Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/3130A9B4681011EEB552C65BC4F9AE02.roa
File: 3130A9B4681011EEB552C65BC4F9AE02.roa (raw, json)
Hash identifier: dXngOtAcFhvArc3Tgv9HMRYfy3lpLyOKuQ2Q99Bv4cI=
Subject key identifier: 0C:AF:DB:10:D0:88:12:E2:3F:9E:54:F0:6D:1F:68:C3:A5:3C:7D:40
Certificate issuer: /CN=A918C661/serialNumber=8BF7E2930CFC6EEB916E7390F893E0100BA93B32
Certificate serial: 099B
Authority key identifier: 8B:F7:E2:93:0C:FC:6E:EB:91:6E:73:90:F8:93:E0:10:0B:A9:3B:32
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i_fikwz8buuRbnOQ-JPgEAupOzI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/3130A9B4681011EEB552C65BC4F9AE02.roa
Signing time: Wed 06 Nov 2024 20:09:48 +0000
ROA not before: Wed 06 Nov 2024 20:09:48 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 64050
IP address blocks: 134.122.128.0/17 maxlen: 24
137.220.128.0/17 maxlen: 24
143.92.32.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2459 (0x99b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C661
Validity
Not Before: Nov 6 20:09:48 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=672bcd0c-1abd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2f:25:59:f5:a0:56:aa:02:34:ef:71:29:f0:
a0:13:a9:c3:e0:13:c8:19:e6:b2:7a:c9:50:39:68:
90:36:6a:16:63:3e:8d:66:7b:cb:12:3a:98:38:01:
1e:02:96:1a:4a:f0:13:46:c6:be:f2:e0:fe:76:0e:
af:bb:22:2e:34:b1:61:2e:78:18:2e:1d:4c:2d:3b:
39:40:48:b5:25:d9:75:fd:66:62:78:f6:52:93:ea:
f9:4d:c2:b6:6f:a8:98:50:a5:0f:3d:1f:f1:cd:de:
83:00:28:d6:b6:71:85:8a:1f:e8:e8:8c:c5:4c:4d:
e7:4f:4f:bb:47:ff:88:82:f6:bc:eb:37:a9:ee:eb:
e1:02:bc:28:d5:2f:e8:9f:5f:e8:1c:48:7e:4f:38:
be:cc:25:19:91:9b:d5:f9:fe:7c:e9:0f:73:50:44:
56:9a:d1:f1:1b:75:43:be:0e:a8:d1:28:b1:0d:6b:
2d:1d:5b:a7:4c:ef:b3:ea:c3:34:a2:37:74:12:95:
10:39:be:a1:f1:a9:b2:b9:f5:4e:d7:56:33:05:3d:
dd:db:3a:43:f3:d3:2f:54:5c:63:d6:e6:6b:f4:77:
e7:5e:2c:51:13:2e:bb:8d:b5:85:58:de:cb:ed:1e:
b8:6e:9e:1f:d9:e4:f8:7b:39:86:ef:bd:9e:ec:34:
90:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:AF:DB:10:D0:88:12:E2:3F:9E:54:F0:6D:1F:68:C3:A5:3C:7D:40
X509v3 Authority Key Identifier:
keyid:8B:F7:E2:93:0C:FC:6E:EB:91:6E:73:90:F8:93:E0:10:0B:A9:3B:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/i_fikwz8buuRbnOQ-JPgEAupOzI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i_fikwz8buuRbnOQ-JPgEAupOzI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/3130A9B4681011EEB552C65BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
134.122.128.0/17
137.220.128.0/17
143.92.32.0/19
Signature Algorithm: sha256WithRSAEncryption
44:c9:33:77:b4:d9:81:39:92:13:d1:57:a9:b9:7d:13:e9:4c:
f6:4b:ab:58:09:3e:83:e4:10:c0:ab:a6:2c:1e:7d:67:c3:71:
b5:aa:70:b1:cc:1c:96:f0:21:e5:54:a7:33:11:c2:8c:19:70:
9d:f0:b9:4b:78:e5:46:69:b1:a0:b7:15:a9:b7:f1:c9:4a:91:
41:74:34:97:80:1b:31:6c:20:cc:96:f8:84:ec:91:7d:2c:c2:
a1:b9:05:14:f3:92:18:02:d1:ab:77:ac:8c:1a:5b:2b:6d:be:
5d:c2:45:e7:02:e8:e6:a0:0d:5c:4e:b6:d8:80:19:2d:21:ad:
a0:7b:52:6f:a7:19:e3:76:1d:af:3a:a9:aa:68:44:bc:95:de:
39:51:a8:e0:37:0b:44:b4:b7:5e:75:1f:fd:c8:81:82:d3:97:
5f:d9:00:77:fd:9e:79:41:92:b4:3f:ed:c0:79:b6:25:fb:69:
1c:55:09:b8:16:65:f8:f8:24:ab:5f:7a:d1:29:07:e7:f9:4c:
13:2b:13:da:4d:f4:2a:ec:ee:3b:95:42:5d:d6:fb:31:e8:d4:
0f:9f:69:31:f2:61:cd:96:ef:73:49:8c:03:1a:dc:fc:5c:f4:
64:d1:ba:0e:7f:27:1a:df:8c:76:a0:9e:a9:fd:13:6c:9e:94:
33:34:9e:62
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICCZswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEM2NjExMTAvBgNVBAUTKDhCRjdFMjkzMENGQzZFRUI5MTZFNzM5MEY4OTNFMDEw
MEJBOTNCMzIwHhcNMjQxMTA2MjAwOTQ4WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJiY2QwYy0xYWJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsS8lWfWgVqoCNO9xKfCgE6nD4BPIGeayeslQOWiQNmoWYz6NZnvLEjqYOAEe
ApYaSvATRsa+8uD+dg6vuyIuNLFhLngYLh1MLTs5QEi1Jdl1/WZiePZSk+r5TcK2
b6iYUKUPPR/xzd6DACjWtnGFih/o6IzFTE3nT0+7R/+Igva86zep7uvhArwo1S/o
n1/oHEh+Tzi+zCUZkZvV+f586Q9zUERWmtHxG3VDvg6o0SixDWstHVunTO+z6sM0
ojd0EpUQOb6h8amyufVO11YzBT3d2zpD89MvVFxj1uZr9HfnXixREy67jbWFWN7L
7R64bp4f2eT4ezmG772e7DSQZwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFAyv2xDQ
iBLiP55U8G0faMOlPH1AMB8GA1UdIwQYMBaAFIv34pMM/G7rkW5zkPiT4BALqTsy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzY2MS8wNEFBQjI5RTgz
NkQxMUVBQjRBMkQ3NkRDNEY5QUUwMi9pX2Zpa3d6OGJ1dVJibk9RLUpQZ0VBdXBP
ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lfZmlrd3o4YnV1UmJuT1EtSlBnRUF1cE96SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEM2NjEvMDRBQUIyOUU4MzZEMTFFQUI0QTJENzZEQzRGOUFFMDIvMzEzMEE5QjQ2
ODEwMTFFRUI1NTJDNjVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAeGeoADBAeJ3IADBAWPXCAwDQYJKoZIhvcNAQELBQADggEB
AETJM3e02YE5khPRV6m5fRPpTPZLq1gJPoPkEMCrpiwefWfDcbWqcLHMHJbwIeVU
pzMRwowZcJ3wuUt45UZpsaC3Fam38clKkUF0NJeAGzFsIMyW+ITskX0swqG5BRTz
khgC0at3rIwaWyttvl3CRecC6OagDVxOttiAGS0hraB7Um+nGeN2Ha86qapoRLyV
3jlRqOA3C0S0t151H/3IgYLTl1/ZAHf9nnlBkrQ/7cB5tiX7aRxVCbgWZfj4JKtf
etEpB+f5TBMrE9pN9Crs7juVQl3W+zHo1A+faTHyYc2W73NJjAMa3Pxc9GTRug5/
JxrfjHagnqn9E2yelDM0nmI=
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:32:21 2025 by rpki-client