Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/11B89CEEF4E211EF9C6B0B6CC4F9AE02.roa
File: 11B89CEEF4E211EF9C6B0B6CC4F9AE02.roa (raw, json)
Hash identifier: Es+bmfJ5pTjrMNERHWGwGLb3uGbWQIbfL6Htrhgv+hE=
Subject key identifier: AF:18:7F:CB:0C:49:D6:98:87:75:A6:31:E9:72:F8:EB:EF:95:DE:99
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0F36
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/11B89CEEF4E211EF9C6B0B6CC4F9AE02.roa
Signing time: Thu 27 Feb 2025 08:08:47 +0000
ROA not before: Thu 27 Feb 2025 08:08:47 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 139.190.11.0/24 maxlen: 24
139.190.14.0/24 maxlen: 24
139.190.32.0/24 maxlen: 24
139.190.33.0/24 maxlen: 24
139.190.34.0/24 maxlen: 24
139.190.36.0/22 maxlen: 24
139.190.49.0/24 maxlen: 24
139.190.69.0/24 maxlen: 24
139.190.70.0/24 maxlen: 24
139.190.71.0/24 maxlen: 24
139.190.88.0/21 maxlen: 21
139.190.124.0/22 maxlen: 22
139.190.239.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3894 (0xf36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Feb 27 08:08:47 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67c01d8f-6cd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1d:46:bd:5e:90:86:62:c9:f7:a8:b9:0b:b7:
1e:82:8b:3b:25:ef:e1:85:ca:db:a1:12:23:ad:9f:
1b:ef:c6:dc:77:d0:b7:bb:e9:9e:f4:99:59:59:02:
36:f6:0c:ce:ac:b9:05:0f:24:7b:33:b3:97:3b:07:
29:66:e1:6c:db:3d:b4:60:38:13:22:2e:3e:db:03:
59:40:ee:68:1a:33:cf:a0:79:13:b7:a4:0d:76:26:
6a:c2:d9:6b:87:97:11:19:3b:f0:55:7f:d1:19:08:
18:72:7b:18:07:af:d9:05:90:5c:fc:3e:69:3a:9e:
2d:e1:03:76:f0:99:0d:5f:6d:20:d2:b6:67:85:83:
4e:53:1c:4c:ce:1c:e9:fd:8a:b2:98:d2:da:97:86:
d5:c2:6e:ab:03:68:88:e1:e7:38:31:05:f5:eb:a6:
63:7a:14:fd:fd:ea:86:7e:46:24:2d:32:e2:3c:0a:
ee:aa:40:87:be:5f:15:fb:c1:28:78:e7:4f:63:af:
d2:1c:79:d5:39:3a:92:ee:04:04:4e:82:94:ec:b9:
50:af:38:f5:54:69:85:f1:00:9e:c2:bb:36:0f:08:
d6:7a:1c:9a:2c:0c:0e:b4:90:2e:1b:62:27:a2:91:
5a:ad:4d:27:4b:fc:66:c4:26:43:2c:f4:5e:3f:92:
59:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:18:7F:CB:0C:49:D6:98:87:75:A6:31:E9:72:F8:EB:EF:95:DE:99
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/11B89CEEF4E211EF9C6B0B6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.11.0/24
139.190.14.0/24
139.190.32.0-139.190.34.255
139.190.36.0/22
139.190.49.0/24
139.190.69.0-139.190.71.255
139.190.88.0/21
139.190.124.0/22
139.190.239.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:9f:ca:5c:2e:25:36:68:8d:5d:f0:ee:f7:29:93:2f:51:a5:
46:d7:dc:de:b5:ea:ee:c6:cd:e7:cc:4c:b7:90:9e:14:31:c0:
f9:cd:d6:cf:0a:9b:4d:55:53:76:b7:c3:d0:b7:88:36:46:36:
25:93:40:60:f4:9b:3d:2b:91:ca:fa:97:9a:50:b5:8b:43:70:
6c:5a:a9:06:50:53:4c:02:fd:e7:a2:0d:ef:1b:04:8d:7e:7c:
31:92:77:3f:a5:a6:76:f5:3b:a4:9f:3d:08:eb:49:6e:b8:6e:
4c:b7:63:b0:ac:63:7f:2f:02:df:6d:ab:e1:aa:d3:67:91:63:
b1:66:cf:ad:8a:bb:0d:ac:c8:0c:7a:e3:0a:bf:d9:d1:f7:36:
9d:72:13:02:0c:c9:ac:80:23:9a:bf:d8:b4:61:d9:c6:ca:cb:
87:b6:61:a6:fa:ad:f0:fd:68:e8:a6:c9:c7:ed:74:1d:8a:2f:
ce:9e:a5:a0:e5:27:84:e5:16:79:6b:49:14:02:f1:04:06:68:
a2:fb:f2:cd:5e:69:57:6b:75:53:1a:47:16:de:d5:ab:63:26:
06:c6:18:f3:b5:3f:16:80:86:16:2f:ff:d2:9d:1e:8b:7c:6a:
13:d2:dc:9f:7b:1b:1e:31:a5:8b:3e:17:71:1c:96:ff:7a:d9:
b5:ba:e1:06
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgICDzYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwMjI3MDgwODQ3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MwMWQ4Zi02Y2Q5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxh1GvV6QhmLJ96i5C7cegos7Je/hhcrboRIjrZ8b78bcd9C3u+me9JlZWQI2
9gzOrLkFDyR7M7OXOwcpZuFs2z20YDgTIi4+2wNZQO5oGjPPoHkTt6QNdiZqwtlr
h5cRGTvwVX/RGQgYcnsYB6/ZBZBc/D5pOp4t4QN28JkNX20g0rZnhYNOUxxMzhzp
/YqymNLal4bVwm6rA2iI4ec4MQX166ZjehT9/eqGfkYkLTLiPAruqkCHvl8V+8Eo
eOdPY6/SHHnVOTqS7gQEToKU7LlQrzj1VGmF8QCewrs2DwjWehyaLAwOtJAuG2In
opFarU0nS/xmxCZDLPReP5JZeQIDAQABo4IC1TCCAtEwHQYDVR0OBBYEFK8Yf8sM
SdaYh3WmMely+Ovvld6ZMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMTFCODlDRUVG
NEUyMTFFRjlDNkIwQjZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXwYIKwYBBQUHAQcBAf8E
UDBOMEwEAgABMEYDBACLvgsDBACLvg4wDAMEBYu+IAMEAIu+IgMEAou+JAMEAIu+
MTAMAwQAi75FAwQDi75AAwQDi75YAwQCi758AwQAi77vMA0GCSqGSIb3DQEBCwUA
A4IBAQC8n8pcLiU2aI1d8O73KZMvUaVG19zeteruxs3nzEy3kJ4UMcD5zdbPCptN
VVN2t8PQt4g2RjYlk0Bg9Js9K5HK+peaULWLQ3BsWqkGUFNMAv3nog3vGwSNfnwx
knc/paZ29Tuknz0I60luuG5Mt2OwrGN/LwLfbavhqtNnkWOxZs+tirsNrMgMeuMK
v9nR9zadchMCDMmsgCOav9i0YdnGysuHtmGm+q3w/WjopsnH7XQdii/OnqWg5SeE
5RZ5a0kUAvEEBmii+/LNXmlXa3VTGkcW3tWrYyYGxhjztT8WgIYWL//SnR6LfGoT
0tyfexseMaWLPhdxHJb/etm1uuEG
-----END CERTIFICATE-----
Generated at Sat Mar 8 03:34:50 2025 by rpki-client on console.sobornost.net