Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E22E3/7AA8943E170C11EF94F17C14C4F9AE02/60E63D04171011EFA738EE2BC4F9AE02.roa
File: 60E63D04171011EFA738EE2BC4F9AE02.roa (raw, json)
Hash identifier: 0tGMxqd+nrlGxUWseUpDWpwKJjNQ5GQu0j7Ro3HieYk=
Subject key identifier: 53:8A:A9:86:85:33:EA:A1:AC:84:DE:9D:98:66:13:6F:B9:88:A9:CC
Certificate issuer: /CN=A91E22E3/serialNumber=B78E7FE3CB2D4B5A1EB928A690BC6579DF881BE9
Certificate serial: 90
Authority key identifier: B7:8E:7F:E3:CB:2D:4B:5A:1E:B9:28:A6:90:BC:65:79:DF:88:1B:E9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t45_48stS1oeuSimkLxled-IG-k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E22E3/7AA8943E170C11EF94F17C14C4F9AE02/60E63D04171011EFA738EE2BC4F9AE02.roa
Signing time: Fri 07 Feb 2025 05:08:41 +0000
ROA not before: Fri 07 Feb 2025 05:08:41 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 38495
IP address blocks: 166.65.180.0/22 maxlen: 22
166.65.180.0/23 maxlen: 23
166.65.182.0/23 maxlen: 23
166.65.184.0/21 maxlen: 21
166.65.184.0/22 maxlen: 22
166.65.188.0/22 maxlen: 22
166.65.192.0/21 maxlen: 21
166.65.192.0/22 maxlen: 22
166.65.196.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144 (0x90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E22E3
Validity
Not Before: Feb 7 05:08:41 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67a59558-382c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:14:5b:64:b7:5c:6d:dc:50:93:0e:b4:1f:8a:
22:df:b7:25:1f:4c:83:bc:7c:fa:6d:91:05:d6:aa:
ec:56:9d:1a:73:98:2f:a9:2c:24:ee:2f:8f:aa:a2:
21:58:f1:94:09:b6:b9:c6:60:18:f0:ae:b3:e5:2d:
7e:9d:ef:ee:3f:ea:eb:a5:26:68:b6:18:4b:d8:41:
40:84:cb:fe:40:48:23:21:96:0d:e6:80:4a:0f:96:
d8:5f:f3:7f:2e:54:84:d3:61:61:06:2a:85:6d:c8:
de:be:5b:0c:79:60:8d:eb:84:07:70:dc:07:97:62:
26:ff:93:81:51:91:eb:db:2c:fb:83:5d:9c:14:a7:
3e:58:bf:bf:e0:38:8c:f1:39:e5:93:90:af:82:56:
c9:88:34:36:fa:9c:b1:af:3f:02:77:7e:93:e2:2a:
3a:c2:8e:9c:43:f0:78:b1:b8:5a:62:35:49:92:08:
75:b2:2c:76:04:cf:94:8f:76:a7:95:7a:ae:74:0c:
21:7c:5a:1a:64:6e:50:04:13:b1:1f:d9:cf:be:43:
6a:2a:a1:b2:54:cb:b1:06:67:e9:cd:0f:02:8e:46:
cf:52:3f:11:1b:f0:13:88:ed:f2:ac:4d:37:48:c1:
9c:5a:11:9a:0b:7f:c1:ee:50:de:50:d5:9b:e6:b5:
ed:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:8A:A9:86:85:33:EA:A1:AC:84:DE:9D:98:66:13:6F:B9:88:A9:CC
X509v3 Authority Key Identifier:
keyid:B7:8E:7F:E3:CB:2D:4B:5A:1E:B9:28:A6:90:BC:65:79:DF:88:1B:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E22E3/7AA8943E170C11EF94F17C14C4F9AE02/t45_48stS1oeuSimkLxled-IG-k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t45_48stS1oeuSimkLxled-IG-k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E22E3/7AA8943E170C11EF94F17C14C4F9AE02/60E63D04171011EFA738EE2BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
166.65.180.0-166.65.199.255
Signature Algorithm: sha256WithRSAEncryption
02:73:a1:2f:0a:11:e3:77:69:08:9e:db:be:f8:69:f3:5b:25:
a5:ec:6c:4a:d4:93:95:1d:4a:0f:8a:49:e9:d8:c8:15:63:c9:
f2:13:42:31:df:a6:77:47:5b:b6:02:fe:d7:bd:50:11:39:93:
1a:b8:33:65:4d:7a:32:1e:65:d3:f0:8c:38:ac:a2:37:aa:7c:
58:7c:3f:2d:ba:dc:1f:5f:25:f9:a4:04:72:4f:8f:f6:4c:b8:
07:30:c8:34:93:1e:ba:f3:c4:f7:02:7d:be:ab:df:26:bc:8e:
d1:35:68:dd:82:cb:78:55:2b:74:d2:2f:82:ab:52:1a:a6:03:
cc:57:c4:75:a4:15:d0:bc:d0:81:74:93:de:27:d4:83:c9:11:
d5:2d:26:64:88:40:5f:67:33:c5:5d:a2:5f:6f:fd:2c:1e:54:
3f:34:ec:76:b3:b6:65:44:05:e0:00:05:05:41:da:ac:28:75:
ef:0e:4e:92:08:6e:e1:0e:2e:24:d8:64:1a:b9:e5:2e:c9:1e:
60:66:53:9d:4b:ba:36:c7:4f:32:95:db:5e:9a:f9:4d:61:da:
6d:a4:0c:ac:e4:92:03:cc:f1:46:d3:c4:3d:4d:d3:d3:4b:81:
5c:9a:67:ef:ef:29:e2:ce:14:ec:33:63:30:ea:a0:f8:7a:11:
99:d5:4c:96
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICAJAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTIyRTMxMTAvBgNVBAUTKEI3OEU3RkUzQ0IyRDRCNUExRUI5MjhBNjkwQkM2NTc5
REY4ODFCRTkwHhcNMjUwMjA3MDUwODQxWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E1OTU1OC0zODJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApxRbZLdcbdxQkw60H4oi37clH0yDvHz6bZEF1qrsVp0ac5gvqSwk7i+PqqIh
WPGUCba5xmAY8K6z5S1+ne/uP+rrpSZothhL2EFAhMv+QEgjIZYN5oBKD5bYX/N/
LlSE02FhBiqFbcjevlsMeWCN64QHcNwHl2Im/5OBUZHr2yz7g12cFKc+WL+/4DiM
8Tnlk5CvglbJiDQ2+pyxrz8Cd36T4io6wo6cQ/B4sbhaYjVJkgh1six2BM+Uj3an
lXqudAwhfFoaZG5QBBOxH9nPvkNqKqGyVMuxBmfpzQ8CjkbPUj8RG/ATiO3yrE03
SMGcWhGaC3/B7lDeUNWb5rXtSQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFFOKqYaF
M+qhrITenZhmE2+5iKnMMB8GA1UdIwQYMBaAFLeOf+PLLUtaHrkoppC8ZXnfiBvp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjJFMy83QUE4OTQzRTE3
MEMxMUVGOTRGMTdDMTRDNEY5QUUwMi90NDVfNDhzdFMxb2V1U2lta0x4bGVkLUlH
LWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3Q0NV80OHN0UzFvZXVTaW1rTHhsZWQtSUctay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTIyRTMvN0FBODk0M0UxNzBDMTFFRjk0RjE3QzE0QzRGOUFFMDIvNjBFNjNEMDQx
NzEwMTFFRkE3MzhFRTJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAqZBtAMEA6ZBwDANBgkqhkiG9w0BAQsFAAOCAQEAAnOh
LwoR43dpCJ7bvvhp81slpexsStSTlR1KD4pJ6djIFWPJ8hNCMd+md0dbtgL+171Q
ETmTGrgzZU16Mh5l0/CMOKyiN6p8WHw/LbrcH18l+aQEck+P9ky4BzDINJMeuvPE
9wJ9vqvfJryO0TVo3YLLeFUrdNIvgqtSGqYDzFfEdaQV0LzQgXST3ifUg8kR1S0m
ZIhAX2czxV2iX2/9LB5UPzTsdrO2ZUQF4AAFBUHarCh17w5Okghu4Q4uJNhkGrnl
LskeYGZTnUu6NsdPMpXbXpr5TWHabaQMrOSSA8zxRtPEPU3T00uBXJpn7+8p4s4U
7DNjMOqg+HoRmdVMlg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:33:23 2025 by rpki-client