Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917EB0C/61375B6A222A11EA9A826D45C4F9AE02/E5B6117E2BC611EAB1456E4CC4F9AE02.roa
File: E5B6117E2BC611EAB1456E4CC4F9AE02.roa (raw, json)
Hash identifier: TQmQSnccYn9RdDaPIWHz3I+xXgULEgcde15Yil802tY=
Subject key identifier: ED:94:1F:3D:5D:5C:E6:F8:CD:E6:EC:6E:7F:DD:A3:BC:F4:84:67:61
Certificate issuer: /CN=A917EB0C/serialNumber=506D780ED1797480F15251347FC28443D72E9507
Certificate serial: 0B0A
Authority key identifier: 50:6D:78:0E:D1:79:74:80:F1:52:51:34:7F:C2:84:43:D7:2E:95:07
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UG14DtF5dIDxUlE0f8KEQ9culQc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917EB0C/61375B6A222A11EA9A826D45C4F9AE02/E5B6117E2BC611EAB1456E4CC4F9AE02.roa
Signing time: Thu 28 Mar 2024 20:28:49 +0000
ROA not before: Thu 28 Mar 2024 20:28:49 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 137967
IP address blocks: 116.204.148.0/22 maxlen: 22
116.204.148.0/24 maxlen: 24
116.204.149.0/24 maxlen: 24
116.204.150.0/24 maxlen: 24
116.204.151.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2826 (0xb0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917EB0C/serialNumber=506D780ED1797480F15251347FC28443D72E9507
Validity
Not Before: Mar 28 20:28:49 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=6605d301-1a8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5f:d0:2d:12:67:2f:9c:bd:6d:8e:b5:a6:53:
72:fb:b5:29:66:f2:2c:a4:e8:2a:b5:f3:77:10:ad:
8b:4f:91:c1:d3:ec:0b:f0:dc:48:54:7b:ad:0c:7b:
7d:70:16:36:63:00:20:5a:cc:e3:3c:d4:52:b3:9f:
a2:50:cc:0d:5e:ad:56:d9:95:ed:5c:88:33:e9:fe:
fc:07:b6:d4:6b:7e:86:41:02:04:14:a4:2e:25:cd:
2a:8c:8d:31:79:45:ae:0f:49:3c:36:de:6c:a5:47:
35:4b:93:b4:5e:a3:80:87:c2:fc:dc:65:05:39:53:
34:cf:62:2a:7c:7d:e9:7b:4b:b6:a6:94:b3:0b:fe:
ce:b1:2e:42:ed:a5:88:f3:d8:29:6e:b5:5f:eb:d1:
1e:99:03:4c:31:7a:4e:4d:e2:72:d6:b0:c5:d8:9a:
c6:7c:01:d7:ff:ab:72:e8:37:1c:51:85:89:d7:0d:
26:a8:02:89:f1:f0:d0:ab:9b:0b:d7:d5:9a:d9:fa:
1b:b5:67:04:fe:ca:5d:4c:9c:02:ac:89:55:76:7d:
82:e8:85:a2:52:48:2f:24:1b:12:a0:29:1b:d9:0b:
13:39:28:d7:0d:92:87:63:4f:5f:11:eb:b1:31:a4:
35:7d:76:91:87:5d:f1:8e:e8:08:35:50:92:a2:56:
f4:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:94:1F:3D:5D:5C:E6:F8:CD:E6:EC:6E:7F:DD:A3:BC:F4:84:67:61
X509v3 Authority Key Identifier:
keyid:50:6D:78:0E:D1:79:74:80:F1:52:51:34:7F:C2:84:43:D7:2E:95:07
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917EB0C/61375B6A222A11EA9A826D45C4F9AE02/UG14DtF5dIDxUlE0f8KEQ9culQc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UG14DtF5dIDxUlE0f8KEQ9culQc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917EB0C/61375B6A222A11EA9A826D45C4F9AE02/E5B6117E2BC611EAB1456E4CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.204.148.0/22
Signature Algorithm: sha256WithRSAEncryption
76:54:a8:48:f3:61:9f:52:05:cf:22:1c:9d:9f:fb:3b:84:4f:
9d:b1:29:c5:b8:54:dc:f4:d7:4b:c1:99:bc:96:d0:06:7d:29:
a1:54:9b:1d:82:62:c2:5c:43:d8:8b:af:7c:b1:37:8f:dd:38:
76:32:cb:a1:6a:cc:61:39:c3:53:f7:0b:cd:ec:96:6f:c5:85:
28:0c:ac:99:61:a0:0d:7d:9a:0d:8e:38:f3:b3:5f:f1:6d:3f:
91:54:dd:89:8a:93:21:4f:c6:37:a9:bc:af:26:83:08:df:5a:
6d:eb:aa:a3:5d:92:ed:9f:32:75:e3:0a:29:6f:96:25:c9:a6:
ca:07:81:bb:24:92:e3:c0:60:73:57:42:06:46:f5:ef:29:5d:
c2:95:e8:33:1e:e3:4b:d0:e2:30:a8:9c:44:04:e0:89:f4:16:
e5:9a:1c:f4:a0:1f:7d:64:40:ad:aa:fc:7a:d0:41:af:2b:58:
07:95:17:30:d2:f8:eb:7d:60:7e:7a:b8:64:ab:75:26:5b:c2:
b7:fd:2f:00:ed:ab:f6:09:0e:29:8a:50:00:8f:7d:20:c3:93:
e6:ea:06:8e:83:7f:4e:95:1e:47:fc:45:f9:d6:ef:5e:a2:63:
be:12:c9:0d:5c:5f:99:12:8a:47:aa:fd:c7:17:8c:be:99:c0:
93:30:54:13
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCwowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0VCMEMxMTAvBgNVBAUTKDUwNkQ3ODBFRDE3OTc0ODBGMTUyNTEzNDdGQzI4NDQz
RDcyRTk1MDcwHhcNMjQwMzI4MjAyODQ5WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjA1ZDMwMS0xYThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoF/QLRJnL5y9bY61plNy+7UpZvIspOgqtfN3EK2LT5HB0+wL8NxIVHutDHt9
cBY2YwAgWszjPNRSs5+iUMwNXq1W2ZXtXIgz6f78B7bUa36GQQIEFKQuJc0qjI0x
eUWuD0k8Nt5spUc1S5O0XqOAh8L83GUFOVM0z2IqfH3pe0u2ppSzC/7OsS5C7aWI
89gpbrVf69EemQNMMXpOTeJy1rDF2JrGfAHX/6ty6DccUYWJ1w0mqAKJ8fDQq5sL
19Wa2fobtWcE/spdTJwCrIlVdn2C6IWiUkgvJBsSoCkb2QsTOSjXDZKHY09fEeux
MaQ1fXaRh13xjugINVCSolb0+QIDAQABo4IClTCCApEwHQYDVR0OBBYEFO2UHz1d
XOb4zebsbn/do7z0hGdhMB8GA1UdIwQYMBaAFFBteA7ReXSA8VJRNH/ChEPXLpUH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUIwQy82MTM3NUI2QTIy
MkExMUVBOUE4MjZENDVDNEY5QUUwMi9VRzE0RHRGNWRJRHhVbEUwZjhLRVE5Y3Vs
UWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VHMTREdEY1ZElEeFVsRTBmOEtFUTljdWxRYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0VCMEMvNjEzNzVCNkEyMjJBMTFFQTlBODI2RDQ1QzRGOUFFMDIvRTVCNjExN0Uy
QkM2MTFFQUIxNDU2RTRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJ0zJQwDQYJKoZIhvcNAQELBQADggEBAHZUqEjzYZ9SBc8i
HJ2f+zuET52xKcW4VNz010vBmbyW0AZ9KaFUmx2CYsJcQ9iLr3yxN4/dOHYyy6Fq
zGE5w1P3C83slm/FhSgMrJlhoA19mg2OOPOzX/FtP5FU3YmKkyFPxjepvK8mgwjf
Wm3rqqNdku2fMnXjCilvliXJpsoHgbskkuPAYHNXQgZG9e8pXcKV6DMe40vQ4jCo
nEQE4In0FuWaHPSgH31kQK2q/HrQQa8rWAeVFzDS+Ot9YH56uGSrdSZbwrf9LwDt
q/YJDimKUACPfSDDk+bqBo6Df06VHkf8RfnW716iY74SyQ1cX5kSikeq/ccXjL6Z
wJMwVBM=
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:34:15 2025 by rpki-client