Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912A6CB/96A60BB604FC11EAB3D99415C4F9AE02/5BF38D62058E11EA96051368C4F9AE02.roa
File: 5BF38D62058E11EA96051368C4F9AE02.roa (raw, json)
Hash identifier: RucjPZzTbGDJdlGQIFIquuY8AQ91dPmBUeP0p5s4V7E=
Subject key identifier: B4:F9:5C:0F:76:99:5C:5D:B3:E8:E6:09:4D:94:01:D1:6B:DC:D5:0E
Certificate issuer: /CN=A912A6CB/serialNumber=679CDB255B5B775809105E90E0023449F71C6B6F
Certificate serial: 0B98
Authority key identifier: 67:9C:DB:25:5B:5B:77:58:09:10:5E:90:E0:02:34:49:F7:1C:6B:6F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z5zbJVtbd1gJEF6Q4AI0Sfcca28.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912A6CB/96A60BB604FC11EAB3D99415C4F9AE02/5BF38D62058E11EA96051368C4F9AE02.roa
Signing time: Tue 04 Jun 2024 20:03:39 +0000
ROA not before: Tue 04 Jun 2024 20:03:39 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 58927
IP address blocks: 43.249.116.0/22 maxlen: 23
103.9.68.0/22 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2968 (0xb98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912A6CB
Validity
Not Before: Jun 4 20:03:39 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=665f731b-1a29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:31:ce:27:30:df:3c:45:40:9e:ba:cd:96:6c:
fd:d9:09:fd:a8:c8:da:43:62:b7:52:2f:70:5e:d4:
08:6f:de:35:bf:60:66:a0:ec:1a:be:48:e1:04:27:
03:49:89:12:3c:dc:7f:49:4d:b9:5c:47:e8:7c:20:
dc:6a:34:6d:58:90:6f:fb:39:04:40:ea:a5:04:31:
ee:34:d0:0a:13:7b:85:6f:04:03:98:6e:a3:94:51:
d3:d4:f2:11:e4:ff:d0:74:b4:ef:df:05:87:b1:da:
a6:ac:44:31:45:34:06:9f:c0:31:2f:2f:22:6e:ac:
85:6d:31:5f:a3:9f:57:2f:7c:a5:51:e9:21:39:3e:
47:a0:55:6f:3c:34:e5:94:2c:c6:3e:5f:81:52:34:
84:e9:8c:81:73:22:94:5c:23:98:ed:e7:1e:0f:f7:
33:8f:d1:fd:4f:60:96:21:e8:7c:ba:8d:6c:fb:fd:
51:6f:3d:6c:0d:f1:41:3d:11:bc:cc:df:45:1c:cd:
c7:20:db:65:14:4f:15:c4:eb:61:d6:ce:7f:43:c2:
69:d7:2b:69:38:75:23:20:0a:98:aa:ed:f5:93:7e:
1c:56:c4:00:cf:de:81:2f:e0:c6:76:d6:f3:7e:bc:
4d:1a:32:a0:9e:cb:1f:07:98:7e:68:09:ae:24:83:
1a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:F9:5C:0F:76:99:5C:5D:B3:E8:E6:09:4D:94:01:D1:6B:DC:D5:0E
X509v3 Authority Key Identifier:
keyid:67:9C:DB:25:5B:5B:77:58:09:10:5E:90:E0:02:34:49:F7:1C:6B:6F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912A6CB/96A60BB604FC11EAB3D99415C4F9AE02/Z5zbJVtbd1gJEF6Q4AI0Sfcca28.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z5zbJVtbd1gJEF6Q4AI0Sfcca28.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912A6CB/96A60BB604FC11EAB3D99415C4F9AE02/5BF38D62058E11EA96051368C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.249.116.0/22
103.9.68.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:71:e0:e3:6e:79:41:13:92:4f:89:dc:13:86:7f:ea:bc:f2:
b8:94:27:71:e4:f9:c3:de:76:74:87:f9:38:8d:03:c0:96:1b:
78:76:37:ac:0f:7e:5a:7b:a1:db:78:15:60:95:fc:08:49:f8:
f3:b1:dd:28:ed:de:6b:c0:a8:43:06:fc:89:11:61:92:23:ef:
3d:1b:eb:e6:76:c5:1c:49:a3:18:6c:f1:58:19:5e:f7:8c:8c:
3b:07:d0:b3:6b:4e:0e:cf:44:0d:5c:c7:0a:ab:e7:17:1d:1f:
9f:30:d7:f6:a7:9b:38:ad:2f:f0:e2:cb:f2:7c:bc:c2:26:21:
60:c8:b2:f8:02:20:94:84:25:0d:c9:23:e4:d1:3e:10:56:3b:
a9:b0:01:10:35:7e:85:54:94:e4:13:63:8c:f3:ab:43:6a:d4:
03:af:13:5d:9f:0c:c6:1d:c1:f2:f7:4b:05:fc:bd:c8:88:9f:
d8:87:c7:9b:32:7f:85:0f:cc:db:c1:65:3c:f9:3a:10:a3:74:
13:35:a5:7b:38:8d:cc:a8:64:4c:1b:66:9d:b3:96:82:0d:7c:
ea:b1:2b:1c:4a:a0:2c:c4:3b:69:a6:f4:c5:fb:90:18:ff:6c:
62:6f:40:69:c8:01:d6:0f:c7:3d:c9:8c:fa:26:b8:0f:78:40:
fa:4b:7b:47
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICC5gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkE2Q0IxMTAvBgNVBAUTKDY3OUNEQjI1NUI1Qjc3NTgwOTEwNUU5MEUwMDIzNDQ5
RjcxQzZCNkYwHhcNMjQwNjA0MjAwMzM5WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjVmNzMxYi0xYTI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxzHOJzDfPEVAnrrNlmz92Qn9qMjaQ2K3Ui9wXtQIb941v2BmoOwavkjhBCcD
SYkSPNx/SU25XEfofCDcajRtWJBv+zkEQOqlBDHuNNAKE3uFbwQDmG6jlFHT1PIR
5P/QdLTv3wWHsdqmrEQxRTQGn8AxLy8ibqyFbTFfo59XL3ylUekhOT5HoFVvPDTl
lCzGPl+BUjSE6YyBcyKUXCOY7eceD/czj9H9T2CWIeh8uo1s+/1Rbz1sDfFBPRG8
zN9FHM3HINtlFE8VxOth1s5/Q8Jp1ytpOHUjIAqYqu31k34cVsQAz96BL+DGdtbz
frxNGjKgnssfB5h+aAmuJIMazQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFLT5XA92
mVxds+jmCU2UAdFr3NUOMB8GA1UdIwQYMBaAFGec2yVbW3dYCRBekOACNEn3HGtv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQTZDQi85NkE2MEJCNjA0
RkMxMUVBQjNEOTk0MTVDNEY5QUUwMi9aNXpiSlZ0YmQxZ0pFRjZRNEFJMFNmY2Nh
MjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1o1emJKVnRiZDFnSkVGNlE0QUkwU2ZjY2EyOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkE2Q0IvOTZBNjBCQjYwNEZDMTFFQUIzRDk5NDE1QzRGOUFFMDIvNUJGMzhENjIw
NThFMTFFQTk2MDUxMzY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr+XQDBAJnCUQwDQYJKoZIhvcNAQELBQADggEBAJxx4ONu
eUETkk+J3BOGf+q88riUJ3Hk+cPednSH+TiNA8CWG3h2N6wPflp7odt4FWCV/AhJ
+POx3Sjt3mvAqEMG/IkRYZIj7z0b6+Z2xRxJoxhs8VgZXveMjDsH0LNrTg7PRA1c
xwqr5xcdH58w1/anmzitL/Diy/J8vMImIWDIsvgCIJSEJQ3JI+TRPhBWO6mwARA1
foVUlOQTY4zzq0Nq1AOvE12fDMYdwfL3SwX8vciIn9iHx5syf4UPzNvBZTz5OhCj
dBM1pXs4jcyoZEwbZp2zloINfOqxKxxKoCzEO2mm9MX7kBj/bGJvQGnIAdYPxz3J
jPomuA94QPpLe0c=
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:44:01 2025 by rpki-client