Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/AFD67E1C912A11EF94655626C4F9AE02.roa
File: AFD67E1C912A11EF94655626C4F9AE02.roa (raw, json)
Hash identifier: eAU+keuojCksGilzaVt9skGc9GX8x6deUJzqUBHlB4Q=
Subject key identifier: 88:F2:3F:92:4A:45:2F:68:15:53:CB:39:6F:92:15:59:C2:FF:98:01
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 18DB
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/AFD67E1C912A11EF94655626C4F9AE02.roa
Signing time: Wed 23 Oct 2024 10:36:40 +0000
ROA not before: Wed 23 Oct 2024 10:36:40 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 115.167.0.0/24 maxlen: 24
115.167.4.0/24 maxlen: 24
115.167.108.0/22 maxlen: 24
115.167.126.0/24 maxlen: 24
115.167.127.0/24 maxlen: 24
175.110.68.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6363 (0x18db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Oct 23 10:36:40 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6718d1b7-9955
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:02:38:2d:c1:98:a3:00:89:96:52:7d:73:c7:
cd:fd:6f:1d:59:5e:62:51:98:4c:26:1f:07:13:cd:
bb:34:dd:d1:28:9a:0e:59:f4:6d:7c:e8:d9:0f:07:
f3:4e:5d:bb:22:46:5b:9c:f1:a2:a6:f8:a7:a4:b5:
e3:de:20:2e:5d:7b:46:b6:12:35:d2:2b:e0:42:04:
a0:55:3a:5c:25:6d:c5:36:a4:6f:43:e5:b1:37:5d:
db:47:12:4c:4c:13:8a:54:5f:2e:e5:10:33:07:21:
ab:18:b8:93:f0:f5:d5:53:4a:1d:7c:66:fa:5c:9b:
f2:d0:de:13:fb:0f:9a:ce:15:f0:96:2b:b5:1b:d9:
78:74:fc:3b:f3:8f:ac:30:33:27:a9:e6:7f:98:c1:
01:f6:d0:ea:ba:c5:8b:a1:c5:0e:2c:25:0b:5f:4a:
8d:3e:26:44:ee:52:49:36:a8:1f:7b:70:45:25:f9:
1b:32:6d:3e:96:d0:13:17:87:de:ae:e3:5f:d0:45:
0d:7e:af:f7:50:59:f1:1c:21:5f:4b:49:41:c6:e1:
60:eb:70:2b:e3:98:30:c5:da:32:60:09:98:17:06:
f7:e6:e0:97:e6:2b:62:13:81:a3:ba:14:88:44:dd:
9c:47:c6:0d:23:dd:38:b5:80:ac:ca:62:49:f7:11:
a7:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F2:3F:92:4A:45:2F:68:15:53:CB:39:6F:92:15:59:C2:FF:98:01
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/AFD67E1C912A11EF94655626C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
115.167.0.0/24
115.167.4.0/24
115.167.108.0/22
115.167.126.0/23
175.110.68.0/22
Signature Algorithm: sha256WithRSAEncryption
83:54:83:87:49:8e:4b:b7:b7:24:93:3a:56:c9:c2:22:7a:2b:
65:c8:60:7f:24:6d:c3:39:30:4b:2e:c2:76:ca:ec:03:ee:f3:
84:59:38:c1:41:ce:ca:97:92:13:1c:d8:38:23:ae:d1:84:5b:
a5:5b:02:ef:b0:fc:26:f4:07:fb:a0:3f:f5:b4:4d:a9:9c:5e:
80:86:68:e5:fd:9c:c2:a3:b8:d4:17:51:4d:7b:7b:01:1b:99:
4b:bc:99:66:ce:b9:4e:ee:b9:0e:35:9a:38:a0:dd:09:35:14:
23:76:25:d4:19:39:1d:7b:36:d0:cf:3a:33:92:c5:03:9b:d3:
27:d3:24:36:31:77:70:da:3a:f8:9a:9f:e2:b8:29:e9:d0:d0:
2e:18:b1:2c:db:8e:72:c9:21:e8:60:ca:eb:0a:77:04:ca:72:
11:d4:a7:22:75:07:1d:99:97:63:4f:15:46:4a:8f:17:ee:36:
c2:75:d0:10:e4:9c:bb:a4:f0:7e:1f:24:b7:1b:18:67:c8:fb:
ea:88:5b:73:8a:c0:53:91:58:c7:be:c4:6e:16:75:6b:90:45:
a3:2f:1f:c9:dd:47:2f:1c:f6:58:ee:bd:46:2b:21:f9:d6:fb:
8f:de:30:f4:07:02:b7:0d:e1:f5:6c:6e:cf:90:13:d1:63:6f:
e7:dc:f4:31
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICGNswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQxMDIzMTAzNjQwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzE4ZDFiNy05OTU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtQI4LcGYowCJllJ9c8fN/W8dWV5iUZhMJh8HE827NN3RKJoOWfRtfOjZDwfz
Tl27IkZbnPGipvinpLXj3iAuXXtGthI10ivgQgSgVTpcJW3FNqRvQ+WxN13bRxJM
TBOKVF8u5RAzByGrGLiT8PXVU0odfGb6XJvy0N4T+w+azhXwliu1G9l4dPw784+s
MDMnqeZ/mMEB9tDqusWLocUOLCULX0qNPiZE7lJJNqgfe3BFJfkbMm0+ltATF4fe
ruNf0EUNfq/3UFnxHCFfS0lBxuFg63Ar45gwxdoyYAmYFwb35uCX5itiE4GjuhSI
RN2cR8YNI904tYCsymJJ9xGnfwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFIjyP5JK
RS9oFVPLOW+SFVnC/5gBMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQUZENjdFMUM5
MTJBMTFFRjk0NjU1NjI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBABzpwADBABzpwQDBAJzp2wDBAFzp34DBAKvbkQwDQYJKoZI
hvcNAQELBQADggEBAINUg4dJjku3tySTOlbJwiJ6K2XIYH8kbcM5MEsuwnbK7APu
84RZOMFBzsqXkhMc2DgjrtGEW6VbAu+w/Cb0B/ugP/W0TamcXoCGaOX9nMKjuNQX
UU17ewEbmUu8mWbOuU7uuQ41mjig3Qk1FCN2JdQZOR17NtDPOjOSxQOb0yfTJDYx
d3DaOvian+K4KenQ0C4YsSzbjnLJIehgyusKdwTKchHUpyJ1Bx2Zl2NPFUZKjxfu
NsJ10BDknLuk8H4fJLcbGGfI++qIW3OKwFORWMe+xG4WdWuQRaMvH8ndRy8c9lju
vUYrIfnW+4/eMPQHArcN4fVsbs+QE9Fjb+fc9DE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:11:13 2025 by rpki-client