Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912442A/E7C4F9DEF62511EE8DAD8E35C4F9AE02/B374CCF4764F11EFA343104DC4F9AE02.roa
File: B374CCF4764F11EFA343104DC4F9AE02.roa (raw, json)
Hash identifier: YHWhKcoRyjB0P2neEplhATghOZqZeBUWkCt9dgbhrVE=
Subject key identifier: 76:9A:11:0C:20:16:CD:AA:6A:4C:B9:7A:29:E6:22:18:59:EF:23:C2
Certificate issuer: /CN=A912442A/serialNumber=7DE607C4615D7A01FBDD4A86AD5459401A759921
Certificate serial: 89
Authority key identifier: 7D:E6:07:C4:61:5D:7A:01:FB:DD:4A:86:AD:54:59:40:1A:75:99:21
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/feYHxGFdegH73UqGrVRZQBp1mSE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912442A/E7C4F9DEF62511EE8DAD8E35C4F9AE02/B374CCF4764F11EFA343104DC4F9AE02.roa
Signing time: Wed 27 Nov 2024 01:34:47 +0000
ROA not before: Wed 27 Nov 2024 01:34:47 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 45248
IP address blocks: 85.204.253.0/24 maxlen: 24
89.39.91.0/24 maxlen: 24
89.47.94.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137 (0x89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912442A
Validity
Not Before: Nov 27 01:34:47 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67467737-ac7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:aa:bc:f5:b3:58:e5:c4:0c:30:6d:48:37:6e:
74:fc:cd:2f:08:b2:cc:29:06:98:fe:03:81:d3:5c:
00:f3:5d:7a:dc:8a:fe:85:af:68:ef:b3:70:0d:48:
87:c5:da:98:4f:6b:a4:76:a7:fc:76:04:f7:77:aa:
a2:ef:5c:86:b0:a3:2c:3e:f6:a1:7f:89:3c:7e:06:
b9:82:47:02:42:26:62:8c:6b:ef:7f:d5:23:6a:37:
4e:48:d7:48:bf:52:df:41:5f:de:eb:b8:bc:c8:af:
3b:cf:ab:b7:c6:83:39:99:7f:3d:85:a5:b8:69:38:
f7:68:e2:28:c6:c3:6d:99:5e:73:66:ac:90:0c:05:
d2:aa:29:e5:b2:59:4b:69:c4:fe:cf:e5:37:9e:3a:
43:e5:1a:88:6a:33:3a:f7:d6:68:18:d4:72:67:44:
7e:f0:a4:cd:a6:23:c6:5d:b9:08:d5:80:e9:e8:70:
e8:f8:d0:5e:c9:5b:7f:69:86:79:e4:ea:e2:79:2a:
98:dc:31:d9:c8:4b:25:99:52:5e:30:69:c0:ef:82:
46:66:a2:37:fe:3f:cd:64:0b:af:df:6c:74:37:92:
8f:ee:c3:64:58:f4:ee:6b:50:80:9b:87:30:12:e9:
d3:75:c6:75:cc:8c:f2:43:c0:d6:19:86:52:dd:d4:
f3:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:9A:11:0C:20:16:CD:AA:6A:4C:B9:7A:29:E6:22:18:59:EF:23:C2
X509v3 Authority Key Identifier:
keyid:7D:E6:07:C4:61:5D:7A:01:FB:DD:4A:86:AD:54:59:40:1A:75:99:21
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912442A/E7C4F9DEF62511EE8DAD8E35C4F9AE02/feYHxGFdegH73UqGrVRZQBp1mSE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/feYHxGFdegH73UqGrVRZQBp1mSE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912442A/E7C4F9DEF62511EE8DAD8E35C4F9AE02/B374CCF4764F11EFA343104DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
85.204.253.0/24
89.39.91.0/24
89.47.94.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:a4:9c:62:32:1b:4f:c3:e1:59:9f:d8:1e:3f:ba:7c:c8:9f:
36:25:c4:13:fd:95:b1:bd:23:63:ad:75:83:9d:75:f0:b2:a0:
0b:fb:13:05:4b:db:f8:10:a5:9c:d8:a3:8d:ae:f8:cf:95:07:
ef:3f:86:bd:a8:c5:44:73:c3:16:d2:8f:96:1c:71:66:25:b4:
f8:3c:62:ff:66:eb:5c:b7:ef:73:a4:81:55:b2:90:08:2e:a6:
32:27:02:3c:88:39:60:5f:21:3e:98:71:c1:94:98:46:bf:ef:
8c:57:bc:b4:e4:a6:60:04:a2:e5:32:f2:62:aa:8d:7f:14:f6:
79:87:38:a6:6e:ca:8b:97:bc:4f:9f:f2:88:36:53:a9:f1:c6:
07:11:76:11:39:6c:a2:0e:e2:ac:0c:ea:bd:2f:db:ce:e4:eb:
41:e0:69:fe:9e:d7:29:26:45:32:50:fb:db:a7:57:7c:10:e4:
9d:d3:2b:38:84:53:f4:c1:5f:6e:a6:39:48:bc:c8:23:46:79:
d7:0f:eb:bf:31:19:01:4a:e5:81:c3:d9:dd:48:31:e6:1f:79:
f8:ee:56:58:fd:57:a9:80:3b:7f:d4:49:da:22:4f:dd:b9:33:
bb:d4:19:81:51:29:c7:bd:ed:c0:66:dc:77:43:4b:04:a9:3d:
dc:8c:27:e7
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAIkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjQ0MkExMTAvBgNVBAUTKDdERTYwN0M0NjE1RDdBMDFGQkRENEE4NkFENTQ1OTQw
MUE3NTk5MjEwHhcNMjQxMTI3MDEzNDQ3WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ2NzczNy1hYzdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsKq89bNY5cQMMG1IN250/M0vCLLMKQaY/gOB01wA81163Ir+ha9o77NwDUiH
xdqYT2ukdqf8dgT3d6qi71yGsKMsPvahf4k8fga5gkcCQiZijGvvf9UjajdOSNdI
v1LfQV/e67i8yK87z6u3xoM5mX89haW4aTj3aOIoxsNtmV5zZqyQDAXSqinlsllL
acT+z+U3njpD5RqIajM699ZoGNRyZ0R+8KTNpiPGXbkI1YDp6HDo+NBeyVt/aYZ5
5OrieSqY3DHZyEslmVJeMGnA74JGZqI3/j/NZAuv32x0N5KP7sNkWPTua1CAm4cw
EunTdcZ1zIzyQ8DWGYZS3dTz8wIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFHaaEQwg
Fs2qaky5einmIhhZ7yPCMB8GA1UdIwQYMBaAFH3mB8RhXXoB+91Khq1UWUAadZkh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDQyQS9FN0M0RjlERUY2
MjUxMUVFOERBRDhFMzVDNEY5QUUwMi9mZVlIeEdGZGVnSDczVXFHclZSWlFCcDFt
U0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL2ZlWUh4R0ZkZWdINzNVcUdyVlJaUUJwMW1TRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjQ0MkEvRTdDNEY5REVGNjI1MTFFRThEQUQ4RTM1QzRGOUFFMDIvQjM3NENDRjQ3
NjRGMTFFRkEzNDMxMDREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBABVzP0DBABZJ1sDBABZL14wDQYJKoZIhvcNAQELBQADggEB
ALKknGIyG0/D4Vmf2B4/unzInzYlxBP9lbG9I2OtdYOddfCyoAv7EwVL2/gQpZzY
o42u+M+VB+8/hr2oxURzwxbSj5YccWYltPg8Yv9m61y373OkgVWykAgupjInAjyI
OWBfIT6YccGUmEa/74xXvLTkpmAEouUy8mKqjX8U9nmHOKZuyouXvE+f8og2U6nx
xgcRdhE5bKIO4qwM6r0v287k60Hgaf6e1ykmRTJQ+9unV3wQ5J3TKziEU/TBX26m
OUi8yCNGedcP678xGQFK5YHD2d1IMeYfefjuVlj9V6mAO3/USdoiT925M7vUGYFR
Kce97cBm3HdDSwSpPdyMJ+c=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:52:46 2025 by rpki-client