Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9144DEA/3BF5F2E05AE111EFA7563C2CC4F9AE02/7490D0DE5AE111EFAD7EB82CC4F9AE02.roa
File: 7490D0DE5AE111EFAD7EB82CC4F9AE02.roa (raw, json)
Hash identifier: 2zLHgEDWGwo9zlyqNnj3rIHawpIWGW43p4pSnf/kapk=
Subject key identifier: 24:D0:5D:FA:3D:F5:92:A3:8B:BA:0C:AD:2E:35:49:CB:5F:4F:29:A7
Certificate issuer: /CN=A9144DEA/serialNumber=2BCACF6165B58740590E59718433D8183FF9466D
Certificate serial: 3B
Authority key identifier: 2B:CA:CF:61:65:B5:87:40:59:0E:59:71:84:33:D8:18:3F:F9:46:6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K8rPYWW1h0BZDllxhDPYGD_5Rm0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9144DEA/3BF5F2E05AE111EFA7563C2CC4F9AE02/7490D0DE5AE111EFAD7EB82CC4F9AE02.roa
Signing time: Fri 29 Nov 2024 05:49:57 +0000
ROA not before: Fri 29 Nov 2024 05:49:57 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 26658
IP address blocks: 103.4.20.0/22 maxlen: 22
202.9.60.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59 (0x3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9144DEA
Validity
Not Before: Nov 29 05:49:57 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67495605-52dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e0:a6:f2:47:cc:66:94:0a:00:4f:b3:a5:3c:
d8:ab:d9:79:e2:13:e9:e9:72:f4:fa:53:94:c3:00:
36:c5:f1:0e:06:27:38:dd:0a:87:d0:7b:96:d6:a5:
79:2f:5c:35:e4:1c:12:2a:e6:1d:c3:51:bc:3d:c9:
f1:19:30:53:e9:5b:8d:bc:1f:af:4c:ab:4f:52:0a:
ca:cb:2a:1e:22:29:0f:c9:e8:60:1d:fa:32:6c:97:
96:b7:83:3a:78:1e:b8:58:2e:4f:30:dd:19:81:98:
c7:36:9e:0e:84:11:6f:d9:34:82:41:2c:2c:4d:cb:
2f:58:35:62:6f:a1:05:63:5b:24:a5:a4:28:1f:97:
4a:21:93:e6:dc:21:9a:9f:4b:e3:fe:2d:3b:be:53:
a2:a0:7f:dd:30:9d:0f:35:f5:53:59:e8:b4:61:2f:
b9:0d:d2:68:69:83:56:55:e6:d5:79:c0:d9:c4:cf:
c6:b3:2e:1d:ee:b7:61:12:59:62:26:09:d1:1c:e0:
f3:59:7b:2c:cc:d6:10:28:a9:08:0a:ac:36:29:bc:
5d:f8:b0:f1:85:3b:80:83:c7:c0:f8:91:e2:7b:7f:
b7:3f:e0:e2:c5:5a:01:bf:fe:4b:80:53:62:46:02:
7f:f4:81:51:cb:45:ce:9b:c3:ef:8d:74:39:e9:e7:
c9:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:D0:5D:FA:3D:F5:92:A3:8B:BA:0C:AD:2E:35:49:CB:5F:4F:29:A7
X509v3 Authority Key Identifier:
keyid:2B:CA:CF:61:65:B5:87:40:59:0E:59:71:84:33:D8:18:3F:F9:46:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9144DEA/3BF5F2E05AE111EFA7563C2CC4F9AE02/K8rPYWW1h0BZDllxhDPYGD_5Rm0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K8rPYWW1h0BZDllxhDPYGD_5Rm0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9144DEA/3BF5F2E05AE111EFA7563C2CC4F9AE02/7490D0DE5AE111EFAD7EB82CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.4.20.0/22
202.9.60.0/22
Signature Algorithm: sha256WithRSAEncryption
72:46:d1:88:45:19:79:39:d3:dd:03:59:55:44:96:49:b7:43:
2f:cd:7b:2d:51:7c:fc:ff:e6:a5:3c:6a:73:f4:11:00:8e:ee:
27:90:88:35:8c:b8:21:37:c3:b6:07:c8:27:ab:9d:8d:97:97:
fc:0b:4a:cf:c6:b8:cd:cf:9d:bf:eb:32:f6:47:89:4a:db:0c:
16:d6:dd:c1:d8:ad:e8:01:53:a8:ee:ee:f1:bb:ff:1b:9d:1f:
ed:fd:00:77:03:e3:67:55:9e:56:7e:41:11:eb:8c:1d:98:f6:
f4:f0:99:5f:2f:f5:dc:6c:32:ea:90:96:fc:51:78:44:2c:b6:
70:7a:9f:5a:5a:18:5a:dd:d7:02:ac:59:49:95:06:70:62:cb:
dd:63:b9:18:54:c5:54:11:6a:0b:3b:28:f0:95:d5:cc:14:bf:
a6:62:da:07:b8:34:b3:b6:02:c1:ee:0b:69:63:63:63:c3:f8:
69:14:ff:2c:6b:24:a3:a2:e9:96:68:ed:93:5a:c6:aa:14:06:
67:e8:4c:f4:fe:28:86:d0:f5:71:32:9b:7d:2a:19:2a:82:34:
f9:44:3a:3a:4a:81:08:2e:c8:a3:de:7d:f4:2e:ba:8d:74:1c:
61:44:70:21:ad:fc:7d:e4:26:01:55:4a:fa:89:d1:45:c3:6a:
f6:1b:42:00
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBOzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
NERFQTExMC8GA1UEBRMoMkJDQUNGNjE2NUI1ODc0MDU5MEU1OTcxODQzM0Q4MTgz
RkY5NDY2RDAeFw0yNDExMjkwNTQ5NTdaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NDk1NjA1LTUyZGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDV4KbyR8xmlAoAT7OlPNir2XniE+npcvT6U5TDADbF8Q4GJzjdCofQe5bWpXkv
XDXkHBIq5h3DUbw9yfEZMFPpW428H69Mq09SCsrLKh4iKQ/J6GAd+jJsl5a3gzp4
HrhYLk8w3RmBmMc2ng6EEW/ZNIJBLCxNyy9YNWJvoQVjWySlpCgfl0ohk+bcIZqf
S+P+LTu+U6Kgf90wnQ819VNZ6LRhL7kN0mhpg1ZV5tV5wNnEz8azLh3ut2ESWWIm
CdEc4PNZeyzM1hAoqQgKrDYpvF34sPGFO4CDx8D4keJ7f7c/4OLFWgG//kuAU2JG
An/0gVHLRc6bw++NdDnp58kxAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUJNBd+j31
kqOLugytLjVJy19PKacwHwYDVR0jBBgwFoAUK8rPYWW1h0BZDllxhDPYGD/5Rm0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ0REVBLzNCRjVGMkUwNUFF
MTExRUZBNzU2M0MyQ0M0RjlBRTAyL0s4clBZV1cxaDBCWkRsbHhoRFBZR0RfNVJt
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSzhyUFlXVzFoMEJaRGxseGhEUFlHRF81Um0wLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
NERFQS8zQkY1RjJFMDVBRTExMUVGQTc1NjNDMkNDNEY5QUUwMi83NDkwRDBERTVB
RTExMUVGQUQ3RUI4MkNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAmcEFAMEAsoJPDANBgkqhkiG9w0BAQsFAAOCAQEAckbRiEUZ
eTnT3QNZVUSWSbdDL817LVF8/P/mpTxqc/QRAI7uJ5CINYy4ITfDtgfIJ6udjZeX
/AtKz8a4zc+dv+sy9keJStsMFtbdwdit6AFTqO7u8bv/G50f7f0AdwPjZ1WeVn5B
EeuMHZj29PCZXy/13Gwy6pCW/FF4RCy2cHqfWloYWt3XAqxZSZUGcGLL3WO5GFTF
VBFqCzso8JXVzBS/pmLaB7g0s7YCwe4LaWNjY8P4aRT/LGsko6Lplmjtk1rGqhQG
Z+hM9P4ohtD1cTKbfSoZKoI0+UQ6OkqBCC7Io9599C66jXQcYURwIa38feQmAVVK
+onRRcNq9htCAA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:47:44 2025 by rpki-client