Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C31A2/D476ED76357211EDAE977839C4F9AE02/94855EA0357711EDB81B8A34C4F9AE02.roa
File: 94855EA0357711EDB81B8A34C4F9AE02.roa (raw, json)
Hash identifier: IN+H6LUETq8W/dLs0PZX77bed7F0mQsx+AWJPeSHLek=
Subject key identifier: D5:CF:18:1A:A0:2A:F5:CD:2E:0B:25:E2:DF:1F:60:FB:63:D8:4C:4C
Certificate issuer: /CN=A91C31A2/serialNumber=40E58263972B9E24142BAA9B5AFA053481A3719E
Certificate serial: 01F6
Authority key identifier: 40:E5:82:63:97:2B:9E:24:14:2B:AA:9B:5A:FA:05:34:81:A3:71:9E
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QOWCY5crniQUK6qbWvoFNIGjcZ4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C31A2/D476ED76357211EDAE977839C4F9AE02/94855EA0357711EDB81B8A34C4F9AE02.roa
Signing time: Tue 21 Jan 2025 01:35:46 +0000
ROA not before: Tue 21 Jan 2025 01:35:46 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 63199
IP address blocks: 164.52.26.0/24 maxlen: 24
164.52.27.0/24 maxlen: 24
164.52.78.0/24 maxlen: 24
164.52.79.0/24 maxlen: 24
164.52.81.0/24 maxlen: 24
164.52.96.0/24 maxlen: 24
164.52.99.0/24 maxlen: 24
164.52.105.0/24 maxlen: 24
164.52.118.0/24 maxlen: 24
164.52.121.0/24 maxlen: 24
164.52.122.0/24 maxlen: 24
164.52.123.0/24 maxlen: 24
164.52.126.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 502 (0x1f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C31A2
Validity
Not Before: Jan 21 01:35:46 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=678ef9f2-3747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6c:9a:22:ed:56:16:a7:6f:89:20:85:89:83:
4b:da:a0:f6:3f:19:5b:16:2b:f7:70:fd:a3:75:7f:
a9:f8:88:98:53:7d:8a:9f:49:4d:af:6f:92:c9:42:
3f:15:bb:14:75:81:24:aa:87:2d:19:58:b7:71:95:
4c:89:ca:e6:b7:16:78:3c:c6:d8:87:a6:78:f0:88:
e6:9b:29:3f:f2:fd:d6:17:4e:a8:1d:e2:95:71:12:
00:7d:0f:3a:c9:90:51:a9:dc:ee:29:33:9e:ee:cb:
f7:f3:4a:bd:58:64:90:ba:86:67:74:8a:29:35:81:
9d:43:87:73:52:16:e7:82:84:0c:60:da:f9:de:e0:
e3:f6:58:5c:5f:9d:af:b5:bd:b6:10:ec:a6:61:72:
5e:c3:47:5f:31:f4:48:ee:ba:da:cf:4a:e9:10:7a:
ac:c3:48:36:d0:55:e1:e0:d5:5d:25:8c:98:87:f4:
eb:e7:0d:7c:e5:3c:56:f5:48:eb:27:2c:25:6d:02:
ef:a5:3a:b0:84:51:b8:e7:00:89:ed:25:4f:d4:72:
f4:da:4d:4f:80:dd:d0:fe:2d:7e:5f:e1:82:1f:f3:
b3:ab:d7:ab:5b:d2:55:a5:3c:b7:94:0e:10:d6:ad:
bd:47:18:ee:2a:2f:80:f1:27:38:6c:74:85:79:47:
52:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:CF:18:1A:A0:2A:F5:CD:2E:0B:25:E2:DF:1F:60:FB:63:D8:4C:4C
X509v3 Authority Key Identifier:
keyid:40:E5:82:63:97:2B:9E:24:14:2B:AA:9B:5A:FA:05:34:81:A3:71:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C31A2/D476ED76357211EDAE977839C4F9AE02/QOWCY5crniQUK6qbWvoFNIGjcZ4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QOWCY5crniQUK6qbWvoFNIGjcZ4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C31A2/D476ED76357211EDAE977839C4F9AE02/94855EA0357711EDB81B8A34C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
164.52.26.0/23
164.52.78.0/23
164.52.81.0/24
164.52.96.0/24
164.52.99.0/24
164.52.105.0/24
164.52.118.0/24
164.52.121.0-164.52.123.255
164.52.126.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:ac:55:b2:6a:3d:97:65:c5:8a:59:07:06:a6:a8:db:5e:5d:
57:3a:a0:25:20:75:e9:77:4c:e6:ee:6a:5b:95:2e:97:5c:f9:
4d:08:9c:4f:11:68:4c:54:08:d0:cb:1d:3f:9d:05:24:88:b7:
2f:e4:00:ba:3c:70:5a:b1:61:c4:89:f0:fb:3a:9e:56:a5:d0:
6b:1a:ed:3f:d9:6d:88:27:df:f6:f3:fa:56:e5:2f:51:cc:e1:
72:19:1d:39:64:0c:e9:10:76:11:ca:00:08:62:36:b8:e2:76:
9f:86:a0:0b:3c:ab:51:c9:62:e3:d1:b9:a4:b7:6b:b1:86:60:
71:ed:3f:54:8c:ef:57:87:59:58:a8:ef:d6:b4:44:4e:88:38:
18:6d:4b:de:df:d5:bf:51:d6:16:56:fa:21:b5:d7:76:4e:d4:
03:30:c4:ab:62:22:70:63:db:e4:94:24:f8:bf:13:de:f9:82:
60:3a:f0:60:4c:ea:7c:9d:1b:40:ce:bd:df:6d:d8:26:04:b3:
6b:ca:42:f5:c8:56:ed:1b:29:64:36:dd:ee:7e:12:13:00:13:
f3:ef:e6:39:3b:e4:10:b7:78:bf:b3:97:31:fd:6c:71:fc:de:
89:62:f3:1a:b3:2a:16:d8:d4:68:9e:21:c3:a0:35:21:ca:ee:
a2:9c:26:b0
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgICAfYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzMxQTIxMTAvBgNVBAUTKDQwRTU4MjYzOTcyQjlFMjQxNDJCQUE5QjVBRkEwNTM0
ODFBMzcxOUUwHhcNMjUwMTIxMDEzNTQ2WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhlZjlmMi0zNzQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyWyaIu1WFqdviSCFiYNL2qD2PxlbFiv3cP2jdX+p+IiYU32Kn0lNr2+SyUI/
FbsUdYEkqoctGVi3cZVMicrmtxZ4PMbYh6Z48Ijmmyk/8v3WF06oHeKVcRIAfQ86
yZBRqdzuKTOe7sv380q9WGSQuoZndIopNYGdQ4dzUhbngoQMYNr53uDj9lhcX52v
tb22EOymYXJew0dfMfRI7rraz0rpEHqsw0g20FXh4NVdJYyYh/Tr5w185TxW9Ujr
JywlbQLvpTqwhFG45wCJ7SVP1HL02k1PgN3Q/i1+X+GCH/Ozq9erW9JVpTy3lA4Q
1q29RxjuKi+A8Sc4bHSFeUdS4wIDAQABo4ICzTCCAskwHQYDVR0OBBYEFNXPGBqg
KvXNLgsl4t8fYPtj2ExMMB8GA1UdIwQYMBaAFEDlgmOXK54kFCuqm1r6BTSBo3Ge
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMzFBMi9ENDc2RUQ3NjM1
NzIxMUVEQUU5Nzc4MzlDNEY5QUUwMi9RT1dDWTVjcm5pUVVLNnFiV3ZvRk5JR2pj
WjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1FPV0NZNWNybmlRVUs2cWJXdm9GTklHamNaNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzMxQTIvRDQ3NkVENzYzNTcyMTFFREFFOTc3ODM5QzRGOUFFMDIvOTQ4NTVFQTAz
NTc3MTFFREI4MUI4QTM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVwYIKwYBBQUHAQcBAf8E
SDBGMEQEAgABMD4DBAGkNBoDBAGkNE4DBACkNFEDBACkNGADBACkNGMDBACkNGkD
BACkNHYwDAMEAKQ0eQMEAqQ0eAMEAaQ0fjANBgkqhkiG9w0BAQsFAAOCAQEAmqxV
smo9l2XFilkHBqao215dVzqgJSB16XdM5u5qW5Uul1z5TQicTxFoTFQI0MsdP50F
JIi3L+QAujxwWrFhxInw+zqeVqXQaxrtP9ltiCff9vP6VuUvUczhchkdOWQM6RB2
EcoACGI2uOJ2n4agCzyrUcli49G5pLdrsYZgce0/VIzvV4dZWKjv1rRETog4GG1L
3t/Vv1HWFlb6IbXXdk7UAzDEq2IicGPb5JQk+L8T3vmCYDrwYEzqfJ0bQM69323Y
JgSza8pC9chW7RspZDbd7n4SEwAT8+/mOTvkELd4v7OXMf1scfzeiWLzGrMqFtjU
aJ4hw6A1IcruopwmsA==
-----END CERTIFICATE-----
Generated at Fri Apr 11 19:00:27 2025 by rpki-client