Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/7E0AB01C782C11EBB0B71971C4F9AE02.roa
File: 7E0AB01C782C11EBB0B71971C4F9AE02.roa (raw, json)
Hash identifier: e2DubgyDCDlnH7LvAeB6EbSHpB7UMinUEO9uGUWVJec=
Subject key identifier: 5A:F8:6B:C1:73:1B:0D:DE:AF:C4:B0:28:CE:E3:B1:58:6F:3D:93:37
Certificate issuer: /CN=A91FF74B/serialNumber=059E6F03AE7676A9D0F09D5F6CBDB90861855A57
Certificate serial: 0678
Authority key identifier: 05:9E:6F:03:AE:76:76:A9:D0:F0:9D:5F:6C:BD:B9:08:61:85:5A:57
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BZ5vA652dqnQ8J1fbL25CGGFWlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/7E0AB01C782C11EBB0B71971C4F9AE02.roa
Signing time: Thu 02 Jan 2025 09:11:58 +0000
ROA not before: Thu 02 Jan 2025 09:11:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56201
IP address blocks: 169.148.132.0/24 maxlen: 24
169.148.133.0/24 maxlen: 24
169.148.134.0/23 maxlen: 23
169.148.134.0/24 maxlen: 24
169.148.135.0/24 maxlen: 24
169.148.136.0/23 maxlen: 23
169.148.136.0/24 maxlen: 24
169.148.137.0/24 maxlen: 24
169.148.138.0/23 maxlen: 24
169.148.140.0/23 maxlen: 24
169.148.142.0/23 maxlen: 23
169.148.142.0/24 maxlen: 24
169.148.143.0/24 maxlen: 24
169.148.144.0/23 maxlen: 23
169.148.144.0/24 maxlen: 24
169.148.145.0/24 maxlen: 24
169.148.146.0/23 maxlen: 23
169.148.148.0/23 maxlen: 23
169.148.148.0/24 maxlen: 24
169.148.149.0/24 maxlen: 24
169.148.150.0/24 maxlen: 24
169.148.172.0/23 maxlen: 24
169.148.174.0/23 maxlen: 24
169.148.176.0/23 maxlen: 24
169.148.180.0/24 maxlen: 24
199.67.76.0/23 maxlen: 23
199.67.76.0/24 maxlen: 24
199.67.77.0/24 maxlen: 24
199.67.78.0/23 maxlen: 23
199.67.78.0/24 maxlen: 24
199.67.79.0/24 maxlen: 24
199.67.94.0/23 maxlen: 23
199.67.94.0/24 maxlen: 24
199.67.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1656 (0x678)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FF74B
Validity
Not Before: Jan 2 09:11:58 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6776585e-56e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:92:13:d9:2f:6d:61:10:97:3d:9b:6a:56:02:
11:33:01:6e:3d:21:a7:53:ef:0f:a6:c2:77:99:84:
cb:b7:ee:c6:d3:29:ef:92:3d:2a:0b:31:58:94:7a:
71:13:a1:bc:c4:2a:df:aa:dc:2d:ad:e6:c3:72:d6:
d2:1a:74:d5:ac:b8:2b:16:09:ce:89:2b:25:47:fb:
85:e8:f4:80:63:2e:1f:8c:ae:6c:a0:ed:1f:ea:6d:
68:3a:22:9f:2b:77:5c:79:4e:03:69:7e:de:18:3f:
c1:48:ff:c4:02:b8:8c:9f:f2:a6:10:f2:eb:82:82:
c4:91:ca:22:57:58:2d:09:dc:46:c0:9a:02:b7:53:
5d:22:28:a5:37:8b:fe:71:e6:aa:8b:d8:89:06:a8:
5c:ba:6b:c5:e5:ca:03:d6:a2:ff:5c:4a:bc:42:bd:
fa:5e:aa:bb:10:f1:de:ac:72:9d:a8:26:36:34:d4:
fc:9b:3c:ef:6f:6e:96:98:63:e2:b1:b8:a1:8e:c1:
e0:51:bf:12:92:6e:3c:8f:23:b1:8c:dd:bb:14:3f:
39:00:83:c3:2e:10:4c:70:f5:c7:89:d4:ff:63:90:
55:df:80:69:72:40:e9:7e:43:bb:36:cd:3a:14:e7:
01:f9:25:9e:4a:3c:04:7b:f9:bd:c3:3a:b7:5e:fd:
28:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:F8:6B:C1:73:1B:0D:DE:AF:C4:B0:28:CE:E3:B1:58:6F:3D:93:37
X509v3 Authority Key Identifier:
keyid:05:9E:6F:03:AE:76:76:A9:D0:F0:9D:5F:6C:BD:B9:08:61:85:5A:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/BZ5vA652dqnQ8J1fbL25CGGFWlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BZ5vA652dqnQ8J1fbL25CGGFWlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/7E0AB01C782C11EBB0B71971C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
169.148.132.0-169.148.150.255
169.148.172.0-169.148.177.255
169.148.180.0/24
199.67.76.0/22
199.67.94.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:a9:b2:2e:c4:9b:d3:e8:ef:3b:f6:f5:2f:6d:48:6c:4f:43:
ef:77:2e:fe:1c:0f:7e:57:52:c7:1f:c6:d3:0f:a6:3d:33:03:
bc:46:c3:f0:88:b3:52:5d:b4:4c:42:58:12:b6:74:db:e3:16:
53:f0:e9:6f:21:4c:19:af:5a:62:4b:d2:a2:82:84:22:21:b2:
9a:e2:c9:d4:c8:db:13:96:90:17:83:b0:a6:49:ef:e5:ae:df:
be:b7:ba:65:9e:38:c3:e4:8a:ad:3d:6e:94:b3:40:7c:81:ad:
87:4d:fa:cb:e4:42:ec:1c:89:c5:cf:25:e8:5e:c6:a1:96:fb:
07:1a:24:bd:b9:0b:2a:13:bb:73:70:45:e5:d2:b4:1c:e7:28:
82:94:a0:59:e1:63:1e:12:03:b9:5a:f1:41:dd:f1:00:07:27:
d9:03:bf:69:0a:e6:c3:b3:ff:e3:9b:b0:b0:66:88:03:98:78:
c9:25:38:c7:b7:b7:25:33:95:30:73:ff:2c:45:69:b8:27:00:
30:b5:b7:0a:b7:39:e9:2f:d6:85:b1:19:e1:01:5f:43:ad:d2:
0d:33:1e:86:15:96:26:7d:bd:db:71:41:c8:9d:f0:8f:7b:22:
a3:d8:2f:13:49:1e:2d:1d:81:20:2e:19:aa:34:7f:5f:9e:57:
c9:29:05:33
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgICBngwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkY3NEIxMTAvBgNVBAUTKDA1OUU2RjAzQUU3Njc2QTlEMEYwOUQ1RjZDQkRCOTA4
NjE4NTVBNTcwHhcNMjUwMTAyMDkxMTU4WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc2NTg1ZS01NmUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArJIT2S9tYRCXPZtqVgIRMwFuPSGnU+8PpsJ3mYTLt+7G0ynvkj0qCzFYlHpx
E6G8xCrfqtwtrebDctbSGnTVrLgrFgnOiSslR/uF6PSAYy4fjK5soO0f6m1oOiKf
K3dceU4DaX7eGD/BSP/EAriMn/KmEPLrgoLEkcoiV1gtCdxGwJoCt1NdIiilN4v+
ceaqi9iJBqhcumvF5coD1qL/XEq8Qr36Xqq7EPHerHKdqCY2NNT8mzzvb26WmGPi
sbihjsHgUb8Skm48jyOxjN27FD85AIPDLhBMcPXHidT/Y5BV34BpckDpfkO7Ns06
FOcB+SWeSjwEe/m9wzq3Xv0osQIDAQABo4ICvTCCArkwHQYDVR0OBBYEFFr4a8Fz
Gw3er8SwKM7jsVhvPZM3MB8GA1UdIwQYMBaAFAWebwOudnap0PCdX2y9uQhhhVpX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRjc0Qi82MUEzMzg0QTc4
MkMxMUVCQUMwNEY2NzJDNEY5QUUwMi9CWjV2QTY1MmRxblE4SjFmYkwyNUNHR0ZX
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0JaNXZBNjUyZHFuUThKMWZiTDI1Q0dHRldsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkY3NEIvNjFBMzM4NEE3ODJDMTFFQkFDMDRGNjcyQzRGOUFFMDIvN0UwQUIwMUM3
ODJDMTFFQkIwQjcxOTcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E
ODA2MDQEAgABMC4wDAMEAqmUhAMEAKmUljAMAwQCqZSsAwQBqZSwAwQAqZS0AwQC
x0NMAwQBx0NeMA0GCSqGSIb3DQEBCwUAA4IBAQB7qbIuxJvT6O879vUvbUhsT0Pv
dy7+HA9+V1LHH8bTD6Y9MwO8RsPwiLNSXbRMQlgStnTb4xZT8OlvIUwZr1piS9Ki
goQiIbKa4snUyNsTlpAXg7CmSe/lrt++t7plnjjD5IqtPW6Us0B8ga2HTfrL5ELs
HInFzyXoXsahlvsHGiS9uQsqE7tzcEXl0rQc5yiClKBZ4WMeEgO5WvFB3fEAByfZ
A79pCubDs//jm7CwZogDmHjJJTjHt7clM5Uwc/8sRWm4JwAwtbcKtznpL9aFsRnh
AV9DrdINMx6GFZYmfb3bcUHInfCPeyKj2C8TSR4tHYEgLhmqNH9fnlfJKQUz
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:25:06 2025 by rpki-client