Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91325DC/4612D51E431611EAB262781DC4F9AE02/A2DE5B44AE1C11EAA46DAF7FC4F9AE02.roa
File: A2DE5B44AE1C11EAA46DAF7FC4F9AE02.roa (raw, json)
Hash identifier: wBezilbHgFlLqA1qqUMQVDVzvkJDksyuC7XhtfdBEgk=
Subject key identifier: 60:EF:E8:B6:A8:C5:55:0D:5D:B2:17:52:84:37:E2:6E:C6:A9:5D:15
Certificate issuer: /CN=A91325DC/serialNumber=D10E43E0593DEF1DB8D7F44C6F1CD13E73C2F230
Certificate serial: 0A9E
Authority key identifier: D1:0E:43:E0:59:3D:EF:1D:B8:D7:F4:4C:6F:1C:D1:3E:73:C2:F2:30
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0Q5D4Fk97x241_RMbxzRPnPC8jA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91325DC/4612D51E431611EAB262781DC4F9AE02/A2DE5B44AE1C11EAA46DAF7FC4F9AE02.roa
Signing time: Thu 24 Oct 2024 19:58:23 +0000
ROA not before: Thu 24 Oct 2024 19:58:23 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 136758
IP address blocks: 58.84.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2718 (0xa9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91325DC
Validity
Not Before: Oct 24 19:58:23 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=671aa6de-bd05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:39:e9:9f:8d:71:e6:dc:c2:59:95:81:58:df:
02:48:0e:72:39:da:2c:da:9a:30:de:17:1f:0e:41:
69:38:bb:25:7b:bc:72:07:5a:f6:68:f7:4a:29:1b:
b0:c3:c7:a1:a2:39:fa:d4:63:a3:c8:c2:bd:27:66:
bf:6d:9b:c3:fa:22:9e:4e:84:c4:e8:73:c5:e2:6a:
04:0c:74:bb:2f:5c:4f:a5:10:e4:98:e6:e9:9e:8a:
15:5a:f9:3a:2e:89:38:96:ea:5b:ed:e2:ad:a4:ea:
4d:12:a1:50:ef:56:3c:09:00:ec:af:a6:db:83:03:
da:28:ee:5f:4e:e3:43:b1:e6:ae:b2:08:74:f7:da:
db:39:2c:73:36:d1:98:92:01:35:46:d9:9c:ce:d8:
5b:3c:ce:14:78:66:45:ab:09:19:ef:e0:fd:50:04:
6c:aa:a9:35:25:8b:ed:67:a8:35:14:d8:30:0c:5a:
f3:5f:67:37:61:18:0a:99:39:7c:df:df:4f:5f:b2:
6c:47:0b:a2:19:0b:02:db:0d:e5:46:e8:7c:44:60:
c9:2f:40:2e:22:01:1e:37:ee:03:90:28:8c:fb:e4:
e8:9a:d5:b5:5f:ff:c4:d4:d5:67:18:11:7f:c8:89:
cb:3b:f0:e2:3f:a7:94:2d:ee:2f:7b:e1:f4:8f:9f:
71:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:EF:E8:B6:A8:C5:55:0D:5D:B2:17:52:84:37:E2:6E:C6:A9:5D:15
X509v3 Authority Key Identifier:
keyid:D1:0E:43:E0:59:3D:EF:1D:B8:D7:F4:4C:6F:1C:D1:3E:73:C2:F2:30
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91325DC/4612D51E431611EAB262781DC4F9AE02/0Q5D4Fk97x241_RMbxzRPnPC8jA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0Q5D4Fk97x241_RMbxzRPnPC8jA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91325DC/4612D51E431611EAB262781DC4F9AE02/A2DE5B44AE1C11EAA46DAF7FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.84.5.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:ae:cb:6f:c9:af:70:5b:96:3d:90:da:e6:e6:28:89:80:c3:
29:54:cf:ae:85:e1:63:86:42:15:dc:af:59:61:75:c2:4d:6f:
8a:42:4d:cf:65:c0:a6:96:70:95:74:4f:57:ff:43:11:f2:60:
72:66:ef:db:45:ca:2d:f8:41:18:c4:83:93:c1:e5:b1:df:ee:
1e:43:fe:b8:da:db:dc:1e:bb:8d:92:68:08:b1:70:1f:b9:b8:
be:6d:84:7e:6e:19:fd:e7:c3:3d:43:40:50:87:c8:a0:3d:fb:
3d:b0:a4:ad:ec:2e:ae:09:3e:63:16:aa:8b:8e:65:43:2b:d0:
82:26:02:eb:41:21:04:b4:33:d4:0b:f5:e5:71:43:9d:4d:3e:
de:22:b9:a7:35:d1:f1:8b:b4:ac:3a:09:38:37:d8:1c:75:73:
06:02:6e:04:dc:bc:88:83:fb:54:05:90:df:60:88:9b:75:2c:
d3:cf:0d:5a:91:69:20:23:91:e2:0d:cd:81:cc:9f:20:1f:5b:
ff:4e:1c:48:59:a3:7f:66:7f:18:4a:69:df:60:75:5d:68:20:
53:27:25:c4:b5:ad:d0:13:ab:e5:b0:e7:cc:43:5d:23:70:5f:
9c:53:52:88:24:aa:c6:26:5b:1b:c2:e6:ea:dd:0e:ca:ae:dd:
96:1a:9d:8b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCp4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzI1REMxMTAvBgNVBAUTKEQxMEU0M0UwNTkzREVGMURCOEQ3RjQ0QzZGMUNEMTNF
NzNDMkYyMzAwHhcNMjQxMDI0MTk1ODIzWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzFhYTZkZS1iZDA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtDnpn41x5tzCWZWBWN8CSA5yOdos2pow3hcfDkFpOLsle7xyB1r2aPdKKRuw
w8ehojn61GOjyMK9J2a/bZvD+iKeToTE6HPF4moEDHS7L1xPpRDkmObpnooVWvk6
Lok4lupb7eKtpOpNEqFQ71Y8CQDsr6bbgwPaKO5fTuNDseausgh099rbOSxzNtGY
kgE1RtmczthbPM4UeGZFqwkZ7+D9UARsqqk1JYvtZ6g1FNgwDFrzX2c3YRgKmTl8
399PX7JsRwuiGQsC2w3lRuh8RGDJL0AuIgEeN+4DkCiM++TomtW1X//E1NVnGBF/
yInLO/DiP6eULe4ve+H0j59xZQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGDv6Lao
xVUNXbIXUoQ34m7GqV0VMB8GA1UdIwQYMBaAFNEOQ+BZPe8duNf0TG8c0T5zwvIw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMjVEQy80NjEyRDUxRTQz
MTYxMUVBQjI2Mjc4MURDNEY5QUUwMi8wUTVENEZrOTd4MjQxX1JNYnh6UlBuUEM4
akEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBRNUQ0Rms5N3gyNDFfUk1ieHpSUG5QQzhqQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzI1REMvNDYxMkQ1MUU0MzE2MTFFQUIyNjI3ODFEQzRGOUFFMDIvQTJERTVCNDRB
RTFDMTFFQUE0NkRBRjdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAA6VAUwDQYJKoZIhvcNAQELBQADggEBAHyuy2/Jr3Bblj2Q
2ubmKImAwylUz66F4WOGQhXcr1lhdcJNb4pCTc9lwKaWcJV0T1f/QxHyYHJm79tF
yi34QRjEg5PB5bHf7h5D/rja29weu42SaAixcB+5uL5thH5uGf3nwz1DQFCHyKA9
+z2wpK3sLq4JPmMWqouOZUMr0IImAutBIQS0M9QL9eVxQ51NPt4iuac10fGLtKw6
CTg32Bx1cwYCbgTcvIiD+1QFkN9giJt1LNPPDVqRaSAjkeINzYHMnyAfW/9OHEhZ
o39mfxhKad9gdV1oIFMnJcS1rdATq+Ww58xDXSNwX5xTUogkqsYmWxvC5urdDsqu
3ZYanYs=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:09:57 2025 by rpki-client