Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9175F18/A384291C0AA011EB87333882C4F9AE02/BADD8D386C4411EFA8952B76C4F9AE02.roa
File: BADD8D386C4411EFA8952B76C4F9AE02.roa (raw, json)
Hash identifier: LYuOqPaDkw5mKuhcKAX19MsCPgBHmSMLx9T8kZNgMmQ=
Subject key identifier: 4B:0E:47:98:9A:93:C0:CB:13:7D:AF:13:DC:5C:03:41:08:B0:DB:2D
Certificate issuer: /CN=A9175F18/serialNumber=3C8B2BDBCB155E2D2FECD45D062FB3699F034320
Certificate serial: 075E
Authority key identifier: 3C:8B:2B:DB:CB:15:5E:2D:2F:EC:D4:5D:06:2F:B3:69:9F:03:43:20
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PIsr28sVXi0v7NRdBi-zaZ8DQyA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9175F18/A384291C0AA011EB87333882C4F9AE02/BADD8D386C4411EFA8952B76C4F9AE02.roa
Signing time: Thu 28 Nov 2024 21:41:04 +0000
ROA not before: Thu 28 Nov 2024 21:41:04 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 62468
IP address blocks: 43.225.56.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1886 (0x75e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9175F18
Validity
Not Before: Nov 28 21:41:04 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6748e370-917d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:9e:34:e2:72:69:63:5c:7f:68:15:e4:70:f7:
92:c1:6c:04:c0:9e:0b:22:5f:94:a8:f6:c6:d8:09:
f6:03:a1:67:0f:4e:46:78:2f:24:b7:02:5e:b0:6e:
4f:4b:85:5d:b3:1f:34:ef:04:92:96:a4:61:36:cf:
c3:ab:ac:26:c6:5d:12:08:7e:b2:ca:ab:72:ed:80:
2e:55:90:ce:95:90:43:75:a0:80:93:71:4a:56:2a:
b8:1c:4b:ea:0c:2b:65:d3:9c:33:a3:fc:a9:bb:5d:
2f:be:43:7e:da:a9:33:99:4c:c1:dc:c0:62:c3:08:
2a:70:70:d0:c8:6d:60:1b:01:6a:df:d0:5f:15:5b:
5b:90:92:9d:0b:c3:71:d4:36:61:13:8a:7b:08:3b:
ae:e1:45:ac:ab:0b:0d:f0:66:87:8d:fa:8a:c3:d9:
91:05:29:43:e3:05:65:d2:b7:89:57:8c:ee:9e:6d:
79:d7:ce:c5:5e:09:07:43:7f:a6:d0:f8:f8:1d:50:
98:33:ee:95:c5:f8:7f:ba:ca:09:15:a8:f2:b7:4e:
ba:56:9c:2b:fd:e6:36:c4:ac:a5:56:1f:a8:85:db:
d5:43:64:73:c1:56:8c:01:84:47:e0:99:23:c9:3f:
e1:65:38:6d:c7:11:20:5f:8d:17:47:38:58:2c:a7:
7a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:0E:47:98:9A:93:C0:CB:13:7D:AF:13:DC:5C:03:41:08:B0:DB:2D
X509v3 Authority Key Identifier:
keyid:3C:8B:2B:DB:CB:15:5E:2D:2F:EC:D4:5D:06:2F:B3:69:9F:03:43:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9175F18/A384291C0AA011EB87333882C4F9AE02/PIsr28sVXi0v7NRdBi-zaZ8DQyA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PIsr28sVXi0v7NRdBi-zaZ8DQyA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9175F18/A384291C0AA011EB87333882C4F9AE02/BADD8D386C4411EFA8952B76C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.56.0/22
Signature Algorithm: sha256WithRSAEncryption
12:b3:fc:0d:ed:70:20:ed:01:79:4e:71:68:06:4c:f3:af:ea:
06:01:ef:f6:75:1d:1b:be:54:1d:ba:fb:1b:3d:8e:4a:c6:20:
38:a3:a5:37:93:e4:89:49:cf:1e:50:74:9c:1c:0b:9a:59:13:
ae:9a:cd:13:c7:da:24:cc:ad:fa:3c:10:db:b2:5e:ec:60:2c:
0c:d4:7a:77:14:89:c7:10:6b:5d:eb:4a:cf:88:b5:d1:93:30:
a9:9b:ff:51:08:0b:6e:66:c3:55:66:bc:8f:40:3a:6c:dd:95:
ac:f2:43:18:df:b5:d5:48:10:0c:4c:b3:d0:5b:cb:9d:87:64:
0e:ff:0f:3d:b0:42:73:30:a3:a3:e2:1f:17:9f:6f:60:b4:15:
39:2d:7f:73:23:a7:f3:88:6b:ac:4c:bd:f8:22:e5:b0:76:21:
49:ac:6e:46:99:f5:57:68:9d:67:5a:03:fa:be:f2:ab:cc:36:
7c:b8:c8:21:d4:d0:d7:c1:2e:79:ab:60:3a:ea:76:63:2d:b1:
5e:12:80:50:f6:dc:cc:d5:ca:f2:74:bc:1f:46:ed:38:dc:fd:
a4:e3:fb:22:b0:e4:03:70:55:a7:2e:7a:56:17:26:0e:06:c8:
c0:16:21:a4:29:6d:db:85:2d:f9:a3:90:91:86:93:14:19:ee:
4b:0c:4a:51
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB14wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzVGMTgxMTAvBgNVBAUTKDNDOEIyQkRCQ0IxNTVFMkQyRkVDRDQ1RDA2MkZCMzY5
OUYwMzQzMjAwHhcNMjQxMTI4MjE0MTA0WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ4ZTM3MC05MTdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1Z404nJpY1x/aBXkcPeSwWwEwJ4LIl+UqPbG2An2A6FnD05GeC8ktwJesG5P
S4Vdsx807wSSlqRhNs/Dq6wmxl0SCH6yyqty7YAuVZDOlZBDdaCAk3FKViq4HEvq
DCtl05wzo/ypu10vvkN+2qkzmUzB3MBiwwgqcHDQyG1gGwFq39BfFVtbkJKdC8Nx
1DZhE4p7CDuu4UWsqwsN8GaHjfqKw9mRBSlD4wVl0reJV4zunm15187FXgkHQ3+m
0Pj4HVCYM+6Vxfh/usoJFajyt066Vpwr/eY2xKylVh+ohdvVQ2RzwVaMAYRH4Jkj
yT/hZThtxxEgX40XRzhYLKd6lQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEsOR5ia
k8DLE32vE9xcA0EIsNstMB8GA1UdIwQYMBaAFDyLK9vLFV4tL+zUXQYvs2mfA0Mg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NUYxOC9BMzg0MjkxQzBB
QTAxMUVCODczMzM4ODJDNEY5QUUwMi9QSXNyMjhzVlhpMHY3TlJkQmktemFaOERR
eUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BJc3IyOHNWWGkwdjdOUmRCaS16YVo4RFF5QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzVGMTgvQTM4NDI5MUMwQUEwMTFFQjg3MzMzODgyQzRGOUFFMDIvQkFERDhEMzg2
QzQ0MTFFRkE4OTUyQjc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAIr4TgwDQYJKoZIhvcNAQELBQADggEBABKz/A3tcCDtAXlO
cWgGTPOv6gYB7/Z1HRu+VB26+xs9jkrGIDijpTeT5IlJzx5QdJwcC5pZE66azRPH
2iTMrfo8ENuyXuxgLAzUencUiccQa13rSs+ItdGTMKmb/1EIC25mw1VmvI9AOmzd
lazyQxjftdVIEAxMs9Bby52HZA7/Dz2wQnMwo6PiHxefb2C0FTktf3Mjp/OIa6xM
vfgi5bB2IUmsbkaZ9VdonWdaA/q+8qvMNny4yCHU0NfBLnmrYDrqdmMtsV4SgFD2
3MzVyvJ0vB9G7Tjc/aTj+yKw5ANwVacuelYXJg4GyMAWIaQpbduFLfmjkJGGkxQZ
7ksMSlE=
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:29:55 2025 by rpki-client