Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1F39/A4F72F321D9C11E281D34E8B08B02CD2/C11EB45241B511E9AF030E63C4F9AE02.roa
File: C11EB45241B511E9AF030E63C4F9AE02.roa (raw, json)
Hash identifier: RiLilp0zBIlqXf+Dc/JtxMVb/SxvdmilSbqSlDG8ocQ=
Subject key identifier: 65:E1:0F:4A:BC:BD:9E:2A:BF:04:22:EE:4D:AA:94:34:5F:54:8F:E0
Certificate issuer: /CN=A91D1F39/serialNumber=F26EF6091F115A66F372DB1800E566FE4D5C853B
Certificate serial: 3317
Authority key identifier: F2:6E:F6:09:1F:11:5A:66:F3:72:DB:18:00:E5:66:FE:4D:5C:85:3B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8m72CR8RWmbzctsYAOVm_k1chTs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D1F39/A4F72F321D9C11E281D34E8B08B02CD2/C11EB45241B511E9AF030E63C4F9AE02.roa
Signing time: Thu 30 Mar 2023 15:20:47 +0000
ROA not before: Thu 30 Mar 2023 15:20:47 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 131178
IP address blocks: 43.252.16.0/22 maxlen: 24
58.97.192.0/19 maxlen: 24
58.97.224.0/21 maxlen: 24
103.12.160.0/22 maxlen: 24
202.58.96.0/22 maxlen: 24
2400:4880::/32 maxlen: 32
2400:4880:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13079 (0x3317)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D1F39/serialNumber=F26EF6091F115A66F372DB1800E566FE4D5C853B
Validity
Not Before: Mar 30 15:20:47 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=6425a8cf-6860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ce:e8:44:04:6e:03:d7:08:4f:5f:a8:dd:06:
91:29:82:07:20:c2:23:6a:49:0c:35:ac:5f:7f:f4:
0e:ae:a7:5d:0f:91:6c:df:6e:32:c7:a8:bc:71:20:
b2:b0:02:26:8d:ca:e0:e9:5a:d9:79:90:01:83:82:
91:17:a4:29:c7:d4:5c:d7:68:79:8f:78:27:8b:d1:
e5:8f:75:d3:17:95:f6:a9:a3:3c:a4:b8:cf:1d:ad:
db:c4:84:93:d5:87:5d:f1:b6:a0:66:38:e7:8b:a4:
e2:bb:76:71:90:e7:2c:dd:4a:ff:20:20:97:2c:db:
c0:9b:1b:72:39:64:5b:4e:7c:4d:2b:26:7a:ec:a5:
0e:60:65:12:be:36:8f:6e:b8:f1:09:64:db:1e:fb:
20:4c:16:d4:d7:1f:ea:8a:81:5b:4c:de:b2:71:b5:
b3:b0:4c:b1:51:ea:15:51:ab:01:c6:ca:14:16:66:
57:93:31:2b:4c:9c:d3:f4:c5:82:db:f4:77:b1:5f:
40:77:d3:6d:90:32:b6:7e:77:75:4d:39:84:16:7c:
30:f3:32:ca:35:ea:e9:76:50:40:2d:ac:c1:a2:ec:
98:23:69:b6:28:90:76:d2:a3:b0:8b:4f:02:b4:25:
e0:2c:70:61:2e:35:ee:70:10:6c:75:68:ab:fd:d6:
90:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:E1:0F:4A:BC:BD:9E:2A:BF:04:22:EE:4D:AA:94:34:5F:54:8F:E0
X509v3 Authority Key Identifier:
keyid:F2:6E:F6:09:1F:11:5A:66:F3:72:DB:18:00:E5:66:FE:4D:5C:85:3B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D1F39/A4F72F321D9C11E281D34E8B08B02CD2/8m72CR8RWmbzctsYAOVm_k1chTs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8m72CR8RWmbzctsYAOVm_k1chTs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1F39/A4F72F321D9C11E281D34E8B08B02CD2/C11EB45241B511E9AF030E63C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.16.0/22
58.97.192.0-58.97.231.255
103.12.160.0/22
202.58.96.0/22
IPv6:
2400:4880::/32
Signature Algorithm: sha256WithRSAEncryption
b9:5d:f8:03:6a:97:8a:0f:5c:07:24:d3:cc:7d:81:7b:af:6b:
69:35:34:c6:6b:b0:b4:03:14:08:ca:ef:60:f4:0c:8e:54:77:
1d:55:fe:35:6e:9a:a8:25:99:26:11:f9:66:4b:8e:04:4f:f0:
73:12:58:d0:24:fa:e0:70:91:6b:3e:e3:3d:b0:c8:d0:c2:8b:
da:f1:36:d6:ba:25:0e:c2:3b:72:38:f6:62:7a:e3:ab:e5:42:
a5:94:fd:b1:f5:e2:ab:31:24:15:cd:32:80:5d:08:17:ae:c0:
1d:93:a5:85:dc:9e:2f:3e:71:7b:18:8b:74:9c:2a:f5:8b:cf:
3c:67:cd:49:a9:58:aa:ab:09:af:ef:86:93:40:33:da:47:dd:
38:13:67:19:0c:ef:74:f4:69:b1:3f:b8:49:36:dd:2b:ca:a9:
47:3a:84:60:9c:8b:b0:fc:0d:87:48:e0:2c:2f:21:84:e5:c7:
26:d1:a7:6f:c7:29:98:12:36:9b:d0:f9:e8:29:76:af:0d:6b:
fc:c4:72:d7:62:48:e2:a6:f7:46:54:77:29:13:ff:c2:fd:20:
03:70:a0:60:3c:d3:f3:6c:d9:30:96:ee:bc:f6:0c:7d:af:a9:
40:6f:23:2c:50:b3:4c:ee:64:f0:a6:33:ba:9c:87:0c:5c:c9:
c7:21:dd:e8
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgICMxcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDFGMzkxMTAvBgNVBAUTKEYyNkVGNjA5MUYxMTVBNjZGMzcyREIxODAwRTU2NkZF
NEQ1Qzg1M0IwHhcNMjMwMzMwMTUyMDQ3WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDI1YThjZi02ODYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt87oRARuA9cIT1+o3QaRKYIHIMIjakkMNaxff/QOrqddD5Fs324yx6i8cSCy
sAImjcrg6VrZeZABg4KRF6Qpx9Rc12h5j3gni9Hlj3XTF5X2qaM8pLjPHa3bxIST
1Ydd8bagZjjni6Tiu3ZxkOcs3Ur/ICCXLNvAmxtyOWRbTnxNKyZ67KUOYGUSvjaP
brjxCWTbHvsgTBbU1x/qioFbTN6ycbWzsEyxUeoVUasBxsoUFmZXkzErTJzT9MWC
2/R3sV9Ad9NtkDK2fnd1TTmEFnww8zLKNerpdlBALazBouyYI2m2KJB20qOwi08C
tCXgLHBhLjXucBBsdWir/daQDQIDAQABo4ICvjCCArowHQYDVR0OBBYEFGXhD0q8
vZ4qvwQi7k2qlDRfVI/gMB8GA1UdIwQYMBaAFPJu9gkfEVpm83LbGADlZv5NXIU7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMUYzOS9BNEY3MkYzMjFE
OUMxMUUyODFEMzRFOEIwOEIwMkNEMi84bTcyQ1I4UldtYnpjdHNZQU9WbV9rMWNo
VHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhtNzJDUjhSV21iemN0c1lBT1ZtX2sxY2hUcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDFGMzkvQTRGNzJGMzIxRDlDMTFFMjgxRDM0RThCMDhCMDJDRDIvQzExRUI0NTI0
MUI1MTFFOUFGMDMwRTYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSAYIKwYBBQUHAQcBAf8E
OTA3MCYEAgABMCADBAIr/BAwDAMEBjphwAMEAzph4AMEAmcMoAMEAso6YDANBAIA
AjAHAwUAJABIgDANBgkqhkiG9w0BAQsFAAOCAQEAuV34A2qXig9cByTTzH2Be69r
aTU0xmuwtAMUCMrvYPQMjlR3HVX+NW6aqCWZJhH5ZkuOBE/wcxJY0CT64HCRaz7j
PbDI0MKL2vE21rolDsI7cjj2Ynrjq+VCpZT9sfXiqzEkFc0ygF0IF67AHZOlhdye
Lz5xexiLdJwq9YvPPGfNSalYqqsJr++Gk0Az2kfdOBNnGQzvdPRpsT+4STbdK8qp
RzqEYJyLsPwNh0jgLC8hhOXHJtGnb8cpmBI2m9D56Cl2rw1r/MRy12JI4qb3RlR3
KRP/wv0gA3CgYDzT82zZMJbuvPYMfa+pQG8jLFCzTO5k8KYzupyHDFzJxyHd6A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org