Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/FF54461CC7BC11EB9E6C9A69C4F9AE02.roa
File: FF54461CC7BC11EB9E6C9A69C4F9AE02.roa (raw, json)
Hash identifier: Abn6jVylboaSLiKBPnyzjN9v9cXF+QhNGF8xH9KRXC8=
Subject key identifier: 5F:20:95:5A:41:3C:5A:71:8E:FF:AA:95:4F:B2:A9:9D:D6:53:2E:9F
Certificate issuer: /CN=A9125475/serialNumber=4440F6C422E9500C7D46A62D7DEB70D33A88750E
Certificate serial: 3642
Authority key identifier: 44:40:F6:C4:22:E9:50:0C:7D:46:A6:2D:7D:EB:70:D3:3A:88:75:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/FF54461CC7BC11EB9E6C9A69C4F9AE02.roa
Signing time: Mon 02 Dec 2024 14:30:38 +0000
ROA not before: Mon 02 Dec 2024 14:30:38 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 20940
IP address blocks: 61.19.5.0/24 maxlen: 24
61.19.8.0/24 maxlen: 24
61.19.11.0/24 maxlen: 24
61.19.12.0/24 maxlen: 24
61.19.13.0/24 maxlen: 24
122.155.239.0/24 maxlen: 24
2001:c38:500a::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13890 (0x3642)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9125475
Validity
Not Before: Dec 2 14:30:38 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=674dc48d-ed04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:77:5a:71:2f:70:da:6b:e0:0c:df:21:01:4b:
06:83:fa:25:18:38:45:2e:7d:66:13:db:84:49:a4:
86:ec:10:0b:29:cf:5b:87:37:97:5b:98:cb:ef:54:
c8:e4:a3:48:3c:47:db:51:24:46:5d:fa:2b:02:00:
44:8f:91:8b:0f:2e:54:38:67:39:4a:76:80:9a:00:
18:9c:84:14:b6:9d:09:7a:99:57:78:96:3b:64:70:
eb:e9:e5:46:28:24:aa:a7:05:7c:1c:ed:51:1c:2a:
f3:3a:f1:a4:20:ae:c1:ca:88:ff:69:02:27:c6:23:
27:ef:02:69:92:27:d4:fb:df:3f:21:b5:ea:43:62:
d1:1b:74:cb:5a:9e:e1:40:4a:41:2d:9d:ab:dc:cc:
d9:da:f9:c5:ee:e0:f0:f3:dc:aa:04:c9:a2:68:03:
2a:85:bd:36:ea:1c:5a:5c:7f:e5:e5:fd:b3:cf:3d:
39:25:80:c7:c3:b8:80:cf:27:7c:6e:f2:0a:10:d4:
87:e2:ea:be:57:ba:16:cb:4f:d7:a3:36:07:d4:79:
0a:87:6e:a5:b3:63:3c:ec:fd:d0:3c:c7:3f:44:16:
15:ff:f6:23:eb:4c:2d:33:84:34:b8:a1:79:6a:9f:
c5:84:15:89:34:55:31:59:ea:70:d3:d3:8d:09:1d:
44:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:20:95:5A:41:3C:5A:71:8E:FF:AA:95:4F:B2:A9:9D:D6:53:2E:9F
X509v3 Authority Key Identifier:
keyid:44:40:F6:C4:22:E9:50:0C:7D:46:A6:2D:7D:EB:70:D3:3A:88:75:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/RED2xCLpUAx9RqYtfetw0zqIdQ4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/FF54461CC7BC11EB9E6C9A69C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.19.5.0/24
61.19.8.0/24
61.19.11.0-61.19.13.255
122.155.239.0/24
IPv6:
2001:c38:500a::/48
Signature Algorithm: sha256WithRSAEncryption
86:f8:4c:6a:27:92:77:54:8d:18:49:76:b1:8a:3c:36:6e:ea:
c1:38:2c:80:28:27:30:e7:c7:f2:0d:96:d2:20:db:72:d2:a6:
7c:ea:d0:74:4e:53:41:af:06:22:05:55:4b:25:b5:78:ed:8b:
48:6a:39:89:29:88:76:95:30:ae:06:a7:5a:8f:18:8a:2d:cf:
34:2a:19:85:b2:3b:30:c3:e3:49:35:d2:bd:05:52:35:9b:6b:
0d:d8:a1:2a:dd:e7:a5:f9:c7:73:88:e4:45:ab:26:ea:38:41:
fd:14:e3:82:cb:8d:55:3e:a7:01:7d:07:ee:b6:12:f7:7e:6f:
cd:ab:64:7f:c1:9b:75:cb:37:ae:7b:7f:8f:8a:67:3b:02:f2:
7e:ed:58:bb:4e:f7:9c:77:03:5a:46:be:34:18:49:06:22:bf:
95:fd:0d:0e:7a:3b:7e:5f:42:cb:c7:25:02:34:29:83:ac:b3:
a0:54:35:9d:75:a9:45:f0:87:99:c1:30:10:7c:c1:9d:fd:ba:
63:15:64:00:63:4a:26:17:de:fb:3c:24:8b:60:fe:5c:ff:0b:
82:73:8b:a9:49:22:31:9c:26:2a:15:11:18:06:22:4f:d0:16:
b0:02:e6:a0:e4:21:79:5e:fd:e5:15:b4:f1:f7:74:2b:ce:67:
57:5f:cd:50
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgICNkIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjU0NzUxMTAvBgNVBAUTKDQ0NDBGNkM0MjJFOTUwMEM3RDQ2QTYyRDdERUI3MEQz
M0E4ODc1MEUwHhcNMjQxMjAyMTQzMDM4WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRkYzQ4ZC1lZDA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu3dacS9w2mvgDN8hAUsGg/olGDhFLn1mE9uESaSG7BALKc9bhzeXW5jL71TI
5KNIPEfbUSRGXforAgBEj5GLDy5UOGc5SnaAmgAYnIQUtp0JeplXeJY7ZHDr6eVG
KCSqpwV8HO1RHCrzOvGkIK7Byoj/aQInxiMn7wJpkifU+98/IbXqQ2LRG3TLWp7h
QEpBLZ2r3MzZ2vnF7uDw89yqBMmiaAMqhb026hxaXH/l5f2zzz05JYDHw7iAzyd8
bvIKENSH4uq+V7oWy0/XozYH1HkKh26ls2M87P3QPMc/RBYV//Yj60wtM4Q0uKF5
ap/FhBWJNFUxWepw09ONCR1ExQIDAQABo4ICwDCCArwwHQYDVR0OBBYEFF8glVpB
PFpxjv+qlU+yqZ3WUy6fMB8GA1UdIwQYMBaAFERA9sQi6VAMfUamLX3rcNM6iHUO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNTQ3NS9BQjQ0Nzk3MjFE
NzgxMUUyQURCNkYyQzQwOEIwMkNEMi9SRUQyeENMcFVBeDlScVl0ZmV0dzB6cUlk
UTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JFRDJ4Q0xwVUF4OVJxWXRmZXR3MHpxSWRRNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjU0NzUvQUI0NDc5NzIxRDc4MTFFMkFEQjZGMkM0MDhCMDJDRDIvRkY1NDQ2MUND
N0JDMTFFQjlFNkM5QTY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSgYIKwYBBQUHAQcBAf8E
OzA5MCYEAgABMCADBAA9EwUDBAA9EwgwDAMEAD0TCwMEAT0TDAMEAHqb7zAPBAIA
AjAJAwcAIAEMOFAKMA0GCSqGSIb3DQEBCwUAA4IBAQCG+ExqJ5J3VI0YSXaxijw2
burBOCyAKCcw58fyDZbSINty0qZ86tB0TlNBrwYiBVVLJbV47YtIajmJKYh2lTCu
BqdajxiKLc80KhmFsjsww+NJNdK9BVI1m2sN2KEq3eel+cdziORFqybqOEH9FOOC
y41VPqcBfQfuthL3fm/Nq2R/wZt1yzeue3+Pimc7AvJ+7Vi7TvecdwNaRr40GEkG
Ir+V/Q0Oejt+X0LLxyUCNCmDrLOgVDWddalF8IeZwTAQfMGd/bpjFWQAY0omF977
PCSLYP5c/wuCc4upSSIxnCYqFREYBiJP0BawAuag5CF5Xv3lFbTx93QrzmdXX81Q
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:58:08 2025 by rpki-client