Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/C654C6869F1C11EEB377E239C4F9AE02.roa
File: C654C6869F1C11EEB377E239C4F9AE02.roa (raw, json)
Hash identifier: 5GewRvUgDB6rcXNpXbxI+RsMmEZ6AmWtSegm+so4e0M=
Subject key identifier: 90:4F:63:1D:A4:AB:ED:BF:36:04:78:32:10:9C:2C:01:E8:31:CA:BA
Certificate issuer: /CN=A918C661/serialNumber=8BF7E2930CFC6EEB916E7390F893E0100BA93B32
Certificate serial: 0998
Authority key identifier: 8B:F7:E2:93:0C:FC:6E:EB:91:6E:73:90:F8:93:E0:10:0B:A9:3B:32
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i_fikwz8buuRbnOQ-JPgEAupOzI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/C654C6869F1C11EEB377E239C4F9AE02.roa
Signing time: Wed 06 Nov 2024 20:09:46 +0000
ROA not before: Wed 06 Nov 2024 20:09:46 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 138195
IP address blocks: 137.220.130.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2456 (0x998)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C661
Validity
Not Before: Nov 6 20:09:46 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=672bcd0a-5030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:02:ad:28:19:71:70:a6:64:12:98:03:60:21:
98:ba:f7:ae:0a:7b:fd:3d:8e:d2:83:78:ae:d3:e5:
68:88:49:2d:44:d2:d6:cf:35:c8:8e:9e:e6:2d:97:
cb:23:c8:21:50:70:44:a8:5f:ef:79:b5:9e:34:93:
f3:b5:e2:0f:8e:ff:a1:3e:1a:70:08:93:80:7e:fb:
e0:c8:ba:15:77:cd:22:17:55:0e:b0:7b:28:a1:35:
54:8a:67:05:c0:12:39:67:03:7f:90:7d:44:bf:ff:
5e:27:d1:01:13:6b:08:85:a6:15:35:88:d3:b3:9a:
08:c3:7d:97:8a:e4:c3:a0:1f:73:43:c4:bc:57:f9:
6c:0a:99:ce:c8:38:ff:c6:8c:95:5b:a3:75:3a:61:
4f:91:14:c1:1b:a8:c1:b1:11:45:c6:05:b4:6a:d3:
4a:15:ae:8e:a7:9c:1b:51:f2:28:ef:82:5b:f3:5e:
01:84:2a:99:17:7b:e8:51:b4:2c:41:7f:af:67:9b:
53:df:22:96:5b:91:2b:9b:1a:85:02:f4:3e:46:6e:
ef:7b:0a:4c:69:04:af:a0:0b:62:e0:76:bb:ff:f4:
40:4d:5c:cb:8e:44:2e:75:99:9e:c4:d6:67:51:4a:
b1:d3:ac:10:db:c8:c1:5a:92:85:d6:15:86:eb:63:
ca:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:4F:63:1D:A4:AB:ED:BF:36:04:78:32:10:9C:2C:01:E8:31:CA:BA
X509v3 Authority Key Identifier:
keyid:8B:F7:E2:93:0C:FC:6E:EB:91:6E:73:90:F8:93:E0:10:0B:A9:3B:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/i_fikwz8buuRbnOQ-JPgEAupOzI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i_fikwz8buuRbnOQ-JPgEAupOzI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/C654C6869F1C11EEB377E239C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
137.220.130.0/24
Signature Algorithm: sha256WithRSAEncryption
61:95:0b:6b:1a:c6:69:d8:c9:91:61:c2:a2:57:97:17:cb:28:
75:b3:d2:26:b6:21:c8:60:67:35:28:c7:58:bf:1d:e6:54:2a:
13:1b:09:d1:24:10:94:e8:18:c2:4b:8b:96:a5:c4:0d:ec:52:
87:1c:b5:b0:89:10:bd:3e:37:78:ba:cb:e1:1d:97:3f:e1:7e:
3d:da:51:db:48:80:ba:c4:13:ad:ab:31:78:bc:92:10:c4:59:
84:d0:59:99:f3:b6:cf:db:ca:0e:33:bf:30:3e:0a:40:c6:e1:
0d:07:bd:dd:25:9e:4c:64:95:20:f8:06:4c:22:ec:24:79:28:
27:9e:2c:9f:1d:12:96:56:69:ab:7f:99:3f:37:29:a8:f0:3b:
53:c4:d8:40:dd:89:81:ad:b3:d2:50:1f:ca:4f:b7:0a:f7:f9:
8e:78:7d:e3:c1:48:66:ad:83:2c:1f:33:ac:34:80:d4:8f:aa:
98:b2:1e:a2:08:b9:5e:40:2d:c2:30:6b:a3:95:23:82:93:c6:
cf:7c:46:24:ec:92:82:32:4a:db:c7:bd:49:09:e7:56:f5:82:
6f:b0:07:37:6a:8d:91:a2:62:13:56:1c:77:2a:e7:ba:7b:e3:
48:01:f0:ff:fe:e2:e2:ba:0b:81:28:42:67:07:c0:20:74:9a:
f2:7b:ee:8f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCZgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEM2NjExMTAvBgNVBAUTKDhCRjdFMjkzMENGQzZFRUI5MTZFNzM5MEY4OTNFMDEw
MEJBOTNCMzIwHhcNMjQxMTA2MjAwOTQ2WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJiY2QwYS01MDMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAogKtKBlxcKZkEpgDYCGYuveuCnv9PY7Sg3iu0+VoiEktRNLWzzXIjp7mLZfL
I8ghUHBEqF/vebWeNJPzteIPjv+hPhpwCJOAfvvgyLoVd80iF1UOsHsooTVUimcF
wBI5ZwN/kH1Ev/9eJ9EBE2sIhaYVNYjTs5oIw32XiuTDoB9zQ8S8V/lsCpnOyDj/
xoyVW6N1OmFPkRTBG6jBsRFFxgW0atNKFa6Op5wbUfIo74Jb814BhCqZF3voUbQs
QX+vZ5tT3yKWW5ErmxqFAvQ+Rm7vewpMaQSvoAti4Ha7//RATVzLjkQudZmexNZn
UUqx06wQ28jBWpKF1hWG62PKRQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJBPYx2k
q+2/NgR4MhCcLAHoMcq6MB8GA1UdIwQYMBaAFIv34pMM/G7rkW5zkPiT4BALqTsy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzY2MS8wNEFBQjI5RTgz
NkQxMUVBQjRBMkQ3NkRDNEY5QUUwMi9pX2Zpa3d6OGJ1dVJibk9RLUpQZ0VBdXBP
ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lfZmlrd3o4YnV1UmJuT1EtSlBnRUF1cE96SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEM2NjEvMDRBQUIyOUU4MzZEMTFFQUI0QTJENzZEQzRGOUFFMDIvQzY1NEM2ODY5
RjFDMTFFRUIzNzdFMjM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACJ3IIwDQYJKoZIhvcNAQELBQADggEBAGGVC2saxmnYyZFh
wqJXlxfLKHWz0ia2IchgZzUox1i/HeZUKhMbCdEkEJToGMJLi5alxA3sUocctbCJ
EL0+N3i6y+Edlz/hfj3aUdtIgLrEE62rMXi8khDEWYTQWZnzts/byg4zvzA+CkDG
4Q0Hvd0lnkxklSD4Bkwi7CR5KCeeLJ8dEpZWaat/mT83KajwO1PE2EDdiYGts9JQ
H8pPtwr3+Y54fePBSGatgywfM6w0gNSPqpiyHqIIuV5ALcIwa6OVI4KTxs98RiTs
koIyStvHvUkJ51b1gm+wBzdqjZGiYhNWHHcq57p740gB8P/+4uK6C4EoQmcHwCB0
mvJ77o8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:39:48 2025 by rpki-client