Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91128E3/5393C0EE002611ECA4061614C4F9AE02/3B2A0EE4AEBC11EF876B6A5AC4F9AE02.roa
File: 3B2A0EE4AEBC11EF876B6A5AC4F9AE02.roa (raw, json)
Hash identifier: 4bP+/xCzlCHzMiPDDeZZu8ryV1WmsI6f+3c5qjtpUM8=
Subject key identifier: A7:10:69:BA:37:D3:49:A8:48:30:9B:76:A4:02:DA:53:37:C7:C3:EA
Certificate issuer: /CN=A91128E3/serialNumber=71C1E8E054049ACFD9AA2193AF1D48C6D1D025E1
Certificate serial: 04F0
Authority key identifier: 71:C1:E8:E0:54:04:9A:CF:D9:AA:21:93:AF:1D:48:C6:D1:D0:25:E1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ccHo4FQEms_ZqiGTrx1IxtHQJeE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91128E3/5393C0EE002611ECA4061614C4F9AE02/3B2A0EE4AEBC11EF876B6A5AC4F9AE02.roa
Signing time: Sat 30 Nov 2024 01:41:34 +0000
ROA not before: Sat 30 Nov 2024 01:41:34 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 20057
IP address blocks: 103.170.72.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1264 (0x4f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91128E3
Validity
Not Before: Nov 30 01:41:34 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=674a6d4e-79a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1e:a3:4a:da:c9:79:30:57:96:c4:2f:51:2a:
ab:9d:c9:14:51:e8:31:57:ab:25:42:bd:78:f6:07:
52:e0:2e:13:4d:3b:e9:8b:a5:e1:a6:0d:8e:3a:95:
94:f8:73:fb:5c:45:f5:6f:cf:ca:bd:e3:be:50:f2:
d8:b0:4d:77:d9:fa:31:4e:b8:d1:5b:13:4f:cc:9d:
a9:8d:6a:d4:43:c5:f5:66:0f:5b:8a:08:35:84:a3:
dc:85:66:07:c5:ad:58:09:ab:ab:59:02:ed:39:2e:
5d:b0:57:a1:17:ab:1d:32:95:d8:3f:77:26:c1:91:
4d:57:29:8c:9f:dc:ed:37:6a:93:4c:5d:0e:9f:a3:
f3:ac:92:fb:4f:06:16:fd:f2:0a:d3:19:25:f8:d5:
85:45:78:b4:e2:ac:d6:be:5e:dd:18:3b:29:bb:31:
ef:7d:4f:99:99:dc:62:05:34:58:01:9c:a7:e5:92:
39:97:64:9c:aa:9b:17:8d:ec:da:66:fe:ae:c9:6f:
f1:28:f5:a9:04:0f:d6:4a:17:2a:51:47:ec:e6:3d:
0a:74:92:89:a4:cc:58:d6:bb:f4:c7:60:1b:de:0d:
5e:22:6a:7e:f9:24:90:15:df:2d:be:f9:35:52:66:
7a:b1:be:93:66:13:8c:58:f3:6a:cb:55:7d:55:96:
40:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:10:69:BA:37:D3:49:A8:48:30:9B:76:A4:02:DA:53:37:C7:C3:EA
X509v3 Authority Key Identifier:
keyid:71:C1:E8:E0:54:04:9A:CF:D9:AA:21:93:AF:1D:48:C6:D1:D0:25:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91128E3/5393C0EE002611ECA4061614C4F9AE02/ccHo4FQEms_ZqiGTrx1IxtHQJeE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ccHo4FQEms_ZqiGTrx1IxtHQJeE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91128E3/5393C0EE002611ECA4061614C4F9AE02/3B2A0EE4AEBC11EF876B6A5AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.170.72.0/24
Signature Algorithm: sha256WithRSAEncryption
01:f3:28:cf:04:23:b7:d7:da:a0:70:35:a8:a2:f1:18:f7:84:
18:1b:32:c4:db:3c:28:0e:ca:07:d4:77:ce:03:b8:62:c0:ce:
70:66:74:b6:b7:4d:7c:c0:66:b3:e9:2a:7c:dc:2c:a9:01:b7:
7c:cd:da:05:ed:5b:4b:e3:3f:65:27:40:62:10:b3:8d:21:d0:
50:c5:aa:1e:c0:51:87:3d:9a:8f:b0:00:a6:a7:37:8f:9a:dc:
b9:f3:50:f3:66:36:cc:9e:e4:a6:4a:5e:39:1c:34:84:90:61:
18:c8:ba:d7:f5:69:ca:58:93:04:6f:46:c5:d6:d7:94:9f:63:
1a:6c:4e:d6:e8:ee:13:1c:73:d8:2d:81:a0:8f:3d:87:4d:69:
c3:35:d7:f9:06:1b:a7:23:57:5d:f5:80:d8:3f:25:40:64:72:
98:23:d2:4f:de:b5:0f:84:77:dc:54:c1:6d:c6:2d:3e:e0:27:
03:1e:47:74:65:3f:93:0f:e9:eb:38:08:53:38:10:ac:12:8d:
a6:ec:76:f7:9d:aa:7d:77:96:56:e7:55:2f:77:ec:eb:99:75:
d4:1a:13:f8:93:95:ac:74:81:74:c7:ce:7a:12:07:c2:ba:4f:
70:de:c7:f1:d4:19:03:86:c0:27:6f:a1:df:fb:db:4e:af:ea:
3d:50:2a:7c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBPAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTI4RTMxMTAvBgNVBAUTKDcxQzFFOEUwNTQwNDlBQ0ZEOUFBMjE5M0FGMUQ0OEM2
RDFEMDI1RTEwHhcNMjQxMTMwMDE0MTM0WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRhNmQ0ZS03OWEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArB6jStrJeTBXlsQvUSqrnckUUegxV6slQr149gdS4C4TTTvpi6Xhpg2OOpWU
+HP7XEX1b8/KveO+UPLYsE132foxTrjRWxNPzJ2pjWrUQ8X1Zg9bigg1hKPchWYH
xa1YCaurWQLtOS5dsFehF6sdMpXYP3cmwZFNVymMn9ztN2qTTF0On6PzrJL7TwYW
/fIK0xkl+NWFRXi04qzWvl7dGDspuzHvfU+ZmdxiBTRYAZyn5ZI5l2ScqpsXjeza
Zv6uyW/xKPWpBA/WShcqUUfs5j0KdJKJpMxY1rv0x2Ab3g1eImp++SSQFd8tvvk1
UmZ6sb6TZhOMWPNqy1V9VZZAiwIDAQABo4IClTCCApEwHQYDVR0OBBYEFKcQabo3
00moSDCbdqQC2lM3x8PqMB8GA1UdIwQYMBaAFHHB6OBUBJrP2aohk68dSMbR0CXh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMjhFMy81MzkzQzBFRTAw
MjYxMUVDQTQwNjE2MTRDNEY5QUUwMi9jY0hvNEZRRW1zX1pxaUdUcngxSXh0SFFK
ZUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NjSG80RlFFbXNfWnFpR1RyeDFJeHRIUUplRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTI4RTMvNTM5M0MwRUUwMDI2MTFFQ0E0MDYxNjE0QzRGOUFFMDIvM0IyQTBFRTRB
RUJDMTFFRjg3NkI2QTVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnqkgwDQYJKoZIhvcNAQELBQADggEBAAHzKM8EI7fX2qBw
Naii8Rj3hBgbMsTbPCgOygfUd84DuGLAznBmdLa3TXzAZrPpKnzcLKkBt3zN2gXt
W0vjP2UnQGIQs40h0FDFqh7AUYc9mo+wAKanN4+a3LnzUPNmNsye5KZKXjkcNISQ
YRjIutf1acpYkwRvRsXW15SfYxpsTtbo7hMcc9gtgaCPPYdNacM11/kGG6cjV131
gNg/JUBkcpgj0k/etQ+Ed9xUwW3GLT7gJwMeR3RlP5MP6es4CFM4EKwSjabsdved
qn13llbnVS937OuZddQaE/iTlax0gXTHznoSB8K6T3Dex/HUGQOGwCdvod/7206v
6j1QKnw=
-----END CERTIFICATE-----
Generated at Fri Apr 11 17:19:25 2025 by rpki-client