Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9119C32/C4EA1B9E46E211EEA2372F41C4F9AE02/5D79BDF8486C11EEB3C19A71C4F9AE02.roa
File: 5D79BDF8486C11EEB3C19A71C4F9AE02.roa (raw, json)
Hash identifier: 0Dz92F7ct8bVXTADuiwvMmdgfbqvyjCznAHcDYM7e2M=
Subject key identifier: 10:32:B4:1B:FF:EF:0F:6F:51:1A:E0:4E:95:7B:6E:DF:62:29:4E:EA
Certificate issuer: /CN=A9119C32/serialNumber=DE09525F57A955BA6F2D32AD2283304215182E45
Certificate serial: CC
Authority key identifier: DE:09:52:5F:57:A9:55:BA:6F:2D:32:AD:22:83:30:42:15:18:2E:45
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3glSX1epVbpvLTKtIoMwQhUYLkU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9119C32/C4EA1B9E46E211EEA2372F41C4F9AE02/5D79BDF8486C11EEB3C19A71C4F9AE02.roa
Signing time: Thu 19 Sep 2024 04:19:09 +0000
ROA not before: Thu 19 Sep 2024 04:19:09 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 151654
IP address blocks: 103.250.122.0/24 maxlen: 24
103.250.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 204 (0xcc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9119C32
Validity
Not Before: Sep 19 04:19:09 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66eba63d-9e05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:10:18:06:1a:e3:3e:3c:64:23:9e:e5:0c:f3:
cd:a1:b1:4c:d1:a4:07:7f:77:e7:78:fc:74:cc:79:
2e:cd:6b:d8:bf:d6:8d:5f:fc:be:e9:91:d6:a8:46:
3d:e0:56:07:3c:20:fe:05:8b:e6:60:de:19:0a:32:
98:f4:e2:2f:8a:dc:5c:cf:d5:f0:ed:98:e2:9b:a1:
6f:ca:f0:b6:e7:9e:16:1d:58:c4:29:b5:a7:3e:44:
c2:a6:c5:23:e8:77:bc:cf:74:6d:25:4e:bc:c4:77:
e5:39:e2:94:5d:10:6a:b4:2d:93:24:23:e4:c2:a3:
f4:35:9b:c2:cc:34:dd:d8:a1:4f:b7:99:3c:d5:6a:
e7:e5:e5:06:2d:25:87:b4:77:fe:14:74:06:fb:0d:
51:40:80:39:bc:5a:a9:34:9a:49:f0:41:87:1a:8a:
b9:1e:3f:3d:9b:6c:c3:a3:aa:16:a6:e5:ea:d4:55:
d1:16:7a:72:f6:f8:31:7b:8c:83:6c:86:99:4b:4e:
b0:7e:65:3a:97:f1:7e:fd:b5:22:fd:f0:50:9f:47:
13:b9:e8:72:90:fd:41:8d:0d:9f:be:d2:f9:90:cd:
23:91:cb:bb:e1:ac:5b:c5:22:f0:68:84:05:4d:ef:
d4:67:ec:6d:b1:5d:0b:81:02:6f:3d:32:7c:81:5c:
a8:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:32:B4:1B:FF:EF:0F:6F:51:1A:E0:4E:95:7B:6E:DF:62:29:4E:EA
X509v3 Authority Key Identifier:
keyid:DE:09:52:5F:57:A9:55:BA:6F:2D:32:AD:22:83:30:42:15:18:2E:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9119C32/C4EA1B9E46E211EEA2372F41C4F9AE02/3glSX1epVbpvLTKtIoMwQhUYLkU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3glSX1epVbpvLTKtIoMwQhUYLkU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9119C32/C4EA1B9E46E211EEA2372F41C4F9AE02/5D79BDF8486C11EEB3C19A71C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.250.122.0/23
Signature Algorithm: sha256WithRSAEncryption
13:08:27:38:52:17:f1:fa:4c:cc:f1:4f:08:3a:f2:fc:9b:e7:
ac:eb:35:6e:d3:5a:91:78:5c:28:95:b2:b9:19:44:20:03:5f:
25:ff:9a:fc:90:65:46:59:38:eb:23:1c:db:a7:35:8c:ac:ea:
83:6b:00:57:4d:c0:36:37:e2:06:cd:78:a8:20:89:e3:b5:be:
c8:8f:64:22:51:5d:f0:61:94:7f:50:73:b5:bb:9b:ae:db:88:
43:b8:98:53:12:50:5e:54:48:76:bc:12:b4:f8:5d:0c:bb:86:
fa:b6:bd:c2:6e:f4:a4:31:b1:2d:01:0c:d2:df:6b:f1:01:14:
fb:88:73:68:2b:6c:33:1d:8b:f1:94:66:18:32:e5:21:b7:b1:
93:b8:81:e3:2d:fe:73:18:3d:e9:b3:9e:42:63:6a:8b:d1:cf:
8d:2a:20:3a:0f:43:c3:6b:2a:12:91:ae:db:31:14:bd:55:26:
1f:fc:7b:e9:2a:d2:bb:4a:40:fe:d9:bc:62:23:c0:70:26:45:
6a:5b:2e:dd:1c:e1:4b:ee:90:8e:38:2a:a6:d1:b7:6e:9d:76:
cf:36:2d:57:d9:44:71:2e:29:5a:29:73:ef:b3:43:16:9d:dd:
8f:fa:21:96:d1:38:d2:8c:20:f7:44:df:4a:07:0e:e6:32:33:
5a:44:ae:b1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTlDMzIxMTAvBgNVBAUTKERFMDk1MjVGNTdBOTU1QkE2RjJEMzJBRDIyODMzMDQy
MTUxODJFNDUwHhcNMjQwOTE5MDQxOTA5WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmViYTYzZC05ZTA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwBAYBhrjPjxkI57lDPPNobFM0aQHf3fnePx0zHkuzWvYv9aNX/y+6ZHWqEY9
4FYHPCD+BYvmYN4ZCjKY9OIvitxcz9Xw7Zjim6FvyvC2554WHVjEKbWnPkTCpsUj
6He8z3RtJU68xHflOeKUXRBqtC2TJCPkwqP0NZvCzDTd2KFPt5k81Wrn5eUGLSWH
tHf+FHQG+w1RQIA5vFqpNJpJ8EGHGoq5Hj89m2zDo6oWpuXq1FXRFnpy9vgxe4yD
bIaZS06wfmU6l/F+/bUi/fBQn0cTuehykP1BjQ2fvtL5kM0jkcu74axbxSLwaIQF
Te/UZ+xtsV0LgQJvPTJ8gVyoNQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBAytBv/
7w9vURrgTpV7bt9iKU7qMB8GA1UdIwQYMBaAFN4JUl9XqVW6by0yrSKDMEIVGC5F
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOUMzMi9DNEVBMUI5RTQ2
RTIxMUVFQTIzNzJGNDFDNEY5QUUwMi8zZ2xTWDFlcFZicHZMVEt0SW9Nd1FoVVlM
a1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNnbFNYMWVwVmJwdkxUS3RJb013UWhVWUxrVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTlDMzIvQzRFQTFCOUU0NkUyMTFFRUEyMzcyRjQxQzRGOUFFMDIvNUQ3OUJERjg0
ODZDMTFFRUIzQzE5QTcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn+nowDQYJKoZIhvcNAQELBQADggEBABMIJzhSF/H6TMzx
Twg68vyb56zrNW7TWpF4XCiVsrkZRCADXyX/mvyQZUZZOOsjHNunNYys6oNrAFdN
wDY34gbNeKggieO1vsiPZCJRXfBhlH9Qc7W7m67biEO4mFMSUF5USHa8ErT4XQy7
hvq2vcJu9KQxsS0BDNLfa/EBFPuIc2grbDMdi/GUZhgy5SG3sZO4geMt/nMYPemz
nkJjaovRz40qIDoPQ8NrKhKRrtsxFL1VJh/8e+kq0rtKQP7ZvGIjwHAmRWpbLt0c
4UvukI44KqbRt26dds82LVfZRHEuKVopc++zQxad3Y/6IZbRONKMIPdE30oHDuYy
M1pErrE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:10:31 2025 by rpki-client