Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E0A8/0C47490AEAB311EB9811A465C4F9AE02/FA82DFB83ACB11EC9FEBB367C4F9AE02.roa
File: FA82DFB83ACB11EC9FEBB367C4F9AE02.roa (raw, json)
Hash identifier: WDAtZkvVBWCh4sdS393tb7mD2RpYvoRQQWQo7es9q/I=
Subject key identifier: AE:80:EE:6B:0A:5E:D2:3E:76:67:AD:F0:CC:F4:84:C6:55:41:EB:63
Certificate issuer: /CN=A917E0A8/serialNumber=0508CBE9AB6EE7F629F1E17385F3E0FDEF8C3D3B
Certificate serial: 04AD
Authority key identifier: 05:08:CB:E9:AB:6E:E7:F6:29:F1:E1:73:85:F3:E0:FD:EF:8C:3D:3B
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/BQjL6atu5_Yp8eFzhfPg_e-MPTs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E0A8/0C47490AEAB311EB9811A465C4F9AE02/FA82DFB83ACB11EC9FEBB367C4F9AE02.roa
Signing time: Fri 26 Apr 2024 21:10:00 +0000
ROA not before: Fri 26 Apr 2024 21:10:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133752
IP address blocks: 85.113.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1197 (0x4ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E0A8
Validity
Not Before: Apr 26 21:10:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=662c1828-61fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e6:82:27:fb:34:f6:a3:80:63:2b:bc:a0:7a:
e6:cd:8f:8c:4e:47:68:b9:43:7d:53:0f:79:e7:be:
0d:9e:60:5b:7e:f7:5f:4f:96:77:db:e6:8f:8a:19:
5a:17:91:db:e6:64:1c:de:0b:2d:fa:d1:24:4c:8c:
ba:f8:a3:ef:31:84:c0:4d:fe:02:6d:97:42:4e:ba:
c7:5b:d4:d0:f4:7b:51:4d:75:ed:ed:4f:29:57:c4:
a8:83:2c:04:db:37:48:4f:90:2f:66:c5:65:7b:e5:
63:0d:ad:03:3e:e2:b6:ad:54:50:31:0e:6a:6b:1b:
5d:ca:1b:a9:42:c0:79:d7:8a:36:83:2d:58:e2:a4:
72:fe:d9:30:76:09:33:95:ed:bc:3a:37:67:e3:fe:
01:f3:9d:ea:c4:e1:cf:c3:c6:de:28:20:09:06:f9:
6b:7d:72:4a:c4:a8:f3:2f:1d:1d:58:d7:0c:c3:30:
cf:c0:4d:b4:82:23:0e:ea:76:6b:0d:7c:10:88:66:
0e:63:75:d1:e7:3d:cf:a2:07:9c:d4:07:7e:b9:70:
51:20:e2:a7:ee:ca:73:94:8d:2e:0b:b4:0b:04:f9:
c6:d6:7f:32:ce:ee:44:c6:fa:c0:00:a7:32:a4:b8:
ef:dc:38:05:b1:36:1c:59:3a:c0:e1:52:74:d1:3a:
03:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:80:EE:6B:0A:5E:D2:3E:76:67:AD:F0:CC:F4:84:C6:55:41:EB:63
X509v3 Authority Key Identifier:
keyid:05:08:CB:E9:AB:6E:E7:F6:29:F1:E1:73:85:F3:E0:FD:EF:8C:3D:3B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E0A8/0C47490AEAB311EB9811A465C4F9AE02/BQjL6atu5_Yp8eFzhfPg_e-MPTs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/BQjL6atu5_Yp8eFzhfPg_e-MPTs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/0C47490AEAB311EB9811A465C4F9AE02/FA82DFB83ACB11EC9FEBB367C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
85.113.71.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:21:b8:87:0b:ce:ac:98:a4:84:34:ef:bf:13:68:c7:53:32:
80:9b:ea:46:20:4e:7e:19:b5:50:79:aa:5d:5b:f5:fa:7b:79:
2c:e7:21:aa:b6:cf:79:9a:34:a6:55:3b:43:43:78:e0:b4:23:
20:c4:13:26:cf:3e:e6:01:f4:6b:5a:9f:df:1a:e8:3a:be:eb:
a0:c3:7b:82:b5:c2:62:ff:16:39:05:1e:aa:4b:54:36:f1:98:
5e:de:dc:28:b7:df:f9:c8:d2:1d:68:2f:a7:86:9e:d0:bc:e7:
4f:fc:32:66:6d:fe:4b:f0:e4:72:a0:2f:e9:7f:13:1c:f0:5b:
fd:d4:b9:90:bc:a1:e2:04:36:a0:19:8e:1d:f2:45:79:02:a1:
20:bb:80:ed:68:d7:e6:1e:ae:8a:31:fa:3b:74:db:b9:b5:67:
a5:c0:1d:89:76:d8:7b:db:93:ac:6d:fe:59:6a:52:a5:46:8a:
0d:6a:17:6a:7b:5d:31:28:0b:30:79:04:b5:54:3e:e7:64:14:
3e:cc:57:56:07:d4:51:0a:f3:8e:4b:7c:58:84:ae:f5:b6:23:
53:00:c0:c5:b0:2e:e9:54:ab:20:84:74:30:59:7e:7f:85:89:
23:25:7d:49:18:50:c3:e8:53:41:94:f7:b7:fc:84:b9:ff:03:
06:3a:77:d7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBK0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0UwQTgxMTAvBgNVBAUTKDA1MDhDQkU5QUI2RUU3RjYyOUYxRTE3Mzg1RjNFMEZE
RUY4QzNEM0IwHhcNMjQwNDI2MjExMDAwWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjJjMTgyOC02MWZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAruaCJ/s09qOAYyu8oHrmzY+MTkdouUN9Uw95574NnmBbfvdfT5Z32+aPihla
F5Hb5mQc3gst+tEkTIy6+KPvMYTATf4CbZdCTrrHW9TQ9HtRTXXt7U8pV8SogywE
2zdIT5AvZsVle+VjDa0DPuK2rVRQMQ5qaxtdyhupQsB514o2gy1Y4qRy/tkwdgkz
le28Ojdn4/4B853qxOHPw8beKCAJBvlrfXJKxKjzLx0dWNcMwzDPwE20giMO6nZr
DXwQiGYOY3XR5z3Pogec1Ad+uXBRIOKn7spzlI0uC7QLBPnG1n8yzu5ExvrAAKcy
pLjv3DgFsTYcWTrA4VJ00ToDSQIDAQABo4IClTCCApEwHQYDVR0OBBYEFK6A7msK
XtI+dmet8Mz0hMZVQetjMB8GA1UdIwQYMBaAFAUIy+mrbuf2KfHhc4Xz4P3vjD07
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTBBOC8wQzQ3NDkwQUVB
QjMxMUVCOTgxMUE0NjVDNEY5QUUwMi9CUWpMNmF0dTVfWXA4ZUZ6aGZQZ19lLU1Q
VHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL0JRakw2YXR1NV9ZcDhlRnpoZlBnX2UtTVBUcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0UwQTgvMEM0NzQ5MEFFQUIzMTFFQjk4MTFBNDY1QzRGOUFFMDIvRkE4MkRGQjgz
QUNCMTFFQzlGRUJCMzY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABVcUcwDQYJKoZIhvcNAQELBQADggEBAG4huIcLzqyYpIQ0
778TaMdTMoCb6kYgTn4ZtVB5ql1b9fp7eSznIaq2z3maNKZVO0NDeOC0IyDEEybP
PuYB9Gtan98a6Dq+66DDe4K1wmL/FjkFHqpLVDbxmF7e3Ci33/nI0h1oL6eGntC8
50/8MmZt/kvw5HKgL+l/ExzwW/3UuZC8oeIENqAZjh3yRXkCoSC7gO1o1+Yeroox
+jt027m1Z6XAHYl22Hvbk6xt/llqUqVGig1qF2p7XTEoCzB5BLVUPudkFD7MV1YH
1FEK845LfFiErvW2I1MAwMWwLulUqyCEdDBZfn+FiSMlfUkYUMPoU0GU97f8hLn/
AwY6d9c=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:42:23 2025 by rpki-client