Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911BC62/EE95FD42B76611E986C0E514C4F9AE02/EE1EA292EA6A11E98F16FE30C4F9AE02.roa
File: EE1EA292EA6A11E98F16FE30C4F9AE02.roa (raw, json)
Hash identifier: QaiwA0ii3swzDmEn5ZYRLYQTMUg0WLwS1y2KJOPdMzg=
Subject key identifier: 98:F9:46:42:5F:06:D4:81:C8:34:25:7A:9A:C7:81:03:20:29:2C:99
Certificate issuer: /CN=A911BC62/serialNumber=2B4F323C58A776B4E75386DEE83722E0456232C6
Certificate serial: 0D6C
Authority key identifier: 2B:4F:32:3C:58:A7:76:B4:E7:53:86:DE:E8:37:22:E0:45:62:32:C6
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/K08yPFindrTnU4be6Dci4EViMsY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911BC62/EE95FD42B76611E986C0E514C4F9AE02/EE1EA292EA6A11E98F16FE30C4F9AE02.roa
Signing time: Mon 30 Sep 2024 15:52:39 +0000
ROA not before: Mon 30 Sep 2024 15:52:39 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 45356
IP address blocks: 194.140.200.0/21 maxlen: 24
212.104.224.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3436 (0xd6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911BC62/serialNumber=2B4F323C58A776B4E75386DEE83722E0456232C6
Validity
Not Before: Sep 30 15:52:39 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66fac947-278c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:6e:65:24:54:07:98:4b:ca:26:0c:48:2a:29:
19:5c:c5:16:8a:f1:ef:e9:50:5f:bc:f9:b0:b7:9d:
55:d8:3a:44:e2:7a:90:7f:37:c5:1d:9f:85:0b:41:
ae:f2:92:f4:76:dd:67:f3:0e:9e:83:d0:c0:aa:db:
17:b0:53:f4:c2:12:e4:8c:1f:c7:3b:54:15:02:ce:
09:94:1a:81:86:2b:62:5a:14:e3:90:1e:b6:7d:c9:
2b:89:4d:c1:1e:a0:e9:70:4c:5a:bf:97:21:d7:1b:
3e:b6:ae:07:f1:a4:55:72:bb:e2:c6:75:3d:ab:84:
12:c2:16:c1:36:b5:d4:7e:ba:9a:27:1f:e6:13:eb:
bf:7a:a8:e8:28:97:49:b3:c6:bd:ca:01:3c:b3:2c:
10:68:2f:80:84:a9:a6:46:cd:6a:6e:cd:0c:4f:a9:
d2:b0:52:12:ab:5b:1d:dd:0b:29:51:2f:da:88:31:
f1:1f:6a:17:2c:4e:df:19:86:eb:60:4a:66:c3:2c:
90:62:94:35:5c:b2:41:13:1a:dc:94:81:f0:33:dd:
a8:c3:26:59:8b:5b:85:50:f7:d9:ae:74:f7:d8:f7:
44:c8:9f:bc:d3:9e:ef:c7:c8:30:34:ce:0b:16:f6:
46:07:ac:ec:68:e5:cd:3f:9e:01:ba:4e:76:7b:6d:
18:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F9:46:42:5F:06:D4:81:C8:34:25:7A:9A:C7:81:03:20:29:2C:99
X509v3 Authority Key Identifier:
keyid:2B:4F:32:3C:58:A7:76:B4:E7:53:86:DE:E8:37:22:E0:45:62:32:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911BC62/EE95FD42B76611E986C0E514C4F9AE02/K08yPFindrTnU4be6Dci4EViMsY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/K08yPFindrTnU4be6Dci4EViMsY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BC62/EE95FD42B76611E986C0E514C4F9AE02/EE1EA292EA6A11E98F16FE30C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
194.140.200.0/21
212.104.224.0/20
Signature Algorithm: sha256WithRSAEncryption
6b:99:a2:fb:b7:8b:7b:d9:70:45:86:05:2c:96:4e:d7:49:41:
2d:05:97:49:27:94:02:e8:59:9b:ce:ad:dd:d2:60:cc:fd:dc:
14:40:0f:58:78:a1:72:b5:5c:4a:3e:82:7a:2b:85:c9:d2:d3:
e5:32:91:94:02:dd:ee:ae:80:af:8c:5c:80:29:4b:86:19:f4:
f6:e5:a0:24:d4:dd:0f:9e:31:77:27:e6:26:ac:b3:fa:c6:9d:
74:5f:44:b3:d7:c4:40:13:8f:d5:4c:38:b2:d5:5d:5a:c5:93:
c0:0e:a5:5d:76:c8:e3:6b:8e:c8:11:81:18:ed:9d:b6:de:62:
cc:45:d1:3f:8b:13:6f:cd:a8:29:41:bb:4e:05:3c:83:01:11:
83:0e:36:e9:da:96:0a:1e:7c:db:fe:a0:6a:cd:e8:e7:49:84:
6f:55:85:15:81:11:6a:36:b4:ba:51:56:ac:69:23:78:79:74:
e0:e5:8c:e4:1a:c9:2d:51:c3:ef:65:3f:75:66:d3:12:e6:93:
b0:09:51:68:4d:2e:5c:01:ab:61:89:d6:ae:36:af:6f:fc:21:
52:af:34:a1:c3:70:32:a8:a1:39:5f:7f:8b:69:79:06:5c:ea:
f9:d5:73:3e:38:b9:96:57:94:be:fd:9e:15:d1:a3:9d:87:ae:
a8:e5:98:5b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDWwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJDNjIxMTAvBgNVBAUTKDJCNEYzMjNDNThBNzc2QjRFNzUzODZERUU4MzcyMkUw
NDU2MjMyQzYwHhcNMjQwOTMwMTU1MjM5WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZhYzk0Ny0yNzhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA025lJFQHmEvKJgxIKikZXMUWivHv6VBfvPmwt51V2DpE4nqQfzfFHZ+FC0Gu
8pL0dt1n8w6eg9DAqtsXsFP0whLkjB/HO1QVAs4JlBqBhitiWhTjkB62fckriU3B
HqDpcExav5ch1xs+tq4H8aRVcrvixnU9q4QSwhbBNrXUfrqaJx/mE+u/eqjoKJdJ
s8a9ygE8sywQaC+AhKmmRs1qbs0MT6nSsFISq1sd3QspUS/aiDHxH2oXLE7fGYbr
YEpmwyyQYpQ1XLJBExrclIHwM92owyZZi1uFUPfZrnT32PdEyJ+8057vx8gwNM4L
FvZGB6zsaOXNP54Buk52e20YEQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJj5RkJf
BtSByDQleprHgQMgKSyZMB8GA1UdIwQYMBaAFCtPMjxYp3a051OG3ug3IuBFYjLG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkM2Mi9FRTk1RkQ0MkI3
NjYxMUU5ODZDMEU1MTRDNEY5QUUwMi9LMDh5UEZpbmRyVG5VNGJlNkRjaTRFVmlN
c1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL0swOHlQRmluZHJUblU0YmU2RGNpNEVWaU1zWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUJDNjIvRUU5NUZENDJCNzY2MTFFOTg2QzBFNTE0QzRGOUFFMDIvRUUxRUEyOTJF
QTZBMTFFOThGMTZGRTMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAPCjMgDBATUaOAwDQYJKoZIhvcNAQELBQADggEBAGuZovu3
i3vZcEWGBSyWTtdJQS0Fl0knlALoWZvOrd3SYMz93BRAD1h4oXK1XEo+gnorhcnS
0+UykZQC3e6ugK+MXIApS4YZ9PbloCTU3Q+eMXcn5iass/rGnXRfRLPXxEATj9VM
OLLVXVrFk8AOpV12yONrjsgRgRjtnbbeYsxF0T+LE2/NqClBu04FPIMBEYMONuna
lgoefNv+oGrN6OdJhG9VhRWBEWo2tLpRVqxpI3h5dODljOQayS1Rw+9lP3Vm0xLm
k7AJUWhNLlwBq2GJ1q42r2/8IVKvNKHDcDKooTlff4tpeQZc6vnVcz44uZZXlL79
nhXRo52HrqjlmFs=
-----END CERTIFICATE-----
Generated at Sun Apr 27 16:48:23 2025 by rpki-client