Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911EEF8/9799E6D0BBC411EFB985BE3FC4F9AE02/0EC0EC1CC71F11EF85C66E2FC4F9AE02.roa
File: 0EC0EC1CC71F11EF85C66E2FC4F9AE02.roa (raw, json)
Hash identifier: 46zNjtnLZ5ywrRRPOzjWlNv+erVogDzKd0OwWv6xC4A=
Subject key identifier: 6D:F0:1D:60:40:19:FC:FC:EE:A4:F0:0C:59:3C:1E:63:B1:B4:5B:95
Certificate issuer: /CN=A911EEF8/serialNumber=56C69305B5EBA542555D8C78C561AB7A6CD1AA2C
Certificate serial: 0F
Authority key identifier: 56:C6:93:05:B5:EB:A5:42:55:5D:8C:78:C5:61:AB:7A:6C:D1:AA:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VsaTBbXrpUJVXYx4xWGremzRqiw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911EEF8/9799E6D0BBC411EFB985BE3FC4F9AE02/0EC0EC1CC71F11EF85C66E2FC4F9AE02.roa
Signing time: Tue 31 Dec 2024 02:29:28 +0000
ROA not before: Tue 31 Dec 2024 02:29:28 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 18383
IP address blocks: 202.10.96.0/20 maxlen: 21
2403:1800::/32 maxlen: 34
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15 (0xf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911EEF8
Validity
Not Before: Dec 31 02:29:28 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67735708-b3a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:70:39:8a:ae:5c:ba:c3:ef:4c:ab:7f:03:33:
64:26:a8:71:f3:68:32:ea:3b:68:39:59:58:ea:eb:
98:77:6f:68:9d:df:9e:cd:26:e4:ce:15:6e:01:24:
61:14:ee:64:6d:da:39:b2:2b:98:99:e9:95:ec:14:
61:3d:4e:10:50:b3:47:3a:3a:9b:96:66:8c:59:c9:
52:68:c0:12:9e:81:9a:ec:45:0b:a4:04:37:67:a9:
ec:c8:76:0e:c4:da:b8:69:38:ac:d2:62:71:76:94:
f1:aa:21:83:d3:53:25:bc:7d:be:95:46:e6:7e:13:
cb:a4:11:63:43:2b:4e:5e:75:1c:4e:06:5d:c2:44:
5e:a9:33:fa:ba:a3:ff:92:a8:34:b7:71:11:7a:0b:
5e:79:3b:38:0e:c7:71:80:05:5c:5a:f9:61:9b:c7:
8e:4b:58:4d:65:40:25:e7:8f:5e:cb:4c:b5:cd:70:
64:31:08:57:02:11:4c:39:49:c2:31:e1:ce:ff:1c:
40:98:24:fd:66:39:32:21:e2:45:c8:74:d3:2f:33:
eb:99:ef:c4:38:8d:9e:32:52:e2:d3:fb:64:55:f2:
60:73:5f:15:d2:ff:92:61:97:65:8c:05:99:cd:e4:
ce:6a:02:c1:e1:5c:3f:49:7f:5c:d3:58:0b:c2:c3:
f4:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:F0:1D:60:40:19:FC:FC:EE:A4:F0:0C:59:3C:1E:63:B1:B4:5B:95
X509v3 Authority Key Identifier:
keyid:56:C6:93:05:B5:EB:A5:42:55:5D:8C:78:C5:61:AB:7A:6C:D1:AA:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911EEF8/9799E6D0BBC411EFB985BE3FC4F9AE02/VsaTBbXrpUJVXYx4xWGremzRqiw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VsaTBbXrpUJVXYx4xWGremzRqiw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911EEF8/9799E6D0BBC411EFB985BE3FC4F9AE02/0EC0EC1CC71F11EF85C66E2FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.10.96.0/20
IPv6:
2403:1800::/32
Signature Algorithm: sha256WithRSAEncryption
0b:cf:22:ea:91:66:3b:c6:cd:d8:57:a9:ca:06:b7:1c:de:84:
af:79:01:e1:96:d6:dc:9a:6a:42:5d:6b:10:0c:c4:7c:b1:71:
63:22:42:99:5d:69:0e:0c:d7:e5:2c:73:36:b9:d4:75:2d:d6:
37:c7:51:21:cc:e2:fe:9c:18:63:94:cd:38:d7:4b:6e:f9:11:
e0:c9:0c:0e:5e:5a:49:fb:6b:48:f5:ec:2e:2e:71:1a:18:ac:
86:d9:06:3c:e0:a0:bd:69:94:0b:c6:b4:ae:12:46:4e:a3:21:
e0:c3:cd:fd:01:51:49:75:55:6b:a6:6a:64:6f:4a:65:75:69:
60:3c:c0:c3:d8:b6:0d:40:e1:ad:be:ea:f7:e1:e9:1f:71:61:
97:1a:8d:00:d6:76:cb:79:52:5e:cf:f4:3c:97:45:78:d0:74:
51:92:d7:fa:b5:f6:ca:15:78:38:3f:18:ba:40:66:d0:74:fa:
08:be:6f:f5:c4:b3:65:8a:0b:04:b6:4f:97:09:f1:1f:b0:8f:
12:b8:5f:68:1a:1e:46:3b:7e:2a:ae:a6:be:2c:00:0a:e4:55:
e9:6d:70:de:5b:f9:2c:ab:f2:38:a8:9d:6a:d7:5f:8e:38:6b:
0c:4c:97:53:79:14:d5:7a:7b:d4:48:ce:b9:9a:aa:f5:41:9e:
91:60:c3:6f
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBDzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
RUVGODExMC8GA1UEBRMoNTZDNjkzMDVCNUVCQTU0MjU1NUQ4Qzc4QzU2MUFCN0E2
Q0QxQUEyQzAeFw0yNDEyMzEwMjI5MjhaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NzM1NzA4LWIzYTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFcDmKrly6w+9Mq38DM2QmqHHzaDLqO2g5WVjq65h3b2id357NJuTOFW4BJGEU
7mRt2jmyK5iZ6ZXsFGE9ThBQs0c6OpuWZoxZyVJowBKegZrsRQukBDdnqezIdg7E
2rhpOKzSYnF2lPGqIYPTUyW8fb6VRuZ+E8ukEWNDK05edRxOBl3CRF6pM/q6o/+S
qDS3cRF6C155OzgOx3GABVxa+WGbx45LWE1lQCXnj17LTLXNcGQxCFcCEUw5ScIx
4c7/HECYJP1mOTIh4kXIdNMvM+uZ78Q4jZ4yUuLT+2RV8mBzXxXS/5Jhl2WMBZnN
5M5qAsHhXD9Jf1zTWAvCw/TnAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUbfAdYEAZ
/PzupPAMWTweY7G0W5UwHwYDVR0jBBgwFoAUVsaTBbXrpUJVXYx4xWGremzRqiww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFFRUY4Lzk3OTlFNkQwQkJD
NDExRUZCOTg1QkUzRkM0RjlBRTAyL1ZzYVRCYlhycFVKVlhZeDR4V0dyZW16UnFp
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVnNhVEJiWHJwVUpWWFl4NHhXR3JlbXpScWl3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
RUVGOC85Nzk5RTZEMEJCQzQxMUVGQjk4NUJFM0ZDNEY5QUUwMi8wRUMwRUMxQ0M3
MUYxMUVGODVDNjZFMkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEBMoKYDANBAIAAjAHAwUAJAMYADANBgkqhkiG9w0BAQsFAAOC
AQEAC88i6pFmO8bN2Fepyga3HN6Er3kB4ZbW3JpqQl1rEAzEfLFxYyJCmV1pDgzX
5SxzNrnUdS3WN8dRIczi/pwYY5TNONdLbvkR4MkMDl5aSftrSPXsLi5xGhishtkG
POCgvWmUC8a0rhJGTqMh4MPN/QFRSXVVa6ZqZG9KZXVpYDzAw9i2DUDhrb7q9+Hp
H3FhlxqNANZ2y3lSXs/0PJdFeNB0UZLX+rX2yhV4OD8YukBm0HT6CL5v9cSzZYoL
BLZPlwnxH7CPErhfaBoeRjt+Kq6mviwACuRV6W1w3lv5LKvyOKidatdfjjhrDEyX
U3kU1Xp71EjOuZqq9UGekWDDbw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:43:51 2025 by rpki-client