDTffr9rjxbAoh6KrvaBwVwR/Jt1ZmebiB9iBCWi2eBc6bmgL9X/EdY5Nc6
3rpVZ711OzHMJmLvmlvWcUs+cyArNlv/iYIy59QDQW4lyqyK8eob3icJUtd7zC1p
u9lzqN/yCPQ7tpXLOpMHeyrzTMXbZezSOOSvkLcQ4fpjXd/iLovs1iXvH2dMTD1I
xQLO9vhQDHv1GeQhhfbPz1HHD/A5QkQX5Ev9+ob8oPZIO8IFUPSe32pM54rae34t
MKwATlIZGmSTQFU5803Sa0T58wIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFG+8aH9e
ugscrzWsIMs+PlNIxKvIMB8GA1UdIwQYMBaAFCGKiqBQJnsIBeP9yKk5v4+8sAEB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84NjU4RTQ2Njg2
QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9JWXFLb0ZBbWV3Z0Y0XzNJcVRtX2o3eXdB
UUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0lZcUtvRkFtZXdnRjRfM0lxVG1fajd5d0FRRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDA2QUEvODY1OEU0NjY4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvQTA4QUZCQjI4
NEYyMTFFRTg5ODI4MjI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUQYIKwYBBQUHAQcBAf8E
QjBAMD4EAgABMDgDAwCDywMEBJfS4DAMAwQFnozgAwQCnoz4AwMAoR0DBAWhQQAw
DAMEBqFBQAMEBaFBgAMEBqFBwDANBgkqhkiG9w0BAQsFAAOCAQEAnitDr6p9bbkQ
mwp2Kt7W+BvFbNak+VH9tA5NBbVvwoJWVCN5vtz9ev9JEPxX0RFhjc8sePtSUQRe
DquKoGITV1NHL94p8ztZOS2P580thS14m8yFXVFF3eaWopsKkl5Z60YMMNHMfmao
ddsrcOdUi1qEW+8fH+m032u9ZwHdgcDd1ZxTEJtbTgvAe3/nNo+BCsvu2RxxZPIE
OoJDtn5dmisLR4JVtL/b3CTZ/5w7Uk+QRcWWNKqLNvOgdAC/VlAyAxi/EOuDdak8
7QE26Nngh+DjmpestWCmCnyK4hs/tg32NjXfjEp+tUs4z7GI67w6mb6PyOhfK46I
2+yTziub0A==
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:41:31 2025 by rpki-client