Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/9308C132ECF111EF9A19FA7BC4F9AE02.roa
File: 9308C132ECF111EF9A19FA7BC4F9AE02.roa (raw, json)
Hash identifier: Pf7W2EeSQrnCpQNA3L1mFeCLKH0ywc3awVDPPh2eQiM=
Subject key identifier: 3A:EF:D7:43:2B:E6:71:1A:E1:F4:65:11:BB:61:AA:24:EF:B2:48:8C
Certificate issuer: /CN=A91E7561/serialNumber=25BC7D4DE77BD01B3D191587696E5AFDD8CECD04
Certificate serial: 05D0
Authority key identifier: 25:BC:7D:4D:E7:7B:D0:1B:3D:19:15:87:69:6E:5A:FD:D8:CE:CD:04
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/9308C132ECF111EF9A19FA7BC4F9AE02.roa
Signing time: Mon 17 Feb 2025 08:46:32 +0000
ROA not before: Mon 17 Feb 2025 08:46:32 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 131445
IP address blocks: 14.207.0.0/21 maxlen: 21
14.207.0.0/24 maxlen: 24
14.207.1.0/24 maxlen: 24
14.207.2.0/24 maxlen: 24
14.207.3.0/24 maxlen: 24
14.207.4.0/24 maxlen: 24
14.207.5.0/24 maxlen: 24
14.207.6.0/24 maxlen: 24
14.207.7.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1488 (0x5d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E7561
Validity
Not Before: Feb 17 08:46:32 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67b2f767-b3e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4f:97:a2:be:b0:8b:c1:25:7c:13:0f:ff:eb:
fb:90:10:9e:1a:63:9c:34:92:42:0a:20:05:19:04:
5e:df:11:99:26:16:ca:58:e9:1d:3c:f5:8f:f1:c3:
61:3c:d2:a9:f5:c1:53:19:a1:f5:f6:d4:3e:ee:4e:
dc:38:45:16:e3:2e:5e:76:7b:8d:34:b6:df:ae:96:
20:79:8b:e4:1a:8c:ea:37:c3:8f:8a:43:dd:b7:0c:
71:25:a8:4d:3b:37:fb:06:0d:13:51:c3:d8:0c:7c:
48:a3:a0:f8:13:14:a5:87:e5:7f:8f:67:64:50:d5:
4c:43:49:3c:4f:fc:01:e6:20:8d:8a:77:f8:4a:67:
5d:b9:78:c1:aa:a2:07:f4:32:2b:be:6d:5e:0e:62:
07:66:ed:9b:15:0a:68:aa:68:6a:4e:e2:fa:ab:76:
41:e1:3e:1f:3b:20:39:e7:19:f9:61:97:8e:8b:86:
b1:d3:e4:9d:f0:1b:40:c0:10:0a:46:75:f6:7d:9d:
cb:7c:00:a4:54:c2:f1:40:1f:25:88:61:51:5a:c4:
bd:5e:17:f2:ce:f3:71:5c:8b:86:c3:09:ca:f2:d9:
46:b6:29:6e:ff:c3:ac:82:23:70:91:6a:55:73:ae:
c1:90:91:1c:30:56:f1:89:c1:21:34:84:45:8d:46:
a0:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:EF:D7:43:2B:E6:71:1A:E1:F4:65:11:BB:61:AA:24:EF:B2:48:8C
X509v3 Authority Key Identifier:
keyid:25:BC:7D:4D:E7:7B:D0:1B:3D:19:15:87:69:6E:5A:FD:D8:CE:CD:04
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/9308C132ECF111EF9A19FA7BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.207.0.0/21
Signature Algorithm: sha256WithRSAEncryption
3e:7d:75:8e:9d:97:f2:2b:2e:47:4f:1d:5a:54:a3:89:d3:8a:
27:bf:d2:23:ff:e4:de:e2:48:42:df:80:fa:ba:ce:59:50:6c:
33:19:ee:51:df:5e:ed:ce:79:e1:43:d2:3a:6d:09:34:1a:b5:
fe:85:22:33:8d:24:66:b6:77:f0:65:2a:ed:6b:94:45:65:2b:
9c:6c:0c:38:a6:72:ff:2d:d8:bd:55:94:b5:2f:9d:3e:0e:01:
81:ce:aa:a9:03:34:94:29:10:81:f7:a9:df:16:a4:bb:23:74:
44:72:36:c0:a9:12:96:fc:a1:5c:6b:ff:52:f7:73:33:aa:32:
96:73:05:71:9f:a3:b4:64:29:25:d5:e6:7f:99:b6:09:7c:f3:
24:16:7d:43:27:f5:24:9e:f7:4d:22:0f:dc:77:f5:1e:fa:8b:
ad:ea:77:7d:a6:48:46:a8:04:e3:47:7a:4c:1e:73:81:8e:b3:
af:fa:ef:4c:dd:b6:38:aa:25:0b:4e:94:10:17:63:12:cb:70:
38:db:d7:1f:30:6f:53:62:84:67:92:ff:95:01:d0:32:71:73:
76:da:7c:f5:2a:51:14:f2:8c:8f:44:6f:06:2d:d2:2b:d7:ec:
98:7b:dd:cc:75:2d:b8:fc:c3:de:c4:6a:f7:71:09:62:d8:df:
3a:f0:bb:ad
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBdAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTc1NjExMTAvBgNVBAUTKDI1QkM3RDRERTc3QkQwMUIzRDE5MTU4NzY5NkU1QUZE
RDhDRUNEMDQwHhcNMjUwMjE3MDg0NjMyWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2IyZjc2Ny1iM2U2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw0+Xor6wi8ElfBMP/+v7kBCeGmOcNJJCCiAFGQRe3xGZJhbKWOkdPPWP8cNh
PNKp9cFTGaH19tQ+7k7cOEUW4y5ednuNNLbfrpYgeYvkGozqN8OPikPdtwxxJahN
Ozf7Bg0TUcPYDHxIo6D4ExSlh+V/j2dkUNVMQ0k8T/wB5iCNinf4SmdduXjBqqIH
9DIrvm1eDmIHZu2bFQpoqmhqTuL6q3ZB4T4fOyA55xn5YZeOi4ax0+Sd8BtAwBAK
RnX2fZ3LfACkVMLxQB8liGFRWsS9XhfyzvNxXIuGwwnK8tlGtilu/8OsgiNwkWpV
c67BkJEcMFbxicEhNIRFjUagJwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDrv10Mr
5nEa4fRlEbthqiTvskiMMB8GA1UdIwQYMBaAFCW8fU3ne9AbPRkVh2luWv3Yzs0E
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzU2MS9BMjZFMDZFMDA1
NEMxMUVDQkRCNEZFNDZDNEY5QUUwMi9KYng5VGVkNzBCczlHUldIYVc1YV9kak96
UVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pieDlUZWQ3MEJzOUdSV0hhVzVhX2RqT3pRUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTc1NjEvQTI2RTA2RTAwNTRDMTFFQ0JEQjRGRTQ2QzRGOUFFMDIvOTMwOEMxMzJF
Q0YxMTFFRjlBMTlGQTdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAMOzwAwDQYJKoZIhvcNAQELBQADggEBAD59dY6dl/IrLkdP
HVpUo4nTiie/0iP/5N7iSELfgPq6zllQbDMZ7lHfXu3OeeFD0jptCTQatf6FIjON
JGa2d/BlKu1rlEVlK5xsDDimcv8t2L1VlLUvnT4OAYHOqqkDNJQpEIH3qd8WpLsj
dERyNsCpEpb8oVxr/1L3czOqMpZzBXGfo7RkKSXV5n+Ztgl88yQWfUMn9SSe900i
D9x39R76i63qd32mSEaoBONHekwec4GOs6/670zdtjiqJQtOlBAXYxLLcDjb1x8w
b1NihGeS/5UB0DJxc3bafPUqURTyjI9EbwYt0ivX7Jh73cx1Lbj8w97EavdxCWLY
3zrwu60=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:10:03 2025 by rpki-client