Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91262F0/33AD0A62A30C11EDB3388C0CC4F9AE02/8E412748A33311EDA2CB2420C4F9AE02.roa
File: 8E412748A33311EDA2CB2420C4F9AE02.roa (raw, json)
Hash identifier: VYee2tDfZOJDgRSyvh9847Isyru0Slu6wYlhlW9JZCM=
Subject key identifier: 1C:CE:46:EA:1C:E0:1A:10:82:14:0B:B9:33:4F:5F:36:A3:E3:9D:1E
Certificate issuer: /CN=A91262F0/serialNumber=FC4AE7D9E3F419A7D204A54C79D1F3EFA9A7D6C8
Certificate serial: 014D
Authority key identifier: FC:4A:E7:D9:E3:F4:19:A7:D2:04:A5:4C:79:D1:F3:EF:A9:A7:D6:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_Ern2eP0GafSBKVMedHz76mn1sg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91262F0/33AD0A62A30C11EDB3388C0CC4F9AE02/8E412748A33311EDA2CB2420C4F9AE02.roa
Signing time: Sun 03 Nov 2024 02:36:33 +0000
ROA not before: Sun 03 Nov 2024 02:36:33 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 17539
IP address blocks: 58.84.28.0/24 maxlen: 24
58.84.29.0/24 maxlen: 24
58.84.30.0/24 maxlen: 24
58.84.31.0/24 maxlen: 24
103.197.44.0/24 maxlen: 24
103.197.45.0/24 maxlen: 24
103.197.46.0/24 maxlen: 24
103.197.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 333 (0x14d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91262F0
Validity
Not Before: Nov 3 02:36:33 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6726e1b1-2228
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:87:60:1c:a8:ed:f3:79:3c:19:d1:bd:95:44:
28:b7:e2:ed:93:b6:1e:dc:c1:79:8f:6a:b7:cc:2a:
38:6b:2d:c8:45:51:de:e3:3a:67:39:b2:ad:9f:5b:
cc:d5:a5:45:de:9e:7e:8e:e5:e1:43:38:29:db:97:
41:61:07:ac:4b:c8:53:fd:d6:3a:e6:0e:42:ce:c3:
88:e2:e8:bd:39:30:68:0a:c7:d9:c1:86:45:cd:ce:
88:a3:ab:f5:5d:c2:1b:12:d7:e1:66:a5:49:02:43:
8a:5f:85:17:ea:b4:39:29:ec:72:b4:e7:af:3d:b3:
76:58:98:57:d7:e2:75:83:60:ab:fd:99:ae:58:21:
fb:77:fd:82:2c:f6:2c:bc:f7:c9:0c:3e:ba:32:87:
2a:39:8c:85:4c:49:67:55:1e:d2:1a:c5:b0:b3:df:
23:3e:6b:d9:1c:2c:4f:1b:e5:2c:57:bf:62:cb:a9:
1b:c8:98:70:e2:ca:c3:a7:5b:68:48:72:10:e4:87:
f9:24:00:0b:1e:26:a5:21:9d:87:3e:7a:b9:9b:2a:
6c:51:ed:1a:f2:62:c6:e5:45:74:d6:8d:97:8a:24:
a1:6e:a4:37:85:ce:66:dc:41:9a:eb:10:ab:ab:79:
6b:8e:b0:2c:8a:7d:6f:ff:d9:b4:82:b5:32:6c:f9:
4d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:CE:46:EA:1C:E0:1A:10:82:14:0B:B9:33:4F:5F:36:A3:E3:9D:1E
X509v3 Authority Key Identifier:
keyid:FC:4A:E7:D9:E3:F4:19:A7:D2:04:A5:4C:79:D1:F3:EF:A9:A7:D6:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91262F0/33AD0A62A30C11EDB3388C0CC4F9AE02/_Ern2eP0GafSBKVMedHz76mn1sg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_Ern2eP0GafSBKVMedHz76mn1sg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91262F0/33AD0A62A30C11EDB3388C0CC4F9AE02/8E412748A33311EDA2CB2420C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.84.28.0/22
103.197.44.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:cb:df:56:7e:85:c7:63:cd:d4:10:62:71:d3:8b:6d:1b:a1:
68:62:f1:55:57:00:46:70:d8:0d:e5:0c:a8:4b:6a:9d:5f:5d:
2c:a2:2e:4d:73:44:e9:bb:f4:a1:98:b1:2b:3d:14:b3:e0:47:
bb:19:e7:29:94:b0:69:36:ea:e2:8d:16:bf:14:63:4c:46:0f:
4f:73:cc:fa:0f:da:59:97:d5:26:48:9e:3d:fb:ed:2e:e3:b8:
e0:cd:b2:17:b8:8c:e6:33:d6:55:8a:e5:8d:5b:c5:14:4d:5f:
c8:23:02:df:51:2d:20:57:55:de:e7:e9:6c:9d:c2:45:8c:d2:
16:2e:b2:c0:c6:9b:a4:60:79:cc:13:5d:bf:da:6a:64:81:0e:
d8:f5:98:2d:19:e7:22:8f:c5:14:e1:e2:52:d9:59:97:11:c6:
72:c9:61:d2:9b:b4:81:df:08:7d:c8:e9:50:8a:b6:a1:da:2c:
e1:fa:ba:e1:39:34:08:90:b2:29:5a:1b:74:e0:28:98:61:a7:
28:0b:dd:a5:b5:3c:8a:81:f3:f8:84:03:a2:82:82:62:d5:d9:
fb:53:94:68:d3:de:20:18:83:45:09:09:53:44:c3:de:f3:2d:
92:bc:bf:4d:d2:8e:8e:bc:7d:85:3c:00:51:35:22:c9:e9:a4:
28:b6:e1:7c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAU0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjYyRjAxMTAvBgNVBAUTKEZDNEFFN0Q5RTNGNDE5QTdEMjA0QTU0Qzc5RDFGM0VG
QTlBN0Q2QzgwHhcNMjQxMTAzMDIzNjMzWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI2ZTFiMS0yMjI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoodgHKjt83k8GdG9lUQot+Ltk7Ye3MF5j2q3zCo4ay3IRVHe4zpnObKtn1vM
1aVF3p5+juXhQzgp25dBYQesS8hT/dY65g5CzsOI4ui9OTBoCsfZwYZFzc6Io6v1
XcIbEtfhZqVJAkOKX4UX6rQ5KexytOevPbN2WJhX1+J1g2Cr/ZmuWCH7d/2CLPYs
vPfJDD66MocqOYyFTElnVR7SGsWws98jPmvZHCxPG+UsV79iy6kbyJhw4srDp1to
SHIQ5If5JAALHialIZ2HPnq5mypsUe0a8mLG5UV01o2XiiShbqQ3hc5m3EGa6xCr
q3lrjrAsin1v/9m0grUybPlNpQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBzORuoc
4BoQghQLuTNPXzaj450eMB8GA1UdIwQYMBaAFPxK59nj9Bmn0gSlTHnR8++pp9bI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNjJGMC8zM0FEMEE2MkEz
MEMxMUVEQjMzODhDMENDNEY5QUUwMi9fRXJuMmVQMEdhZlNCS1ZNZWRIejc2bW4x
c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19Fcm4yZVAwR2FmU0JLVk1lZEh6NzZtbjFzZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjYyRjAvMzNBRDBBNjJBMzBDMTFFREIzMzg4QzBDQzRGOUFFMDIvOEU0MTI3NDhB
MzMzMTFFREEyQ0IyNDIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAI6VBwDBAJnxSwwDQYJKoZIhvcNAQELBQADggEBAC/L31Z+
hcdjzdQQYnHTi20boWhi8VVXAEZw2A3lDKhLap1fXSyiLk1zROm79KGYsSs9FLPg
R7sZ5ymUsGk26uKNFr8UY0xGD09zzPoP2lmX1SZInj377S7juODNshe4jOYz1lWK
5Y1bxRRNX8gjAt9RLSBXVd7n6WydwkWM0hYussDGm6RgecwTXb/aamSBDtj1mC0Z
5yKPxRTh4lLZWZcRxnLJYdKbtIHfCH3I6VCKtqHaLOH6uuE5NAiQsilaG3TgKJhh
pygL3aW1PIqB8/iEA6KCgmLV2ftTlGjT3iAYg0UJCVNEw97zLZK8v03Sjo68fYU8
AFE1IsnppCi24Xw=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:33:07 2025 by rpki-client