Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917000C/F3FAB656553F11EBBCC71C7BC4F9AE02/37303BC0554111EBAE1AA47BC4F9AE02.roa
File: 37303BC0554111EBAE1AA47BC4F9AE02.roa (raw, json)
Hash identifier: Kvg4tPhVoW6NrVk+7NPtj3VAC+IGX1fnXHqvIED30BI=
Subject key identifier: D4:70:2C:D2:F3:AA:74:B9:FF:11:38:5E:C0:2F:B8:C8:A5:89:61:F8
Certificate issuer: /CN=A917000C/serialNumber=E94396B2CB7FC8FB6C41C52F55CC9B295E192FDA
Certificate serial: 060C
Authority key identifier: E9:43:96:B2:CB:7F:C8:FB:6C:41:C5:2F:55:CC:9B:29:5E:19:2F:DA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6UOWsst_yPtsQcUvVcybKV4ZL9o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917000C/F3FAB656553F11EBBCC71C7BC4F9AE02/37303BC0554111EBAE1AA47BC4F9AE02.roa
Signing time: Sat 27 Apr 2024 00:12:49 +0000
ROA not before: Sat 27 Apr 2024 00:12:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9381
IP address blocks: 43.224.228.0/22 maxlen: 24
103.6.176.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1548 (0x60c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917000C
Validity
Not Before: Apr 27 00:12:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=662c4300-4b14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3f:68:b1:67:85:2d:8c:66:1e:db:3e:20:ce:
ab:92:27:92:c1:ad:7f:da:84:32:d7:71:66:d2:3f:
d4:0c:e8:70:00:60:69:be:32:a7:e6:33:cf:4f:5d:
88:ba:01:08:1b:27:f5:55:1c:55:5e:91:d9:09:ce:
68:0b:35:22:ba:25:37:bf:d0:dc:97:e4:87:f6:81:
ed:0c:81:01:90:68:c9:f4:18:fc:92:6f:f6:d4:9d:
af:e0:14:fe:8b:2e:42:3e:96:87:36:0c:79:7f:9b:
db:58:21:43:bc:12:33:fa:38:2d:33:db:6c:13:25:
4e:71:83:f8:90:85:0d:42:7c:f4:7d:61:6c:87:73:
71:c5:51:a2:ab:cd:26:06:94:69:ee:58:9c:af:5f:
66:ad:50:a2:26:b0:c8:af:a6:e5:f9:d6:e6:f4:db:
a3:e5:05:2a:56:c6:2c:2d:a6:cd:6d:a2:5a:4b:1a:
72:12:8c:19:07:c4:fd:13:d9:f1:35:84:61:ec:00:
c5:70:95:c7:18:42:5f:70:36:3f:dd:a0:70:2c:d7:
62:2b:71:57:08:fd:6b:11:7c:8e:b5:25:74:4a:d0:
c3:c6:c9:75:3b:29:a2:16:56:fb:b5:d1:5e:d4:55:
07:12:05:43:0e:3d:b2:b5:cc:ef:ee:51:1c:bc:34:
ff:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:70:2C:D2:F3:AA:74:B9:FF:11:38:5E:C0:2F:B8:C8:A5:89:61:F8
X509v3 Authority Key Identifier:
keyid:E9:43:96:B2:CB:7F:C8:FB:6C:41:C5:2F:55:CC:9B:29:5E:19:2F:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917000C/F3FAB656553F11EBBCC71C7BC4F9AE02/6UOWsst_yPtsQcUvVcybKV4ZL9o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6UOWsst_yPtsQcUvVcybKV4ZL9o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917000C/F3FAB656553F11EBBCC71C7BC4F9AE02/37303BC0554111EBAE1AA47BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.228.0/22
103.6.176.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:a5:fa:15:00:f5:fe:03:0f:92:32:09:71:48:66:95:4c:86:
bb:b1:b1:b4:39:0a:4b:33:a3:d0:25:78:b4:2f:7d:d6:05:57:
83:c4:57:28:fc:3f:53:08:b2:88:5a:5d:f3:7a:93:a5:8d:95:
2f:4a:e0:a9:d5:e3:63:1a:22:93:c7:a7:20:f1:c6:4e:10:12:
cd:fa:ce:f0:92:46:bc:79:eb:80:16:89:b3:d7:7a:ca:7d:b6:
ee:c5:96:9a:5a:f8:4d:3a:37:45:26:92:ec:96:75:58:e1:26:
c8:11:01:b3:e3:4e:de:5d:52:7a:c7:52:82:e8:cd:d0:db:0e:
86:e1:57:f7:e0:e8:ae:c1:bd:72:cb:f4:77:e8:04:70:fe:9d:
6c:76:ac:a2:ca:04:19:47:22:f8:26:03:30:cf:34:30:95:1b:
7a:14:e4:e4:4c:0b:d6:7c:76:07:f2:c1:cb:32:c2:ae:7e:e4:
4e:b4:c9:28:51:d7:40:8d:12:1a:2e:d5:b4:11:0b:ac:c3:3c:
e2:08:a1:be:e7:e7:ca:07:dd:a5:2f:59:eb:97:ba:22:86:6d:
58:c7:9c:e1:52:d6:9f:3c:01:db:4b:a0:e1:51:8f:26:6c:25:
fa:b6:43:23:ae:ac:dd:69:c9:12:5a:e7:53:3e:16:e1:5c:80:
3f:96:f5:b8
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBgwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzAwMEMxMTAvBgNVBAUTKEU5NDM5NkIyQ0I3RkM4RkI2QzQxQzUyRjU1Q0M5QjI5
NUUxOTJGREEwHhcNMjQwNDI3MDAxMjQ5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjJjNDMwMC00YjE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArj9osWeFLYxmHts+IM6rkieSwa1/2oQy13Fm0j/UDOhwAGBpvjKn5jPPT12I
ugEIGyf1VRxVXpHZCc5oCzUiuiU3v9Dcl+SH9oHtDIEBkGjJ9Bj8km/21J2v4BT+
iy5CPpaHNgx5f5vbWCFDvBIz+jgtM9tsEyVOcYP4kIUNQnz0fWFsh3NxxVGiq80m
BpRp7licr19mrVCiJrDIr6bl+dbm9Nuj5QUqVsYsLabNbaJaSxpyEowZB8T9E9nx
NYRh7ADFcJXHGEJfcDY/3aBwLNdiK3FXCP1rEXyOtSV0StDDxsl1OymiFlb7tdFe
1FUHEgVDDj2ytczv7lEcvDT/ywIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNRwLNLz
qnS5/xE4XsAvuMiliWH4MB8GA1UdIwQYMBaAFOlDlrLLf8j7bEHFL1XMmyleGS/a
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MDAwQy9GM0ZBQjY1NjU1
M0YxMUVCQkNDNzFDN0JDNEY5QUUwMi82VU9Xc3N0X3lQdHNRY1V2VmN5YktWNFpM
OW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZVT1dzc3RfeVB0c1FjVXZWY3liS1Y0Wkw5by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzAwMEMvRjNGQUI2NTY1NTNGMTFFQkJDQzcxQzdCQzRGOUFFMDIvMzczMDNCQzA1
NTQxMTFFQkFFMUFBNDdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr4OQDBAJnBrAwDQYJKoZIhvcNAQELBQADggEBALml+hUA
9f4DD5IyCXFIZpVMhruxsbQ5Ckszo9AleLQvfdYFV4PEVyj8P1MIsohaXfN6k6WN
lS9K4KnV42MaIpPHpyDxxk4QEs36zvCSRrx564AWibPXesp9tu7Flppa+E06N0Um
kuyWdVjhJsgRAbPjTt5dUnrHUoLozdDbDobhV/fg6K7BvXLL9HfoBHD+nWx2rKLK
BBlHIvgmAzDPNDCVG3oU5ORMC9Z8dgfywcsywq5+5E60yShR10CNEhou1bQRC6zD
POIIob7n58oH3aUvWeuXuiKGbVjHnOFS1p88AdtLoOFRjyZsJfq2QyOurN1pyRJa
51M+FuFcgD+W9bg=
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:44:33 2025 by rpki-client