Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/014DA14E596F11ED9DE99A66C4F9AE02.roa
File: 014DA14E596F11ED9DE99A66C4F9AE02.roa (raw, json)
Hash identifier: EbZ289YqTjjHul9Gc5OsYaqkiIBsHmwVJ9L1aCN8g68=
Subject key identifier: 72:7E:BA:E0:BF:A0:80:2F:88:C2:51:19:0D:68:2C:D2:46:35:0A:CF
Certificate issuer: /CN=A91F2B47/serialNumber=17D5FE323EBFD9A8D344E77B73799A8E75624352
Certificate serial: 0224
Authority key identifier: 17:D5:FE:32:3E:BF:D9:A8:D3:44:E7:7B:73:79:9A:8E:75:62:43:52
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/F9X-Mj6_2ajTROd7c3majnViQ1I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/014DA14E596F11ED9DE99A66C4F9AE02.roa
Signing time: Wed 05 Mar 2025 03:48:09 +0000
ROA not before: Wed 05 Mar 2025 03:48:09 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 9426
IP address blocks: 166.120.0.0/22 maxlen: 24
166.120.4.0/22 maxlen: 24
166.120.8.0/24 maxlen: 24
166.120.64.0/19 maxlen: 19
166.120.64.0/22 maxlen: 24
166.120.68.0/23 maxlen: 24
166.120.70.0/23 maxlen: 24
166.120.72.0/22 maxlen: 23
166.120.74.0/23 maxlen: 24
166.120.76.0/22 maxlen: 22
166.120.76.0/23 maxlen: 24
166.120.80.0/20 maxlen: 22
166.120.164.0/22 maxlen: 24
166.120.202.0/23 maxlen: 24
166.120.212.0/23 maxlen: 23
166.120.212.0/24 maxlen: 24
166.120.216.0/23 maxlen: 23
166.120.216.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 548 (0x224)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F2B47
Validity
Not Before: Mar 5 03:48:09 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67c7c979-2b74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:97:7b:fd:8e:29:56:e0:ea:44:52:f0:e2:02:
01:68:bf:2f:aa:bc:6c:5e:a8:ee:15:2e:b9:5b:d0:
88:f2:8c:95:31:14:94:53:74:95:ba:f4:60:2a:18:
66:0c:c7:9e:03:a2:3e:61:76:fb:3e:a1:01:49:8d:
69:cf:fe:01:3e:48:33:f5:ff:11:81:6e:37:81:ad:
34:74:ad:67:3e:03:db:cd:ef:6f:10:c8:11:b2:45:
b2:7e:80:aa:63:71:5c:c5:5c:ac:c5:c9:9d:85:bf:
06:1a:af:e7:e7:81:1e:b8:df:43:e8:cb:bc:7a:28:
b0:39:d5:26:c8:01:9d:37:f2:21:3b:09:09:32:c4:
74:3c:2b:a7:f6:b8:05:a3:2a:69:e6:47:c4:53:9d:
f8:97:cf:a2:59:84:98:13:aa:fc:aa:6e:e6:b8:c2:
0b:9f:00:ba:f2:c0:bb:4a:17:bf:dc:1a:a1:1f:50:
8f:db:7c:2f:85:bc:84:1d:a2:69:23:c9:5d:e3:af:
e2:70:b4:77:18:5a:f6:20:84:4a:12:7b:20:30:9c:
c5:45:79:f9:b2:93:1e:c2:06:07:9c:3c:e9:f3:e0:
a8:32:77:1b:81:10:4b:85:50:2b:6e:0e:50:6c:87:
79:0c:1c:07:bd:64:c4:3c:7f:61:32:63:62:8f:6e:
75:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:7E:BA:E0:BF:A0:80:2F:88:C2:51:19:0D:68:2C:D2:46:35:0A:CF
X509v3 Authority Key Identifier:
keyid:17:D5:FE:32:3E:BF:D9:A8:D3:44:E7:7B:73:79:9A:8E:75:62:43:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/F9X-Mj6_2ajTROd7c3majnViQ1I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/F9X-Mj6_2ajTROd7c3majnViQ1I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/014DA14E596F11ED9DE99A66C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
166.120.0.0-166.120.8.255
166.120.64.0/19
166.120.164.0/22
166.120.202.0/23
166.120.212.0/23
166.120.216.0/23
Signature Algorithm: sha256WithRSAEncryption
54:16:2b:e4:f9:a0:4a:a7:1b:c2:53:ca:3f:e3:6b:d3:eb:47:
10:e2:65:39:8e:d1:a7:7f:f9:a7:2a:32:ea:09:47:b3:42:fa:
31:bb:ec:a6:bc:cd:e8:c5:e9:7a:f7:01:cd:e7:66:48:d2:ae:
04:a1:48:f8:09:0d:f5:32:37:56:93:f7:18:eb:73:86:5b:f4:
db:59:b8:f8:9b:4a:2d:18:df:ae:1d:f9:20:b6:11:05:39:f5:
7f:80:0d:bc:ca:90:6b:88:b0:5b:9f:ab:7a:8a:0d:11:21:e1:
88:5f:d1:ce:28:ad:e1:0d:7f:f1:93:f7:63:8c:c1:75:e5:4c:
02:81:e7:36:eb:a5:c0:f0:be:bf:e4:95:2d:d1:6b:08:9d:c6:
9c:5f:96:d6:f2:87:08:d5:e3:9f:a8:33:b2:cb:c3:5c:55:fe:
9b:b3:cc:26:65:5a:5c:e8:10:79:0a:5a:ca:17:f7:02:d7:41:
36:ae:81:2c:1d:5f:ec:50:67:8e:3d:42:1e:14:f4:a7:32:45:
11:d2:e6:fa:aa:1c:ea:4d:80:29:c2:bb:cd:be:f8:ab:92:cd:
ee:e6:85:fe:8d:99:36:f1:3e:25:51:da:44:8d:7f:21:92:7a:
87:79:42:92:09:62:fe:49:e7:c7:98:be:cc:31:7a:99:85:23:
13:13:87:55
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgICAiQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjJCNDcxMTAvBgNVBAUTKDE3RDVGRTMyM0VCRkQ5QThEMzQ0RTc3QjczNzk5QThF
NzU2MjQzNTIwHhcNMjUwMzA1MDM0ODA5WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M3Yzk3OS0yYjc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAypd7/Y4pVuDqRFLw4gIBaL8vqrxsXqjuFS65W9CI8oyVMRSUU3SVuvRgKhhm
DMeeA6I+YXb7PqEBSY1pz/4BPkgz9f8RgW43ga00dK1nPgPbze9vEMgRskWyfoCq
Y3FcxVysxcmdhb8GGq/n54EeuN9D6Mu8eiiwOdUmyAGdN/IhOwkJMsR0PCun9rgF
oypp5kfEU534l8+iWYSYE6r8qm7muMILnwC68sC7She/3BqhH1CP23wvhbyEHaJp
I8ld46/icLR3GFr2IIRKEnsgMJzFRXn5spMewgYHnDzp8+CoMncbgRBLhVArbg5Q
bId5DBwHvWTEPH9hMmNij251fQIDAQABo4ICujCCArYwHQYDVR0OBBYEFHJ+uuC/
oIAviMJRGQ1oLNJGNQrPMB8GA1UdIwQYMBaAFBfV/jI+v9mo00Tne3N5mo51YkNS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMkI0Ny9FODhFOUM3RTMz
QUYxMUVEQjYxMDc0MzRDNEY5QUUwMi9GOVgtTWo2XzJhalRST2Q3YzNtYWpuVmlR
MUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0Y5WC1NajZfMmFqVFJPZDdjM21ham5WaVExSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjJCNDcvRTg4RTlDN0UzM0FGMTFFREI2MTA3NDM0QzRGOUFFMDIvMDE0REExNEU1
OTZGMTFFRDlERTk5QTY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRAYIKwYBBQUHAQcBAf8E
NTAzMDEEAgABMCswCwMDA6Z4AwQApngIAwQFpnhAAwQCpnikAwQBpnjKAwQBpnjU
AwQBpnjYMA0GCSqGSIb3DQEBCwUAA4IBAQBUFivk+aBKpxvCU8o/42vT60cQ4mU5
jtGnf/mnKjLqCUezQvoxu+ymvM3oxel69wHN52ZI0q4EoUj4CQ31MjdWk/cY63OG
W/TbWbj4m0otGN+uHfkgthEFOfV/gA28ypBriLBbn6t6ig0RIeGIX9HOKK3hDX/x
k/djjMF15UwCgec266XA8L6/5JUt0WsIncacX5bW8ocI1eOfqDOyy8NcVf6bs8wm
ZVpc6BB5ClrKF/cC10E2roEsHV/sUGeOPUIeFPSnMkUR0ub6qhzqTYApwrvNvvir
ks3u5oX+jZk28T4lUdpEjX8hknqHeUKSCWL+SefHmL7MMXqZhSMTE4dV
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:43:59 2025 by rpki-client