Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911ABCE/90099C4057DD11EEBAFFE42DC4F9AE02/1E541192D5A111EE9D73FA44C4F9AE02.roa
File: 1E541192D5A111EE9D73FA44C4F9AE02.roa (raw, json)
Hash identifier: qlqqEk+ktO9kWepPw94741l8FovGv8c1l/1ZfvzH37I=
Subject key identifier: BC:15:89:1F:A3:56:4B:CA:F3:82:19:7B:EA:AB:BC:D8:49:DD:EA:B4
Certificate issuer: /CN=A911ABCE/serialNumber=300742E4AD547AE49DD82C82F7ECEB095B902A20
Certificate serial: D2
Authority key identifier: 30:07:42:E4:AD:54:7A:E4:9D:D8:2C:82:F7:EC:EB:09:5B:90:2A:20
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MAdC5K1UeuSd2CyC9-zrCVuQKiA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911ABCE/90099C4057DD11EEBAFFE42DC4F9AE02/1E541192D5A111EE9D73FA44C4F9AE02.roa
Signing time: Sat 05 Oct 2024 04:38:37 +0000
ROA not before: Sat 05 Oct 2024 04:38:37 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 212238
IP address blocks: 43.239.250.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 210 (0xd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911ABCE
Validity
Not Before: Oct 5 04:38:37 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=6700c2cd-2799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:5a:19:19:a9:2d:82:b2:7c:1b:4d:5a:fc:c0:
3c:f9:1c:0c:1d:3a:66:9b:1c:41:32:8f:dd:40:d7:
5d:33:66:53:c0:d1:65:12:db:af:d4:e4:9c:96:89:
ea:f9:ee:d4:f7:4e:f7:c1:c7:5a:d5:cf:48:e7:ef:
f9:57:f0:03:cb:c0:25:65:08:51:7c:fa:0c:ba:3c:
3b:6d:af:9e:4a:bc:26:5b:72:b6:5d:e1:e9:38:0a:
5d:ac:49:97:e2:ec:fb:94:16:56:24:31:a5:49:ef:
90:40:9f:2e:e5:4b:fb:66:a2:04:9f:1f:47:5f:c7:
f8:c7:fe:c9:91:f2:d5:7a:f5:84:ee:c1:11:4a:05:
8a:b7:ee:6c:b9:b2:2b:8c:a0:b2:aa:c2:01:30:59:
4e:d7:8e:f7:fb:06:36:da:95:1c:aa:cf:e0:b0:94:
15:5d:cc:fe:ca:ff:66:ea:28:3a:60:6f:d4:d1:89:
e9:b7:a8:53:7b:ff:ec:7f:f6:4b:4d:e9:e1:9a:5b:
0d:1a:3b:fb:4f:73:75:b5:37:51:5d:79:fc:d5:9e:
c4:02:dc:b8:bc:62:41:55:d1:aa:31:3a:1d:34:e9:
b9:29:58:31:1b:d0:88:4f:91:aa:8b:c5:1f:28:fc:
6b:a4:bd:f4:f5:39:31:7e:6e:22:e1:7a:69:cd:36:
c0:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:15:89:1F:A3:56:4B:CA:F3:82:19:7B:EA:AB:BC:D8:49:DD:EA:B4
X509v3 Authority Key Identifier:
keyid:30:07:42:E4:AD:54:7A:E4:9D:D8:2C:82:F7:EC:EB:09:5B:90:2A:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911ABCE/90099C4057DD11EEBAFFE42DC4F9AE02/MAdC5K1UeuSd2CyC9-zrCVuQKiA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MAdC5K1UeuSd2CyC9-zrCVuQKiA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911ABCE/90099C4057DD11EEBAFFE42DC4F9AE02/1E541192D5A111EE9D73FA44C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.250.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:04:8e:f4:cf:33:7b:2d:bb:c7:28:b1:e3:3f:1b:48:bd:90:
02:95:5b:65:38:f2:f7:5a:3a:83:f0:2b:1b:37:8a:4e:d4:dc:
05:02:60:4e:ab:64:fa:b3:43:41:1a:b3:15:6e:08:cc:bb:7c:
ff:41:1f:61:26:c4:83:60:52:a7:67:22:75:6e:dd:8e:26:7e:
c4:55:e4:ad:d7:f3:53:26:8d:11:b3:3d:db:f7:b2:0b:c7:59:
10:5e:7b:be:01:61:d9:c3:0f:18:db:1e:83:f0:d6:85:fb:12:
b3:00:ea:c2:57:d5:18:53:be:1f:f6:64:02:0d:4c:64:29:1a:
06:3f:5d:9d:42:89:ff:c8:59:42:8a:89:b9:e1:1f:85:96:99:
4e:72:4f:e5:fc:00:ca:31:0b:17:3b:aa:ff:a9:c9:50:60:42:
a0:d7:d9:00:db:47:c3:60:b1:c3:e8:8f:20:a0:e7:ca:2a:5f:
24:fd:e1:08:65:c8:6f:58:a9:56:7a:e2:c1:19:6a:19:57:14:
e1:7a:8f:40:3d:fd:c2:50:43:b5:33:b6:fc:37:2c:23:94:4b:
75:ee:9b:76:06:72:b1:74:4e:b8:54:8e:a7:ec:aa:06:d1:ba:
bd:86:48:be:78:6b:0e:24:7f:85:05:af:0f:d6:d0:50:73:c9:
a8:5d:39:55
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICANIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUFCQ0UxMTAvBgNVBAUTKDMwMDc0MkU0QUQ1NDdBRTQ5REQ4MkM4MkY3RUNFQjA5
NUI5MDJBMjAwHhcNMjQxMDA1MDQzODM3WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzAwYzJjZC0yNzk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5loZGaktgrJ8G01a/MA8+RwMHTpmmxxBMo/dQNddM2ZTwNFlEtuv1OSclonq
+e7U9073wcda1c9I5+/5V/ADy8AlZQhRfPoMujw7ba+eSrwmW3K2XeHpOApdrEmX
4uz7lBZWJDGlSe+QQJ8u5Uv7ZqIEnx9HX8f4x/7JkfLVevWE7sERSgWKt+5subIr
jKCyqsIBMFlO1473+wY22pUcqs/gsJQVXcz+yv9m6ig6YG/U0Ynpt6hTe//sf/ZL
TenhmlsNGjv7T3N1tTdRXXn81Z7EAty4vGJBVdGqMTodNOm5KVgxG9CIT5Gqi8Uf
KPxrpL309Tkxfm4i4XppzTbARwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLwViR+j
VkvK84IZe+qrvNhJ3eq0MB8GA1UdIwQYMBaAFDAHQuStVHrkndgsgvfs6wlbkCog
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQUJDRS85MDA5OUM0MDU3
REQxMUVFQkFGRkU0MkRDNEY5QUUwMi9NQWRDNUsxVWV1U2QyQ3lDOS16ckNWdVFL
aUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01BZEM1SzFVZXVTZDJDeUM5LXpyQ1Z1UUtpQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUFCQ0UvOTAwOTlDNDA1N0REMTFFRUJBRkZFNDJEQzRGOUFFMDIvMUU1NDExOTJE
NUExMTFFRTlENzNGQTQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr7/owDQYJKoZIhvcNAQELBQADggEBAMoEjvTPM3stu8co
seM/G0i9kAKVW2U48vdaOoPwKxs3ik7U3AUCYE6rZPqzQ0EasxVuCMy7fP9BH2Em
xINgUqdnInVu3Y4mfsRV5K3X81MmjRGzPdv3sgvHWRBee74BYdnDDxjbHoPw1oX7
ErMA6sJX1RhTvh/2ZAINTGQpGgY/XZ1Cif/IWUKKibnhH4WWmU5yT+X8AMoxCxc7
qv+pyVBgQqDX2QDbR8NgscPojyCg58oqXyT94QhlyG9YqVZ64sEZahlXFOF6j0A9
/cJQQ7Uztvw3LCOUS3Xum3YGcrF0TrhUjqfsqgbRur2GSL54aw4kf4UFrw/W0FBz
yahdOVU=
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:05:32 2025 by rpki-client