Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9146C84/2A9BB026EBB111EC86DE3565C4F9AE02/EFF97098EBB511ECA410BF6DC4F9AE02.roa
File: EFF97098EBB511ECA410BF6DC4F9AE02.roa (raw, json)
Hash identifier: S3J0UebQ/m57NDqWxTAcv6FKFlnX4xMQooz4gNQ5dXY=
Subject key identifier: 84:3D:E4:84:69:27:02:08:C4:60:F4:1B:1E:C4:9A:9A:AC:58:9C:EB
Certificate issuer: /CN=A9146C84/serialNumber=29662F513A254F0DB5F07DB5819FBEAE40F7BF15
Certificate serial: 0206
Authority key identifier: 29:66:2F:51:3A:25:4F:0D:B5:F0:7D:B5:81:9F:BE:AE:40:F7:BF:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KWYvUTolTw218H21gZ--rkD3vxU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9146C84/2A9BB026EBB111EC86DE3565C4F9AE02/EFF97098EBB511ECA410BF6DC4F9AE02.roa
Signing time: Mon 15 Apr 2024 04:16:38 +0000
ROA not before: Mon 15 Apr 2024 04:16:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 132844
IP address blocks: 103.113.182.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 518 (0x206)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9146C84
Validity
Not Before: Apr 15 04:16:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=661caa26-b245
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:f0:0e:f1:02:df:7d:c2:4a:8c:c6:e8:37:91:
99:51:61:1c:75:15:cd:dd:c3:fd:5d:f2:91:08:0a:
40:5c:4c:46:81:7f:b2:d5:25:da:40:25:4e:32:26:
09:58:b7:14:8d:85:87:7f:ec:7b:9b:03:d5:a6:6f:
61:57:d2:de:40:c3:b6:dd:b8:03:0f:a0:d5:02:d9:
d2:c3:db:8b:3e:53:5f:62:5a:85:c2:43:d4:41:4a:
4d:50:95:04:04:0f:2b:36:1d:6c:13:0e:b3:6f:50:
58:3b:ae:97:3f:3d:23:1e:14:f0:23:21:ce:fa:b3:
f6:4e:60:3e:87:b3:03:6f:af:c3:be:e3:36:e7:8d:
9c:d3:e7:55:1f:d3:f2:7c:f7:ff:19:73:cc:a8:16:
41:14:a6:0b:b4:ab:ff:53:7e:c6:77:0f:8f:ad:57:
5d:a8:5b:4d:d9:33:1c:47:0a:0f:01:2f:d6:11:3f:
20:c9:ce:78:fd:6b:a9:09:5e:7e:44:7d:27:fe:54:
ee:d0:20:80:db:cc:ca:99:20:ed:c7:5f:3b:f9:6e:
59:48:52:b3:dc:19:71:f4:e1:57:e2:8e:bd:7e:53:
ae:38:79:0e:a7:38:65:c4:53:98:e9:5a:2a:33:b1:
c6:83:7f:02:e2:38:c1:01:27:ef:e0:0b:40:de:aa:
89:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:3D:E4:84:69:27:02:08:C4:60:F4:1B:1E:C4:9A:9A:AC:58:9C:EB
X509v3 Authority Key Identifier:
keyid:29:66:2F:51:3A:25:4F:0D:B5:F0:7D:B5:81:9F:BE:AE:40:F7:BF:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9146C84/2A9BB026EBB111EC86DE3565C4F9AE02/KWYvUTolTw218H21gZ--rkD3vxU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KWYvUTolTw218H21gZ--rkD3vxU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146C84/2A9BB026EBB111EC86DE3565C4F9AE02/EFF97098EBB511ECA410BF6DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.113.182.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:54:e8:42:e0:7d:b4:3a:d6:dd:c5:d7:fb:65:89:c5:b8:06:
cd:40:7d:9a:98:f2:4c:d8:2e:a6:7c:dd:e2:15:05:b6:43:39:
e7:d4:1a:cb:8c:77:44:36:f5:76:cb:fe:06:2a:45:4a:50:d3:
fd:02:bf:14:22:d3:02:16:03:3f:94:b0:46:1f:0c:b1:81:5b:
1e:2d:af:c6:8d:d0:a0:f1:3a:52:b4:53:17:65:01:f0:ba:a3:
ce:18:d8:c9:f6:d7:51:62:d3:d6:b5:a0:13:6a:d2:4f:b2:27:
da:77:35:ac:4e:1e:93:76:bf:df:b6:27:f4:6e:d9:d8:39:04:
aa:d9:26:34:76:7f:09:9c:8c:83:aa:66:ac:67:62:00:54:09:
4c:15:8c:d5:1b:f9:02:88:82:aa:f8:a3:93:5b:20:1d:af:52:
9c:b4:ec:76:47:6c:c6:47:68:e6:b2:6c:1b:a6:c6:9f:24:41:
d8:17:3f:b6:bf:27:43:2e:c8:db:29:57:29:b1:a5:79:ec:50:
fe:aa:f0:5e:f3:41:3b:38:80:9c:32:8c:cd:7f:8b:85:82:73:
d8:ff:85:ff:be:3a:c5:39:bd:3d:47:c0:8d:ce:c1:67:19:01:
c6:58:15:ce:16:e2:48:e2:51:48:3e:50:15:a4:70:09:4c:80:
b1:82:d3:70
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAgYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDZDODQxMTAvBgNVBAUTKDI5NjYyRjUxM0EyNTRGMERCNUYwN0RCNTgxOUZCRUFF
NDBGN0JGMTUwHhcNMjQwNDE1MDQxNjM4WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjFjYWEyNi1iMjQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2vAO8QLffcJKjMboN5GZUWEcdRXN3cP9XfKRCApAXExGgX+y1SXaQCVOMiYJ
WLcUjYWHf+x7mwPVpm9hV9LeQMO23bgDD6DVAtnSw9uLPlNfYlqFwkPUQUpNUJUE
BA8rNh1sEw6zb1BYO66XPz0jHhTwIyHO+rP2TmA+h7MDb6/DvuM2542c0+dVH9Py
fPf/GXPMqBZBFKYLtKv/U37Gdw+PrVddqFtN2TMcRwoPAS/WET8gyc54/WupCV5+
RH0n/lTu0CCA28zKmSDtx187+W5ZSFKz3Blx9OFX4o69flOuOHkOpzhlxFOY6Voq
M7HGg38C4jjBASfv4AtA3qqJRQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIQ95IRp
JwIIxGD0Gx7EmpqsWJzrMB8GA1UdIwQYMBaAFClmL1E6JU8NtfB9tYGfvq5A978V
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NkM4NC8yQTlCQjAyNkVC
QjExMUVDODZERTM1NjVDNEY5QUUwMi9LV1l2VVRvbFR3MjE4SDIxZ1otLXJrRDN2
eFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXWXZVVG9sVHcyMThIMjFnWi0tcmtEM3Z4VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDZDODQvMkE5QkIwMjZFQkIxMTFFQzg2REUzNTY1QzRGOUFFMDIvRUZGOTcwOThF
QkI1MTFFQ0E0MTBCRjZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABncbYwDQYJKoZIhvcNAQELBQADggEBAKZU6ELgfbQ61t3F
1/tlicW4Bs1AfZqY8kzYLqZ83eIVBbZDOefUGsuMd0Q29XbL/gYqRUpQ0/0CvxQi
0wIWAz+UsEYfDLGBWx4tr8aN0KDxOlK0UxdlAfC6o84Y2Mn211Fi09a1oBNq0k+y
J9p3NaxOHpN2v9+2J/Ru2dg5BKrZJjR2fwmcjIOqZqxnYgBUCUwVjNUb+QKIgqr4
o5NbIB2vUpy07HZHbMZHaOaybBumxp8kQdgXP7a/J0MuyNspVymxpXnsUP6q8F7z
QTs4gJwyjM1/i4WCc9j/hf++OsU5vT1HwI3OwWcZAcZYFc4W4kjiUUg+UBWkcAlM
gLGC03A=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:21:05 2025 by rpki-client