Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912FAA0/A6337BE225DC11EC951ECE82C4F9AE02/823E55DE6D1111EFA2579E40C4F9AE02.roa
File: 823E55DE6D1111EFA2579E40C4F9AE02.roa (raw, json)
Hash identifier: 4Y1CJYnccsljljYTRuihSH5rf63INRuP39Y2H4f++BA=
Subject key identifier: 0A:8B:6C:08:63:52:2D:37:B2:7D:E6:61:95:2C:AC:F4:10:1F:A9:BE
Certificate issuer: /CN=A912FAA0/serialNumber=C535B6343EA9BF59EA82EEEE3AFB8A4000DE8BB2
Certificate serial: 0443
Authority key identifier: C5:35:B6:34:3E:A9:BF:59:EA:82:EE:EE:3A:FB:8A:40:00:DE:8B:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xTW2ND6pv1nqgu7uOvuKQADei7I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912FAA0/A6337BE225DC11EC951ECE82C4F9AE02/823E55DE6D1111EFA2579E40C4F9AE02.roa
Signing time: Sat 07 Sep 2024 12:05:44 +0000
ROA not before: Sat 07 Sep 2024 12:05:44 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 138968
IP address blocks: 103.255.56.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1091 (0x443)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912FAA0
Validity
Not Before: Sep 7 12:05:44 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66dc4198-efa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:8e:23:75:10:7f:65:79:08:eb:bc:ff:34:e8:
9a:99:0e:e4:25:14:83:8c:cc:82:aa:8e:9a:3a:b2:
95:92:4c:3a:50:c1:b3:57:b9:60:a4:43:3d:b0:33:
15:ac:d2:26:7d:d2:a1:f7:83:13:24:37:f1:31:d0:
33:e9:ac:5b:3a:71:17:7f:d4:e6:4c:ab:a4:30:43:
f7:97:b0:db:d0:c3:59:94:a4:b8:b8:e5:5f:0e:71:
a1:28:75:a6:a5:71:95:04:69:24:0e:7e:b4:b4:b3:
bb:53:da:12:08:56:32:c5:ab:30:48:1c:9e:60:0d:
4e:5a:ea:73:71:87:f9:9f:1a:6e:19:0d:1f:f8:81:
f9:46:eb:6a:14:07:2d:ca:b3:24:27:c6:cb:20:c6:
5e:12:a5:2d:86:e4:dc:52:b2:a9:5a:e0:28:f7:13:
30:62:e9:f5:8a:5c:0d:90:c8:7c:53:58:bc:bf:dc:
c4:13:06:d9:f6:2a:99:87:5d:0e:af:bd:25:e9:24:
00:04:40:32:bc:76:d7:1f:51:72:ea:7b:27:66:f8:
82:8d:84:21:1d:a0:dc:fd:21:0c:ac:13:a0:70:98:
8e:4c:c6:df:21:f9:31:04:d0:84:2e:07:3b:3a:96:
cf:97:8e:b0:69:55:d5:f3:73:08:3d:a7:e8:ec:e3:
53:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:8B:6C:08:63:52:2D:37:B2:7D:E6:61:95:2C:AC:F4:10:1F:A9:BE
X509v3 Authority Key Identifier:
keyid:C5:35:B6:34:3E:A9:BF:59:EA:82:EE:EE:3A:FB:8A:40:00:DE:8B:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912FAA0/A6337BE225DC11EC951ECE82C4F9AE02/xTW2ND6pv1nqgu7uOvuKQADei7I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xTW2ND6pv1nqgu7uOvuKQADei7I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FAA0/A6337BE225DC11EC951ECE82C4F9AE02/823E55DE6D1111EFA2579E40C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.255.56.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:80:e9:64:81:5f:6f:37:dc:21:ea:f5:f8:e2:07:29:21:c9:
a3:7f:89:3b:3a:d7:b0:8d:4b:da:67:9d:ee:d2:56:09:5c:63:
83:5f:4e:d6:d7:03:44:84:b4:31:b8:ec:3b:6d:ef:b4:cc:f1:
a1:c5:79:e9:fa:de:20:6a:12:aa:16:00:f2:56:72:de:d4:06:
b4:58:02:46:d3:65:c1:a8:73:7b:0a:db:4d:35:91:c5:04:38:
b5:73:20:57:86:34:20:87:e1:c5:e9:dd:d9:2e:65:eb:41:36:
ef:a4:99:e5:54:b9:7d:0b:d5:68:bb:61:43:2c:02:34:9a:e2:
00:d5:d3:15:31:fc:bf:d4:cb:ca:7f:da:ac:e2:b4:7e:cc:1d:
45:cc:8a:63:6f:d6:d6:4e:34:ef:ac:6b:42:6b:22:42:f8:2e:
02:de:79:3b:f4:f7:94:ac:3b:0c:56:26:5b:07:21:b5:a4:8e:
12:7b:25:49:e4:0b:02:4c:52:c8:92:b9:0a:18:23:7c:ea:36:
71:85:79:cd:35:03:1b:6d:25:49:92:a2:e6:8b:f9:66:ac:c3:
df:18:e1:ca:ed:8e:d7:07:0f:78:25:5e:61:37:fe:6f:45:3a:
49:31:62:85:aa:f6:a6:ca:2e:7f:b3:f2:59:a0:20:72:f3:05:
b2:cb:3d:0e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBEMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZBQTAxMTAvBgNVBAUTKEM1MzVCNjM0M0VBOUJGNTlFQTgyRUVFRTNBRkI4QTQw
MDBERThCQjIwHhcNMjQwOTA3MTIwNTQ0WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmRjNDE5OC1lZmE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6Y4jdRB/ZXkI67z/NOiamQ7kJRSDjMyCqo6aOrKVkkw6UMGzV7lgpEM9sDMV
rNImfdKh94MTJDfxMdAz6axbOnEXf9TmTKukMEP3l7Db0MNZlKS4uOVfDnGhKHWm
pXGVBGkkDn60tLO7U9oSCFYyxaswSByeYA1OWupzcYf5nxpuGQ0f+IH5RutqFAct
yrMkJ8bLIMZeEqUthuTcUrKpWuAo9xMwYun1ilwNkMh8U1i8v9zEEwbZ9iqZh10O
r70l6SQABEAyvHbXH1Fy6nsnZviCjYQhHaDc/SEMrBOgcJiOTMbfIfkxBNCELgc7
OpbPl46waVXV83MIPafo7ONT6QIDAQABo4IClTCCApEwHQYDVR0OBBYEFAqLbAhj
Ui03sn3mYZUsrPQQH6m+MB8GA1UdIwQYMBaAFMU1tjQ+qb9Z6oLu7jr7ikAA3ouy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkFBMC9BNjMzN0JFMjI1
REMxMUVDOTUxRUNFODJDNEY5QUUwMi94VFcyTkQ2cHYxbnFndTd1T3Z1S1FBRGVp
N0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hUVzJORDZwdjFucWd1N3VPdnVLUUFEZWk3SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZBQTAvQTYzMzdCRTIyNURDMTFFQzk1MUVDRTgyQzRGOUFFMDIvODIzRTU1REU2
RDExMTFFRkEyNTc5RTQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJn/zgwDQYJKoZIhvcNAQELBQADggEBAC6A6WSBX2833CHq
9fjiBykhyaN/iTs617CNS9pnne7SVglcY4NfTtbXA0SEtDG47Dtt77TM8aHFeen6
3iBqEqoWAPJWct7UBrRYAkbTZcGoc3sK2001kcUEOLVzIFeGNCCH4cXp3dkuZetB
Nu+kmeVUuX0L1Wi7YUMsAjSa4gDV0xUx/L/Uy8p/2qzitH7MHUXMimNv1tZONO+s
a0JrIkL4LgLeeTv095SsOwxWJlsHIbWkjhJ7JUnkCwJMUsiSuQoYI3zqNnGFec01
AxttJUmSouaL+Wasw98Y4crtjtcHD3glXmE3/m9FOkkxYoWq9qbKLn+z8lmgIHLz
BbLLPQ4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:33:44 2025 by rpki-client