Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9138A9F/82C67EA6C56D11EEB278534AC4F9AE02/440FD944C56F11EE8FF5FF2FC4F9AE02.roa
File: 440FD944C56F11EE8FF5FF2FC4F9AE02.roa (raw, json)
Hash identifier: YI2srcnz/6DwUPS7c8IQ+7Hr1uygrottBvqwJQtIlR0=
Subject key identifier: 91:41:C0:6B:DB:D5:BE:84:7A:54:C9:5A:4F:02:0F:50:82:C1:26:2D
Certificate issuer: /CN=A9138A9F/serialNumber=2ACE940B5DC30337D2E5421722191AB923AA75C7
Certificate serial: 26
Authority key identifier: 2A:CE:94:0B:5D:C3:03:37:D2:E5:42:17:22:19:1A:B9:23:AA:75:C7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ks6UC13DAzfS5UIXIhkauSOqdcc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9138A9F/82C67EA6C56D11EEB278534AC4F9AE02/440FD944C56F11EE8FF5FF2FC4F9AE02.roa
Signing time: Thu 11 Apr 2024 08:10:32 +0000
ROA not before: Thu 11 Apr 2024 08:10:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4826
IP address blocks: 103.136.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38 (0x26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9138A9F
Validity
Not Before: Apr 11 08:10:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66179af8-b79a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d8:64:7d:69:31:02:4b:8d:fc:7c:9e:bc:ca:
4b:c2:1b:a5:f4:52:96:3b:20:af:05:4b:51:41:0c:
37:6f:e8:e4:07:8e:3f:60:fb:9b:09:22:71:7c:c2:
b1:bc:2f:09:84:e8:f4:b2:7b:e5:8c:dd:34:af:53:
0c:ea:1b:a0:fb:fe:f6:b6:4e:d4:61:58:8a:78:f2:
83:fc:7b:6c:2c:f3:27:a2:4e:42:e1:3e:bf:68:10:
0d:b2:bc:d5:86:23:6b:71:d9:ed:fb:99:4d:f5:15:
d1:b6:9f:21:38:86:c7:60:b1:fb:41:93:ae:03:f5:
25:7e:df:ba:e2:dc:27:f3:81:2d:1b:bb:5e:e0:be:
35:84:f9:1a:0f:84:95:2a:34:88:68:fb:0f:3e:b2:
47:ed:4f:70:cc:20:81:dd:ab:0e:2a:13:dc:76:c9:
2e:5b:15:58:8b:68:ce:ed:f6:5d:a8:4b:44:62:70:
c1:9d:94:cb:fb:1a:de:c9:39:b7:dd:ce:72:92:b4:
38:88:28:34:66:be:6b:17:a6:74:cd:8b:26:1b:2c:
9a:31:89:4d:dc:9d:52:cf:f9:5f:5e:56:54:5e:e4:
e9:01:de:a4:23:68:96:a5:2d:e8:cf:d6:19:ae:5a:
6b:6c:1b:3d:37:bf:c2:06:46:61:ca:10:e7:e8:f3:
06:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:41:C0:6B:DB:D5:BE:84:7A:54:C9:5A:4F:02:0F:50:82:C1:26:2D
X509v3 Authority Key Identifier:
keyid:2A:CE:94:0B:5D:C3:03:37:D2:E5:42:17:22:19:1A:B9:23:AA:75:C7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9138A9F/82C67EA6C56D11EEB278534AC4F9AE02/Ks6UC13DAzfS5UIXIhkauSOqdcc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ks6UC13DAzfS5UIXIhkauSOqdcc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9138A9F/82C67EA6C56D11EEB278534AC4F9AE02/440FD944C56F11EE8FF5FF2FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.120.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:a1:79:43:0f:04:93:cb:86:c2:e6:ee:03:a0:65:a5:d5:a6:
8b:85:5b:3c:d8:9e:11:48:43:0f:5c:b5:c0:30:b6:bb:c0:02:
8a:58:b6:a3:7b:f7:86:df:67:de:71:cf:04:0b:2b:99:23:a6:
d6:26:a6:a4:d4:61:c3:79:0e:eb:92:cd:06:1a:15:ca:31:48:
89:f3:08:e7:03:2b:00:0d:fa:88:22:0c:74:52:59:f8:db:0c:
1b:99:94:29:74:45:a5:78:f2:2a:12:6f:50:de:52:3b:71:bf:
b0:d2:46:c9:3b:72:8a:5f:1c:50:b0:10:15:08:f0:13:2a:96:
ed:e4:01:8b:e5:59:95:2b:77:0e:81:52:c1:9c:c7:2e:77:70:
70:64:a7:6e:80:d9:fa:a7:97:7e:e7:14:0a:25:79:d4:5b:27:
92:94:76:8e:b6:c4:6e:2b:40:a5:af:63:ba:06:7a:e6:2b:71:
91:c2:b9:63:d9:2a:e6:a3:97:86:85:ef:cf:bb:ca:61:d3:e2:
26:2c:2f:c1:8b:2c:83:3b:d5:a3:00:2f:32:f3:f5:69:23:1f:
d3:fa:08:a5:df:c5:57:da:8d:76:ed:4c:6f:57:c2:ab:8b:5b:
17:4d:1d:bc:4d:62:5f:94:b9:47:0c:f3:3c:21:cd:93:eb:2a:
04:11:b4:39
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBJjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
OEE5RjExMC8GA1UEBRMoMkFDRTk0MEI1REMzMDMzN0QyRTU0MjE3MjIxOTFBQjky
M0FBNzVDNzAeFw0yNDA0MTEwODEwMzJaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MTc5YWY4LWI3OWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDb2GR9aTECS438fJ68ykvCG6X0UpY7IK8FS1FBDDdv6OQHjj9g+5sJInF8wrG8
LwmE6PSye+WM3TSvUwzqG6D7/va2TtRhWIp48oP8e2ws8yeiTkLhPr9oEA2yvNWG
I2tx2e37mU31FdG2nyE4hsdgsftBk64D9SV+37ri3CfzgS0bu17gvjWE+RoPhJUq
NIho+w8+skftT3DMIIHdqw4qE9x2yS5bFViLaM7t9l2oS0RicMGdlMv7Gt7JObfd
znKStDiIKDRmvmsXpnTNiyYbLJoxiU3cnVLP+V9eVlRe5OkB3qQjaJalLejP1hmu
WmtsGz03v8IGRmHKEOfo8wZzAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUkUHAa9vV
voR6VMlaTwIPUILBJi0wHwYDVR0jBBgwFoAUKs6UC13DAzfS5UIXIhkauSOqdccw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM4QTlGLzgyQzY3RUE2QzU2
RDExRUVCMjc4NTM0QUM0RjlBRTAyL0tzNlVDMTNEQXpmUzVVSVhJaGthdVNPcWRj
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvS3M2VUMxM0RBemZTNVVJWEloa2F1U09xZGNjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
OEE5Ri84MkM2N0VBNkM1NkQxMUVFQjI3ODUzNEFDNEY5QUUwMi80NDBGRDk0NEM1
NkYxMUVFOEZGNUZGMkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGeIeDANBgkqhkiG9w0BAQsFAAOCAQEAsaF5Qw8Ek8uGwubu
A6BlpdWmi4VbPNieEUhDD1y1wDC2u8ACili2o3v3ht9n3nHPBAsrmSOm1iampNRh
w3kO65LNBhoVyjFIifMI5wMrAA36iCIMdFJZ+NsMG5mUKXRFpXjyKhJvUN5SO3G/
sNJGyTtyil8cULAQFQjwEyqW7eQBi+VZlSt3DoFSwZzHLndwcGSnboDZ+qeXfucU
CiV51FsnkpR2jrbEbitApa9jugZ65itxkcK5Y9kq5qOXhoXvz7vKYdPiJiwvwYss
gzvVowAvMvP1aSMf0/oIpd/FV9qNdu1Mb1fCq4tbF00dvE1iX5S5RwzzPCHNk+sq
BBG0OQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:30:43 2025 by rpki-client