Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/CEF8E22E711711EDB49CE11AC4F9AE02.roa
File: CEF8E22E711711EDB49CE11AC4F9AE02.roa (raw, json)
Hash identifier: Ps44UQPvNI+l6dnKBZUyTUvHvKmwO+RBPeKzPiMeBfw=
Subject key identifier: 94:F1:7F:1F:78:EA:22:C9:1E:14:D3:55:B4:FD:8F:A7:10:F9:A6:D3
Certificate issuer: /CN=A91F277D/serialNumber=BBC103561AFD7A93036D1C72DD4C0A7C2A4E29CE
Certificate serial: 0604
Authority key identifier: BB:C1:03:56:1A:FD:7A:93:03:6D:1C:72:DD:4C:0A:7C:2A:4E:29:CE
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/u8EDVhr9epMDbRxy3UwKfCpOKc4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/CEF8E22E711711EDB49CE11AC4F9AE02.roa
Signing time: Fri 06 Dec 2024 22:11:53 +0000
ROA not before: Fri 06 Dec 2024 22:11:53 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 135348
IP address blocks: 139.163.131.0/24 maxlen: 24
139.163.138.0/24 maxlen: 24
139.163.247.0/24 maxlen: 24
168.134.136.0/24 maxlen: 24
168.134.137.0/24 maxlen: 24
168.134.139.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1540 (0x604)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F277D
Validity
Not Before: Dec 6 22:11:53 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=675376a8-993b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:3a:8e:7f:29:2b:41:25:75:a8:6b:81:3b:34:
ff:14:15:08:ae:5b:fd:64:eb:8f:4c:01:48:6a:12:
68:47:a1:5b:52:e5:6d:31:a2:e7:c7:a0:3d:24:31:
be:50:bc:59:5b:9c:3a:97:85:1b:45:1d:38:f2:f4:
c1:3b:57:c6:a4:e3:71:ca:14:57:4a:a1:65:57:45:
ce:b9:b9:62:6c:e6:65:05:f5:f4:11:79:5f:1b:36:
9f:08:70:d3:4f:57:1e:6a:f1:66:87:7d:de:30:d6:
cf:4a:4f:e1:05:3a:77:e4:36:69:c5:ae:55:ae:ed:
39:53:80:62:52:36:0e:33:e0:79:cb:c9:48:77:d1:
99:77:06:4c:89:58:4a:d5:68:f9:13:cd:91:8d:a3:
62:e2:be:0f:d1:bb:4c:f6:ac:28:53:d7:05:1b:ef:
49:16:64:47:4f:3d:c4:24:49:2a:e6:8d:c8:8e:08:
dd:0a:58:9c:80:54:a3:b4:8d:7c:e1:42:7a:2d:ba:
c7:06:1d:3f:5d:16:27:3e:4d:26:3b:9e:44:e4:4f:
05:60:5b:c9:a6:16:8d:ea:23:12:44:0a:bd:61:ce:
71:47:7a:d8:0a:f4:4f:5c:26:ae:b2:c7:45:35:58:
7e:32:44:d4:58:c8:ce:55:94:f3:30:aa:7a:52:0a:
a6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:F1:7F:1F:78:EA:22:C9:1E:14:D3:55:B4:FD:8F:A7:10:F9:A6:D3
X509v3 Authority Key Identifier:
keyid:BB:C1:03:56:1A:FD:7A:93:03:6D:1C:72:DD:4C:0A:7C:2A:4E:29:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/u8EDVhr9epMDbRxy3UwKfCpOKc4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/u8EDVhr9epMDbRxy3UwKfCpOKc4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/CEF8E22E711711EDB49CE11AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.163.131.0/24
139.163.138.0/24
139.163.247.0/24
168.134.136.0/23
168.134.139.0/24
Signature Algorithm: sha256WithRSAEncryption
62:25:1e:ea:a0:b1:5a:9c:45:c0:41:c1:fb:6c:43:22:12:0a:
08:ad:26:63:cb:e4:81:02:6f:0c:77:3c:7d:0f:fe:05:fb:57:
95:0e:f3:1e:97:d9:b5:22:6b:cb:29:82:aa:7d:fd:df:ee:db:
da:ea:13:19:c0:20:dd:d8:92:f7:e0:01:73:38:fe:ca:c1:9a:
0f:7f:9c:78:e2:56:37:17:7e:2c:20:f5:76:87:b2:26:aa:6e:
87:f9:e0:c0:55:27:33:cc:5f:8b:51:23:99:3b:ea:c1:e1:03:
c4:7d:bd:b8:73:37:ea:1a:1f:16:ff:46:f0:16:51:8f:3e:3f:
a8:a8:39:81:7b:2d:f0:1f:5a:f1:c1:89:2b:d9:aa:55:4b:0f:
37:64:7b:cc:80:03:9d:dd:96:5c:c3:d4:bd:7b:73:78:9f:89:
cf:a4:0c:1c:49:09:49:4d:2c:bc:0e:0a:eb:77:30:85:52:81:
fc:4a:4c:eb:cb:28:d8:47:dd:c3:28:ce:2c:6f:d2:9a:6f:53:
f6:fa:f4:c4:7c:72:67:bd:df:76:f2:e4:a6:9e:76:0c:20:4c:
c5:75:aa:78:a7:64:2e:19:eb:9f:e7:2e:81:83:3b:80:28:e1:
4a:81:49:40:bd:7e:7b:70:79:b6:8a:6d:b5:34:91:5f:e5:9f:
5f:42:4f:ec
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICBgQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjI3N0QxMTAvBgNVBAUTKEJCQzEwMzU2MUFGRDdBOTMwMzZEMUM3MkRENEMwQTdD
MkE0RTI5Q0UwHhcNMjQxMjA2MjIxMTUzWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUzNzZhOC05OTNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6TqOfykrQSV1qGuBOzT/FBUIrlv9ZOuPTAFIahJoR6FbUuVtMaLnx6A9JDG+
ULxZW5w6l4UbRR048vTBO1fGpONxyhRXSqFlV0XOublibOZlBfX0EXlfGzafCHDT
T1ceavFmh33eMNbPSk/hBTp35DZpxa5Vru05U4BiUjYOM+B5y8lId9GZdwZMiVhK
1Wj5E82RjaNi4r4P0btM9qwoU9cFG+9JFmRHTz3EJEkq5o3IjgjdClicgFSjtI18
4UJ6LbrHBh0/XRYnPk0mO55E5E8FYFvJphaN6iMSRAq9Yc5xR3rYCvRPXCaussdF
NVh+MkTUWMjOVZTzMKp6UgqmiwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFJTxfx94
6iLJHhTTVbT9j6cQ+abTMB8GA1UdIwQYMBaAFLvBA1Ya/XqTA20cct1MCnwqTinO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjc3RC83OEExRDA4RThE
NkIxMUVCOTg0MEUwNUZDNEY5QUUwMi91OEVEVmhyOWVwTURiUnh5M1V3S2ZDcE9L
YzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3U4RURWaHI5ZXBNRGJSeHkzVXdLZkNwT0tjNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjI3N0QvNzhBMUQwOEU4RDZCMTFFQjk4NDBFMDVGQzRGOUFFMDIvQ0VGOEUyMkU3
MTE3MTFFREI0OUNFMTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBACLo4MDBACLo4oDBACLo/cDBAGohogDBACohoswDQYJKoZI
hvcNAQELBQADggEBAGIlHuqgsVqcRcBBwftsQyISCgitJmPL5IECbwx3PH0P/gX7
V5UO8x6X2bUia8spgqp9/d/u29rqExnAIN3YkvfgAXM4/srBmg9/nHjiVjcXfiwg
9XaHsiaqbof54MBVJzPMX4tRI5k76sHhA8R9vbhzN+oaHxb/RvAWUY8+P6ioOYF7
LfAfWvHBiSvZqlVLDzdke8yAA53dllzD1L17c3ific+kDBxJCUlNLLwOCut3MIVS
gfxKTOvLKNhH3cMozixv0ppvU/b69MR8cme933by5KaedgwgTMV1qninZC4Z65/n
LoGDO4Ao4UqBSUC9fntwebaKbbU0kV/ln19CT+w=
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:11:52 2025 by rpki-client