Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/91E868D4902B11EF87435A54C4F9AE02.roa
File: 91E868D4902B11EF87435A54C4F9AE02.roa (raw, json)
Hash identifier: M9JBLSmTZK+WGHWP4PBl4vCGB8OpE/d5KiAWANLVB54=
Subject key identifier: DD:C8:2E:6B:8E:BF:DC:21:67:12:6F:C3:FC:EF:2C:2B:CC:D7:FE:2F
Certificate issuer: /CN=A917E678/serialNumber=E243F3BE825569BB16ACB374BC98DABE690B17C1
Certificate serial: 0670
Authority key identifier: E2:43:F3:BE:82:55:69:BB:16:AC:B3:74:BC:98:DA:BE:69:0B:17:C1
Authority info access: rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/4kPzvoJVabsWrLN0vJjavmkLF8E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/91E868D4902B11EF87435A54C4F9AE02.roa
Signing time: Fri 28 Feb 2025 08:21:03 +0000
ROA not before: Fri 28 Feb 2025 08:21:03 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 136907
IP address blocks: 189.1.192.0/18 maxlen: 18
189.1.192.0/20 maxlen: 20
189.1.192.0/24 maxlen: 24
189.1.193.0/24 maxlen: 24
189.1.194.0/24 maxlen: 24
189.1.195.0/24 maxlen: 24
189.1.196.0/24 maxlen: 24
189.1.197.0/24 maxlen: 24
189.1.198.0/24 maxlen: 24
189.1.199.0/24 maxlen: 24
189.1.200.0/24 maxlen: 24
189.1.201.0/24 maxlen: 24
189.1.202.0/24 maxlen: 24
189.1.203.0/24 maxlen: 24
189.1.204.0/24 maxlen: 24
189.1.205.0/24 maxlen: 24
189.1.206.0/24 maxlen: 24
189.1.207.0/24 maxlen: 24
189.1.208.0/20 maxlen: 20
189.1.208.0/24 maxlen: 24
189.1.209.0/24 maxlen: 24
189.1.210.0/24 maxlen: 24
189.1.211.0/24 maxlen: 24
189.1.212.0/24 maxlen: 24
189.1.213.0/24 maxlen: 24
189.1.214.0/24 maxlen: 24
189.1.215.0/24 maxlen: 24
189.1.216.0/24 maxlen: 24
189.1.217.0/24 maxlen: 24
189.1.218.0/24 maxlen: 24
189.1.219.0/24 maxlen: 24
189.1.220.0/24 maxlen: 24
189.1.221.0/24 maxlen: 24
189.1.222.0/24 maxlen: 24
189.1.223.0/24 maxlen: 24
189.1.224.0/20 maxlen: 20
189.1.224.0/24 maxlen: 24
189.1.225.0/24 maxlen: 24
189.1.226.0/24 maxlen: 24
189.1.227.0/24 maxlen: 24
189.1.228.0/24 maxlen: 24
189.1.229.0/24 maxlen: 24
189.1.230.0/24 maxlen: 24
189.1.231.0/24 maxlen: 24
189.1.232.0/24 maxlen: 24
189.1.233.0/24 maxlen: 24
189.1.234.0/24 maxlen: 24
189.1.235.0/24 maxlen: 24
189.1.236.0/24 maxlen: 24
189.1.237.0/24 maxlen: 24
189.1.238.0/24 maxlen: 24
189.1.239.0/24 maxlen: 24
189.1.240.0/20 maxlen: 20
189.1.240.0/24 maxlen: 24
189.1.241.0/24 maxlen: 24
189.1.242.0/24 maxlen: 24
189.1.243.0/24 maxlen: 24
189.1.244.0/24 maxlen: 24
189.1.245.0/24 maxlen: 24
189.1.246.0/24 maxlen: 24
189.1.247.0/24 maxlen: 24
189.1.248.0/24 maxlen: 24
189.1.249.0/24 maxlen: 24
189.1.250.0/24 maxlen: 24
189.1.251.0/24 maxlen: 24
189.1.252.0/24 maxlen: 24
189.1.253.0/24 maxlen: 24
189.1.254.0/24 maxlen: 24
189.1.255.0/24 maxlen: 24
189.28.96.0/19 maxlen: 19
189.28.96.0/20 maxlen: 20
189.28.96.0/24 maxlen: 24
189.28.97.0/24 maxlen: 24
189.28.98.0/24 maxlen: 24
189.28.99.0/24 maxlen: 24
189.28.100.0/24 maxlen: 24
189.28.101.0/24 maxlen: 24
189.28.102.0/24 maxlen: 24
189.28.103.0/24 maxlen: 24
189.28.104.0/24 maxlen: 24
189.28.105.0/24 maxlen: 24
189.28.106.0/24 maxlen: 24
189.28.107.0/24 maxlen: 24
189.28.108.0/24 maxlen: 24
189.28.109.0/24 maxlen: 24
189.28.110.0/24 maxlen: 24
189.28.111.0/24 maxlen: 24
189.28.112.0/20 maxlen: 20
189.28.112.0/24 maxlen: 24
189.28.113.0/24 maxlen: 24
189.28.114.0/24 maxlen: 24
189.28.115.0/24 maxlen: 24
189.28.116.0/24 maxlen: 24
189.28.117.0/24 maxlen: 24
189.28.118.0/24 maxlen: 24
189.28.119.0/24 maxlen: 24
189.28.120.0/24 maxlen: 24
189.28.121.0/24 maxlen: 24
189.28.122.0/24 maxlen: 24
189.28.123.0/24 maxlen: 24
189.28.124.0/24 maxlen: 24
189.28.125.0/24 maxlen: 24
189.28.126.0/24 maxlen: 24
189.28.127.0/24 maxlen: 24
190.92.192.0/19 maxlen: 24
190.92.224.0/19 maxlen: 19
190.92.224.0/24 maxlen: 24
190.92.225.0/24 maxlen: 24
190.92.226.0/24 maxlen: 24
190.92.227.0/24 maxlen: 24
190.92.228.0/24 maxlen: 24
190.92.229.0/24 maxlen: 24
190.92.230.0/24 maxlen: 24
190.92.231.0/24 maxlen: 24
190.92.232.0/24 maxlen: 24
190.92.233.0/24 maxlen: 24
190.92.234.0/24 maxlen: 24
190.92.235.0/24 maxlen: 24
190.92.236.0/24 maxlen: 24
190.92.237.0/24 maxlen: 24
190.92.238.0/24 maxlen: 24
190.92.239.0/24 maxlen: 24
190.92.240.0/24 maxlen: 24
190.92.241.0/24 maxlen: 24
190.92.242.0/24 maxlen: 24
190.92.243.0/24 maxlen: 24
190.92.244.0/24 maxlen: 24
190.92.245.0/24 maxlen: 24
190.92.246.0/24 maxlen: 24
190.92.247.0/24 maxlen: 24
190.92.248.0/24 maxlen: 24
190.92.249.0/24 maxlen: 24
190.92.250.0/24 maxlen: 24
190.92.251.0/24 maxlen: 24
190.92.252.0/24 maxlen: 24
190.92.253.0/24 maxlen: 24
190.92.254.0/24 maxlen: 24
190.92.255.0/24 maxlen: 24
201.77.32.0/20 maxlen: 20
201.77.32.0/24 maxlen: 24
201.77.33.0/24 maxlen: 24
201.77.34.0/24 maxlen: 24
201.77.35.0/24 maxlen: 24
201.77.36.0/24 maxlen: 24
201.77.37.0/24 maxlen: 24
201.77.38.0/24 maxlen: 24
201.77.39.0/24 maxlen: 24
201.77.40.0/24 maxlen: 24
201.77.41.0/24 maxlen: 24
201.77.42.0/24 maxlen: 24
201.77.43.0/24 maxlen: 24
201.77.44.0/24 maxlen: 24
201.77.45.0/24 maxlen: 24
201.77.46.0/24 maxlen: 24
201.77.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1648 (0x670)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E678
Validity
Not Before: Feb 28 08:21:03 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67c171ef-bdf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4c:a4:12:ba:9a:4d:9c:2d:5a:71:7c:d3:d2:
26:a3:39:7b:d6:e7:1d:a3:64:27:01:c9:b7:b2:1e:
c0:cf:f7:ba:d7:37:9b:4e:62:71:b9:dd:87:5d:ac:
49:5d:d4:71:9c:c9:77:70:5d:7b:b9:b7:74:a6:c7:
38:1c:de:17:a2:ef:a4:ab:3e:1d:bd:2d:65:b6:ff:
fe:65:a2:c8:c5:de:08:36:f9:c1:ce:8a:98:e9:96:
47:6a:93:e9:ec:e2:ce:f2:76:c8:54:01:83:e9:05:
a0:8a:55:97:2e:df:60:f0:89:3c:78:3c:97:38:83:
49:ca:80:5c:bc:02:4a:06:35:37:53:4c:96:a4:ba:
9b:2b:bf:90:ac:69:13:d0:de:c5:b5:0a:2e:21:cb:
fc:68:63:3c:64:dd:d7:5e:1a:61:ee:d0:3e:47:f5:
fc:aa:37:2e:68:b8:f8:a5:9d:39:27:dd:9e:26:25:
89:37:b6:4e:d9:92:2a:30:64:b0:a6:3f:5c:bf:91:
ec:b7:99:f4:0d:01:36:97:24:07:0d:34:ba:6b:31:
46:bf:2b:6a:17:79:ff:30:d9:71:c3:5e:d5:34:67:
02:a1:e6:1c:55:47:d2:b0:42:99:02:c5:66:39:66:
e7:e9:60:d1:52:af:ab:44:50:0e:55:8a:b1:59:32:
4c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:C8:2E:6B:8E:BF:DC:21:67:12:6F:C3:FC:EF:2C:2B:CC:D7:FE:2F
X509v3 Authority Key Identifier:
keyid:E2:43:F3:BE:82:55:69:BB:16:AC:B3:74:BC:98:DA:BE:69:0B:17:C1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/4kPzvoJVabsWrLN0vJjavmkLF8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/4kPzvoJVabsWrLN0vJjavmkLF8E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/91E868D4902B11EF87435A54C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
189.1.192.0/18
189.28.96.0/19
190.92.192.0/18
201.77.32.0/20
Signature Algorithm: sha256WithRSAEncryption
79:d2:ff:97:de:a2:78:cd:70:f5:c6:1e:48:42:d3:9d:29:4d:
21:fb:46:b7:0e:64:72:68:23:a2:85:35:4b:be:8e:d6:11:29:
4f:f2:a1:e4:a9:b3:dd:e9:81:74:f1:a8:89:ef:68:03:0e:6a:
23:10:0c:e3:0c:d8:47:e8:6d:59:55:d1:98:ac:c1:9c:f7:f5:
a8:05:0e:4d:2a:b5:e9:22:fd:c0:8d:ea:c7:4d:49:6f:42:df:
04:56:93:35:69:4a:9c:31:68:c0:76:07:ff:76:e1:22:31:78:
9f:d8:27:3d:f0:80:c9:91:72:7f:6e:14:a3:ca:ee:41:b5:00:
48:5c:a9:41:57:f9:ae:bf:11:22:10:4d:98:c4:c3:8b:19:6d:
fb:b2:bb:73:1a:21:2f:4b:0b:6a:71:58:f7:86:bd:47:ca:8a:
8f:5e:06:00:42:27:86:e6:d6:17:ca:2c:11:61:5d:dd:fa:64:
7f:59:21:00:a1:7c:11:16:01:03:57:8b:d5:68:d3:a2:85:74:
d0:10:9e:e8:f3:67:e2:6d:4d:9a:1c:93:69:af:c9:5b:81:90:
5f:cd:ff:30:ba:f0:5f:9c:5e:b3:90:81:26:65:85:42:78:51:
e9:89:7a:a0:0b:e2:8f:54:92:a8:70:27:f5:c3:9a:30:3d:11:
82:c5:10:2a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBnAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0U2NzgxMTAvBgNVBAUTKEUyNDNGM0JFODI1NTY5QkIxNkFDQjM3NEJDOThEQUJF
NjkwQjE3QzEwHhcNMjUwMjI4MDgyMTAzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MxNzFlZi1iZGY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAykykErqaTZwtWnF809Imozl71ucdo2QnAcm3sh7Az/e61zebTmJxud2HXaxJ
XdRxnMl3cF17ubd0psc4HN4Xou+kqz4dvS1ltv/+ZaLIxd4INvnBzoqY6ZZHapPp
7OLO8nbIVAGD6QWgilWXLt9g8Ik8eDyXOINJyoBcvAJKBjU3U0yWpLqbK7+QrGkT
0N7FtQouIcv8aGM8ZN3XXhph7tA+R/X8qjcuaLj4pZ05J92eJiWJN7ZO2ZIqMGSw
pj9cv5Hst5n0DQE2lyQHDTS6azFGvytqF3n/MNlxw17VNGcCoeYcVUfSsEKZAsVm
OWbn6WDRUq+rRFAOVYqxWTJMpwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFN3ILmuO
v9whZxJvw/zvLCvM1/4vMB8GA1UdIwQYMBaAFOJD876CVWm7FqyzdLyY2r5pCxfB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC9CODk3QzU4MkEx
OUMxMUVCOTJBMkRGMjlDNEY5QUUwMi80a1B6dm9KVmFic1dyTE4wdkpqYXZta0xG
OEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I0QTFCRUE2MUQ2NjExRTJCMkNEOEI3Qzcy
RkQxRkYyLzRrUHp2b0pWYWJzV3JMTjB2Smphdm1rTEY4RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0U2NzgvQjg5N0M1ODJBMTlDMTFFQjkyQTJERjI5QzRGOUFFMDIvOTFFODY4RDQ5
MDJCMTFFRjg3NDM1QTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAa9AcADBAW9HGADBAa+XMADBATJTSAwDQYJKoZIhvcNAQEL
BQADggEBAHnS/5feonjNcPXGHkhC050pTSH7RrcOZHJoI6KFNUu+jtYRKU/yoeSp
s93pgXTxqInvaAMOaiMQDOMM2EfobVlV0ZiswZz39agFDk0qteki/cCN6sdNSW9C
3wRWkzVpSpwxaMB2B/924SIxeJ/YJz3wgMmRcn9uFKPK7kG1AEhcqUFX+a6/ESIQ
TZjEw4sZbfuyu3MaIS9LC2pxWPeGvUfKio9eBgBCJ4bm1hfKLBFhXd36ZH9ZIQCh
fBEWAQNXi9Vo06KFdNAQnujzZ+JtTZock2mvyVuBkF/N/zC68F+cXrOQgSZlhUJ4
UemJeqAL4o9UkqhwJ/XDmjA9EYLFECo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:22:36 2025 by rpki-client