Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/59F5C224337811EAAD3FAA39C4F9AE02.roa
File: 59F5C224337811EAAD3FAA39C4F9AE02.roa (raw, json)
Hash identifier: IT0gqa2rUcxL24HAoWNInEMWT+HFDwiq5WpDxk6Cb5w=
Subject key identifier: 80:75:3C:61:CA:3F:FC:25:E3:F3:62:9F:E9:F1:1D:FD:59:19:57:74
Certificate issuer: /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Certificate serial: 34C7
Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/59F5C224337811EAAD3FAA39C4F9AE02.roa
Signing time: Fri 24 Jan 2025 16:02:30 +0000
ROA not before: Fri 24 Jan 2025 16:02:30 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 24521
IP address blocks: 119.82.240.0/24 maxlen: 24
119.82.241.0/24 maxlen: 24
119.82.242.0/24 maxlen: 24
119.82.243.0/24 maxlen: 24
119.82.244.0/24 maxlen: 24
119.82.245.0/24 maxlen: 24
119.82.246.0/24 maxlen: 24
119.82.247.0/24 maxlen: 24
175.184.236.0/22 maxlen: 22
175.184.236.0/24 maxlen: 24
175.184.237.0/24 maxlen: 24
175.184.238.0/24 maxlen: 24
175.184.239.0/24 maxlen: 24
2403:ba00::/32 maxlen: 32
2403:ba00:2000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13511 (0x34c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186214
Validity
Not Before: Jan 24 16:02:30 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6793b996-5d8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d0:d5:81:15:ec:c8:13:04:61:e9:fa:80:b5:
5d:23:81:48:97:c3:e7:94:b1:f6:53:7e:ac:b6:96:
36:f4:9a:18:43:0f:36:bf:5d:56:53:c0:81:6d:44:
53:34:01:06:68:4d:6f:81:76:27:e3:25:b0:b3:b4:
f8:5b:ae:87:97:ff:d6:fd:00:40:c6:4d:56:cb:5f:
c6:a3:13:3d:51:6d:58:74:aa:8b:af:07:0f:5f:83:
77:25:8c:09:87:e1:ad:43:fd:19:89:98:b1:a6:99:
08:75:2b:02:b0:f1:0a:8d:c6:ce:83:57:fc:f4:d4:
15:e1:5f:ff:76:72:29:c8:5d:89:fb:33:47:38:50:
b1:f0:8d:d7:fd:d7:28:5b:c7:46:e8:bf:8b:c7:a7:
7a:9a:35:a1:36:ad:9b:e2:43:ec:27:26:83:7d:82:
03:69:9f:80:b8:a4:61:89:f9:cb:57:4e:d5:9c:d2:
fd:a1:12:2d:e7:d5:b4:3b:73:42:43:e7:66:ba:d3:
23:00:9d:5c:5a:05:09:c5:c1:7a:7b:b2:b3:ea:c4:
9e:c3:a6:a4:98:3c:29:ad:34:92:0a:55:e1:27:59:
ed:e0:4c:7a:07:a2:65:de:e0:cf:d6:41:0c:8f:08:
de:f0:1d:9c:3b:1a:1d:3a:1d:8f:ff:a7:d9:97:b9:
4a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:75:3C:61:CA:3F:FC:25:E3:F3:62:9F:E9:F1:1D:FD:59:19:57:74
X509v3 Authority Key Identifier:
keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/59F5C224337811EAAD3FAA39C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
119.82.240.0/21
175.184.236.0/22
IPv6:
2403:ba00::/32
Signature Algorithm: sha256WithRSAEncryption
65:31:01:2f:5f:91:40:03:1d:29:2d:be:bb:b9:34:f9:81:67:
3b:12:34:7e:aa:0e:2d:2e:7e:d5:63:4e:63:9e:6a:a5:84:23:
94:8a:61:86:e4:06:d4:6d:13:56:aa:e8:b2:61:e5:92:b9:e5:
aa:76:3b:af:98:13:4b:18:30:08:69:19:3e:8d:0e:39:26:6d:
38:48:2f:78:f9:c0:45:28:6a:f9:f6:da:c8:80:52:65:bf:54:
c9:dc:97:05:7c:d6:2c:01:80:f1:c4:3b:d6:a7:14:3a:f2:2c:
30:99:b7:0c:8b:a0:3c:6a:db:9b:7a:6b:a5:63:5a:31:8f:e4:
cc:c2:de:ff:2f:13:35:4f:de:07:2a:de:48:26:61:6f:eb:5c:
f1:47:e8:ca:d5:31:50:8e:76:bc:ff:d6:ef:c7:45:03:61:c9:
a2:ed:98:1c:83:04:b3:10:c7:73:85:f1:17:d4:ef:5b:b7:e2:
4f:3b:b9:00:7d:b5:8f:0f:2d:39:55:91:28:fc:53:60:1e:38:
fd:27:45:f0:16:54:b1:ab:99:3b:ad:e5:fe:a8:8f:31:bb:54:
d8:bc:44:77:5f:08:5c:eb:b6:57:a4:06:60:54:f3:df:12:d4:
62:61:79:2e:7e:3c:05:33:ce:ac:d6:e5:50:6f:de:99:0b:d7:
05:d8:11:75
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICNMcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG
QUIyNEQ3RTcwHhcNMjUwMTI0MTYwMjMwWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkzYjk5Ni01ZDhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu9DVgRXsyBMEYen6gLVdI4FIl8PnlLH2U36stpY29JoYQw82v11WU8CBbURT
NAEGaE1vgXYn4yWws7T4W66Hl//W/QBAxk1Wy1/GoxM9UW1YdKqLrwcPX4N3JYwJ
h+GtQ/0ZiZixppkIdSsCsPEKjcbOg1f89NQV4V//dnIpyF2J+zNHOFCx8I3X/dco
W8dG6L+Lx6d6mjWhNq2b4kPsJyaDfYIDaZ+AuKRhifnLV07VnNL9oRIt59W0O3NC
Q+dmutMjAJ1cWgUJxcF6e7Kz6sSew6akmDwprTSSClXhJ1nt4Ex6B6Jl3uDP1kEM
jwje8B2cOxodOh2P/6fZl7lKaQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFIB1PGHK
P/wl4/Nin+nxHf1ZGVd0MB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz
MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvNTlGNUMyMjQz
Mzc4MTFFQUFEM0ZBQTM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAN3UvADBAKvuOwwDQQCAAIwBwMFACQDugAwDQYJKoZIhvcN
AQELBQADggEBAGUxAS9fkUADHSktvru5NPmBZzsSNH6qDi0uftVjTmOeaqWEI5SK
YYbkBtRtE1aq6LJh5ZK55ap2O6+YE0sYMAhpGT6NDjkmbThIL3j5wEUoavn22siA
UmW/VMnclwV81iwBgPHEO9anFDryLDCZtwyLoDxq25t6a6VjWjGP5MzC3v8vEzVP
3gcq3kgmYW/rXPFH6MrVMVCOdrz/1u/HRQNhyaLtmByDBLMQx3OF8RfU71u34k87
uQB9tY8PLTlVkSj8U2AeOP0nRfAWVLGrmTut5f6ojzG7VNi8RHdfCFzrtlekBmBU
898S1GJheS5+PAUzzqzW5VBv3pkL1wXYEXU=
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:58:44 2025 by rpki-client