Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913F8BC/4E13F40C520611E98EFC3A54C4F9AE02/E9056E5A520611E9ABE43055C4F9AE02.roa
File: E9056E5A520611E9ABE43055C4F9AE02.roa (raw, json)
Hash identifier: M4kuuW3GF+4cw4z3e2X8np8DXjwWrvLRqULDvRRViYg=
Subject key identifier: DD:A8:A6:2C:21:D7:76:2C:53:ED:38:5C:BF:7B:AE:C0:C0:9A:1A:C1
Certificate issuer: /CN=A913F8BC/serialNumber=9137A89F4610DAE2C88C694DC952CE5835527079
Certificate serial: 0F18
Authority key identifier: 91:37:A8:9F:46:10:DA:E2:C8:8C:69:4D:C9:52:CE:58:35:52:70:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kTeon0YQ2uLIjGlNyVLOWDVScHk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913F8BC/4E13F40C520611E98EFC3A54C4F9AE02/E9056E5A520611E9ABE43055C4F9AE02.roa
Signing time: Wed 24 Apr 2024 18:26:44 +0000
ROA not before: Wed 24 Apr 2024 18:26:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56140
IP address blocks: 42.0.28.0/22 maxlen: 22
42.0.28.0/24 maxlen: 24
42.0.29.0/24 maxlen: 24
42.0.30.0/24 maxlen: 24
42.0.31.0/24 maxlen: 24
103.140.6.0/24 maxlen: 24
103.140.7.0/24 maxlen: 24
2407:c600::/32 maxlen: 32
2407:c600:1::/48 maxlen: 48
2407:c600:2::/48 maxlen: 48
2407:c600:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3864 (0xf18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913F8BC
Validity
Not Before: Apr 24 18:26:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66294ee4-dd47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:e4:fb:62:af:06:94:9c:9b:0a:c0:83:6e:f9:
54:bd:a5:cf:a6:19:33:2e:fc:b6:17:dd:5e:85:00:
07:92:75:93:43:03:b9:37:1d:9e:09:13:3a:ee:b4:
14:64:e8:0a:fe:86:99:72:b7:20:37:80:91:42:4e:
0c:93:e5:d5:e8:a1:8a:5f:c8:7d:1c:83:28:3d:fc:
63:3f:76:45:ba:16:9b:67:01:83:bd:d0:44:20:7b:
68:ca:08:0a:97:f0:c7:32:c3:a1:d4:11:88:a4:53:
5d:73:ea:b9:ab:35:07:0e:d0:bc:2f:fd:ee:37:18:
b1:35:85:8f:ff:38:d9:74:3d:3c:36:c2:d0:37:0e:
6e:29:2e:22:7c:78:eb:f2:81:78:21:b0:43:97:84:
ee:0a:de:7b:84:79:d9:5e:b6:d3:78:b7:82:00:89:
07:cc:75:a7:72:f7:e1:a1:63:eb:d0:14:ef:a6:e4:
44:7f:7a:d9:9e:40:9e:f8:bb:d8:38:d7:5c:d4:2e:
b7:86:8e:b7:57:1b:1c:7f:57:b9:48:39:c9:84:f1:
0b:0c:33:8f:5a:87:7b:86:aa:49:76:e3:54:dd:7c:
c8:7c:be:90:cb:dc:6c:91:61:0f:b2:7d:26:62:79:
e0:69:b1:a1:7a:0f:7c:e7:84:d9:2f:a4:6c:53:3f:
d9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:A8:A6:2C:21:D7:76:2C:53:ED:38:5C:BF:7B:AE:C0:C0:9A:1A:C1
X509v3 Authority Key Identifier:
keyid:91:37:A8:9F:46:10:DA:E2:C8:8C:69:4D:C9:52:CE:58:35:52:70:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913F8BC/4E13F40C520611E98EFC3A54C4F9AE02/kTeon0YQ2uLIjGlNyVLOWDVScHk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kTeon0YQ2uLIjGlNyVLOWDVScHk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913F8BC/4E13F40C520611E98EFC3A54C4F9AE02/E9056E5A520611E9ABE43055C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
42.0.28.0/22
103.140.6.0/23
IPv6:
2407:c600::/32
Signature Algorithm: sha256WithRSAEncryption
09:ad:d1:30:a5:4d:cd:79:94:20:2d:ed:44:07:4a:f4:e1:a6:
6b:35:f0:9e:f6:fe:16:d8:8e:5a:e9:a0:93:a7:dd:72:68:26:
8b:88:22:22:f2:6c:7e:0e:44:e2:7f:c4:4b:cd:5d:56:8b:aa:
dc:31:2d:a4:dc:bc:82:fa:25:12:8a:6c:f9:e0:05:44:aa:49:
78:7f:4a:ac:92:84:8b:09:e0:cb:e4:a5:f9:dc:30:b8:b5:18:
18:1d:4b:23:e4:d7:07:e0:8e:76:43:7b:ea:84:10:a7:4b:05:
80:59:c0:ab:ae:6d:6b:7d:7b:7c:2c:ae:b4:ad:00:da:56:3f:
bd:17:7a:8a:84:8b:47:c5:f6:43:08:eb:41:72:cc:cb:80:b9:
54:60:a4:64:5e:19:98:3e:71:6a:67:23:86:21:a0:1b:51:ae:
1d:91:21:ed:66:df:8a:f1:d1:7a:1e:90:1f:f2:a9:9b:29:82:
93:57:0e:a3:07:00:72:1c:83:cf:ff:11:21:9f:09:f1:fb:85:
10:45:2e:94:7b:c4:c8:09:6d:43:9b:f1:a3:36:9e:3e:be:4f:
a0:8e:61:63:2b:52:81:71:6b:1b:fe:72:df:e1:76:d5:3e:4a:
35:c1:5f:c6:46:d6:90:14:63:3a:01:15:35:ea:33:cf:5e:cf:
5d:b7:11:1c
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDxgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0Y4QkMxMTAvBgNVBAUTKDkxMzdBODlGNDYxMERBRTJDODhDNjk0REM5NTJDRTU4
MzU1MjcwNzkwHhcNMjQwNDI0MTgyNjQ0WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjI5NGVlNC1kZDQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4uT7Yq8GlJybCsCDbvlUvaXPphkzLvy2F91ehQAHknWTQwO5Nx2eCRM67rQU
ZOgK/oaZcrcgN4CRQk4Mk+XV6KGKX8h9HIMoPfxjP3ZFuhabZwGDvdBEIHtoyggK
l/DHMsOh1BGIpFNdc+q5qzUHDtC8L/3uNxixNYWP/zjZdD08NsLQNw5uKS4ifHjr
8oF4IbBDl4TuCt57hHnZXrbTeLeCAIkHzHWncvfhoWPr0BTvpuREf3rZnkCe+LvY
ONdc1C63ho63Vxscf1e5SDnJhPELDDOPWod7hqpJduNU3XzIfL6Qy9xskWEPsn0m
YnngabGheg9854TZL6RsUz/ZBwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFN2opiwh
13YsU+04XL97rsDAmhrBMB8GA1UdIwQYMBaAFJE3qJ9GENriyIxpTclSzlg1UnB5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRjhCQy80RTEzRjQwQzUy
MDYxMUU5OEVGQzNBNTRDNEY5QUUwMi9rVGVvbjBZUTJ1TElqR2xOeVZMT1dEVlNj
SGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tUZW9uMFlRMnVMSWpHbE55VkxPV0RWU2NIay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0Y4QkMvNEUxM0Y0MEM1MjA2MTFFOThFRkMzQTU0QzRGOUFFMDIvRTkwNTZFNUE1
MjA2MTFFOUFCRTQzMDU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAIqABwDBAFnjAYwDQQCAAIwBwMFACQHxgAwDQYJKoZIhvcN
AQELBQADggEBAAmt0TClTc15lCAt7UQHSvThpms18J72/hbYjlrpoJOn3XJoJouI
IiLybH4OROJ/xEvNXVaLqtwxLaTcvIL6JRKKbPngBUSqSXh/SqyShIsJ4Mvkpfnc
MLi1GBgdSyPk1wfgjnZDe+qEEKdLBYBZwKuubWt9e3wsrrStANpWP70XeoqEi0fF
9kMI60FyzMuAuVRgpGReGZg+cWpnI4YhoBtRrh2RIe1m34rx0XoekB/yqZspgpNX
DqMHAHIcg8//ESGfCfH7hRBFLpR7xMgJbUOb8aM2nj6+T6COYWMrUoFxaxv+ct/h
dtU+SjXBX8ZG1pAUYzoBFTXqM89ez123ERw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:08:37 2025 by rpki-client