Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913429A/0CBFB23A1D9111E29789F9F208B02CD2/BCF64A9E45F111E98754BF25C4F9AE02.roa
File: BCF64A9E45F111E98754BF25C4F9AE02.roa (raw, json)
Hash identifier: GHgWNmI+Fctvk8aqHg3a+P3oNbjbrdoVyQ3vNru6KgQ=
Subject key identifier: 16:0D:FA:87:DC:97:5A:6D:E2:DF:87:81:AC:82:00:AD:C6:24:E6:71
Certificate issuer: /CN=A913429A/serialNumber=CE291F6ECC60DD4CC481D8BD2C4650AD1DFEE355
Certificate serial: 31B3
Authority key identifier: CE:29:1F:6E:CC:60:DD:4C:C4:81:D8:BD:2C:46:50:AD:1D:FE:E3:55
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zikfbsxg3UzEgdi9LEZQrR3-41U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913429A/0CBFB23A1D9111E29789F9F208B02CD2/BCF64A9E45F111E98754BF25C4F9AE02.roa
Signing time: Fri 03 Jun 2022 03:10:34 +0000
ROA not before: Fri 03 Jun 2022 03:10:34 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 38016
IP address blocks: 124.252.0.0/16 maxlen: 16
124.252.255.0/24 maxlen: 24
2406:c800::/32 maxlen: 32
2406:c800:a1ca::/48 maxlen: 48
2406:c800:e000::/48 maxlen: 48
2406:c800:f000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12723 (0x31b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913429A/serialNumber=CE291F6ECC60DD4CC481D8BD2C4650AD1DFEE355
Validity
Not Before: Jun 3 03:10:34 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=62997ba9-1299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:28:a3:0a:08:1f:bb:d4:da:21:ef:2c:c3:36:
42:23:26:ed:78:43:e1:28:2d:7f:03:32:50:cd:5e:
62:53:68:db:75:f6:58:19:1f:6d:70:f6:06:51:47:
f7:bf:33:e0:4e:73:c9:24:cf:f1:2b:f2:2e:90:e2:
76:8a:8d:16:37:5b:77:d6:c2:d1:85:fc:f6:a2:6a:
60:6f:fa:f1:4a:6d:56:86:14:36:77:84:86:b0:aa:
4a:bc:d2:46:de:06:26:c4:d0:38:d7:0e:c7:9f:fb:
10:22:55:fe:32:b2:2e:42:e9:3e:63:62:10:b5:d8:
cf:a6:84:ee:76:21:ef:b0:9d:c1:93:be:9e:68:5c:
43:ad:fb:74:08:12:ac:2c:af:a3:53:47:9c:67:75:
7e:b9:5d:91:40:51:de:01:4f:a5:ff:9d:93:db:71:
b8:13:17:a8:55:eb:39:68:e1:41:8c:9e:4b:89:cf:
77:f5:da:60:4c:cc:57:31:a5:36:61:1b:d8:5c:ac:
75:78:90:86:c8:27:06:37:9e:c0:85:c0:92:ba:38:
63:57:31:43:de:5e:ba:25:5e:26:cb:ce:89:e9:59:
1e:33:df:45:55:2f:6c:3e:03:b5:67:2d:2f:f0:fa:
ee:db:fc:0e:32:3f:20:9c:b1:c1:d9:8e:c4:d7:a5:
af:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:0D:FA:87:DC:97:5A:6D:E2:DF:87:81:AC:82:00:AD:C6:24:E6:71
X509v3 Authority Key Identifier:
keyid:CE:29:1F:6E:CC:60:DD:4C:C4:81:D8:BD:2C:46:50:AD:1D:FE:E3:55
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913429A/0CBFB23A1D9111E29789F9F208B02CD2/zikfbsxg3UzEgdi9LEZQrR3-41U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zikfbsxg3UzEgdi9LEZQrR3-41U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913429A/0CBFB23A1D9111E29789F9F208B02CD2/BCF64A9E45F111E98754BF25C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
124.252.0.0/16
IPv6:
2406:c800::/32
Signature Algorithm: sha256WithRSAEncryption
3e:a8:ed:5c:08:aa:3e:c9:46:88:60:22:48:0d:ee:13:12:ad:
7f:28:34:8a:03:5d:26:f6:d1:37:28:ef:09:71:b3:79:f7:f9:
48:a5:a4:fe:aa:39:fc:97:4f:1e:6b:16:34:87:6c:5a:d3:9a:
47:3b:d1:b3:10:8c:b6:75:f0:8e:40:29:ac:78:97:60:cb:f5:
2f:8a:3d:8b:f3:5f:e1:f6:8c:c8:09:28:ce:8e:5f:98:3f:c8:
f0:4d:79:2c:d1:7e:47:86:18:37:ef:de:ca:3f:10:8b:eb:3a:
53:6a:89:c8:45:4a:87:9f:e2:de:29:a7:76:3b:6c:89:af:88:
47:b2:7c:eb:6a:95:a2:2a:13:fd:20:04:54:df:2c:2f:3b:53:
f2:80:aa:65:f6:10:6c:75:8d:03:1f:13:0f:ae:64:c7:b3:02:
20:62:ac:97:86:e6:0a:0a:51:0e:66:79:1f:16:a2:67:78:39:
d7:a4:09:a9:81:9d:fe:1d:e3:51:43:13:a4:ae:95:d0:a9:79:
5c:bb:a1:ad:27:5e:10:96:e1:41:a7:47:a7:48:71:02:49:00:
15:26:d9:d2:9d:6a:cb:c9:60:79:91:37:9f:31:cb:1d:22:bd:
ac:cb:6e:08:25:d6:05:ea:41:f4:76:f0:27:b1:cb:5f:8a:16:
3e:fd:47:63
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICMbMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzQyOUExMTAvBgNVBAUTKENFMjkxRjZFQ0M2MERENENDNDgxRDhCRDJDNDY1MEFE
MURGRUUzNTUwHhcNMjIwNjAzMDMxMDM0WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjk5N2JhOS0xMjk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuyijCggfu9TaIe8swzZCIybteEPhKC1/AzJQzV5iU2jbdfZYGR9tcPYGUUf3
vzPgTnPJJM/xK/IukOJ2io0WN1t31sLRhfz2ompgb/rxSm1WhhQ2d4SGsKpKvNJG
3gYmxNA41w7Hn/sQIlX+MrIuQuk+Y2IQtdjPpoTudiHvsJ3Bk76eaFxDrft0CBKs
LK+jU0ecZ3V+uV2RQFHeAU+l/52T23G4ExeoVes5aOFBjJ5Lic939dpgTMxXMaU2
YRvYXKx1eJCGyCcGN57AhcCSujhjVzFD3l66JV4my86J6VkeM99FVS9sPgO1Zy0v
8Pru2/wOMj8gnLHB2Y7E16WvJwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFBYN+ofc
l1pt4t+HgayCAK3GJOZxMB8GA1UdIwQYMBaAFM4pH27MYN1MxIHYvSxGUK0d/uNV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDI5QS8wQ0JGQjIzQTFE
OTExMUUyOTc4OUY5RjIwOEIwMkNEMi96aWtmYnN4ZzNVekVnZGk5TEVaUXJSMy00
MVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ppa2Zic3hnM1V6RWdkaTlMRVpRclIzLTQxVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzQyOUEvMENCRkIyM0ExRDkxMTFFMjk3ODlGOUYyMDhCMDJDRDIvQkNGNjRBOUU0
NUYxMTFFOTg3NTRCRjI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMAsEAgABMAUDAwB8/DANBAIAAjAHAwUAJAbIADANBgkqhkiG9w0BAQsFAAOC
AQEAPqjtXAiqPslGiGAiSA3uExKtfyg0igNdJvbRNyjvCXGzeff5SKWk/qo5/JdP
HmsWNIdsWtOaRzvRsxCMtnXwjkAprHiXYMv1L4o9i/Nf4faMyAkozo5fmD/I8E15
LNF+R4YYN+/eyj8Qi+s6U2qJyEVKh5/i3imndjtsia+IR7J862qVoioT/SAEVN8s
LztT8oCqZfYQbHWNAx8TD65kx7MCIGKsl4bmCgpRDmZ5HxaiZ3g516QJqYGd/h3j
UUMTpK6V0Kl5XLuhrSdeEJbhQadHp0hxAkkAFSbZ0p1qy8lgeZE3nzHLHSK9rMtu
CCXWBepB9HbwJ7HLX4oWPv1HYw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:59 2024 by rpki-client on console-fra.rpki-client.org