Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912F535/69A58078BA6611EEBC39626EC4F9AE02/EB3C8154EC3911EE98E62214C4F9AE02.roa
File: EB3C8154EC3911EE98E62214C4F9AE02.roa (raw, json)
Hash identifier: vihfleeETh6RhPkPr9fPr5Gym7kQ9gHXsPSD/cQHxVc=
Subject key identifier: 4B:4B:82:10:42:2B:3F:85:28:14:DE:F5:27:67:3C:30:F2:24:3B:04
Certificate issuer: /CN=A912F535/serialNumber=D48CED18F68CA226983F9F999A140636275B6A55
Certificate serial: 4E
Authority key identifier: D4:8C:ED:18:F6:8C:A2:26:98:3F:9F:99:9A:14:06:36:27:5B:6A:55
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1IztGPaMoiaYP5-ZmhQGNidbalU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912F535/69A58078BA6611EEBC39626EC4F9AE02/EB3C8154EC3911EE98E62214C4F9AE02.roa
Signing time: Wed 15 May 2024 08:43:09 +0000
ROA not before: Wed 15 May 2024 08:43:09 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 139659
IP address blocks: 43.224.224.0/22 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78 (0x4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912F535
Validity
Not Before: May 15 08:43:09 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6644759d-3b29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ef:a3:2a:27:97:f8:d5:0d:9f:c9:46:99:76:
da:a2:c6:fa:78:27:41:bc:f5:de:88:91:eb:bf:2c:
46:54:dd:84:39:b1:dc:a8:8e:7f:76:49:58:29:d9:
ba:07:e2:cb:2d:90:3f:cf:ab:cd:1f:39:18:8b:cf:
8c:ac:ed:8e:35:65:8d:eb:29:b1:bb:57:c0:26:a7:
c7:0e:03:59:95:0c:7c:4b:0d:04:cd:08:1c:e5:72:
8e:e2:5d:12:57:93:77:73:b2:5c:c5:ae:19:5e:53:
b6:6f:c8:d5:f6:90:db:2f:af:e6:93:15:a5:8b:84:
fb:6e:16:a2:be:be:1b:06:08:31:dc:67:ec:14:a5:
1a:33:d5:c4:15:d0:e7:f8:bc:b7:f3:72:10:a4:c1:
5a:85:a5:a8:5c:0e:6e:81:1e:ae:9e:5b:6b:34:c2:
94:4d:06:21:13:d0:42:b5:44:72:4b:7f:4d:e8:11:
c8:ea:34:26:f1:2c:67:85:0f:f3:0f:04:19:71:59:
90:d8:a9:8a:4c:04:a3:06:83:01:32:fe:e9:91:4e:
91:3e:0b:4f:2e:e3:69:d0:4e:28:b1:72:3a:86:5b:
97:83:98:a1:d5:28:ff:01:5b:a1:b0:c4:cf:7c:24:
a6:87:73:61:94:b6:1b:f9:55:70:c9:87:26:60:ae:
48:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:4B:82:10:42:2B:3F:85:28:14:DE:F5:27:67:3C:30:F2:24:3B:04
X509v3 Authority Key Identifier:
keyid:D4:8C:ED:18:F6:8C:A2:26:98:3F:9F:99:9A:14:06:36:27:5B:6A:55
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912F535/69A58078BA6611EEBC39626EC4F9AE02/1IztGPaMoiaYP5-ZmhQGNidbalU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1IztGPaMoiaYP5-ZmhQGNidbalU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912F535/69A58078BA6611EEBC39626EC4F9AE02/EB3C8154EC3911EE98E62214C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.224.0/22
Signature Algorithm: sha256WithRSAEncryption
55:6f:4a:c4:8a:88:3a:ba:03:73:32:78:86:31:2e:8d:ad:8b:
4c:77:5d:86:1a:24:86:27:97:af:d3:5c:e2:b8:82:48:32:ac:
4b:c4:51:83:8f:3e:20:0c:a1:96:2e:ee:d7:89:2b:44:93:0d:
95:14:f6:b1:f5:28:fd:0a:33:fb:fc:74:7d:e3:1f:c5:16:1d:
b8:f3:47:0f:09:d6:37:c2:9b:c0:66:08:c5:58:cd:e7:78:3e:
d7:79:46:e8:12:f9:a8:37:1a:00:4c:88:1b:63:f0:2a:36:bc:
5e:6c:81:77:5d:f3:5b:ea:31:44:08:e2:65:45:2a:d0:00:f7:
4e:4c:93:0c:f8:39:18:dc:2c:33:a2:5d:f6:ea:f9:e2:71:43:
d7:eb:c5:02:14:f5:48:3f:f4:c8:5f:a0:b6:cb:85:55:c4:aa:
e6:32:85:53:5b:dd:7b:56:3f:42:97:2a:72:0c:fa:45:6d:d8:
a8:8f:a8:78:2d:15:1b:55:8a:b9:27:54:86:e2:45:24:5e:6e:
bd:7c:93:4e:cb:74:06:21:e2:3f:4b:db:b8:7b:a3:24:24:7f:
22:df:c9:67:e3:8b:07:e4:86:52:8c:82:d0:10:0e:6f:92:d6:
8f:13:21:68:d0:01:8f:fc:b1:1c:f0:14:ea:20:77:9b:61:eb:
ae:4e:d6:1d
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBTjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
RjUzNTExMC8GA1UEBRMoRDQ4Q0VEMThGNjhDQTIyNjk4M0Y5Rjk5OUExNDA2MzYy
NzVCNkE1NTAeFw0yNDA1MTUwODQzMDlaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NDQ3NTlkLTNiMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCx76MqJ5f41Q2fyUaZdtqixvp4J0G89d6Ikeu/LEZU3YQ5sdyojn92SVgp2boH
4sstkD/Pq80fORiLz4ys7Y41ZY3rKbG7V8Amp8cOA1mVDHxLDQTNCBzlco7iXRJX
k3dzslzFrhleU7ZvyNX2kNsvr+aTFaWLhPtuFqK+vhsGCDHcZ+wUpRoz1cQV0Of4
vLfzchCkwVqFpahcDm6BHq6eW2s0wpRNBiET0EK1RHJLf03oEcjqNCbxLGeFD/MP
BBlxWZDYqYpMBKMGgwEy/umRTpE+C08u42nQTiixcjqGW5eDmKHVKP8BW6GwxM98
JKaHc2GUthv5VXDJhyZgrkgFAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUS0uCEEIr
P4UoFN71J2c8MPIkOwQwHwYDVR0jBBgwFoAU1IztGPaMoiaYP5+ZmhQGNidbalUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJGNTM1LzY5QTU4MDc4QkE2
NjExRUVCQzM5NjI2RUM0RjlBRTAyLzFJenRHUGFNb2lhWVA1LVptaFFHTmlkYmFs
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMUl6dEdQYU1vaWFZUDUtWm1oUUdOaWRiYWxVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
RjUzNS82OUE1ODA3OEJBNjYxMUVFQkMzOTYyNkVDNEY5QUUwMi9FQjNDODE1NEVD
MzkxMUVFOThFNjIyMTRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAivg4DANBgkqhkiG9w0BAQsFAAOCAQEAVW9KxIqIOroDczJ4
hjEuja2LTHddhhokhieXr9Nc4riCSDKsS8RRg48+IAyhli7u14krRJMNlRT2sfUo
/Qoz+/x0feMfxRYduPNHDwnWN8KbwGYIxVjN53g+13lG6BL5qDcaAEyIG2PwKja8
XmyBd13zW+oxRAjiZUUq0AD3TkyTDPg5GNwsM6Jd9ur54nFD1+vFAhT1SD/0yF+g
tsuFVcSq5jKFU1vde1Y/Qpcqcgz6RW3YqI+oeC0VG1WKuSdUhuJFJF5uvXyTTst0
BiHiP0vbuHujJCR/It/JZ+OLB+SGUoyC0BAOb5LWjxMhaNABj/yxHPAU6iB3m2Hr
rk7WHQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:43:01 2025 by rpki-client