Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9130AC8/FE80F992242B11E9A4B2B333C4F9AE02/39D0B1102F7911E9A4F69342C4F9AE02.roa
File: 39D0B1102F7911E9A4F69342C4F9AE02.roa (raw, json)
Hash identifier: mvO7yHkevsKcC0ytNQ/yXnGhsAYGTtTZqPPj/+jmmtg=
Subject key identifier: 88:FA:BB:94:6F:F8:65:7F:96:FD:69:3F:F9:A1:EC:C6:81:5B:D1:26
Certificate issuer: /CN=A9130AC8/serialNumber=7C5D56FECF4DA259A1C2AE1EB8AF079A2AA907B8
Certificate serial: 1051
Authority key identifier: 7C:5D:56:FE:CF:4D:A2:59:A1:C2:AE:1E:B8:AF:07:9A:2A:A9:07:B8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fF1W_s9Nolmhwq4euK8HmiqpB7g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9130AC8/FE80F992242B11E9A4B2B333C4F9AE02/39D0B1102F7911E9A4F69342C4F9AE02.roa
Signing time: Wed 16 Oct 2024 17:35:45 +0000
ROA not before: Wed 16 Oct 2024 17:35:45 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 138218
IP address blocks: 103.122.180.0/24 maxlen: 24
103.122.181.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4177 (0x1051)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9130AC8
Validity
Not Before: Oct 16 17:35:45 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=670ff971-456b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:aa:c6:c0:48:ca:b8:0d:de:e1:0f:03:0a:d3:
9a:ea:5b:93:9d:bc:1b:d4:a7:19:ef:21:27:64:87:
4a:69:a4:78:28:27:33:b5:6e:0c:ef:56:8c:f8:eb:
af:40:60:f8:66:7b:42:5e:45:a1:d7:6a:51:e0:69:
2c:81:e2:a1:10:65:ad:d7:23:7c:bd:ec:5e:f3:c7:
b3:3d:99:f9:31:72:bc:25:3b:22:83:b3:38:8c:18:
16:0e:02:05:ef:fd:53:e3:7d:06:af:4a:7f:14:6a:
02:21:4c:98:dc:0b:bb:e6:d3:02:0b:75:95:d6:74:
65:07:be:81:44:56:00:62:dc:09:58:8a:a3:8c:96:
b4:06:08:ca:28:88:1b:e3:c5:d1:a1:b2:c8:18:ea:
3d:52:d3:09:80:56:0d:19:13:90:99:71:12:ae:61:
a2:30:38:a1:02:d6:a2:58:d6:d9:4a:ff:32:b9:73:
c5:b1:98:fc:ae:64:29:3b:e6:76:dc:8e:62:fa:01:
6d:98:bf:03:54:6a:25:6d:b0:fc:ed:f8:52:9a:8c:
b6:af:c8:12:c1:49:db:f4:21:c5:46:3a:61:e2:89:
6a:d5:cf:95:00:c8:69:bd:db:54:22:19:1b:13:6f:
51:a0:8f:fc:0c:28:b9:c2:c0:b2:93:8a:3f:b8:21:
6e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:FA:BB:94:6F:F8:65:7F:96:FD:69:3F:F9:A1:EC:C6:81:5B:D1:26
X509v3 Authority Key Identifier:
keyid:7C:5D:56:FE:CF:4D:A2:59:A1:C2:AE:1E:B8:AF:07:9A:2A:A9:07:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9130AC8/FE80F992242B11E9A4B2B333C4F9AE02/fF1W_s9Nolmhwq4euK8HmiqpB7g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fF1W_s9Nolmhwq4euK8HmiqpB7g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9130AC8/FE80F992242B11E9A4B2B333C4F9AE02/39D0B1102F7911E9A4F69342C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.180.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:45:95:5a:96:01:52:fb:4c:52:4e:f7:a9:43:12:35:2d:ae:
45:9d:57:57:a4:49:5e:ad:49:95:4b:85:65:23:70:c5:08:f4:
88:d3:67:55:b4:1c:e0:d5:ab:b3:33:bd:da:34:b8:34:da:19:
93:32:ab:5a:bd:ab:48:7a:26:42:2d:38:16:e2:b8:81:1f:92:
74:4a:36:77:72:9d:c2:8e:b2:a5:55:a9:01:6f:36:7c:7d:52:
d2:06:66:2c:b1:93:ba:7d:dc:67:f2:5d:48:f5:60:13:3e:4c:
57:32:d1:4c:bc:91:49:5d:25:88:3a:d3:f3:35:eb:f7:86:c9:
ad:bf:19:8f:8e:26:2b:03:06:ba:a0:7b:f3:5b:bc:20:a0:de:
ab:7b:22:19:56:dd:95:a5:9e:ae:9c:fb:89:f4:af:de:da:76:
92:1c:b9:f4:2a:93:74:0b:88:85:41:3d:14:46:35:5e:90:49:
36:77:35:04:14:e6:30:d0:12:fb:3a:e8:ca:af:0c:b0:0e:aa:
41:44:9a:0d:4c:9a:f8:60:91:3c:9b:15:3e:eb:a2:f0:7e:ce:
80:c1:3c:f1:57:88:f1:54:8d:e8:1a:8e:2e:75:62:34:ab:3f:
28:8c:57:00:ff:21:ea:43:3b:ba:2e:88:dd:fd:b9:eb:88:e6:
6a:8b:89:e4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICEFEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzBBQzgxMTAvBgNVBAUTKDdDNUQ1NkZFQ0Y0REEyNTlBMUMyQUUxRUI4QUYwNzlB
MkFBOTA3QjgwHhcNMjQxMDE2MTczNTQ1WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzBmZjk3MS00NTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzKrGwEjKuA3e4Q8DCtOa6luTnbwb1KcZ7yEnZIdKaaR4KCcztW4M71aM+Ouv
QGD4ZntCXkWh12pR4GksgeKhEGWt1yN8vexe88ezPZn5MXK8JTsig7M4jBgWDgIF
7/1T430Gr0p/FGoCIUyY3Au75tMCC3WV1nRlB76BRFYAYtwJWIqjjJa0BgjKKIgb
48XRobLIGOo9UtMJgFYNGROQmXESrmGiMDihAtaiWNbZSv8yuXPFsZj8rmQpO+Z2
3I5i+gFtmL8DVGolbbD87fhSmoy2r8gSwUnb9CHFRjph4olq1c+VAMhpvdtUIhkb
E29RoI/8DCi5wsCyk4o/uCFuDQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIj6u5Rv
+GV/lv1pP/mh7MaBW9EmMB8GA1UdIwQYMBaAFHxdVv7PTaJZocKuHrivB5oqqQe4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMEFDOC9GRTgwRjk5MjI0
MkIxMUU5QTRCMkIzMzNDNEY5QUUwMi9mRjFXX3M5Tm9sbWh3cTRldUs4SG1pcXBC
N2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZGMVdfczlOb2xtaHdxNGV1SzhIbWlxcEI3Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzBBQzgvRkU4MEY5OTIyNDJCMTFFOUE0QjJCMzMzQzRGOUFFMDIvMzlEMEIxMTAy
Rjc5MTFFOUE0RjY5MzQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnerQwDQYJKoZIhvcNAQELBQADggEBAKFFlVqWAVL7TFJO
96lDEjUtrkWdV1ekSV6tSZVLhWUjcMUI9IjTZ1W0HODVq7Mzvdo0uDTaGZMyq1q9
q0h6JkItOBbiuIEfknRKNndyncKOsqVVqQFvNnx9UtIGZiyxk7p93GfyXUj1YBM+
TFcy0Uy8kUldJYg60/M16/eGya2/GY+OJisDBrqge/NbvCCg3qt7IhlW3ZWlnq6c
+4n0r97adpIcufQqk3QLiIVBPRRGNV6QSTZ3NQQU5jDQEvs66MqvDLAOqkFEmg1M
mvhgkTybFT7rovB+zoDBPPFXiPFUjegaji51YjSrPyiMVwD/IepDO7ouiN39ueuI
5mqLieQ=
-----END CERTIFICATE-----
Generated at Fri Apr 11 14:42:28 2025 by rpki-client