Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/EB3FE1C61B6411ECAAB1D328C4F9AE02.roa
File: EB3FE1C61B6411ECAAB1D328C4F9AE02.roa (raw, json)
Hash identifier: vlPdQwiOxGdbOdhmlbrhpezVJ256bDBMeryFLzti+9k=
Subject key identifier: DA:C5:21:35:7D:E3:6D:08:BD:04:57:73:55:AF:DC:31:EC:01:4B:5C
Certificate issuer: /CN=A914BC7A/serialNumber=5312F399A6F7EB0DDCD51C039F83F7B7A47A5F09
Certificate serial: 342C
Authority key identifier: 53:12:F3:99:A6:F7:EB:0D:DC:D5:1C:03:9F:83:F7:B7:A4:7A:5F:09
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UxLzmab36w3c1RwDn4P3t6R6Xwk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/EB3FE1C61B6411ECAAB1D328C4F9AE02.roa
Signing time: Tue 20 Aug 2024 15:31:12 +0000
ROA not before: Tue 20 Aug 2024 15:31:12 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 142501
IP address blocks: 2405:8a00:ffff::/48 maxlen: 48
2409:e:e0::/48 maxlen: 48
2409:e:e1::/48 maxlen: 48
2409:e:e2::/48 maxlen: 48
2409:e:e4::/48 maxlen: 48
2409:e:e6::/48 maxlen: 48
2409:e:e8::/48 maxlen: 48
2409:e:ea::/48 maxlen: 48
2409:e:ec::/48 maxlen: 48
2409:e:ee::/48 maxlen: 48
2409:f::/32 maxlen: 32
2409:f:f1::/48 maxlen: 48
2409:f:f3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13356 (0x342c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914BC7A
Validity
Not Before: Aug 20 15:31:12 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66c4b6c0-d8a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:16:70:4d:5c:2b:6e:53:b0:29:af:9b:4c:6f:
81:b9:9d:6c:65:a5:a5:33:07:00:c6:be:90:1c:ec:
23:38:36:0c:84:8b:86:07:a6:ee:0c:8d:7d:d7:57:
80:e4:2d:39:85:da:f2:7f:c0:d2:e3:36:05:ce:c6:
30:d7:6a:d1:21:e7:01:45:34:72:7b:96:01:25:b3:
cd:41:8e:e2:aa:0b:0d:dd:1b:ac:b4:96:11:49:00:
95:1d:3a:c8:26:16:86:34:df:a9:8b:b1:eb:24:8a:
d8:47:05:02:17:68:af:90:a6:31:8e:11:fe:07:eb:
51:e3:e4:16:51:4a:49:96:4d:41:33:39:c1:1f:6b:
40:20:8b:0c:b6:d2:09:eb:1c:f7:a5:42:24:12:b9:
dd:a6:bc:4b:a9:61:e0:27:73:7c:03:0f:9c:df:88:
0f:9b:78:37:bf:ea:a5:ad:43:9c:2b:00:e1:f8:7f:
ab:61:81:40:ae:b4:d6:f0:30:ba:1a:80:95:4a:02:
03:2b:95:18:e0:af:b9:fe:3a:00:d0:a7:ae:27:6c:
a4:e6:6e:bd:bd:69:c4:bb:6f:20:dc:9a:83:7f:c8:
c9:62:66:b3:d4:33:ba:2b:26:45:90:1d:46:58:3e:
02:d0:95:35:ea:78:f1:79:3f:ed:a6:30:46:f9:f1:
ad:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C5:21:35:7D:E3:6D:08:BD:04:57:73:55:AF:DC:31:EC:01:4B:5C
X509v3 Authority Key Identifier:
keyid:53:12:F3:99:A6:F7:EB:0D:DC:D5:1C:03:9F:83:F7:B7:A4:7A:5F:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/UxLzmab36w3c1RwDn4P3t6R6Xwk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UxLzmab36w3c1RwDn4P3t6R6Xwk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/EB3FE1C61B6411ECAAB1D328C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2405:8a00:ffff::/48
2409:e:e0::-2409:e:e2:ffff:ffff:ffff:ffff:ffff
2409:e:e4::/48
2409:e:e6::/48
2409:e:e8::/48
2409:e:ea::/48
2409:e:ec::/48
2409:e:ee::/48
2409:f::/32
Signature Algorithm: sha256WithRSAEncryption
7a:3d:53:61:f4:d9:ef:8f:52:a5:14:a0:1b:78:57:57:75:72:
ca:bc:2f:1b:ab:ab:d0:9d:e7:51:05:e5:af:bd:7b:f1:fc:cf:
11:c3:f0:7f:7b:17:b1:30:77:b1:cd:98:60:21:76:4c:87:e2:
02:0f:38:1b:0b:80:f8:23:5b:b6:69:b0:5f:21:4d:af:7b:71:
29:dc:2f:33:f9:29:5a:ac:80:50:66:e1:29:e0:3b:f8:d1:10:
cd:27:27:8a:bc:ae:ed:28:de:ba:40:d6:b0:22:1d:39:90:4f:
b3:6e:c7:62:8f:34:ce:20:7c:45:13:19:c5:af:62:5b:34:5e:
cb:50:3d:fd:38:c7:7b:d9:b5:49:11:3e:00:29:d4:02:4e:e3:
ef:c6:8f:25:50:4f:f5:f7:cb:b4:12:5e:01:3b:31:f5:25:ff:
7c:6a:bf:ae:53:55:9b:2c:29:0a:0e:ac:12:42:bb:a7:c6:9f:
8c:f3:92:00:8f:ad:90:f6:e2:f5:0f:2a:26:05:5c:71:3d:b1:
27:f2:ca:9f:d5:d7:e7:b4:a6:fa:04:f7:e8:d3:02:48:bd:a7:
95:4a:3f:f8:20:e8:05:19:b3:7b:a2:dc:37:15:71:29:b8:48:
55:4a:15:d3:94:96:48:54:7c:24:78:21:d8:80:6b:5d:7d:e0:
0f:d5:a5:8c
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgICNCwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEJDN0ExMTAvBgNVBAUTKDUzMTJGMzk5QTZGN0VCMEREQ0Q1MUMwMzlGODNGN0I3
QTQ3QTVGMDkwHhcNMjQwODIwMTUzMTEyWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM0YjZjMC1kOGEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwBZwTVwrblOwKa+bTG+BuZ1sZaWlMwcAxr6QHOwjODYMhIuGB6buDI1911eA
5C05hdryf8DS4zYFzsYw12rRIecBRTRye5YBJbPNQY7iqgsN3RustJYRSQCVHTrI
JhaGNN+pi7HrJIrYRwUCF2ivkKYxjhH+B+tR4+QWUUpJlk1BMznBH2tAIIsMttIJ
6xz3pUIkErndprxLqWHgJ3N8Aw+c34gPm3g3v+qlrUOcKwDh+H+rYYFArrTW8DC6
GoCVSgIDK5UY4K+5/joA0KeuJ2yk5m69vWnEu28g3JqDf8jJYmaz1DO6KyZFkB1G
WD4C0JU16njxeT/tpjBG+fGtAwIDAQABo4IC6TCCAuUwHQYDVR0OBBYEFNrFITV9
420IvQRXc1Wv3DHsAUtcMB8GA1UdIwQYMBaAFFMS85mm9+sN3NUcA5+D97ekel8J
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QkM3QS80QzUyOEY3ODQ1
MDMxMUUyQkRDQTFGNzMyOTc5QkIyMC9VeEx6bWFiMzZ3M2MxUndEbjRQM3Q2UjZY
d2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1V4THptYWIzNnczYzFSd0RuNFAzdDZSNlh3ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEJDN0EvNEM1MjhGNzg0NTAzMTFFMkJEQ0ExRjczMjk3OUJCMjAvRUIzRkUxQzYx
QjY0MTFFQ0FBQjFEMzI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcwYIKwYBBQUHAQcBAf8E
ZDBiMGAEAgACMFoDBwAkBYoA//8wEgMHBSQJAA4A4AMHACQJAA4A4gMHACQJAA4A
5AMHACQJAA4A5gMHACQJAA4A6AMHACQJAA4A6gMHACQJAA4A7AMHACQJAA4A7gMF
ACQJAA8wDQYJKoZIhvcNAQELBQADggEBAHo9U2H02e+PUqUUoBt4V1d1csq8Lxur
q9Cd51EF5a+9e/H8zxHD8H97F7Ewd7HNmGAhdkyH4gIPOBsLgPgjW7ZpsF8hTa97
cSncLzP5KVqsgFBm4SngO/jREM0nJ4q8ru0o3rpA1rAiHTmQT7Nux2KPNM4gfEUT
GcWvYls0XstQPf04x3vZtUkRPgAp1AJO4+/GjyVQT/X3y7QSXgE7MfUl/3xqv65T
VZssKQoOrBJCu6fGn4zzkgCPrZD24vUPKiYFXHE9sSfyyp/V1+e0pvoE9+jTAki9
p5VKP/gg6AUZs3ui3DcVcSm4SFVKFdOUlkhUfCR4IdiAa1194A/VpYw=
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:48:19 2025 by rpki-client