Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/66F91334ED4911ED9A90391BC4F9AE02.roa
File: 66F91334ED4911ED9A90391BC4F9AE02.roa (raw, json)
Hash identifier: 4M2o1uWpD8HZNRKume3UqAzLmAnLuLXQtM8OeJIWFiY=
Subject key identifier: 13:36:22:4D:93:1B:E8:86:F5:40:55:E6:F2:94:73:8C:BB:98:E6:24
Certificate issuer: /CN=A917E4BA/serialNumber=3C6EC09B095FA5F513615108A5447CACB71AB1A1
Certificate serial: 0A60
Authority key identifier: 3C:6E:C0:9B:09:5F:A5:F5:13:61:51:08:A5:44:7C:AC:B7:1A:B1:A1
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PG7AmwlfpfUTYVEIpUR8rLcasaE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/66F91334ED4911ED9A90391BC4F9AE02.roa
Signing time: Fri 06 Dec 2024 19:38:39 +0000
ROA not before: Fri 06 Dec 2024 19:38:39 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 9650
IP address blocks: 131.242.0.0/16 maxlen: 16
131.242.21.0/24 maxlen: 24
131.242.22.0/24 maxlen: 24
131.242.23.0/24 maxlen: 24
131.242.26.0/24 maxlen: 24
131.242.30.0/24 maxlen: 24
131.242.132.0/24 maxlen: 24
131.242.144.0/22 maxlen: 22
131.242.176.0/20 maxlen: 20
131.242.230.0/24 maxlen: 24
131.242.231.0/24 maxlen: 24
147.132.0.0/16 maxlen: 16
161.143.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2656 (0xa60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E4BA
Validity
Not Before: Dec 6 19:38:39 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=675352bf-3e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:09:9e:9c:de:0b:e1:f5:eb:ac:0e:28:e1:d6:
3d:73:49:ba:64:97:2b:71:bd:60:d9:c1:45:f6:37:
a3:39:5c:0d:b4:d1:0a:a5:04:4d:64:23:da:81:32:
03:e1:48:68:96:16:01:de:9f:97:6f:9c:bf:fd:69:
93:cc:96:d3:e1:8f:9d:86:df:23:05:4d:35:09:60:
40:3e:f3:e9:d4:20:ab:f8:02:77:2c:80:51:68:6d:
8a:03:a0:7a:52:5f:70:dd:ba:29:93:f0:2f:c9:c5:
99:af:24:21:8f:e9:57:44:b2:8f:2f:24:89:5b:40:
0c:62:a9:a1:12:f7:df:b4:b4:eb:d0:8d:38:63:a2:
5c:7c:3b:b2:1e:33:3a:46:cd:c6:9e:d6:56:dd:1e:
b0:e0:4c:f0:ff:55:fa:4e:e0:65:6a:f6:37:19:5d:
be:26:7d:af:92:5f:02:ca:03:ac:2a:90:01:4e:41:
f8:c4:c7:a9:69:8a:93:03:fe:be:61:3f:7a:04:79:
8c:3a:9e:d7:b7:55:66:df:c2:5f:cd:7a:d9:96:ec:
27:a9:b2:be:63:44:04:a0:14:eb:a5:1e:25:94:1f:
9a:5a:10:e0:79:9a:51:2b:44:9d:d6:0c:6c:ce:b7:
1d:ed:d1:2b:51:61:b7:0a:2e:7f:c2:9c:05:a4:1f:
52:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:36:22:4D:93:1B:E8:86:F5:40:55:E6:F2:94:73:8C:BB:98:E6:24
X509v3 Authority Key Identifier:
keyid:3C:6E:C0:9B:09:5F:A5:F5:13:61:51:08:A5:44:7C:AC:B7:1A:B1:A1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/PG7AmwlfpfUTYVEIpUR8rLcasaE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PG7AmwlfpfUTYVEIpUR8rLcasaE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/66F91334ED4911ED9A90391BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
131.242.0.0/16
147.132.0.0/16
161.143.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a1:44:8f:11:c1:10:6d:c0:9e:a8:76:08:1d:b0:c6:2c:26:ed:
ac:23:55:74:42:76:5b:4d:27:03:7c:9b:65:0f:8d:0a:6e:47:
4f:4d:1a:8c:98:75:3a:75:51:8a:00:c9:a6:8b:38:f3:ee:1f:
8c:ee:1a:69:bb:6a:76:f5:85:d4:a3:98:0d:7f:70:85:3f:e7:
b1:bb:73:62:dd:fc:10:84:b5:31:8a:8d:48:dc:99:b6:87:cd:
e3:65:8c:a0:5e:86:c0:ef:71:92:a8:aa:7b:2f:d3:16:bf:e1:
3c:0e:de:1b:02:21:12:8a:c6:f0:21:74:57:21:42:be:e9:48:
16:4a:f2:8d:d5:05:31:7c:9c:e9:ee:fe:b0:ce:a6:44:7b:34:
75:b5:e0:d6:7e:51:84:a3:50:c7:30:21:c0:ad:1b:8b:9b:d0:
63:ee:bc:be:5e:dc:02:89:53:76:6f:5a:27:25:60:a0:62:72:
45:d8:ac:6b:db:6e:58:fb:d5:f6:2f:10:08:35:c3:a4:1f:85:
70:7a:ce:d0:80:b4:0c:52:02:4a:cc:57:ea:1b:9b:0f:7f:98:
7f:10:ed:b4:ad:fa:47:f8:29:38:14:b1:03:70:4e:7b:ee:44:
62:91:f5:c6:15:83:0c:c4:19:96:4c:ca:0e:ca:78:8d:0d:73:
6b:0b:70:1e
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgICCmAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0U0QkExMTAvBgNVBAUTKDNDNkVDMDlCMDk1RkE1RjUxMzYxNTEwOEE1NDQ3Q0FD
QjcxQUIxQTEwHhcNMjQxMjA2MTkzODM5WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUzNTJiZi0zZTIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxgmenN4L4fXrrA4o4dY9c0m6ZJcrcb1g2cFF9jejOVwNtNEKpQRNZCPagTID
4UholhYB3p+Xb5y//WmTzJbT4Y+dht8jBU01CWBAPvPp1CCr+AJ3LIBRaG2KA6B6
Ul9w3bopk/AvycWZryQhj+lXRLKPLySJW0AMYqmhEvfftLTr0I04Y6JcfDuyHjM6
Rs3GntZW3R6w4Ezw/1X6TuBlavY3GV2+Jn2vkl8CygOsKpABTkH4xMepaYqTA/6+
YT96BHmMOp7Xt1Vm38JfzXrZluwnqbK+Y0QEoBTrpR4llB+aWhDgeZpRK0Sd1gxs
zrcd7dErUWG3Ci5/wpwFpB9SQwIDAQABo4ICnjCCApowHQYDVR0OBBYEFBM2Ik2T
G+iG9UBV5vKUc4y7mOYkMB8GA1UdIwQYMBaAFDxuwJsJX6X1E2FRCKVEfKy3GrGh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTRCQS9DOTUyQUM5RTUy
REMxMUVBODI2MDFCMEZDNEY5QUUwMi9QRzdBbXdsZnBmVVRZVkVJcFVSOHJMY2Fz
YUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1BHN0Ftd2xmcGZVVFlWRUlwVVI4ckxjYXNhRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0U0QkEvQzk1MkFDOUU1MkRDMTFFQTgyNjAxQjBGQzRGOUFFMDIvNjZGOTEzMzRF
RDQ5MTFFRDlBOTAzOTFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKAYIKwYBBQUHAQcBAf8E
GTAXMBUEAgABMA8DAwCD8gMDAJOEAwMAoY8wDQYJKoZIhvcNAQELBQADggEBAKFE
jxHBEG3Anqh2CB2wxiwm7awjVXRCdltNJwN8m2UPjQpuR09NGoyYdTp1UYoAyaaL
OPPuH4zuGmm7anb1hdSjmA1/cIU/57G7c2Ld/BCEtTGKjUjcmbaHzeNljKBehsDv
cZKoqnsv0xa/4TwO3hsCIRKKxvAhdFchQr7pSBZK8o3VBTF8nOnu/rDOpkR7NHW1
4NZ+UYSjUMcwIcCtG4ub0GPuvL5e3AKJU3ZvWiclYKBickXYrGvbblj71fYvEAg1
w6QfhXB6ztCAtAxSAkrMV+obmw9/mH8Q7bSt+kf4KTgUsQNwTnvuRGKR9cYVgwzE
GZZMyg7KeI0Nc2sLcB4=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:22:42 2025 by rpki-client