Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/D3CE622872D911E9B41E5B11C4F9AE02.roa
File: D3CE622872D911E9B41E5B11C4F9AE02.roa (raw, json)
Hash identifier: 6rI+S51uZYy1BuACuwS5kWXoyg6lf5nMEpRvaBuNroY=
Subject key identifier: 6E:57:4F:F3:22:12:FC:B3:7E:EA:CF:25:01:78:FD:30:82:66:9B:EA
Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Certificate serial: 1E2C
Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/D3CE622872D911E9B41E5B11C4F9AE02.roa
Signing time: Fri 20 Sep 2024 16:35:01 +0000
ROA not before: Fri 20 Sep 2024 16:35:01 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 4847
IP address blocks: 115.171.0.0/16 maxlen: 16
115.171.0.0/18 maxlen: 18
115.171.64.0/18 maxlen: 18
115.171.128.0/18 maxlen: 18
115.171.192.0/18 maxlen: 18
218.30.179.0/24 maxlen: 24
218.30.180.0/24 maxlen: 24
218.30.181.0/24 maxlen: 24
218.30.182.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7724 (0x1e2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE4
Validity
Not Before: Sep 20 16:35:01 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66eda434-1ebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8b:ac:15:5c:2f:53:0f:68:f7:a0:d5:ae:83:
50:32:a3:b4:cd:51:e6:2e:c7:13:26:ca:b8:54:2b:
0b:14:aa:b2:53:38:6c:b4:c2:d2:7f:95:43:c3:ee:
97:f1:d6:5b:86:e5:a4:fe:df:b4:5d:04:3e:e3:ca:
a2:54:fb:b3:f0:f9:52:d0:b8:17:5e:10:3b:3c:9d:
77:7e:d4:b8:c5:1a:f0:a0:a2:68:1a:ec:95:2c:38:
ec:3e:84:28:50:41:a9:4f:ec:fb:4a:4b:d4:eb:37:
e1:d2:b2:74:dc:b7:6e:06:18:be:15:02:fd:ca:24:
d3:9f:13:b3:c7:55:91:43:23:3a:3b:cf:bc:71:9f:
b2:19:80:da:ad:3e:22:c5:fb:54:3c:fb:47:33:72:
52:0c:63:1b:14:db:7b:91:aa:d8:a6:0a:8b:86:c7:
f1:e3:47:db:23:94:a5:ad:d1:c2:7c:07:18:30:f9:
d0:46:b3:8e:0d:32:d2:c5:76:5b:90:1b:74:2b:f6:
60:33:7c:2a:a2:dc:65:92:31:11:7e:00:ed:6b:27:
e1:c9:63:66:a8:33:68:7c:f6:01:9d:2a:a3:a0:9c:
d4:34:b1:3f:72:e6:dc:67:5b:4f:4d:75:f4:8b:8a:
b2:43:d6:be:35:13:0b:4f:aa:5f:24:b6:54:df:94:
8f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:57:4F:F3:22:12:FC:B3:7E:EA:CF:25:01:78:FD:30:82:66:9B:EA
X509v3 Authority Key Identifier:
keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/D3CE622872D911E9B41E5B11C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
115.171.0.0/16
218.30.179.0-218.30.182.255
Signature Algorithm: sha256WithRSAEncryption
5f:a2:b3:14:c9:1e:46:8d:00:ca:94:b4:df:0d:d2:8a:46:1e:
e2:a4:d0:58:74:ba:2e:da:9b:67:92:0f:11:fd:b7:58:9f:47:
8b:e0:bf:0e:0d:5f:75:43:f2:c2:9f:57:4b:8e:e6:58:c8:e3:
75:c8:f5:2d:1a:1e:4d:c0:c8:75:7f:ee:bd:0f:a2:aa:8d:c7:
d7:26:8e:ba:50:34:1c:37:93:de:87:ca:c6:2a:91:90:41:39:
96:6d:6a:6a:9e:8d:e4:e7:ad:11:cd:ac:5b:a9:61:e4:5e:23:
7c:b5:fb:db:87:fb:dc:83:bd:3d:8b:25:95:79:6f:db:8e:06:
de:69:6a:8b:61:7c:6c:8b:f8:1c:c4:db:b4:26:59:3f:ca:55:
f6:2e:ef:e1:33:02:64:9c:11:3e:5a:2d:1a:70:c7:0b:53:42:
a4:02:fc:b3:1c:b6:ed:bd:44:6a:f9:6e:4e:e9:cb:6d:aa:3b:
a0:35:6f:e0:5b:57:1c:1a:77:06:d2:d8:46:2c:5b:59:54:35:
f0:e0:a8:71:54:8f:df:de:25:0c:7c:4e:0e:6c:b8:e5:d3:88:
84:d5:d8:74:ea:7f:b0:be:a3:09:fd:ae:34:30:de:29:ef:5d:
1c:34:38:5f:1e:94:6b:66:4d:aa:42:13:10:5e:55:77:fd:0c:
51:7e:52:c4
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgICHiwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1
NkU4QUM4QkEwHhcNMjQwOTIwMTYzNTAxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmVkYTQzNC0xZWJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuIusFVwvUw9o96DVroNQMqO0zVHmLscTJsq4VCsLFKqyUzhstMLSf5VDw+6X
8dZbhuWk/t+0XQQ+48qiVPuz8PlS0LgXXhA7PJ13ftS4xRrwoKJoGuyVLDjsPoQo
UEGpT+z7SkvU6zfh0rJ03LduBhi+FQL9yiTTnxOzx1WRQyM6O8+8cZ+yGYDarT4i
xftUPPtHM3JSDGMbFNt7karYpgqLhsfx40fbI5SlrdHCfAcYMPnQRrOODTLSxXZb
kBt0K/ZgM3wqotxlkjERfgDtayfhyWNmqDNofPYBnSqjoJzUNLE/cubcZ1tPTXX0
i4qyQ9a+NRMLT6pfJLZU35SPXQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG5XT/Mi
EvyzfurPJQF4/TCCZpvqMB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1
NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5
TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvRDNDRTYyMjg3
MkQ5MTFFOUI0MUU1QjExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLAYIKwYBBQUHAQcBAf8E
HTAbMBkEAgABMBMDAwBzqzAMAwQA2h6zAwQA2h62MA0GCSqGSIb3DQEBCwUAA4IB
AQBforMUyR5GjQDKlLTfDdKKRh7ipNBYdLou2ptnkg8R/bdYn0eL4L8ODV91Q/LC
n1dLjuZYyON1yPUtGh5NwMh1f+69D6KqjcfXJo66UDQcN5Peh8rGKpGQQTmWbWpq
no3k560RzaxbqWHkXiN8tfvbh/vcg709iyWVeW/bjgbeaWqLYXxsi/gcxNu0Jlk/
ylX2Lu/hMwJknBE+Wi0acMcLU0KkAvyzHLbtvURq+W5O6cttqjugNW/gW1ccGncG
0thGLFtZVDXw4KhxVI/f3iUMfE4ObLjl04iE1dh06n+wvqMJ/a40MN4p710cNDhf
HpRrZk2qQhMQXlV3/QxRflLE
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:33:33 2025 by rpki-client