Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/B8BA4E603B5211EAA0D53F12C4F9AE02.roa
File: B8BA4E603B5211EAA0D53F12C4F9AE02.roa (raw, json)
Hash identifier: JDAGe4IksOtjrzlmQZ9zVBIzM1ZKwteeQYN9TBrAsPk=
Subject key identifier: F5:A4:90:E0:6F:F6:23:7E:56:77:0D:92:D6:CC:A2:79:BB:CC:31:83
Certificate issuer: /CN=A91EA198/serialNumber=5FEEDE9D382543F051527FA533D47A917077E632
Certificate serial: 1DC9
Authority key identifier: 5F:EE:DE:9D:38:25:43:F0:51:52:7F:A5:33:D4:7A:91:70:77:E6:32
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/B8BA4E603B5211EAA0D53F12C4F9AE02.roa
Signing time: Wed 18 Dec 2024 16:13:56 +0000
ROA not before: Wed 18 Dec 2024 16:13:56 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 45102
IP address blocks: 8.128.0.0/10 maxlen: 18
8.208.0.0/12 maxlen: 15
8.208.0.0/16 maxlen: 24
8.209.0.0/16 maxlen: 24
8.210.0.0/16 maxlen: 24
8.211.0.0/16 maxlen: 24
8.212.0.0/16 maxlen: 24
8.213.0.0/16 maxlen: 24
8.214.0.0/16 maxlen: 24
8.215.0.0/16 maxlen: 24
8.216.0.0/16 maxlen: 24
8.217.0.0/16 maxlen: 24
8.218.0.0/16 maxlen: 24
8.219.0.0/16 maxlen: 24
8.220.0.0/16 maxlen: 24
8.221.0.0/16 maxlen: 24
8.222.0.0/16 maxlen: 24
8.223.0.0/16 maxlen: 24
149.129.0.0/16 maxlen: 24
161.117.0.0/16 maxlen: 24
170.33.0.0/16 maxlen: 16
170.33.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7625 (0x1dc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA198
Validity
Not Before: Dec 18 16:13:56 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6762f4c3-ab75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:96:1f:b7:e1:92:cb:7e:9a:ea:5d:5e:2e:f1:
eb:60:b1:c0:b2:04:4d:ad:bb:17:5d:f9:15:79:56:
42:0e:75:37:28:f4:0c:e8:0a:52:b4:1d:ed:4d:24:
a7:26:9d:01:70:bc:a0:c8:ba:6d:4e:95:e8:4a:a7:
f8:a0:64:0e:4c:18:80:b4:a0:76:7f:c7:8a:36:b4:
a6:38:c4:62:c7:10:26:b2:8f:cf:5b:35:88:4f:20:
3d:4b:9a:44:a1:1b:e9:c2:92:4f:7a:83:93:01:a3:
67:a0:f2:77:6e:7f:78:4e:2a:ad:65:72:18:bc:f1:
d2:43:87:fc:84:9e:56:cb:e2:b2:b9:09:de:c7:64:
a4:82:be:7f:ef:2c:06:49:7a:61:99:9b:45:e7:a6:
9d:89:2c:70:ba:46:92:76:db:39:56:0a:db:ad:ea:
ff:b3:2c:32:87:ea:cd:9f:87:89:96:b2:8a:5a:cb:
94:1d:7c:f2:41:54:bd:ed:c6:0c:d6:fa:32:b1:6f:
59:3d:6d:bd:f2:81:31:dd:3c:9a:c0:ba:0a:38:90:
ef:2d:86:f2:c6:e3:e9:70:d3:33:08:dc:c1:78:68:
f9:dc:50:0e:db:5e:00:05:e8:b3:ef:a1:44:e7:3e:
43:61:16:bf:b8:dc:6e:18:55:54:71:2d:bd:e2:6d:
a6:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A4:90:E0:6F:F6:23:7E:56:77:0D:92:D6:CC:A2:79:BB:CC:31:83
X509v3 Authority Key Identifier:
keyid:5F:EE:DE:9D:38:25:43:F0:51:52:7F:A5:33:D4:7A:91:70:77:E6:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/X-7enTglQ_BRUn-lM9R6kXB35jI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/B8BA4E603B5211EAA0D53F12C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
8.128.0.0/10
8.208.0.0/12
149.129.0.0/16
161.117.0.0/16
170.33.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b6:c1:d9:f7:84:34:63:7c:21:df:fd:a4:53:8f:da:40:95:cd:
85:42:48:0e:ce:69:91:c1:b6:49:2c:eb:d2:ab:35:01:61:b6:
93:04:ff:a4:49:54:f5:6e:3b:63:99:f0:f8:65:3f:e9:ec:7c:
cb:09:3a:28:2b:67:59:58:3a:de:26:1e:38:0c:65:62:f6:de:
ac:1f:cc:68:38:b1:ad:31:87:6c:0b:18:e0:93:87:77:44:39:
ce:84:12:d7:e4:a8:ab:2f:35:12:00:ca:e6:d8:18:7b:46:40:
4e:90:7c:95:3a:88:dc:b5:23:9b:61:8e:9b:b2:66:29:4b:24:
7b:14:38:f4:73:62:50:8b:29:b0:c3:b9:98:f8:24:97:b8:4a:
55:47:3a:6a:bc:23:97:48:d1:ad:8e:3a:22:c5:a4:e7:c8:7d:
77:6c:2c:36:2d:9d:14:5d:3a:12:3f:31:f6:08:d3:21:34:c4:
b8:67:a3:d4:a4:e0:a3:4b:a2:74:c3:e9:29:8e:26:9e:5a:45:
a4:ed:7a:b2:a1:bd:24:24:10:f0:0e:b4:24:fa:64:71:61:29:
bc:d7:db:50:d1:b3:d8:b2:12:34:2c:78:16:01:84:f0:2e:6d:
58:82:05:b5:96:01:8c:11:5f:ec:11:3e:39:db:40:17:0f:b5:
f3:d7:d6:29
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICHckwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUExOTgxMTAvBgNVBAUTKDVGRUVERTlEMzgyNTQzRjA1MTUyN0ZBNTMzRDQ3QTkx
NzA3N0U2MzIwHhcNMjQxMjE4MTYxMzU2WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYyZjRjMy1hYjc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAypYft+GSy36a6l1eLvHrYLHAsgRNrbsXXfkVeVZCDnU3KPQM6ApStB3tTSSn
Jp0BcLygyLptTpXoSqf4oGQOTBiAtKB2f8eKNrSmOMRixxAmso/PWzWITyA9S5pE
oRvpwpJPeoOTAaNnoPJ3bn94TiqtZXIYvPHSQ4f8hJ5Wy+KyuQnex2Skgr5/7ywG
SXphmZtF56adiSxwukaSdts5Vgrbrer/sywyh+rNn4eJlrKKWsuUHXzyQVS97cYM
1voysW9ZPW298oEx3TyawLoKOJDvLYbyxuPpcNMzCNzBeGj53FAO214ABeiz76FE
5z5DYRa/uNxuGFVUcS294m2mSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPWkkOBv
9iN+VncNktbMonm7zDGDMB8GA1UdIwQYMBaAFF/u3p04JUPwUVJ/pTPUepFwd+Yy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC9BRDYyOTIyMkI1
MjUxMUU2QUY2Qzg5NUVDNEY5QUUwMi9YLTdlblRnbFFfQlJVbi1sTTlSNmtYQjM1
akkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1gtN2VuVGdsUV9CUlVuLWxNOVI2a1hCMzVqSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUExOTgvQUQ2MjkyMjJCNTI1MTFFNkFGNkM4OTVFQzRGOUFFMDIvQjhCQTRFNjAz
QjUyMTFFQUEwRDUzRjEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMgYIKwYBBQUHAQcBAf8E
IzAhMB8EAgABMBkDAwYIgAMDBAjQAwMAlYEDAwChdQMDAKohMA0GCSqGSIb3DQEB
CwUAA4IBAQC2wdn3hDRjfCHf/aRTj9pAlc2FQkgOzmmRwbZJLOvSqzUBYbaTBP+k
SVT1bjtjmfD4ZT/p7HzLCTooK2dZWDreJh44DGVi9t6sH8xoOLGtMYdsCxjgk4d3
RDnOhBLX5KirLzUSAMrm2Bh7RkBOkHyVOojctSObYY6bsmYpSyR7FDj0c2JQiymw
w7mY+CSXuEpVRzpqvCOXSNGtjjoixaTnyH13bCw2LZ0UXToSPzH2CNMhNMS4Z6PU
pOCjS6J0w+kpjiaeWkWk7Xqyob0kJBDwDrQk+mRxYSm819tQ0bPYshI0LHgWAYTw
Lm1YggW1lgGMEV/sET4520AXD7Xz19Yp
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:35:15 2025 by rpki-client