Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/65037DC0F72B11EE94855861C4F9AE02.roa
File: 65037DC0F72B11EE94855861C4F9AE02.roa (raw, json)
Hash identifier: ja/KSCzV+He4qClpDCozZTp+VTug8dvH4YMcC9ie7eE=
Subject key identifier: D9:48:7B:61:CD:1C:5E:D3:3B:D8:47:CF:26:4C:5E:C3:31:A0:4F:8E
Certificate issuer: /CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Certificate serial: 359B
Authority key identifier: E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/65037DC0F72B11EE94855861C4F9AE02.roa
Signing time: Sun 03 Nov 2024 10:05:34 +0000
ROA not before: Sun 03 Nov 2024 10:05:34 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 7018
IP address blocks: 175.29.4.0/22 maxlen: 24
175.29.128.0/21 maxlen: 24
203.76.152.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13723 (0x359b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91510AD
Validity
Not Before: Nov 3 10:05:34 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67274aee-a0a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4b:10:d2:9c:62:1f:8f:df:43:c8:2e:8d:be:
9a:3d:97:2c:86:01:a2:05:ce:1d:5d:bf:67:89:d6:
f0:11:7f:5b:b5:d4:8e:d0:88:67:40:1c:4d:df:0b:
a9:fc:9b:1a:ee:2c:d6:05:65:1f:87:b1:3d:98:61:
70:5a:ed:b5:e2:d0:4e:94:be:86:8b:c3:58:74:db:
83:79:a8:a1:8e:e6:02:28:ad:1d:fa:3a:a6:04:9e:
37:14:16:58:fb:26:88:79:47:a1:59:60:72:0b:0a:
6d:52:3a:d1:38:72:67:75:ea:cc:dc:33:4d:2c:17:
7d:a4:5e:1e:d0:cd:11:ea:68:c2:79:0b:06:d5:41:
04:05:ca:d1:7b:5c:36:a3:ae:5d:d4:70:82:1b:3c:
60:dd:b3:46:d9:fd:80:3b:ae:40:be:dc:9f:f6:2f:
5b:c2:f1:2a:17:cd:a8:07:bc:d7:40:f1:47:30:f6:
6f:c4:c5:36:8e:35:a8:5a:08:d3:96:95:b1:4f:d0:
d6:8e:c1:8c:7a:63:6e:94:d4:de:c6:e4:1e:79:ea:
11:11:f8:55:48:90:b8:dc:a2:20:cb:17:72:8e:9b:
8f:86:e8:19:c8:4b:65:0c:c9:6b:7f:ea:f3:ab:06:
be:a9:51:e2:cf:0c:cd:d0:f3:e3:f0:d0:10:53:40:
36:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:48:7B:61:CD:1C:5E:D3:3B:D8:47:CF:26:4C:5E:C3:31:A0:4F:8E
X509v3 Authority Key Identifier:
keyid:E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/65037DC0F72B11EE94855861C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
175.29.4.0/22
175.29.128.0/21
203.76.152.0/21
Signature Algorithm: sha256WithRSAEncryption
66:2c:3c:f0:3e:6c:1f:3f:45:a8:bb:39:98:8a:aa:a8:71:16:
8d:52:fd:07:a8:1a:0a:fe:47:32:05:f4:b6:f9:53:af:89:b9:
f3:62:53:96:37:6b:e2:1f:0d:89:0e:71:8f:9f:42:ba:01:fd:
14:00:e6:31:e5:d9:8e:60:52:4d:18:49:3b:02:a6:ac:c6:de:
c2:8e:8b:f8:29:39:b9:95:28:4b:ef:32:6c:04:1d:46:09:55:
6b:7c:40:9d:e1:af:f8:b9:77:ee:53:5f:cc:db:d1:32:8a:68:
3b:1d:de:17:df:34:ab:0f:68:20:85:ab:97:4f:d0:e2:d2:46:
37:c3:0d:d8:42:c1:42:56:46:e1:48:12:3e:ed:c5:02:30:b0:
94:07:a8:21:da:95:0b:7d:b9:fb:db:d7:34:27:68:cc:d0:72:
2b:24:a9:9b:01:9b:5d:0b:f6:d8:4d:60:65:a9:34:ac:2b:a0:
ce:f3:53:83:50:9a:32:3b:01:9d:53:36:cd:fd:86:6c:39:4e:
81:fc:59:a1:b7:14:63:66:d0:90:6e:f0:e2:6f:be:5b:3d:b2:
e0:f9:17:92:6b:ec:e4:c6:1a:ca:73:78:1a:1b:0d:75:c4:dc:
ce:75:3f:12:7b:3d:55:72:52:34:70:62:14:51:e7:81:08:ed:
d9:24:e4:a6
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICNZswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0Nzk3QUU5REJE
RUIwOTIyNTcwHhcNMjQxMTAzMTAwNTM0WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI3NGFlZS1hMGExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0EsQ0pxiH4/fQ8gujb6aPZcshgGiBc4dXb9nidbwEX9btdSO0IhnQBxN3wup
/Jsa7izWBWUfh7E9mGFwWu214tBOlL6Gi8NYdNuDeaihjuYCKK0d+jqmBJ43FBZY
+yaIeUehWWByCwptUjrROHJnderM3DNNLBd9pF4e0M0R6mjCeQsG1UEEBcrRe1w2
o65d1HCCGzxg3bNG2f2AO65Avtyf9i9bwvEqF82oB7zXQPFHMPZvxMU2jjWoWgjT
lpWxT9DWjsGMemNulNTexuQeeeoREfhVSJC43KIgyxdyjpuPhugZyEtlDMlrf+rz
qwa+qVHizwzN0PPj8NAQU0A2iQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFNlIe2HN
HF7TO9hHzyZMXsMxoE+OMB8GA1UdIwQYMBaAFOHmkIoW7IE9qgvWR5eunb3rCSJX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTBBRC84QjVFNzVGRTFE
ODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhic2dUMnFDOVpIbDY2ZHZlc0pJ
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRlYVFpaGJzZ1QycUM5WkhsNjZkdmVzSklsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTEwQUQvOEI1RTc1RkUxRDg3MTFFMjg0QjM4M0RGMDhCMDJDRDIvNjUwMzdEQzBG
NzJCMTFFRTk0ODU1ODYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAKvHQQDBAOvHYADBAPLTJgwDQYJKoZIhvcNAQELBQADggEB
AGYsPPA+bB8/Rai7OZiKqqhxFo1S/QeoGgr+RzIF9Lb5U6+JufNiU5Y3a+IfDYkO
cY+fQroB/RQA5jHl2Y5gUk0YSTsCpqzG3sKOi/gpObmVKEvvMmwEHUYJVWt8QJ3h
r/i5d+5TX8zb0TKKaDsd3hffNKsPaCCFq5dP0OLSRjfDDdhCwUJWRuFIEj7txQIw
sJQHqCHalQt9ufvb1zQnaMzQciskqZsBm10L9thNYGWpNKwroM7zU4NQmjI7AZ1T
Ns39hmw5ToH8WaG3FGNm0JBu8OJvvls9suD5F5Jr7OTGGspzeBobDXXE3M51PxJ7
PVVyUjRwYhRR54EI7dkk5KY=
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:37:43 2025 by rpki-client